Auto-Update: 2023-10-11T23:55:24.683647+00:00

2025-06-21 17:41:05 +00:00 · 2023-10-11 23:55:28 +00:00 · 2023-10-11 23:55:28 +00:00 · f057b9c28e
commit f057b9c28e
parent d40e901daa
29 changed files with 567 additions and 66 deletions
--- a/CVE-2022/CVE-2022-485xx/CVE-2022-48560.json
+++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48560.json
@ -2,7 +2,7 @@
  "id": "CVE-2022-48560",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-22T19:16:31.827",
-  "lastModified": "2023-09-29T22:15:10.520",
+  "lastModified": "2023-10-11T23:15:10.060",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -122,6 +122,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20230929-0008/",
      "source": "cve@mitre.org"
--- a/CVE-2022/CVE-2022-485xx/CVE-2022-48564.json
+++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48564.json
@ -2,7 +2,7 @@
  "id": "CVE-2022-48564",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-22T19:16:31.927",
-  "lastModified": "2023-09-29T22:15:10.607",
+  "lastModified": "2023-10-11T23:15:10.140",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -94,6 +94,10 @@
        "Vendor Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20230929-0009/",
      "source": "cve@mitre.org"
--- a/CVE-2022/CVE-2022-485xx/CVE-2022-48565.json
+++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48565.json
@ -2,7 +2,7 @@
  "id": "CVE-2022-48565",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-22T19:16:32.007",
-  "lastModified": "2023-10-06T15:15:13.500",
+  "lastModified": "2023-10-11T23:15:10.210",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -118,6 +118,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20231006-0007/",
      "source": "cve@mitre.org"
--- a/CVE-2022/CVE-2022-485xx/CVE-2022-48566.json
+++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48566.json
@ -2,7 +2,7 @@
  "id": "CVE-2022-48566",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-22T19:16:32.087",
-  "lastModified": "2023-10-06T15:15:13.573",
+  "lastModified": "2023-10-11T23:15:10.283",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -119,6 +119,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20231006-0013/",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3781.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3781.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3781",
  "sourceIdentifier": "dsap-vuln-management@google.com",
  "published": "2023-10-11T21:15:09.733",
-  "lastModified": "2023-10-11T21:15:09.733",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-11T22:13:59.567",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-393xx/CVE-2023-39325.json
+++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39325.json
@ -0,0 +1,48 @@
+{
+  "id": "CVE-2023-39325",
+  "sourceIdentifier": "security@golang.org",
+  "published": "2023-10-11T22:15:09.880",
+  "lastModified": "2023-10-11T22:15:09.880",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@golang.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-400"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://go.dev/cl/534215",
+      "source": "security@golang.org"
+    },
+    {
+      "url": "https://go.dev/cl/534235",
+      "source": "security@golang.org"
+    },
+    {
+      "url": "https://go.dev/issue/63417",
+      "source": "security@golang.org"
+    },
+    {
+      "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ",
+      "source": "security@golang.org"
+    },
+    {
+      "url": "https://pkg.go.dev/vuln/GO-2023-2102",
+      "source": "security@golang.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-402xx/CVE-2023-40217.json
+++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40217.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-40217",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-25T01:15:09.017",
-  "lastModified": "2023-10-06T15:15:13.753",
+  "lastModified": "2023-10-11T23:15:10.370",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -90,6 +90,10 @@
      "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-441xx/CVE-2023-44186.json
