Auto-Update: 2023-08-09T23:55:25.759743+00:00

2025-07-11 16:13:34 +00:00 · 2023-08-09 23:55:29 +00:00 · 2023-08-09 23:55:29 +00:00 · f05c410713
commit f05c410713
parent b1dfbe7f94
7 changed files with 220 additions and 35 deletions
--- a/CVE-2023/CVE-2023-332xx/CVE-2023-33241.json
+++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33241.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-33241",
+  "sourceIdentifier": "disclosures@halborn.com",
+  "published": "2023-08-09T22:15:10.323",
+  "lastModified": "2023-08-09T22:15:10.323",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signatures or more fully exfiltrate the other parties' private key shares."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "disclosures@halborn.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 9.6,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 5.8
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://eprint.iacr.org/2019/114.pdf",
+      "source": "disclosures@halborn.com"
+    },
+    {
+      "url": "https://eprint.iacr.org/2020/540.pdf",
+      "source": "disclosures@halborn.com"
+    },
+    {
+      "url": "https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23",
+      "source": "disclosures@halborn.com"
+    },
+    {
+      "url": "https://github.com/fireblocks-labs/safeheron-gg20-exploit-poc",
+      "source": "disclosures@halborn.com"
+    },
+    {
+      "url": "https://www.fireblocks.com/blog/gg18-and-gg20-paillier-key-vulnerability-technical-report/",
+      "source": "disclosures@halborn.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-332xx/CVE-2023-33242.json
+++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33242.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-33242",
+  "sourceIdentifier": "disclosures@halborn.com",
+  "published": "2023-08-09T22:15:11.180",
+  "lastModified": "2023-08-09T22:15:11.180",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "disclosures@halborn.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 9.6,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 5.8
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://eprint.iacr.org/2017/552.pdf",
+      "source": "disclosures@halborn.com"
+    },
+    {
+      "url": "https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23",
+      "source": "disclosures@halborn.com"
+    },
+    {
+      "url": "https://github.com/fireblocks-labs/zengo-lindell17-exploit-poc",
+      "source": "disclosures@halborn.com"
+    },
+    {
+      "url": "https://www.fireblocks.com/blog/lindell17-abort-vulnerability-technical-report/",
+      "source": "disclosures@halborn.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-358xx/CVE-2023-35838.json
+++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35838.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-35838",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-09T23:15:10.007",
+  "lastModified": "2023-08-09T23:15:10.007",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while the VPN is enabled. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"LocalNet attack resulting in the blocking of traffic\" rather than to only WireGuard."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://tunnelcrack.mathyvanhoef.com/details.html",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://wireguard.com",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-366xx/CVE-2023-36671.json
+++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36671.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36671",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-09T23:15:10.650",
+  "lastModified": "2023-08-09T23:15:10.650",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. This allows an adversary to trick the victim into sending plaintext traffic to the VPN server's IP address and thereby deanonymize the victim. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"ServerIP attack for only traffic to the real IP address of the VPN server\" rather than to only Clario."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://clario.co/vpn-for-mac/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://tunnelcrack.mathyvanhoef.com/details.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json
+++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36672",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-09T23:15:10.823",
+  "lastModified": "2023-08-09T23:15:10.823",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"LocalNet attack resulting in leakage of traffic in plaintext\" rather than to only Clario."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://clario.co/vpn-for-mac/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://tunnelcrack.mathyvanhoef.com/details.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-366xx/CVE-2023-36673.json
