Skip to content

Commit 5b8bb19

Browse files
author
cvelistV5 Github Action
committed
6 changes (1 new | 5 updated):
 - 1 new CVEs: CVE-2017-13319 - 5 updated CVEs: CVE-2023-1721, CVE-2023-1724, CVE-2023-1783, CVE-2023-45117, CVE-2023-5010
1 parent 776fb97 commit 5b8bb19

File tree

8 files changed

+285
-141
lines changed

8 files changed

+285
-141
lines changed

cves/2017/13xxx/CVE-2017-13319.json

Lines changed: 75 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,75 @@
1+
{
2+
"dataType": "CVE_RECORD",
3+
"dataVersion": "5.1",
4+
"cveMetadata": {
5+
"cveId": "CVE-2017-13319",
6+
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
7+
"state": "PUBLISHED",
8+
"assignerShortName": "google_android",
9+
"dateReserved": "2017-08-23T00:00:00.000Z",
10+
"datePublished": "2024-11-27T19:55:01.605Z",
11+
"dateUpdated": "2024-11-27T19:55:01.605Z"
12+
},
13+
"containers": {
14+
"cna": {
15+
"affected": [
16+
{
17+
"defaultStatus": "unaffected",
18+
"product": "Android",
19+
"vendor": "Google",
20+
"versions": [
21+
{
22+
"status": "affected",
23+
"version": "7"
24+
},
25+
{
26+
"status": "affected",
27+
"version": "7.1.1"
28+
},
29+
{
30+
"status": "affected",
31+
"version": "7.1.2"
32+
},
33+
{
34+
"status": "affected",
35+
"version": "8"
36+
},
37+
{
38+
"status": "affected",
39+
"version": "8.1"
40+
}
41+
]
42+
}
43+
],
44+
"descriptions": [
45+
{
46+
"lang": "en",
47+
"supportingMedia": [
48+
{
49+
"base64": false,
50+
"type": "text/html",
51+
"value": "<span style=\"background-color: rgb(255, 255, 255);\">In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">possible buffer overread due to a missing bounds check. This could lead to&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">remote information disclosure of global static variables with no additional&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">execution privileges needed. User interaction is not needed for&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">exploitation.</span><br>"
52+
}
53+
],
54+
"value": "In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation."
55+
}
56+
],
57+
"providerMetadata": {
58+
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
59+
"shortName": "google_android",
60+
"dateUpdated": "2024-11-27T19:55:01.605Z"
61+
},
62+
"references": [
63+
{
64+
"url": "https://source.android.com/docs/security/bulletin/pixel/2018-05-01"
65+
}
66+
],
67+
"source": {
68+
"discovery": "UNKNOWN"
69+
},
70+
"x_generator": {
71+
"engine": "Vulnogram 0.2.0"
72+
}
73+
}
74+
}
75+
}

cves/2023/1xxx/CVE-2023-1721.json

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Fluid Attacks",
99
"dateReserved": "2023-03-30T10:25:14.148Z",
1010
"datePublished": "2023-06-23T23:02:38.582Z",
11-
"dateUpdated": "2024-08-02T05:57:24.933Z"
11+
"dateUpdated": "2024-11-27T19:55:10.909Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -134,6 +134,38 @@
134134
]
135135
}
136136
]
137+
},
138+
{
139+
"metrics": [
140+
{
141+
"other": {
142+
"type": "ssvc",
143+
"content": {
144+
"timestamp": "2024-11-27T19:55:01.358515Z",
145+
"id": "CVE-2023-1721",
146+
"options": [
147+
{
148+
"Exploitation": "poc"
149+
},
150+
{
151+
"Automatable": "no"
152+
},
153+
{
154+
"Technical Impact": "total"
155+
}
156+
],
157+
"role": "CISA Coordinator",
158+
"version": "2.0.3"
159+
}
160+
}
161+
}
162+
],
163+
"title": "CISA ADP Vulnrichment",
164+
"providerMetadata": {
165+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
166+
"shortName": "CISA-ADP",
167+
"dateUpdated": "2024-11-27T19:55:10.909Z"
168+
}
137169
}
138170
]
139171
}

