admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-12-30T17:00:22.637383+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-12-30 17:03:47 +00:00
parent 64ca512051
commit 111c0baa46
16 changed files with 615 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2022/CVE-2022-316xx/CVE-2022-31640.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31640",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T17:15:08.893",
"lastModified": "2024-11-21T07:04:57.250",
"lastModified": "2024-12-30T16:15:06.100",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-367"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-316xx/CVE-2022-31641.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31641",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T17:15:08.943",
"lastModified": "2024-11-21T07:04:57.737",
"lastModified": "2024-12-30T16:15:08.253",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-367"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-316xx/CVE-2022-31642.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31642",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T17:15:08.987",
"lastModified": "2024-11-21T07:04:58.220",
"lastModified": "2024-12-30T16:15:08.893",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-367"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-316xx/CVE-2022-31644.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31644",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T18:15:09.363",
"lastModified": "2024-11-21T07:05:00.663",
"lastModified": "2024-12-30T16:15:09.530",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-316xx/CVE-2022-31645.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31645",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T18:15:09.413",
"lastModified": "2024-11-21T07:05:01.190",
"lastModified": "2024-12-30T16:15:10.130",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-316xx/CVE-2022-31646.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31646",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T18:15:09.457",
"lastModified": "2024-11-21T07:05:01.730",
"lastModified": "2024-12-30T15:15:06.637",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2023/CVE-2023-351xx/CVE-2023-35149.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35149",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.277",
"lastModified": "2024-11-21T08:08:02.170",
"lastModified": "2024-12-30T16:15:11.097",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-862"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-129xx/CVE-2024-12967.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-12967",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-26T22:15:09.487",
"lastModified": "2024-12-26T22:15:09.487",
"lastModified": "2024-12-30T15:15:08.143",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. Affected is the function fln_update of the file /_parse/_all_edits.php. The manipulation of the argument fname/lname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Job Recruitment 1.0. La funci\u00f3n fln_update del archivo /_parse/_all_edits.php est\u00e1 afectada. La manipulaci\u00f3n del argumento fname/lname provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado."
}
],
"metrics": {
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.469002",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/glqt/CVE/blob/main/sql-glqt.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

12
CVE-2024/CVE-2024-129xx/CVE-2024-12986.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-12986",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-27T16:15:23.927",
"lastModified": "2024-12-27T16:15:23.927",
"lastModified": "2024-12-30T15:15:08.390",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some unknown processing of the file /cgi-bin/mainfunction.cgi/apmcfgupptim of the component Web Management Interface. The manipulation of the argument session leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.1.5 is able to address this issue. It is recommended to upgrade the affected component."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en DrayTek Vigor2960 y Vigor300B 1.5.1.3/1.5.1.4. Este problema afecta a algunos procesos desconocidos del archivo /cgi-bin/mainfunction.cgi/apmcfgupptim del componente Web Management Interface. La manipulaci\u00f3n del argumento session lleva a la inyecci\u00f3n de comandos del sistema operativo. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 1.5.1.5 puede solucionar este problema. Se recomienda actualizar el componente afectado."