+++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36673.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36673",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-09T23:15:10.897",
+  "lastModified": "2023-08-09T23:15:10.897",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while simultaneously using plaintext DNS to look up the VPN server's IP address. This allows an adversary to trick the victim into sending traffic to arbitrary IP addresses in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"ServerIP attack, combined with DNS spoofing, that can leak traffic to an arbitrary IP address\" rather than to only Avira Phantom VPN."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://tunnelcrack.mathyvanhoef.com/details.html",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.avira.com/en/free-vpn",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-08-09T22:00:28.750231+00:00
+2023-08-09T23:55:25.759743+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-08-09T21:15:11.917000+00:00
+2023-08-09T23:15:10.897000+00:00
 ```

 ### Last Data Feed Release
@ -29,50 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-222207
+222213
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `6`

-* [CVE-2023-23347](CVE-2023/CVE-2023-233xx/CVE-2023-23347.json) (`2023-08-09T20:15:09.903`)
-* [CVE-2023-33468](CVE-2023/CVE-2023-334xx/CVE-2023-33468.json) (`2023-08-09T20:15:10.357`)
-* [CVE-2023-33469](CVE-2023/CVE-2023-334xx/CVE-2023-33469.json) (`2023-08-09T20:15:10.427`)
-* [CVE-2023-37068](CVE-2023/CVE-2023-370xx/CVE-2023-37068.json) (`2023-08-09T20:15:10.497`)
-* [CVE-2023-38347](CVE-2023/CVE-2023-383xx/CVE-2023-38347.json) (`2023-08-09T20:15:10.690`)
-* [CVE-2023-38348](CVE-2023/CVE-2023-383xx/CVE-2023-38348.json) (`2023-08-09T20:15:10.753`)
+* [CVE-2023-33241](CVE-2023/CVE-2023-332xx/CVE-2023-33241.json) (`2023-08-09T22:15:10.323`)
+* [CVE-2023-33242](CVE-2023/CVE-2023-332xx/CVE-2023-33242.json) (`2023-08-09T22:15:11.180`)
+* [CVE-2023-35838](CVE-2023/CVE-2023-358xx/CVE-2023-35838.json) (`2023-08-09T23:15:10.007`)
+* [CVE-2023-36671](CVE-2023/CVE-2023-366xx/CVE-2023-36671.json) (`2023-08-09T23:15:10.650`)
+* [CVE-2023-36672](CVE-2023/CVE-2023-366xx/CVE-2023-36672.json) (`2023-08-09T23:15:10.823`)
+* [CVE-2023-36673](CVE-2023/CVE-2023-366xx/CVE-2023-36673.json) (`2023-08-09T23:15:10.897`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `49`
+Recently modified CVEs: `0`

-* [CVE-2023-39003](CVE-2023/CVE-2023-390xx/CVE-2023-39003.json) (`2023-08-09T20:12:10.860`)
-* [CVE-2023-39004](CVE-2023/CVE-2023-390xx/CVE-2023-39004.json) (`2023-08-09T20:12:10.860`)
-* [CVE-2023-39005](CVE-2023/CVE-2023-390xx/CVE-2023-39005.json) (`2023-08-09T20:12:10.860`)
-* [CVE-2023-39006](CVE-2023/CVE-2023-390xx/CVE-2023-39006.json) (`2023-08-09T20:12:10.860`)
-* [CVE-2023-39007](CVE-2023/CVE-2023-390xx/CVE-2023-39007.json) (`2023-08-09T20:12:10.860`)
-* [CVE-2023-39008](CVE-2023/CVE-2023-390xx/CVE-2023-39008.json) (`2023-08-09T20:12:10.860`)
-* [CVE-2023-33466](CVE-2023/CVE-2023-334xx/CVE-2023-33466.json) (`2023-08-09T20:15:10.200`)
-* [CVE-2023-37464](CVE-2023/CVE-2023-374xx/CVE-2023-37464.json) (`2023-08-09T20:15:10.570`)
-* [CVE-2023-39526](CVE-2023/CVE-2023-395xx/CVE-2023-39526.json) (`2023-08-09T20:18:36.627`)
-* [CVE-2023-39527](CVE-2023/CVE-2023-395xx/CVE-2023-39527.json) (`2023-08-09T20:19:10.417`)
-* [CVE-2023-39550](CVE-2023/CVE-2023-395xx/CVE-2023-39550.json) (`2023-08-09T20:32:27.357`)
-* [CVE-2023-28468](CVE-2023/CVE-2023-284xx/CVE-2023-28468.json) (`2023-08-09T20:48:19.957`)
-* [CVE-2023-33906](CVE-2023/CVE-2023-339xx/CVE-2023-33906.json) (`2023-08-09T20:54:32.290`)
-* [CVE-2023-37470](CVE-2023/CVE-2023-374xx/CVE-2023-37470.json) (`2023-08-09T20:57:29.157`)
-* [CVE-2023-2754](CVE-2023/CVE-2023-27xx/CVE-2023-2754.json) (`2023-08-09T21:04:48.440`)
-* [CVE-2023-38688](CVE-2023/CVE-2023-386xx/CVE-2023-38688.json) (`2023-08-09T21:05:36.740`)
-* [CVE-2023-36159](CVE-2023/CVE-2023-361xx/CVE-2023-36159.json) (`2023-08-09T21:15:10.677`)
-* [CVE-2023-4045](CVE-2023/CVE-2023-40xx/CVE-2023-4045.json) (`2023-08-09T21:15:11.137`)
-* [CVE-2023-4046](CVE-2023/CVE-2023-40xx/CVE-2023-4046.json) (`2023-08-09T21:15:11.253`)
-* [CVE-2023-4047](CVE-2023/CVE-2023-40xx/CVE-2023-4047.json) (`2023-08-09T21:15:11.370`)
-* [CVE-2023-4048](CVE-2023/CVE-2023-40xx/CVE-2023-4048.json) (`2023-08-09T21:15:11.467`)
-* [CVE-2023-4049](CVE-2023/CVE-2023-40xx/CVE-2023-4049.json) (`2023-08-09T21:15:11.627`)
-* [CVE-2023-4050](CVE-2023/CVE-2023-40xx/CVE-2023-4050.json) (`2023-08-09T21:15:11.723`)
-* [CVE-2023-4055](CVE-2023/CVE-2023-40xx/CVE-2023-4055.json) (`2023-08-09T21:15:11.820`)
-* [CVE-2023-4056](CVE-2023/CVE-2023-40xx/CVE-2023-4056.json) (`2023-08-09T21:15:11.917`)


 ## Download and Usage