+++ b/CVE-2023/CVE-2023-441xx/CVE-2023-44186.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-44186",
  "sourceIdentifier": "sirt@juniper.net",
  "published": "2023-10-11T21:15:09.890",
-  "lastModified": "2023-10-11T21:15:09.890",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-11T22:13:59.567",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-441xx/CVE-2023-44187.json
+++ b/CVE-2023/CVE-2023-441xx/CVE-2023-44187.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-44187",
  "sourceIdentifier": "sirt@juniper.net",
  "published": "2023-10-11T21:15:09.970",
-  "lastModified": "2023-10-11T21:15:09.970",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-11T22:13:59.567",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-441xx/CVE-2023-44188.json
+++ b/CVE-2023/CVE-2023-441xx/CVE-2023-44188.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-44188",
  "sourceIdentifier": "sirt@juniper.net",
  "published": "2023-10-11T21:15:10.047",
-  "lastModified": "2023-10-11T21:15:10.047",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-11T22:13:59.567",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-441xx/CVE-2023-44189.json
+++ b/CVE-2023/CVE-2023-441xx/CVE-2023-44189.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-44189",
+  "sourceIdentifier": "sirt@juniper.net",
+  "published": "2023-10-11T22:15:09.983",
+  "lastModified": "2023-10-11T22:15:09.983",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nAn Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.\n\nThis issue affects Juniper Networks Junos OS Evolved on PTX10003 Series:\n\n\n\n  *  All versions prior to 21.4R3-S4-EVO;\n  *  22.1 versions prior to 22.1R3-S3-EVO;\n  *  22.2 version 22.2R1-EVO and later versions;\n  *  22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\n  *  22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;\n  *  23.2 versions prior to 23.2R2-EVO.\n\n\n\n\n\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "sirt@juniper.net",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "sirt@juniper.net",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-346"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://supportportal.juniper.net/JSA73153",
+      "source": "sirt@juniper.net"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-441xx/CVE-2023-44190.json
+++ b/CVE-2023/CVE-2023-441xx/CVE-2023-44190.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-44190",
+  "sourceIdentifier": "sirt@juniper.net",
+  "published": "2023-10-11T22:15:10.067",
+  "lastModified": "2023-10-11T22:15:10.067",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nAn Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.\n\nThis issue affects Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016:\n\n\n\n  *  All versions prior to 21.4R3-S5-EVO;\n  *  22.1 versions prior to 22.1R3-S4-EVO;\n  *  22.2 versions 22.2R1-EVO and later;\n  *  22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\n  *  22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;\n  *  23.2 versions prior to 23.2R1-S1-EVO, 23.2R2-EVO.\n\n\n\n\n\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "sirt@juniper.net",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "sirt@juniper.net",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-346"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://supportportal.juniper.net/JSA73154",
+      "source": "sirt@juniper.net"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json
+++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-44487",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-10-10T14:15:10.883",
-  "lastModified": "2023-10-11T21:15:10.127",
+  "lastModified": "2023-10-11T22:15:10.140",
  "vulnStatus": "Awaiting Analysis",
  "cisaExploitAdd": "2023-10-10",
  "cisaActionDue": "2023-10-31",
@ -36,6 +36,10 @@
      "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-451xx/CVE-2023-45132.json
+++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45132.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-45132",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-10-11T21:15:10.207",
-  "lastModified": "2023-10-11T21:15:10.207",