}
],
"metrics": {
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.468794",
"source": "cna@vuldb.com"
},
{
"url": "https://netsecfish.notion.site/Command-Injection-in-apmcfgupptim-endpoint-for-DrayTek-Gateway-Devices-1676b683e67c80b9ad8cc37b93273bf6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

123
CVE-2024/CVE-2024-358xx/CVE-2024-35862.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35862",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-19T09:15:07.797",
"lastModified": "2024-11-21T09:21:04.467",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-12-30T15:00:09.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,140 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: client: corrige UAF potencial en smb2_is_network_name_deleted() Omita las sesiones que se est\u00e1n eliminando (estado == SES_EXITING) para evitar UAF."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.85",
"matchCriteriaId": "B62CF0EC-6C39-4DAD-A6CC-C31C3277A460"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.26",
"matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.8.5",
"matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/63981561ffd2d4987807df4126f96a11e18b0c1d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa582b33f94453fdeaff1e7d0aa252c505975e01",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d919b6ea15ffa56fbafef4a1d92f47aeda9af645",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f9414004798d9742c1af23a1d839fe6a9503751c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/63981561ffd2d4987807df4126f96a11e18b0c1d",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/aa582b33f94453fdeaff1e7d0aa252c505975e01",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d919b6ea15ffa56fbafef4a1d92f47aeda9af645",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f9414004798d9742c1af23a1d839fe6a9503751c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}

64
CVE-2024/CVE-2024-507xx/CVE-2024-50701.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-50701",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-30T15:15:10.430",
"lastModified": "2024-12-30T16:15:11.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://github.com/nilsteampassnet/TeamPass/commit/ddbb2d3d94085dced50c4936fd2215af88e4a88d",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1",
"source": "cve@mitre.org"
}
]
}

64
CVE-2024/CVE-2024-507xx/CVE-2024-50702.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-50702",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-30T15:15:10.567",
"lastModified": "2024-12-30T16:15:11.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://github.com/nilsteampassnet/TeamPass/commit/35e2b479f2379545b4132bc30a9d052ba7018bf9",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1",
"source": "cve@mitre.org"
}
]
}

64
CVE-2024/CVE-2024-507xx/CVE-2024-50703.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-50703",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-30T15:15:10.693",
