Auto-Update: 2023-11-29T17:00:18.072339+00:00

2025-07-09 16:05:11 +00:00 · 2023-11-29 17:00:21 +00:00 · 2023-11-29 17:00:21 +00:00 · f4a41f5e71
commit f4a41f5e71
parent 9fdca10920
29 changed files with 399 additions and 84 deletions
--- a/CVE-2022/CVE-2022-36xx/CVE-2022-3643.json
+++ b/CVE-2022/CVE-2022-36xx/CVE-2022-3643.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-3643",
  "sourceIdentifier": "security@xen.org",
  "published": "2022-12-07T01:15:11.207",
-  "lastModified": "2023-05-08T17:34:33.167",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:07.700",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -119,7 +119,6 @@
      ]
    },
    {
-      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
@ -136,6 +135,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "security@xen.org"
+    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2022/12/07/2",
      "source": "security@xen.org",
--- a/CVE-2023/CVE-2023-314xx/CVE-2023-31436.json
+++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31436.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-31436",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-04-28T02:15:09.007",
-  "lastModified": "2023-08-18T18:39:51.787",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:07.820",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -124,6 +124,10 @@
        "VDB Entry"
      ]
    },
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-343xx/CVE-2023-34319.json
+++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34319.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-34319",
  "sourceIdentifier": "security@xen.org",
  "published": "2023-09-22T14:15:45.627",
-  "lastModified": "2023-10-29T02:42:22.617",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:07.917",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -84,6 +84,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "security@xen.org"
+    },
    {
      "url": "https://xenbits.xenproject.org/xsa/advisory-432.html",
      "source": "security@xen.org",
--- a/CVE-2023/CVE-2023-35xx/CVE-2023-3567.json
+++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3567.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-3567",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-07-24T16:15:12.990",
-  "lastModified": "2023-11-07T04:19:04.690",
+  "lastModified": "2023-11-29T15:15:08.000",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -33,7 +33,7 @@
        "impactScore": 5.2
      },
      {
-        "source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+        "source": "secalert@redhat.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
@ -66,7 +66,7 @@
      ]
    },
    {
-      "source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+      "source": "secalert@redhat.com",
      "type": "Secondary",
      "description": [
        {
@ -188,6 +188,10 @@
        "VDB Entry"
      ]
    },
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://access.redhat.com/security/cve/CVE-2023-3567",
      "source": "secalert@redhat.com",
--- a/CVE-2023/CVE-2023-36xx/CVE-2023-3609.json
+++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3609.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3609",
  "sourceIdentifier": "cve-coordination@google.com",
  "published": "2023-07-21T21:15:11.743",
-  "lastModified": "2023-10-26T18:15:13.193",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:08.150",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -154,6 +154,10 @@
        "VDB Entry"
      ]
    },
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve-coordination@google.com"
+    },
    {
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=04c55383fa5689357bcdd2c8036725a55ed632bc",
      "source": "cve-coordination@google.com",
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3776.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3776.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3776",
  "sourceIdentifier": "cve-coordination@google.com",
  "published": "2023-07-21T21:15:11.973",
-  "lastModified": "2023-10-26T18:09:58.733",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:08.297",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -134,6 +134,10 @@
        "VDB Entry"
      ]
    },
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve-coordination@google.com"
+    },
    {
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=0323bce598eea038714f941ce2b22541c46d488f",
      "source": "cve-coordination@google.com",
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3777.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3777.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3777",
  "sourceIdentifier": "cve-coordination@google.com",
  "published": "2023-09-06T14:15:10.860",
-  "lastModified": "2023-10-24T15:01:41.440",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:08.393",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -164,6 +164,10 @@
        "VDB Entry"
      ]
    },
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve-coordination@google.com"
+    },
    {
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8",
      "source": "cve-coordination@google.com",
