automatic update

1 files changed, 117 insertions, 33 deletions

diff --git a/data/CVE/list b/data/CVE/list
index aec73e8e3d..83324d359c 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,87 @@
+CVE-2023-6727 (Mattermost fails to perform correct authorization checks when creating ...)
+	TODO: check
+CVE-2023-6593 (Client side permission bypass in Devolutions Remote Desktop Manager 20 ...)
+	TODO: check
+CVE-2023-6547 (Mattermost fails to validate team membership when a user attempts to a ...)
+	TODO: check
+CVE-2023-6193 (quiche v. 0.15.0 through 0.19.0 was discovered to be vulnerable to unb ...)
+	TODO: check
+CVE-2023-50495 (NCurse v6.4-20230418 was discovered to contain a segmentation fault vi ...)
+	TODO: check
+CVE-2023-4932 (SAS application is vulnerable to Reflected Cross-Site Scripting (XSS). ...)
+	TODO: check
+CVE-2023-49994 (Espeak-ng 1.52-dev was discovered to contain a Floating Point Exceptio ...)
+	TODO: check
+CVE-2023-49993 (Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the ...)
+	TODO: check
+CVE-2023-49992 (Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow v ...)
+	TODO: check
+CVE-2023-49991 (Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow  ...)
+	TODO: check
+CVE-2023-49990 (Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the ...)
+	TODO: check
+CVE-2023-49874 (Mattermost fails to check whether a user is a guest when updating the  ...)
+	TODO: check
+CVE-2023-49809 (Mattermost fails to handle a null request body in the /add endpoint, a ...)
+	TODO: check
+CVE-2023-49713 (Denial-of-service (DoS) vulnerability exists in NetBIOS service of HMI ...)
+	TODO: check
+CVE-2023-49695 (OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS ...)
+	TODO: check
+CVE-2023-49692 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (Al ...)
+	TODO: check
+CVE-2023-49691 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (Al ...)
+	TODO: check
+CVE-2023-49607 (Mattermost fails to validate the type of the "reminder" body request p ...)
+	TODO: check
+CVE-2023-49563 (Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro v.1.1 allow ...)
+	TODO: check
+CVE-2023-49143 (Denial-of-service (DoS) vulnerability exists in rfe service of HMI GC- ...)
+	TODO: check
+CVE-2023-49140 (Denial-of-service (DoS) vulnerability exists in commplex-link service  ...)
+	TODO: check
+CVE-2023-48677 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
+	TODO: check
+CVE-2023-48431 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
+	TODO: check
+CVE-2023-48430 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
+	TODO: check
+CVE-2023-48429 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
+	TODO: check
+CVE-2023-48428 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
+	TODO: check
+CVE-2023-48427 (A vulnerability has been identified in SINEC INS (All versions < V1.0  ...)
+	TODO: check
+CVE-2023-46701 (Mattermost fails to perform authorization checks in the  /plugins/play ...)
+	TODO: check
+CVE-2023-46456 (In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inj ...)
+	TODO: check
+CVE-2023-46455 (In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible to wr ...)
+	TODO: check
+CVE-2023-46454 (In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to i ...)
+	TODO: check
+CVE-2023-46285 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
+	TODO: check
+CVE-2023-46284 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
+	TODO: check
+CVE-2023-46283 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
+	TODO: check
+CVE-2023-46282 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
+	TODO: check
+CVE-2023-46281 (A vulnerability has been identified in Opcenter Quality (All versions) ...)
+	TODO: check
+CVE-2023-46156 (Affected devices improperly handle specially crafted packets sent to p ...)
+	TODO: check
+CVE-2023-45847 (Mattermost fails to to check the length when setting the title in a ru ...)
+	TODO: check
+CVE-2023-45316 (Mattermost fails to validate if a relative path is passed in /plugins/ ...)
+	TODO: check
+CVE-2023-41963 (Denial-of-service (DoS) vulnerability exists in FTP service of HMI GC- ...)
+	TODO: check
+CVE-2023-41623 (Emlog version pro2.1.14 was discovered to contain a SQL injection vuln ...)
+	TODO: check
+CVE-2023-38380 (A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIP ...)
+	TODO: check
 CVE-2023-6709 (Improper Neutralization of Special Elements Used in a Template Engine  ...)