"lastModified": "2024-12-30T16:15:11.713",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-472"
}
]
}
],
"references": [
{
"url": "https://github.com/nilsteampassnet/TeamPass/commit/c7f7f809071eaa9e04505ee79cec7049a42959e9",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-565xx/CVE-2024-56522.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-56522",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-27T05:15:08.130",
"lastModified": "2024-12-27T05:15:08.130",
"lastModified": "2024-12-30T16:15:11.920",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 un problema en TCPDF antes de 6.8.0. unserializeTCPDFtag usa != (tambi\u00e9n conocido como comparaci\u00f3n flexible) y no usa una funci\u00f3n de tiempo constante para comparar hashes de etiquetas TCPDF."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://github.com/tecnickcom/TCPDF/commit/d54b97cec33f4f1a5ad81119a82085cad93cec89",

28
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-30T15:00:19.902517+00:00
2024-12-30T17:00:22.637383+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-30T14:58:23.177000+00:00
2024-12-30T16:15:11.920000+00:00
```
### Last Data Feed Release
@ -33,23 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
275169
275172
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `3`
- [CVE-2024-54181](CVE-2024/CVE-2024-541xx/CVE-2024-54181.json) (`2024-12-30T14:15:05.867`)
- [CVE-2024-50701](CVE-2024/CVE-2024-507xx/CVE-2024-50701.json) (`2024-12-30T15:15:10.430`)
- [CVE-2024-50702](CVE-2024/CVE-2024-507xx/CVE-2024-50702.json) (`2024-12-30T15:15:10.567`)
- [CVE-2024-50703](CVE-2024/CVE-2024-507xx/CVE-2024-50703.json) (`2024-12-30T15:15:10.693`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `11`
- [CVE-2024-35861](CVE-2024/CVE-2024-358xx/CVE-2024-35861.json) (`2024-12-30T14:57:32.627`)
- [CVE-2024-35863](CVE-2024/CVE-2024-358xx/CVE-2024-35863.json) (`2024-12-30T14:58:23.177`)
- [CVE-2024-35864](CVE-2024/CVE-2024-358xx/CVE-2024-35864.json) (`2024-12-30T14:58:03.057`)
- [CVE-2022-31640](CVE-2022/CVE-2022-316xx/CVE-2022-31640.json) (`2024-12-30T16:15:06.100`)
- [CVE-2022-31641](CVE-2022/CVE-2022-316xx/CVE-2022-31641.json) (`2024-12-30T16:15:08.253`)
- [CVE-2022-31642](CVE-2022/CVE-2022-316xx/CVE-2022-31642.json) (`2024-12-30T16:15:08.893`)
- [CVE-2022-31644](CVE-2022/CVE-2022-316xx/CVE-2022-31644.json) (`2024-12-30T16:15:09.530`)
- [CVE-2022-31645](CVE-2022/CVE-2022-316xx/CVE-2022-31645.json) (`2024-12-30T16:15:10.130`)
- [CVE-2022-31646](CVE-2022/CVE-2022-316xx/CVE-2022-31646.json) (`2024-12-30T15:15:06.637`)
- [CVE-2023-35149](CVE-2023/CVE-2023-351xx/CVE-2023-35149.json) (`2024-12-30T16:15:11.097`)
- [CVE-2024-12967](CVE-2024/CVE-2024-129xx/CVE-2024-12967.json) (`2024-12-30T15:15:08.143`)
- [CVE-2024-12986](CVE-2024/CVE-2024-129xx/CVE-2024-12986.json) (`2024-12-30T15:15:08.390`)
- [CVE-2024-35862](CVE-2024/CVE-2024-358xx/CVE-2024-35862.json) (`2024-12-30T15:00:09.317`)
- [CVE-2024-56522](CVE-2024/CVE-2024-565xx/CVE-2024-56522.json) (`2024-12-30T16:15:11.920`)
## Download and Usage

33
_state.csv