--- a/CVE-2023/CVE-2023-402xx/CVE-2023-40283.json
+++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40283.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40283",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-14T03:15:09.257",
-  "lastModified": "2023-10-24T14:28:44.110",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:08.507",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -133,6 +133,10 @@
        "VDB Entry"
      ]
    },
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.10",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-40xx/CVE-2023-4004.json
+++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4004.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-4004",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-07-31T17:15:10.203",
-  "lastModified": "2023-11-21T17:15:07.873",
+  "lastModified": "2023-11-29T15:15:09.530",
  "vulnStatus": "Undergoing Analysis",
  "descriptions": [
    {
@ -158,6 +158,10 @@
      "url": "http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html",
      "source": "secalert@redhat.com"
    },
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://access.redhat.com/errata/RHSA-2023:4961",
      "source": "secalert@redhat.com"
--- a/CVE-2023/CVE-2023-427xx/CVE-2023-42752.json
+++ b/CVE-2023/CVE-2023-427xx/CVE-2023-42752.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-42752",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-10-13T02:15:09.797",
-  "lastModified": "2023-11-07T04:21:13.853",
+  "lastModified": "2023-11-29T15:15:08.590",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -37,7 +37,7 @@
        "impactScore": 3.6
      },
      {
-        "source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+        "source": "secalert@redhat.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
@ -70,7 +70,7 @@
      ]
    },
    {
-      "source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+      "source": "secalert@redhat.com",
      "type": "Secondary",
      "description": [
        {
@ -99,6 +99,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://access.redhat.com/security/cve/CVE-2023-42752",
      "source": "secalert@redhat.com",
--- a/CVE-2023/CVE-2023-427xx/CVE-2023-42753.json
+++ b/CVE-2023/CVE-2023-427xx/CVE-2023-42753.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-42753",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-09-25T21:15:15.923",
-  "lastModified": "2023-11-29T00:15:07.073",
+  "lastModified": "2023-11-29T15:15:08.747",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -139,6 +139,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://access.redhat.com/errata/RHSA-2023:7370",
      "source": "secalert@redhat.com"
--- a/CVE-2023/CVE-2023-46xx/CVE-2023-4622.json
+++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4622.json
@ -2,12 +2,16 @@
  "id": "CVE-2023-4622",
  "sourceIdentifier": "cve-coordination@google.com",
  "published": "2023-09-06T14:15:12.193",
-  "lastModified": "2023-10-29T02:43:44.230",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:09.750",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Se puede explotar una vulnerabilidad de use-after-free en el componente Linux kernel's af_unix para lograr una escalada de privilegios local. La funci\u00f3n  unix_stream_sendpage() intenta a\u00f1adir datos al \u00faltimo skb en la cola peer's recv sin bloquear la cola. Por lo tanto, existe una carrera donde unix_stream_sendpage() podr\u00eda acceder a un skb sin bloqueo que est\u00e1 siendo liberado mediante la recolecci\u00f3n de basura, resultando en use-after-free. Recomendamos actualizar despu\u00e9s del commit 790c2f9d15b594350ae9bca7b236f2b1859de02c."
    }
  ],
  "metrics": {
@ -116,6 +120,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve-coordination@google.com"
+    },
    {
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c",
      "source": "cve-coordination@google.com",
--- a/CVE-2023/CVE-2023-46xx/CVE-2023-4623.json
+++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4623.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-4623",
  "sourceIdentifier": "cve-coordination@google.com",
  "published": "2023-09-06T14:15:12.357",
-  "lastModified": "2023-10-29T02:40:35.057",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:09.843",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -115,6 +115,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve-coordination@google.com"
+    },
    {
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f",
      "source": "cve-coordination@google.com",
--- a/CVE-2023/CVE-2023-481xx/CVE-2023-48124.json
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48124.json
@ -2,23 +2,85 @@
  "id": "CVE-2023-48124",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-11-21T15:15:07.477",
-  "lastModified": "2023-11-21T16:30:00.600",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-11-29T16:59:36.717",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross Site Scripting in SUP Online Shopping v.1.0 allows a remote attacker to execute arbitrary code via the Name, Email and Address parameters in the Register New Account component."