cves/2023/1xxx/CVE-2023-1724.json

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Fluid Attacks",
99
"dateReserved": "2023-03-30T10:59:15.825Z",
1010
"datePublished": "2023-06-24T00:13:34.926Z",
11-
"dateUpdated": "2024-08-02T05:57:25.241Z"
11+
"dateUpdated": "2024-11-27T19:53:59.275Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -134,6 +134,38 @@
134134
]
135135
}
136136
]
137+
},
138+
{
139+
"metrics": [
140+
{
141+
"other": {
142+
"type": "ssvc",
143+
"content": {
144+
"timestamp": "2024-11-27T19:53:51.601561Z",
145+
"id": "CVE-2023-1724",
146+
"options": [
147+
{
148+
"Exploitation": "none"
149+
},
150+
{
151+
"Automatable": "no"
152+
},
153+
{
154+
"Technical Impact": "total"
155+
}
156+
],
157+
"role": "CISA Coordinator",
158+
"version": "2.0.3"
159+
}
160+
}
161+
}
162+
],
163+
"title": "CISA ADP Vulnrichment",
164+
"providerMetadata": {
165+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
166+
"shortName": "CISA-ADP",
167+
"dateUpdated": "2024-11-27T19:53:59.275Z"
168+
}
137169
}
138170
]
139171
}

cves/2023/1xxx/CVE-2023-1783.json

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Fluid Attacks",
99
"dateReserved": "2023-03-31T15:47:22.655Z",
1010
"datePublished": "2023-06-23T21:55:48.800Z",
11-
"dateUpdated": "2024-08-02T05:57:25.264Z"
11+
"dateUpdated": "2024-11-27T19:56:41.416Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -134,6 +134,38 @@
134134
]
135135
}
136136
]
137+
},
138+
{
139+
"metrics": [
140+
{
141+
"other": {
142+
"type": "ssvc",
143+
"content": {
144+
"timestamp": "2024-11-27T19:56:30.966662Z",
145+
"id": "CVE-2023-1783",
146+
"options": [
147+
{
148+
"Exploitation": "poc"
149+
},
150+
{
151+
"Automatable": "no"
152+
},
153+
{
154+
"Technical Impact": "partial"
155+
}
156+
],
157+
"role": "CISA Coordinator",
158+
"version": "2.0.3"
159+
}
160+
}
161+
}
162+
],
163+
"title": "CISA ADP Vulnrichment",
164+
"providerMetadata": {
165+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
166+
"shortName": "CISA-ADP",
167+
"dateUpdated": "2024-11-27T19:56:41.416Z"
168+
}
137169
}
138170
]
139171
}

cves/2023/45xxx/CVE-2023-45117.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Fluid Attacks",
99
"dateReserved": "2023-10-04T14:28:12.264Z",
1010
"datePublished": "2023-12-21T15:47:00.234Z",
11-
"dateUpdated": "2024-11-27T19:48:09.901Z"
11+
"dateUpdated": "2024-11-27T19:57:22.223Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -145,11 +145,11 @@
145145
"other": {
146146
"type": "ssvc",
147147
"content": {
148-
"timestamp": "2024-11-27T19:47:52.907958Z",
148+
"timestamp": "2024-11-27T19:57:13.842553Z",
149149
"id": "CVE-2023-45117",
150150
"options": [
151151
{
152-
"Exploitation": "poc"
152+
"Exploitation": "none"
153153
},
154154
{
155155
"Automatable": "yes"
@@ -168,7 +168,7 @@
168168
"providerMetadata": {
169169
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
170170
"shortName": "CISA-ADP",
171-
"dateUpdated": "2024-11-27T19:48:09.901Z"
171+
"dateUpdated": "2024-11-27T19:57:22.223Z"
172172
}
173173
}
174174
]