-  "vulnStatus": "Received",
+  "lastModified": "2023-10-11T22:13:59.567",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-52xx/CVE-2023-5218.json
+++ b/CVE-2023/CVE-2023-52xx/CVE-2023-5218.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5218",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.443",
+  "lastModified": "2023-10-11T23:15:10.443",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1487110",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5473.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5473.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5473",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.503",
+  "lastModified": "2023-10-11T23:15:10.503",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1484000",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5474.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5474.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5474",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.557",
+  "lastModified": "2023-10-11T23:15:10.557",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1483194",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5475.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5475.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5475",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.603",
+  "lastModified": "2023-10-11T23:15:10.603",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1476952",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5476.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5476.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5476",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.650",
+  "lastModified": "2023-10-11T23:15:10.650",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1474253",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5477.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5477.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5477",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.700",
+  "lastModified": "2023-10-11T23:15:10.700",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1472558",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5478.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5478.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5478",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.747",
+  "lastModified": "2023-10-11T23:15:10.747",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1472404",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5479.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5479.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5479",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.797",
+  "lastModified": "2023-10-11T23:15:10.797",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1471253",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5481.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5481.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5481",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.850",
+  "lastModified": "2023-10-11T23:15:10.850",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1458934",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5483.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5483.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5483",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.897",
+  "lastModified": "2023-10-11T23:15:10.897",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1425355",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5484.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5484.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5484",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:10.950",
+  "lastModified": "2023-10-11T23:15:10.950",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1414936",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5485.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5485.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5485",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:11.007",