+    },
+    {
+      "lang": "es",
+      "value": "Cross Site Scripting en SUP Online Shopping v.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de los par\u00e1metros Nombre, Correo electr\u00f3nico y Direcci\u00f3n en el componente Registrar nueva cuenta."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:nayemhowlader:sup_online_shopping:1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "3D7693DD-F2D9-439F-9120-F021EBF2330B"
+            }
+          ]
+        }
+      ]
    }
  ],
-  "metrics": {},
  "references": [
    {
      "url": "https://patelvarshil.medium.com/cve-2023-48124-xss-vulnerability-in-an-e-commerce-platform-ad7d4ab77af4",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit"
+      ]
    },
    {
      "url": "https://www.sourcecodester.com/",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-488xx/CVE-2023-48880.json
+++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48880.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48880",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-11-29T16:15:07.167",
+  "lastModified": "2023-11-29T16:15:07.167",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu Name field at /login.php?m=admin&c=Index&a=changeTableVal&_ajax=1&lang=cn."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/weng-xianhu/eyoucms/issues/52",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-488xx/CVE-2023-48881.json
+++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48881.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48881",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-11-29T16:15:07.217",
+  "lastModified": "2023-11-29T16:15:07.217",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field Title field at /login.php?m=admin&c=Field&a=arctype_add&_ajax=1&lang=cn."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/weng-xianhu/eyoucms/issues/53",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-488xx/CVE-2023-48882.json
+++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48882.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48882",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-11-29T16:15:07.270",
+  "lastModified": "2023-11-29T16:15:07.270",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Document Properties field at /login.php m=admin&c=Index&a=changeTableVal&_ajax=1&lang=cn."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/weng-xianhu/eyoucms/issues/54",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-490xx/CVE-2023-49090.json
+++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49090.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-49090",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-11-29T15:15:08.900",
+  "lastModified": "2023-11-29T15:15:08.900",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "CarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. The validation in `allowlisted_content_type?` determines Content-Type permissions by performing a partial match. If the `content_type` argument of `allowlisted_content_type?` is passed a value crafted by the attacker, Content-Types not included in the `content_type_allowlist` will be allowed. This issue has been patched in versions 2.2.5 and 3.0.5."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 4.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/carrierwaveuploader/carrierwave/commit/39b282db5c1303899b3d3381ce8a837840f983b5",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/carrierwaveuploader/carrierwave/commit/863d425c76eba12c3294227b39018f6b2dccbbf3",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/carrierwaveuploader/carrierwave/security/advisories/GHSA-gxhx-g4fq-49hj",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-496xx/CVE-2023-49652.json
+++ b/CVE-2023/CVE-2023-496xx/CVE-2023-49652.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-49652",
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "published": "2023-11-29T14:15:07.460",
-  "lastModified": "2023-11-29T14:18:05.687",
+  "lastModified": "2023-11-29T15:15:09.213",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1",
+      "source": "jenkinsci-cert@googlegroups.com"
+    },
    {
      "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-2835",
      "source": "jenkinsci-cert@googlegroups.com"
--- a/CVE-2023/CVE-2023-496xx/CVE-2023-49653.json
+++ b/CVE-2023/CVE-2023-496xx/CVE-2023-49653.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-49653",
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "published": "2023-11-29T14:15:07.527",
-  "lastModified": "2023-11-29T14:18:05.687",
+  "lastModified": "2023-11-29T15:15:09.260",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1",
+      "source": "jenkinsci-cert@googlegroups.com"
+    },
    {
      "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3225",
      "source": "jenkinsci-cert@googlegroups.com"
--- a/CVE-2023/CVE-2023-496xx/CVE-2023-49654.json
+++ b/CVE-2023/CVE-2023-496xx/CVE-2023-49654.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-49654",