View File

@ -199836,13 +199836,13 @@ CVE-2022-31636,0,0,3dde94b5af6733fb77f8357055347d897ee2984f52a5eb2f297bff7574e2b
CVE-2022-31637,0,0,7e118aefb900f1b8771bfb03c3f88a05095e573d84c8f798deca45c7a537e9d6,2024-11-21T07:04:55.353000
CVE-2022-31638,0,0,2059d84d26545dd04336453f64b35e323c5ddc67e0fdd01032a49e7d96e0e32b,2024-11-21T07:04:55.950000
CVE-2022-31639,0,0,2db9867db165c9710bd5f24a4058d245249a75be5ab8aab9a798192b24a8bc65,2024-11-21T07:04:56.547000
CVE-2022-31640,0,0,2ee6729c5944926b2307b86e03e8e74e4202ec252b80ff8ddfc8d37a09c52dd5,2024-11-21T07:04:57.250000
CVE-2022-31641,0,0,19ae5bc076571b47a79371fb5e250c4a4fb6aa0c14cb62786594e92df8e74248,2024-11-21T07:04:57.737000
CVE-2022-31642,0,0,f2eb49c1fe1748bb95931e7fc59ee224dc18ddc87a7fd10a365a92012b42afb8,2024-11-21T07:04:58.220000
CVE-2022-31640,0,1,f11ab96742ffed0fb0a866e562fccf8c44d323795437840f01b1c6fa62caafe8,2024-12-30T16:15:06.100000
CVE-2022-31641,0,1,19b2fb0e0f951485c4ce9094635fe73b00e4bc17b8e05ad62063edc0869672a9,2024-12-30T16:15:08.253000
CVE-2022-31642,0,1,bff5cf87808677159fc9a6eb9ac18eb2800300e0308ae0d505b80b1cf22db0b8,2024-12-30T16:15:08.893000
CVE-2022-31643,0,0,fa151018684c6953f65551b56a139dc61374f7ada3432debb6b95888226f8cf1,2024-11-21T07:05:00.397000
CVE-2022-31644,0,0,f7f15371da7d7dd338a40ac01735297a02279c32412f23ac27fb1960727f7922,2024-11-21T07:05:00.663000
CVE-2022-31645,0,0,6950b7b0f1deb7dac4cfa390c7adec89d8b41c1abee801c19e617d9fe7aa8c48,2024-11-21T07:05:01.190000
CVE-2022-31646,0,0,f1be30b44a73a539b3c54872e4b29401d256d5c6a287ed0832e8dfe7d692b1ad,2024-11-21T07:05:01.730000
CVE-2022-31644,0,1,d2f1b7ae6d968ce9af9272f45757253f626b70e3243e9918d28b589a4ed2702d,2024-12-30T16:15:09.530000
CVE-2022-31645,0,1,6b86f17d92883acc5c3abbb67b419eb61386e37b9ab3a1471447601d2947bf99,2024-12-30T16:15:10.130000
CVE-2022-31646,0,1,995785360bc01cd17d07f522fdbaaa941afdaafaa0ddeb6d1e5740ab63223713,2024-12-30T15:15:06.637000
CVE-2022-31647,0,0,686a0c7255434abb33926aae8f59dfa7c9274563a0096c9e0644efa512bf620d,2024-11-21T07:05:02.257000
CVE-2022-31648,0,0,344ed376a4cfa12222e8b7aecf75bd89b2d9d6886b929fc17ec8e6e7b5447d92,2024-11-21T07:05:02.450000
CVE-2022-31649,0,0,f63981d3365b98465059d41e02f9513486e43c621f49a87e2c3ed4c211bfcf49,2024-11-21T07:05:02.637000
@ -227238,7 +227238,7 @@ CVE-2023-35145,0,0,1a86cee39ac4e4407c4314d5b2e1552e4baaf436309a563e839ead9ccfcda
CVE-2023-35146,0,0,44a63ad040fd2edfccf8b6f97433b38f373080f85f689126729db827ad535a71,2024-11-21T08:08:01.803000
CVE-2023-35147,0,0,233b4938779d512532f422e30243b34ce634214a9f795e026d2cfb954c4c9d83,2024-11-21T08:08:01.930000
CVE-2023-35148,0,0,f8e216cbe98b2f220d321401798e26f42833a9b49e6fbdce4af0c486619ddf05,2024-11-21T08:08:02.047000
CVE-2023-35149,0,0,15fbc752e72c0cfca5e567532583212c37b413b8a95e58bb3661a90887baba2c,2024-11-21T08:08:02.170000
CVE-2023-35149,0,1,55df5d32cebf1e44be6bb756e411e1e6672b4e82fde779c5a3dcde946aa755db,2024-12-30T16:15:11.097000
CVE-2023-3515,0,0,35dd4df8483f4213f98d9836b0fc238555087f3031c5695b66fd64b78ece979b,2024-11-21T08:17:26.130000