cves/2023/5xxx/CVE-2023-5010.json

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
"assignerShortName": "Fluid Attacks",
99
"dateReserved": "2023-09-15T22:52:20.378Z",
1010
"datePublished": "2023-12-20T15:55:07.052Z",
11-
"dateUpdated": "2024-08-02T07:44:53.671Z"
11+
"dateUpdated": "2024-11-27T19:57:40.392Z"
1212
},
1313
"containers": {
1414
"cna": {
@@ -138,6 +138,38 @@
138138
"url": "https://www.kashipara.com/"
139139
}
140140
]
141+
},
142+
{
143+
"metrics": [
144+
{
145+
"other": {
146+
"type": "ssvc",
147+
"content": {
148+
"timestamp": "2024-11-27T19:56:37.938230Z",
149+
"id": "CVE-2023-5010",
150+
"options": [
151+
{
152+
"Exploitation": "none"
153+
},
154+
{
155+
"Automatable": "yes"
156+
},
157+
{
158+
"Technical Impact": "total"
159+
}
160+
],
161+
"role": "CISA Coordinator",
162+
"version": "2.0.3"
163+
}
164+
}
165+
}
166+
],
167+
"title": "CISA ADP Vulnrichment",
168+
"providerMetadata": {
169+
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
170+
"shortName": "CISA-ADP",
171+
"dateUpdated": "2024-11-27T19:57:40.392Z"
172+
}
141173
}
142174
]
143175
}

cves/delta.json

Lines changed: 29 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,49 +1,44 @@
11
{
2-
"fetchTime": "2024-11-27T19:53:23.425Z",
3-
"numberOfChanges": 7,
4-
"new": [],
5-
"updated": [
6-
{
7-
"cveId": "CVE-2015-20109",
8-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2015-20109",
9-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2015/20xxx/CVE-2015-20109.json",
10-
"dateUpdated": "2024-11-27T19:50:15.593Z"
11-
},
2+
"fetchTime": "2024-11-27T20:00:54.049Z",
3+
"numberOfChanges": 6,
4+
"new": [
125
{
13-
"cveId": "CVE-2023-1722",
14-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-1722",
15-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/1xxx/CVE-2023-1722.json",
16-
"dateUpdated": "2024-11-27T19:53:03.784Z"
17-
},
18-
{
19-
"cveId": "CVE-2023-36612",
20-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-36612",
21-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/36xxx/CVE-2023-36612.json",
22-
"dateUpdated": "2024-11-27T19:48:09.326Z"
23-
},
6+
"cveId": "CVE-2017-13319",
7+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2017-13319",
8+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2017/13xxx/CVE-2017-13319.json",
9+
"dateUpdated": "2024-11-27T19:55:01.605Z"
10+
}
11+
],
12+
"updated": [
2413
{
25-
"cveId": "CVE-2023-36630",
26-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-36630",
27-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/36xxx/CVE-2023-36630.json",
28-
"dateUpdated": "2024-11-27T19:47:23.815Z"
14+
"cveId": "CVE-2023-1721",
15+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-1721",
16+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/1xxx/CVE-2023-1721.json",
17+
"dateUpdated": "2024-11-27T19:55:10.909Z"
2918
},
3019
{
31-
"cveId": "CVE-2023-36632",
32-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-36632",
33-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/36xxx/CVE-2023-36632.json",
34-
"dateUpdated": "2024-11-27T19:46:48.884Z"
20+
"cveId": "CVE-2023-1724",
21+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-1724",
22+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/1xxx/CVE-2023-1724.json",
23+
"dateUpdated": "2024-11-27T19:53:59.275Z"
3524
},
3625
{
37-
"cveId": "CVE-2023-3197",
38-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-3197",
39-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/3xxx/CVE-2023-3197.json",
40-
"dateUpdated": "2024-11-27T19:52:09.758Z"
26+
"cveId": "CVE-2023-1783",
27+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-1783",
28+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/1xxx/CVE-2023-1783.json",
29+
"dateUpdated": "2024-11-27T19:56:41.416Z"
4130
},
4231
{
4332
"cveId": "CVE-2023-45117",
4433
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-45117",
4534
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/45xxx/CVE-2023-45117.json",
46-
"dateUpdated": "2024-11-27T19:48:09.901Z"
35+
"dateUpdated": "2024-11-27T19:57:22.223Z"
36+
},
37+
{
38+
"cveId": "CVE-2023-5010",
39+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5010",
40+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5010.json",
41+
"dateUpdated": "2024-11-27T19:57:40.392Z"
4742
}
4843
],
4944
"error": []

0 commit comments

Comments
 (0)