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "published": "2023-11-29T14:15:07.570",
-  "lastModified": "2023-11-29T14:18:05.687",
+  "lastModified": "2023-11-29T15:15:09.303",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1",
+      "source": "jenkinsci-cert@googlegroups.com"
+    },
    {
      "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193",
      "source": "jenkinsci-cert@googlegroups.com"
--- a/CVE-2023/CVE-2023-496xx/CVE-2023-49655.json
+++ b/CVE-2023/CVE-2023-496xx/CVE-2023-49655.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-49655",
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "published": "2023-11-29T14:15:07.617",
-  "lastModified": "2023-11-29T14:18:05.687",
+  "lastModified": "2023-11-29T15:15:09.343",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1",
+      "source": "jenkinsci-cert@googlegroups.com"
+    },
    {
      "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193",
      "source": "jenkinsci-cert@googlegroups.com"
--- a/CVE-2023/CVE-2023-496xx/CVE-2023-49656.json
+++ b/CVE-2023/CVE-2023-496xx/CVE-2023-49656.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-49656",
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "published": "2023-11-29T14:15:07.667",
-  "lastModified": "2023-11-29T14:18:05.687",
+  "lastModified": "2023-11-29T15:15:09.387",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1",
+      "source": "jenkinsci-cert@googlegroups.com"
+    },
    {
      "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193",
      "source": "jenkinsci-cert@googlegroups.com"
--- a/CVE-2023/CVE-2023-496xx/CVE-2023-49673.json
+++ b/CVE-2023/CVE-2023-496xx/CVE-2023-49673.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-49673",
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "published": "2023-11-29T14:15:07.707",
-  "lastModified": "2023-11-29T14:18:05.687",
+  "lastModified": "2023-11-29T15:15:09.437",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1",
+      "source": "jenkinsci-cert@googlegroups.com"
+    },
    {
      "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3256",
      "source": "jenkinsci-cert@googlegroups.com"
--- a/CVE-2023/CVE-2023-496xx/CVE-2023-49674.json
+++ b/CVE-2023/CVE-2023-496xx/CVE-2023-49674.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-49674",
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "published": "2023-11-29T14:15:07.750",
-  "lastModified": "2023-11-29T14:18:05.687",
+  "lastModified": "2023-11-29T15:15:09.483",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1",
+      "source": "jenkinsci-cert@googlegroups.com"
+    },
    {
      "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3256",
      "source": "jenkinsci-cert@googlegroups.com"
--- a/CVE-2023/CVE-2023-51xx/CVE-2023-5197.json
+++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5197.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-5197",
  "sourceIdentifier": "cve-coordination@google.com",
  "published": "2023-09-27T15:19:43.110",
-  "lastModified": "2023-10-11T16:23:47.707",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:09.987",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -100,6 +100,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
+      "source": "cve-coordination@google.com"
+    },
    {
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f15f29fd4779be8a418b66e9d52979bb6d6c2325",
      "source": "cve-coordination@google.com",
--- a/CVE-2023/CVE-2023-53xx/CVE-2023-5360.json
+++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5360.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-5360",
  "sourceIdentifier": "contact@wpscan.com",
  "published": "2023-10-31T14:15:12.773",
-  "lastModified": "2023-11-08T18:41:39.053",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-29T15:15:10.100",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -69,6 +69,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://packetstormsecurity.com/files/175992/WordPress-Royal-Elementor-Addons-And-Templates-Remote-Shell-Upload.html",
+      "source": "contact@wpscan.com"
+    },
    {
      "url": "https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34",
      "source": "contact@wpscan.com",
--- a/CVE-2023/CVE-2023-62xx/CVE-2023-6235.json
+++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6235.json
@ -2,16 +2,40 @@
  "id": "CVE-2023-6235",
  "sourceIdentifier": "cve-coordination@incibe.es",
  "published": "2023-11-21T13:15:07.343",
-  "lastModified": "2023-11-21T14:08:14.160",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-11-29T16:59:51.970",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An uncontrolled search path element vulnerability has been found in the Duet Display product, affecting version 2.5.9.1. An attacker could place an arbitrary libusk.dll file in the C:\\Users\\user\\AppData\\Local\\Microsoft\\WindowsApps\\ directory, which could lead to the execution and persistence of arbitrary code."