CVE-2023-35150,0,0,65b755d7ced4323ca0a24d92979a2dbd96132af8a1df7aaf083274d3763cc197,2024-11-21T08:08:02.300000
CVE-2023-35151,0,0,cedc948a948a15c9fc98f318f978208ed5642808a6da0b0532a1276bd30cb9a7,2024-11-21T08:08:02.453000
@ -245205,7 +245205,7 @@ CVE-2024-12963,0,0,57f82207620016a08e0cb80b0791f36983b5234c758838adbd8c3ad91e56b
CVE-2024-12964,0,0,d513e19faa5f3847ffc26f78baf6678142a42a5a46d88fa1ccbe6fd4373f497d,2024-12-27T17:15:07.477000
CVE-2024-12965,0,0,0f5c2540cdb5ac873ce2cfe31073cd5dedecd4e0bfda6d5a77312d614a188bf7,2024-12-27T17:15:07.593000
CVE-2024-12966,0,0,2b9f12982839474c2e9bdcaa35313f34a8e49674ee4c820004a347386206e514,2024-12-27T17:15:07.733000
CVE-2024-12967,0,0,86a83199511c325bdecee14cf675496a5d727c568374dad21f8ebce6a60c869c,2024-12-26T22:15:09.487000
CVE-2024-12967,0,1,373940667d19816c3418d961d099af60d3af6231ff28cd91d7af64f003be34e3,2024-12-30T15:15:08.143000
CVE-2024-12968,0,0,0365cfa50aed25aedb7b14e0121254d6a1ab1fc0b7f758bc56f083b331d8bb13,2024-12-27T17:15:07.867000
CVE-2024-12969,0,0,11cb52c0f3a8d2b5e3f9f455e34a756b2b5e55ad686d92ced4ed9827b4f944c8,2024-12-27T17:15:07.993000
CVE-2024-1297,0,0,2270a35f58f01dfb2d035ead28d39deb5680170c865c1d2b9c2476f9e60aaf13,2024-11-21T08:50:15.770000
@ -245220,7 +245220,7 @@ CVE-2024-12982,0,0,893f77442fc90837f9fe8793b451cee087a15ccc8805ad197e0839b6fe5fa
CVE-2024-12983,0,0,660e4511105a84d2089d110a972b11b03704d82ea07b70bce67e29a844922ccc,2024-12-27T16:15:23.683000
CVE-2024-12984,0,0,2c297c29fb447d1430461a9ec66143a0de7d14670d4c271bfba67150b1a1dbab,2024-12-27T15:15:11.957000
CVE-2024-12985,0,0,2bdd786ff99684e2940fbb368bbbfcd24bd850484328bf10ddf8e8613423ca24,2024-12-27T16:15:23.807000
CVE-2024-12986,0,0,5350b1b6fa80b151da892ebccc04100d10936cb49a14a3c3cdac9caf956a9f74,2024-12-27T16:15:23.927000
CVE-2024-12986,0,1,9fe6763e6eaae8601cf98cfafc9a1a86fa65061195b84f986c70f384863d74a7,2024-12-30T15:15:08.390000
CVE-2024-12987,0,0,c34eb558d4755dfea413aff63fb504ec6d0dd703cae8adfb47244c5b6d7c7934,2024-12-27T21:15:07.510000
CVE-2024-12988,0,0,d49ef682e5362e9795b8ee2b72556738a81fba0241a7492ab219be161b1a2c53,2024-12-27T19:15:08.260000
CVE-2024-12989,0,0,2bcfe5274c1815d529b34a7951b77a117c72887b42dca93dbd01b232b34b8745,2024-12-27T18:15:24.777000
@ -257884,10 +257884,10 @@ CVE-2024-35857,0,0,9a8493f8933ae7958584ba04394475c5875746737f5a6103bce569ea31757
CVE-2024-35858,0,0,835d4c6bf85ca7e777257ca004d86a711bd336e3900f92516acf3e6905a95467,2024-11-21T09:21:03.940000
CVE-2024-35859,0,0,090dc5bf02e7c7d608c72cf966d6235f0f902fd4d32b75455323662e70ffeb00,2024-11-21T09:21:04.043000
CVE-2024-35860,0,0,c5798de33a4d522c0a7519af72aed3025e7d3ee6c474d15bcff6cc1547c4e999,2024-11-21T09:21:04.220000
CVE-2024-35861,0,1,7bda632b0af7fb912c1fc80a6b51e401a9c4f2c781ca02e4240d4b9ba6044d7a,2024-12-30T14:57:32.627000
CVE-2024-35862,0,0,9a43c1994996b5f1acd672ca1094d636db3c42195c6b9edd3055afafbce98c10,2024-11-21T09:21:04.467000
CVE-2024-35863,0,1,b81c5679910d1847fbf7862e8247b87fbb3204b0718f830872294595c3959792,2024-12-30T14:58:23.177000