 	NOT-FOR-US: mlflow
 CVE-2023-6542 (Due to lack of proper authorization checks in Emarsys SDK for Android, ...)
@@ -4357,21 +4441,21 @@ CVE-2023-45585 (An insertion of sensitive information into log file vulnerabilit
 	NOT-FOR-US: FortiGuard
 CVE-2023-45582 (An improper restriction of excessive authentication attempts vulnerabi ...)
 	NOT-FOR-US: FortiGuard
-CVE-2023-44374 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44374 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
-CVE-2023-44373 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44373 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
-CVE-2023-44322 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44322 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
-CVE-2023-44321 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44321 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
-CVE-2023-44320 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44320 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
-CVE-2023-44319 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44319 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
-CVE-2023-44318 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44318 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
-CVE-2023-44317 (A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All  ...)
+CVE-2023-44317 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RU ...)
 	NOT-FOR-US: Siemens
 CVE-2023-44248 (An improper access control vulnerability [CWE-284] inFortiEDRCollector ...)
 	NOT-FOR-US: FortiGuard
@@ -14340,7 +14424,7 @@ CVE-2023-36472 (Strapi is an open-source headless content management system. Pri
 	NOT-FOR-US: Strapi
 CVE-2023-32461 (Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow  ...)
 	NOT-FOR-US: Dell
-CVE-2023-4958
+CVE-2023-4958 (In Red Hat Advanced Cluster Security (RHACS), it was found that some s ...)
 	NOT-FOR-US: StackRox
 CVE-2023-4972 (Improper Privilege Management vulnerability in Yepas Digital Yepas all ...)
 	NOT-FOR-US: Yepas Digital Yepas
@@ -30948,7 +31032,7 @@ CVE-2023-31251
 CVE-2023-31250 (The file download facility doesn't sufficiently sanitize file paths in ...)
 	- drupal7 <removed>
 	NOTE: https://www.drupal.org/sa-core-2023-005
-CVE-2023-31238 (A vulnerability has been identified in POWER METER SICAM Q200 family ( ...)
+CVE-2023-31238 (A vulnerability has been identified in POWER METER SICAM Q100 (All ver ...)
 	NOT-FOR-US: Siemens
 CVE-2023-31237
 	RESERVED
@@ -32002,7 +32086,7 @@ CVE-2023-30903 (HP-UX could be exploited locally to create a Denial of Service (
 	NOT-FOR-US: HPE
 CVE-2023-30902 (A privilege escalation vulnerability in the Trend Micro Apex One and A ...)
 	NOT-FOR-US: Trend Micro
-CVE-2023-30901 (A vulnerability has been identified in POWER METER SICAM Q200 family ( ...)
+CVE-2023-30901 (A vulnerability has been identified in POWER METER SICAM Q100 (All ver ...)
 	NOT-FOR-US: Siemens
 CVE-2023-30900 (A vulnerability has been identified in Xpedition Layout Browser (All v ...)
 	NOT-FOR-US: Siemens
@@ -62993,10 +63077,10 @@ CVE-2023-21675 (Windows Kernel Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2023-21674 (Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vu ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-47375
-	RESERVED
-CVE-2022-47374
-	RESERVED
+CVE-2022-47375 (A vulnerability has been identified in SIMATICPC-Station Plus (All ver ...)
+	TODO: check
+CVE-2022-47374 (A vulnerability has been identified in SIMATICPC-Station Plus (All ver ...)
+	TODO: check
 CVE-2022-47373 (Reflected Cross Site Scripting in Search Functionality of Module Libra ...)
 	NOT-FOR-US: Pandora FMS
 CVE-2022-47372 (Stored cross-site scripting vulnerability in the Create event section  ...)
@@ -66859,8 +66943,8 @@ CVE-2022-46143 (Affected devices do not check the TFTP blocksize correctly. This
 	NOT-FOR-US: Siemens
 CVE-2022-46142 (Affected devices store the CLI user passwords encrypted in flash memor ...)
 	NOT-FOR-US: Siemens
-CVE-2022-46141
-	RESERVED
+CVE-2022-46141 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (Al ...)
+	TODO: check
 CVE-2022-46140 (Affected devices use a weak encryption scheme to encrypt the debug zip ...)
 	NOT-FOR-US: Siemens
 CVE-2022-44620 (Improper authentication vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1 ...)