+  "lastModified": "2023-10-11T23:15:11.007",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1395164",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5486.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5486.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5486",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:11.060",
+  "lastModified": "2023-10-11T23:15:11.060",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1357442",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5487.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5487.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-5487",
+  "sourceIdentifier": "chrome-cve-admin@google.com",
+  "published": "2023-10-11T23:15:11.110",
+  "lastModified": "2023-10-11T23:15:11.110",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
+      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://crbug.com/1062251",
+      "source": "chrome-cve-admin@google.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-10-11T22:00:25.256888+00:00
+2023-10-11T23:55:24.683647+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-10-11T21:15:10.207000+00:00
+2023-10-11T23:15:11.110000+00:00
 ```

 ### Last Data Feed Release
@ -29,64 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-227613
+227630
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `23`
+Recently added CVEs: `17`

-* [CVE-2023-28635](CVE-2023/CVE-2023-286xx/CVE-2023-28635.json) (`2023-10-11T20:15:09.893`)
-* [CVE-2023-35646](CVE-2023/CVE-2023-356xx/CVE-2023-35646.json) (`2023-10-11T20:15:09.993`)
-* [CVE-2023-35647](CVE-2023/CVE-2023-356xx/CVE-2023-35647.json) (`2023-10-11T20:15:10.043`)
-* [CVE-2023-35648](CVE-2023/CVE-2023-356xx/CVE-2023-35648.json) (`2023-10-11T20:15:10.090`)
-* [CVE-2023-35649](CVE-2023/CVE-2023-356xx/CVE-2023-35649.json) (`2023-10-11T20:15:10.140`)
-* [CVE-2023-35652](CVE-2023/CVE-2023-356xx/CVE-2023-35652.json) (`2023-10-11T20:15:10.187`)
-* [CVE-2023-35653](CVE-2023/CVE-2023-356xx/CVE-2023-35653.json) (`2023-10-11T20:15:10.233`)
-* [CVE-2023-35654](CVE-2023/CVE-2023-356xx/CVE-2023-35654.json) (`2023-10-11T20:15:10.280`)
-* [CVE-2023-35655](CVE-2023/CVE-2023-356xx/CVE-2023-35655.json) (`2023-10-11T20:15:10.330`)
-* [CVE-2023-35660](CVE-2023/CVE-2023-356xx/CVE-2023-35660.json) (`2023-10-11T20:15:10.380`)
-* [CVE-2023-35661](CVE-2023/CVE-2023-356xx/CVE-2023-35661.json) (`2023-10-11T20:15:10.427`)
-* [CVE-2023-35662](CVE-2023/CVE-2023-356xx/CVE-2023-35662.json) (`2023-10-11T20:15:10.477`)
-* [CVE-2023-40141](CVE-2023/CVE-2023-401xx/CVE-2023-40141.json) (`2023-10-11T20:15:10.527`)
-* [CVE-2023-40142](CVE-2023/CVE-2023-401xx/CVE-2023-40142.json) (`2023-10-11T20:15:10.567`)
-* [CVE-2023-41881](CVE-2023/CVE-2023-418xx/CVE-2023-41881.json) (`2023-10-11T20:15:10.617`)
-* [CVE-2023-41882](CVE-2023/CVE-2023-418xx/CVE-2023-41882.json) (`2023-10-11T20:15:10.700`)
-* [CVE-2023-43661](CVE-2023/CVE-2023-436xx/CVE-2023-43661.json) (`2023-10-11T20:15:10.787`)
-* [CVE-2023-5535](CVE-2023/CVE-2023-55xx/CVE-2023-5535.json) (`2023-10-11T20:15:10.967`)
-* [CVE-2023-3781](CVE-2023/CVE-2023-37xx/CVE-2023-3781.json) (`2023-10-11T21:15:09.733`)
-* [CVE-2023-44186](CVE-2023/CVE-2023-441xx/CVE-2023-44186.json) (`2023-10-11T21:15:09.890`)
-* [CVE-2023-44187](CVE-2023/CVE-2023-441xx/CVE-2023-44187.json) (`2023-10-11T21:15:09.970`)
-* [CVE-2023-44188](CVE-2023/CVE-2023-441xx/CVE-2023-44188.json) (`2023-10-11T21:15:10.047`)
-* [CVE-2023-45132](CVE-2023/CVE-2023-451xx/CVE-2023-45132.json) (`2023-10-11T21:15:10.207`)
+* [CVE-2023-39325](CVE-2023/CVE-2023-393xx/CVE-2023-39325.json) (`2023-10-11T22:15:09.880`)
+* [CVE-2023-44189](CVE-2023/CVE-2023-441xx/CVE-2023-44189.json) (`2023-10-11T22:15:09.983`)
+* [CVE-2023-44190](CVE-2023/CVE-2023-441xx/CVE-2023-44190.json) (`2023-10-11T22:15:10.067`)
+* [CVE-2023-5218](CVE-2023/CVE-2023-52xx/CVE-2023-5218.json) (`2023-10-11T23:15:10.443`)
+* [CVE-2023-5473](CVE-2023/CVE-2023-54xx/CVE-2023-5473.json) (`2023-10-11T23:15:10.503`)
+* [CVE-2023-5474](CVE-2023/CVE-2023-54xx/CVE-2023-5474.json) (`2023-10-11T23:15:10.557`)