+    },
+    {
+      "lang": "es",
+      "value": "Se ha encontrado una vulnerabilidad de elemento de ruta de b\u00fasqueda no controlada en el producto Duet Display, que afecta a la versi\u00f3n 2.5.9.1. Un atacante podr\u00eda colocar un archivo libusk.dll arbitrario en el directorio C:\\Users\\user\\AppData\\Local\\Microsoft\\WindowsApps\\, lo que podr\u00eda provocar la ejecuci\u00f3n y persistencia de c\u00f3digo arbitrario."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.9
+      },
      {
        "source": "cve-coordination@incibe.es",
        "type": "Secondary",
@ -46,10 +70,30 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:duetdisplay:duet_display:2.5.9.1:*:*:*:*:windows:*:*",
+              "matchCriteriaId": "17B53FC4-E5AB-4B11-A4DA-9A38F5430C90"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/arbitrary-code-execution-duet-display",
-      "source": "cve-coordination@incibe.es"
+      "source": "cve-coordination@incibe.es",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-11-29T15:00:18.644969+00:00
+2023-11-29T17:00:18.072339+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-11-29T14:18:18.333000+00:00
+2023-11-29T16:59:51.970000+00:00
 ```

 ### Last Data Feed Release
@ -29,52 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-231688
+231692
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `8`
+Recently added CVEs: `4`

-* [CVE-2023-40626](CVE-2023/CVE-2023-406xx/CVE-2023-40626.json) (`2023-11-29T13:15:07.123`)
-* [CVE-2023-49652](CVE-2023/CVE-2023-496xx/CVE-2023-49652.json) (`2023-11-29T14:15:07.460`)
-* [CVE-2023-49653](CVE-2023/CVE-2023-496xx/CVE-2023-49653.json) (`2023-11-29T14:15:07.527`)
-* [CVE-2023-49654](CVE-2023/CVE-2023-496xx/CVE-2023-49654.json) (`2023-11-29T14:15:07.570`)
-* [CVE-2023-49655](CVE-2023/CVE-2023-496xx/CVE-2023-49655.json) (`2023-11-29T14:15:07.617`)
-* [CVE-2023-49656](CVE-2023/CVE-2023-496xx/CVE-2023-49656.json) (`2023-11-29T14:15:07.667`)
-* [CVE-2023-49673](CVE-2023/CVE-2023-496xx/CVE-2023-49673.json) (`2023-11-29T14:15:07.707`)
-* [CVE-2023-49674](CVE-2023/CVE-2023-496xx/CVE-2023-49674.json) (`2023-11-29T14:15:07.750`)
+* [CVE-2023-49090](CVE-2023/CVE-2023-490xx/CVE-2023-49090.json) (`2023-11-29T15:15:08.900`)
+* [CVE-2023-48880](CVE-2023/CVE-2023-488xx/CVE-2023-48880.json) (`2023-11-29T16:15:07.167`)
+* [CVE-2023-48881](CVE-2023/CVE-2023-488xx/CVE-2023-48881.json) (`2023-11-29T16:15:07.217`)
+* [CVE-2023-48882](CVE-2023/CVE-2023-488xx/CVE-2023-48882.json) (`2023-11-29T16:15:07.270`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `36`
+Recently modified CVEs: `24`

-* [CVE-2023-6351](CVE-2023/CVE-2023-63xx/CVE-2023-6351.json) (`2023-11-29T14:18:05.687`)
-* [CVE-2023-6378](CVE-2023/CVE-2023-63xx/CVE-2023-6378.json) (`2023-11-29T14:18:05.687`)
-* [CVE-2023-30588](CVE-2023/CVE-2023-305xx/CVE-2023-30588.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-30590](CVE-2023/CVE-2023-305xx/CVE-2023-30590.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-45539](CVE-2023/CVE-2023-455xx/CVE-2023-45539.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-29061](CVE-2023/CVE-2023-290xx/CVE-2023-29061.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-29062](CVE-2023/CVE-2023-290xx/CVE-2023-29062.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-29063](CVE-2023/CVE-2023-290xx/CVE-2023-29063.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-29064](CVE-2023/CVE-2023-290xx/CVE-2023-29064.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-29065](CVE-2023/CVE-2023-290xx/CVE-2023-29065.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-29066](CVE-2023/CVE-2023-290xx/CVE-2023-29066.