@@ -79345,8 +79429,8 @@ CVE-2022-42786 (Multiple W&T Products of the ComServer Series are prone to an XS
 	NOT-FOR-US: Wiesemann & Theis GmbH products
 CVE-2022-42785 (Multiple W&T products of the ComServer Series are prone to an authenti ...)
 	NOT-FOR-US: Wiesemann & Theis GmbH products
-CVE-2022-42784
-	RESERVED
+CVE-2022-42784 (A vulnerability has been identified in LOGO! 12/24RCE (All versions >= ...)
+	TODO: check
 CVE-2022-3457 (Origin Validation Error in GitHub repository ikus060/rdiffweb prior to ...)
 	- rdiffweb <itp> (bug #969974)
 CVE-2022-3456 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...)
@@ -96703,11 +96787,11 @@ CVE-2022-2507 (In affected versions of Octopus Deploy it is possible to render u
 	NOT-FOR-US: Octopus Deploy
 CVE-2022-2506
 	RESERVED
-CVE-2022-36363 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+CVE-2022-36363 (A vulnerability has been identified in LOGO! 12/24RCE (All versions),  ...)
 	NOT-FOR-US: LOGO!
-CVE-2022-36362 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+CVE-2022-36362 (A vulnerability has been identified in LOGO! 12/24RCE (All versions),  ...)
 	NOT-FOR-US: LOGO!
-CVE-2022-36361 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+CVE-2022-36361 (A vulnerability has been identified in LOGO! 12/24RCE (All versions),  ...)
 	NOT-FOR-US: LOGO!
 CVE-2022-36360 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: LOGO!
@@ -155845,9 +155929,9 @@ CVE-2021-42019 (A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM
 	NOT-FOR-US: Siemens
 CVE-2021-42018 (A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800N ...)
 	NOT-FOR-US: Siemens
-CVE-2021-42017 (A vulnerability has been identified in RUGGEDCOM i800 (All versions <  ...)
+CVE-2021-42017 (A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, ...)
 	NOT-FOR-US: Siemens
-CVE-2021-42016 (A vulnerability has been identified in RUGGEDCOM i800 (All versions <  ...)
+CVE-2021-42016 (A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, ...)
 	NOT-FOR-US: Siemens
 CVE-2021-42015 (A vulnerability has been identified in Mendix Applications using Mendi ...)
 	NOT-FOR-US: Siemens
@@ -220710,8 +220794,8 @@ CVE-2020-28371 (An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-
 	NOT-FOR-US: ReadyTalk Avian
 CVE-2020-28370
 	RESERVED
-CVE-2020-28369
-	RESERVED
+CVE-2020-28369 (In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7 ...)
+	TODO: check
 CVE-2020-28368 (Xen through 4.14.x allows guest OS administrators to obtain sensitive  ...)
 	{DSA-4804-1}
 	- xen 4.14.0+80-gd101b417b7-1
@@ -230794,7 +230878,7 @@ CVE-2020-25238 (A vulnerability has been identified in PCS neo (Administration C
 	NOT-FOR-US: Siemens
 CVE-2020-25237 (A vulnerability has been identified in SINEC NMS (All versions < V1.0  ...)
 	NOT-FOR-US: Siemens
-CVE-2020-25236 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+CVE-2020-25236 (A vulnerability has been identified in LOGO! 12/24RCE (All versions),  ...)
 	NOT-FOR-US: Siemens
 CVE-2020-25235 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: Siemens
@@ -260453,14 +260537,14 @@ CVE-2020-12617
 	RESERVED
 CVE-2020-12616
 	RESERVED
-CVE-2020-12615
-	RESERVED
-CVE-2020-12614
-	RESERVED
+CVE-2020-12615 (An issue was discovered in BeyondTrust Privilege Management for Window ...)
+	TODO: check
+CVE-2020-12614 (An issue was discovered in BeyondTrust Privilege Management for Window ...)
+	TODO: check
 CVE-2020-12613 (An issue was discovered in BeyondTrust Privilege Management for Window ...)
 	NOT-FOR-US: BeyondTrust Privilege Management for Windows
-CVE-2020-12612
-	RESERVED
+CVE-2020-12612 (An issue was discovered in BeyondTrust Privilege Management for Window ...)
+	TODO: check
 CVE-2020-12611
 	RESERVED
 CVE-2020-12610