admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-05-25T23:55:30.426603+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-05-25 23:58:23 +00:00
parent 177f7a8681
commit 1114194849
4 changed files with 193 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
CVE-2024/CVE-2024-53xx/CVE-2024-5340.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-5340",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-25T22:15:49.540",
"lastModified": "2024-05-25T22:15:49.540",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/vpn/autovpn/sub_commit.php. The manipulation of the argument key leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-266246 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/z%7CYVDv%7CHKA)*%5CdK!/Ruijie%20RG-UAC%20Unified%20Internet%20Behavior%20Management%20Audit%20System%20Backend%20RCE%20Vulnerability-autovpn%3Asub_commit.php.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.266246",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.266246",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.336038",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-53xx/CVE-2024-5350.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-5350",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-25T23:15:09.123",
"lastModified": "2024-05-25T23:15:09.123",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been classified as critical. Affected is the function pageList of the file /pageList. The manipulation of the argument p leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266262 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/anji-plus/report/files/15363269/aj-report.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/anji-plus/report/issues/34",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.266262",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.266262",
"source": "cna@vuldb.com"
}
]
}

11
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-05-25T20:00:38.350351+00:00
2024-05-25T23:55:30.426603+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-05-25T18:15:13.347000+00:00
2024-05-25T23:15:09.123000+00:00
```
### Last Data Feed Release
@ -33,14 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
251778
251780
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
- [CVE-2024-30056](CVE-2024/CVE-2024-300xx/CVE-2024-30056.json) (`2024-05-25T18:15:13.347`)
- [CVE-2024-5340](CVE-2024/CVE-2024-53xx/CVE-2024-5340.json) (`2024-05-25T22:15:49.540`)
- [CVE-2024-5350](CVE-2024/CVE-2024-53xx/CVE-2024-5350.json) (`2024-05-25T23:15:09.123`)
### CVEs modified in the last Commit

4
_state.csv
View File

@ -247756,7 +247756,7 @@ CVE-2024-30051,0,0,4ac4285f8006cbbd83ffbb55080b4ef3b305ba722d6583b382438526b2425
CVE-2024-30053,0,0,de0d3887ecd8088140dfe95e3f9311cc6a39bee41667e1f60a9fd1f03b4a7c20,2024-05-14T19:17:55.627000
CVE-2024-30054,0,0,4bef1769b874d4ff9047765ac17cb428233424000152b0497aba8ed1ea3cade9,2024-05-14T19:17:55.627000
CVE-2024-30055,0,0,3c1bf54fd3fe6c5ab3703162f359c88c3cd7915d8f1fdb651cdd28bec89280a6,2024-05-15T20:15:11.047000
CVE-2024-30056,1,1,1ae448622d8d93f1cc171d3d41ec58ecdbea0e0a8833450654c0676225046646,2024-05-25T18:15:13.347000
CVE-2024-30056,0,0,1ae448622d8d93f1cc171d3d41ec58ecdbea0e0a8833450654c0676225046646,2024-05-25T18:15:13.347000
CVE-2024-30059,0,0,0e87263445f5c97fb9a9f1ad7d5045c3390ca52e934287a08ee2b0f2dd5a42eb,2024-05-14T19:17:55.627000
CVE-2024-3006,0,0,a3349f2fae283580197c9d70e5010e27f73c2425a5df8de3e4af5a848c49e4b6,2024-05-17T02:39:40.117000
CVE-2024-30060,0,0,efca6357b549c7cc6d3a2d3312c222ce95218f5ff55b8090ad901db62a723da1,2024-05-17T18:36:05.263000
@ -251777,3 +251777,5 @@ CVE-2024-5336,0,0,d1380b18449dc8c8c34e22c1b2a107ea89ee46ba4b9dd6f93e49bbe4388f53
CVE-2024-5337,0,0,3d998f1cc9e000a28c5e2cf47948314577814d30a2ab7663340a4bad3cb9838f,2024-05-25T15:15:09.943000
CVE-2024-5338,0,0,2f00fafc81852a7cdfdb8f08f4f53e4150ed52ff36fa79f83543803eea3fc1b1,2024-05-25T16:15:08.390000
CVE-2024-5339,0,0,4558660c92e4acc32898f3ab61fc593792c95b52228424a571d64a0ce0072432,2024-05-25T17:15:15.830000
CVE-2024-5340,1,1,cd6a4584a699b57ca6cfe6dd086d293eb0eda8d447e404069c45b9cb2a4daacf,2024-05-25T22:15:49.540000
CVE-2024-5350,1,1,d9d5199af09903f5d6fa7ce1c3f629a14a0b73872399e216e2f1a73623ab5486,2024-05-25T23:15:09.123000

Can't render this file because it is too large.