+* [CVE-2023-5475](CVE-2023/CVE-2023-54xx/CVE-2023-5475.json) (`2023-10-11T23:15:10.603`)
+* [CVE-2023-5476](CVE-2023/CVE-2023-54xx/CVE-2023-5476.json) (`2023-10-11T23:15:10.650`)
+* [CVE-2023-5477](CVE-2023/CVE-2023-54xx/CVE-2023-5477.json) (`2023-10-11T23:15:10.700`)
+* [CVE-2023-5478](CVE-2023/CVE-2023-54xx/CVE-2023-5478.json) (`2023-10-11T23:15:10.747`)
+* [CVE-2023-5479](CVE-2023/CVE-2023-54xx/CVE-2023-5479.json) (`2023-10-11T23:15:10.797`)
+* [CVE-2023-5481](CVE-2023/CVE-2023-54xx/CVE-2023-5481.json) (`2023-10-11T23:15:10.850`)
+* [CVE-2023-5483](CVE-2023/CVE-2023-54xx/CVE-2023-5483.json) (`2023-10-11T23:15:10.897`)
+* [CVE-2023-5484](CVE-2023/CVE-2023-54xx/CVE-2023-5484.json) (`2023-10-11T23:15:10.950`)
+* [CVE-2023-5485](CVE-2023/CVE-2023-54xx/CVE-2023-5485.json) (`2023-10-11T23:15:11.007`)
+* [CVE-2023-5486](CVE-2023/CVE-2023-54xx/CVE-2023-5486.json) (`2023-10-11T23:15:11.060`)
+* [CVE-2023-5487](CVE-2023/CVE-2023-54xx/CVE-2023-5487.json) (`2023-10-11T23:15:11.110`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `22`
+Recently modified CVEs: `11`

-* [CVE-2023-44811](CVE-2023/CVE-2023-448xx/CVE-2023-44811.json) (`2023-10-11T20:06:27.410`)
-* [CVE-2023-5467](CVE-2023/CVE-2023-54xx/CVE-2023-5467.json) (`2023-10-11T20:09:41.853`)
-* [CVE-2023-41672](CVE-2023/CVE-2023-416xx/CVE-2023-41672.json) (`2023-10-11T20:10:43.427`)
-* [CVE-2023-41670](CVE-2023/CVE-2023-416xx/CVE-2023-41670.json) (`2023-10-11T20:19:29.923`)
-* [CVE-2023-41669](CVE-2023/CVE-2023-416xx/CVE-2023-41669.json) (`2023-10-11T20:21:17.217`)
-* [CVE-2023-41668](CVE-2023/CVE-2023-416xx/CVE-2023-41668.json) (`2023-10-11T20:34:24.760`)
-* [CVE-2023-39194](CVE-2023/CVE-2023-391xx/CVE-2023-39194.json) (`2023-10-11T20:41:27.203`)
-* [CVE-2023-39193](CVE-2023/CVE-2023-391xx/CVE-2023-39193.json) (`2023-10-11T20:46:48.450`)
-* [CVE-2023-39192](CVE-2023/CVE-2023-391xx/CVE-2023-39192.json) (`2023-10-11T20:48:57.387`)
-* [CVE-2023-41730](CVE-2023/CVE-2023-417xx/CVE-2023-41730.json) (`2023-10-11T20:51:55.970`)
-* [CVE-2023-41697](CVE-2023/CVE-2023-416xx/CVE-2023-41697.json) (`2023-10-11T20:53:34.343`)
-* [CVE-2023-41876](CVE-2023/CVE-2023-418xx/CVE-2023-41876.json) (`2023-10-11T20:55:32.437`)
-* [CVE-2023-44961](CVE-2023/CVE-2023-449xx/CVE-2023-44961.json) (`2023-10-11T21:04:47.110`)
-* [CVE-2023-44962](CVE-2023/CVE-2023-449xx/CVE-2023-44962.json) (`2023-10-11T21:04:47.110`)
-* [CVE-2023-4936](CVE-2023/CVE-2023-49xx/CVE-2023-4936.json) (`2023-10-11T21:04:52.423`)
-* [CVE-2023-23930](CVE-2023/CVE-2023-239xx/CVE-2023-23930.json) (`2023-10-11T21:04:52.423`)
-* [CVE-2023-43960](CVE-2023/CVE-2023-439xx/CVE-2023-43960.json) (`2023-10-11T21:04:52.423`)
-* [CVE-2023-35645](CVE-2023/CVE-2023-356xx/CVE-2023-35645.json) (`2023-10-11T21:04:52.423`)
-* [CVE-2023-38817](CVE-2023/CVE-2023-388xx/CVE-2023-38817.json) (`2023-10-11T21:04:52.423`)
-* [CVE-2023-41660](CVE-2023/CVE-2023-416xx/CVE-2023-41660.json) (`2023-10-11T21:05:59.973`)
-* [CVE-2023-43641](CVE-2023/CVE-2023-436xx/CVE-2023-43641.json) (`2023-10-11T21:15:09.807`)
-* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-11T21:15:10.127`)
+* [CVE-2022-48560](CVE-2022/CVE-2022-485xx/CVE-2022-48560.json) (`2023-10-11T23:15:10.060`)
+* [CVE-2022-48564](CVE-2022/CVE-2022-485xx/CVE-2022-48564.json) (`2023-10-11T23:15:10.140`)
+* [CVE-2022-48565](CVE-2022/CVE-2022-485xx/CVE-2022-48565.json) (`2023-10-11T23:15:10.210`)
+* [CVE-2022-48566](CVE-2022/CVE-2022-485xx/CVE-2022-48566.json) (`2023-10-11T23:15:10.283`)
+* [CVE-2023-3781](CVE-2023/CVE-2023-37xx/CVE-2023-3781.json) (`2023-10-11T22:13:59.567`)
+* [CVE-2023-44186](CVE-2023/CVE-2023-441xx/CVE-2023-44186.json) (`2023-10-11T22:13:59.567`)
+* [CVE-2023-44187](CVE-2023/CVE-2023-441xx/CVE-2023-44187.json) (`2023-10-11T22:13:59.567`)
+* [CVE-2023-44188](CVE-2023/CVE-2023-441xx/CVE-2023-44188.json) (`2023-10-11T22:13:59.567`)
+* [CVE-2023-45132](CVE-2023/CVE-2023-451xx/CVE-2023-45132.json) (`2023-10-11T22:13:59.567`)
+* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-11T22:15:10.140`)
+* [CVE-2023-40217](CVE-2023/CVE-2023-402xx/CVE-2023-40217.json) (`2023-10-11T23:15:10.370`)


 ## Download and Usage