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-48193](CVE-2023/CVE-2023-481xx/CVE-2023-48193.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-49092](CVE-2023/CVE-2023-490xx/CVE-2023-49092.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-46944](CVE-2023/CVE-2023-469xx/CVE-2023-46944.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-23324](CVE-2023/CVE-2023-233xx/CVE-2023-23324.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-23325](CVE-2023/CVE-2023-233xx/CVE-2023-23325.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-24294](CVE-2023/CVE-2023-242xx/CVE-2023-24294.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-46886](CVE-2023/CVE-2023-468xx/CVE-2023-46886.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-46887](CVE-2023/CVE-2023-468xx/CVE-2023-46887.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-47462](CVE-2023/CVE-2023-474xx/CVE-2023-47462.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-45479](CVE-2023/CVE-2023-454xx/CVE-2023-45479.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-45480](CVE-2023/CVE-2023-454xx/CVE-2023-45480.json) (`2023-11-29T14:18:11.973`)
-* [CVE-2023-48121](CVE-2023/CVE-2023-481xx/CVE-2023-48121.json) (`2023-11-29T14:18:18.333`)
-* [CVE-2023-49078](CVE-2023/CVE-2023-490xx/CVE-2023-49078.json) (`2023-11-29T14:18:18.333`)
-* [CVE-2023-29060](CVE-2023/CVE-2023-290xx/CVE-2023-29060.json) (`2023-11-29T14:18:18.333`)
+* [CVE-2022-3643](CVE-2022/CVE-2022-36xx/CVE-2022-3643.json) (`2023-11-29T15:15:07.700`)
+* [CVE-2023-31436](CVE-2023/CVE-2023-314xx/CVE-2023-31436.json) (`2023-11-29T15:15:07.820`)
+* [CVE-2023-34319](CVE-2023/CVE-2023-343xx/CVE-2023-34319.json) (`2023-11-29T15:15:07.917`)
+* [CVE-2023-3567](CVE-2023/CVE-2023-35xx/CVE-2023-3567.json) (`2023-11-29T15:15:08.000`)
+* [CVE-2023-3609](CVE-2023/CVE-2023-36xx/CVE-2023-3609.json) (`2023-11-29T15:15:08.150`)
+* [CVE-2023-3776](CVE-2023/CVE-2023-37xx/CVE-2023-3776.json) (`2023-11-29T15:15:08.297`)
+* [CVE-2023-3777](CVE-2023/CVE-2023-37xx/CVE-2023-3777.json) (`2023-11-29T15:15:08.393`)
+* [CVE-2023-40283](CVE-2023/CVE-2023-402xx/CVE-2023-40283.json) (`2023-11-29T15:15:08.507`)
+* [CVE-2023-42752](CVE-2023/CVE-2023-427xx/CVE-2023-42752.json) (`2023-11-29T15:15:08.590`)
+* [CVE-2023-42753](CVE-2023/CVE-2023-427xx/CVE-2023-42753.json) (`2023-11-29T15:15:08.747`)
+* [CVE-2023-49652](CVE-2023/CVE-2023-496xx/CVE-2023-49652.json) (`2023-11-29T15:15:09.213`)
+* [CVE-2023-49653](CVE-2023/CVE-2023-496xx/CVE-2023-49653.json) (`2023-11-29T15:15:09.260`)
+* [CVE-2023-49654](CVE-2023/CVE-2023-496xx/CVE-2023-49654.json) (`2023-11-29T15:15:09.303`)
+* [CVE-2023-49655](CVE-2023/CVE-2023-496xx/CVE-2023-49655.json) (`2023-11-29T15:15:09.343`)
+* [CVE-2023-49656](CVE-2023/CVE-2023-496xx/CVE-2023-49656.json) (`2023-11-29T15:15:09.387`)
+* [CVE-2023-49673](CVE-2023/CVE-2023-496xx/CVE-2023-49673.json) (`2023-11-29T15:15:09.437`)
+* [CVE-2023-49674](CVE-2023/CVE-2023-496xx/CVE-2023-49674.json) (`2023-11-29T15:15:09.483`)
+* [CVE-2023-4004](CVE-2023/CVE-2023-40xx/CVE-2023-4004.json) (`2023-11-29T15:15:09.530`)
+* [CVE-2023-4622](CVE-2023/CVE-2023-46xx/CVE-2023-4622.json) (`2023-11-29T15:15:09.750`)
+* [CVE-2023-4623](CVE-2023/CVE-2023-46xx/CVE-2023-4623.json) (`2023-11-29T15:15:09.843`)
+* [CVE-2023-5197](CVE-2023/CVE-2023-51xx/CVE-2023-5197.json) (`2023-11-29T15:15:09.987`)
+* [CVE-2023-5360](CVE-2023/CVE-2023-53xx/CVE-2023-5360.json) (`2023-11-29T15:15:10.100`)
+* [CVE-2023-48124](CVE-2023/CVE-2023-481xx/CVE-2023-48124.json) (`2023-11-29T16:59:36.717`)
+* [CVE-2023-6235](CVE-2023/CVE-2023-62xx/CVE-2023-6235.json) (`2023-11-29T16:59:51.970`)


 ## Download and Usage