CVE-2024-35864,0,1,31226063ea69d29e428d6ad9d6921f8854f38c9e5b1a81fdb73fb251b4513c60,2024-12-30T14:58:03.057000
CVE-2024-35861,0,0,7bda632b0af7fb912c1fc80a6b51e401a9c4f2c781ca02e4240d4b9ba6044d7a,2024-12-30T14:57:32.627000
CVE-2024-35862,0,1,c3e67a013d1c51ddc061c7d30dc247c7cf7c410ac824d19ddc4ec43799fe8b49,2024-12-30T15:00:09.317000
CVE-2024-35863,0,0,b81c5679910d1847fbf7862e8247b87fbb3204b0718f830872294595c3959792,2024-12-30T14:58:23.177000
CVE-2024-35864,0,0,31226063ea69d29e428d6ad9d6921f8854f38c9e5b1a81fdb73fb251b4513c60,2024-12-30T14:58:03.057000
CVE-2024-35865,0,0,cf6f175d533ee10d6f54c3ebcfdb93d935e02aa77be3f7308461df9f59e1e2eb,2024-11-21T09:21:04.827000
CVE-2024-35866,0,0,c17b7eb7d18b16ffbff97a229ebf9264a87c8ae22c90d5977022f079fb65a342,2024-11-21T09:21:05.010000
CVE-2024-35867,0,0,c342e7d3df1be6823e978f1d318831dc21f55a15f922a36a4b4a54348d830895,2024-11-21T09:21:05.120000
@ -268447,6 +268447,9 @@ CVE-2024-50672,0,0,a506f4d2b4e62571040ff3dd4b935bbaea397a7aabe2668687c8152c3cc15
CVE-2024-50677,0,0,41d5addef3c1d4fcaf4d23ee7f34aa0575b53eb368f3af05bd4b5c5da2166101,2024-12-06T17:15:10.180000
CVE-2024-5069,0,0,ad719aec2191fa4733004e376bcb495f235c4247fa2915a6912d571066c414e6,2024-11-21T09:46:53.973000
CVE-2024-50699,0,0,b7bfb9ce8d871e66c8bc846d040c669e65be2a2e4a5ca2c2838499d7e02651cc,2024-12-11T16:15:12.720000
CVE-2024-50701,1,1,8a425dcfc4eae8298f28fabf6b33fe72be02546da5f5ac786e872bfaa5711eae,2024-12-30T16:15:11.387000
CVE-2024-50702,1,1,2571d2b76c3720865aadb0aca0493774cd9be2477d44e0732f58f6a3463bf26b,2024-12-30T16:15:11.550000
CVE-2024-50703,1,1,3ca543686c5a223cd6a966e24a4095e2a8fb771b46dd2bf6c556fada9156fae6,2024-12-30T16:15:11.713000
CVE-2024-5071,0,0,6dfa056d4abe7e6b37a7311009a7ee0087dcbc392285cd9b9ee51e94d1bed9a4,2024-11-21T09:46:54.120000
CVE-2024-50713,0,0,ef6222df7fefcdb4ff0c05dd5195e429baad1ae292e8f58093855db0cd9cdceb,2024-12-27T21:15:07.837000
CVE-2024-50714,0,0,16a84fabc05c17c54dc3f6c81da670e09dd8653b1c5c6f9870ff04492fd544cd,2024-12-28T18:15:08.193000
@ -270502,7 +270505,7 @@ CVE-2024-54159,0,0,a6966b82b06dc6cc6ffe535670f7fe423d90e23d66a5791ea4c4b55b9827b
CVE-2024-5416,0,0,2cc8eb5abc95e0327999359a16ced825b9a25c50e0044d232fce1c6bda48c682,2024-09-26T14:37:59.290000
CVE-2024-5417,0,0,2c092c55b8a1a8c8890a1e4546beb75d8fbd37f20d02cbd8444692608bc2553d,2024-10-07T15:44:01.830000
CVE-2024-5418,0,0,c3b6dacc234cf8a9c6de6913d07caa1810e24ada600d2b1f8edeb26c6b62184b,2024-11-21T09:47:36.970000
CVE-2024-54181,1,1,435ab25c887e02b68caa27ae6c34508afc683d14a5262d5153e6e917c01c0db1,2024-12-30T14:15:05.867000
CVE-2024-54181,0,0,435ab25c887e02b68caa27ae6c34508afc683d14a5262d5153e6e917c01c0db1,2024-12-30T14:15:05.867000
CVE-2024-5419,0,0,bf78f58706f13dc16fbd00574fc12a2ad63186889150404f7c80cf6aaa4041da,2024-11-21T09:47:37.083000
CVE-2024-54197,0,0,603709103f05bc7a97f6cde13218f652b68a22f4a935ac881648bcc5cc0bfd99,2024-12-10T01:15:06.573000
CVE-2024-54198,0,0,91bef3f33cfc40b2dc583ea6ba9db99e021097c6399c70366353fc13f33f4ef0,2024-12-10T01:15:06.713000
@ -271258,7 +271261,7 @@ CVE-2024-56519,0,0,ba6a49ecaaf54f8458a0d69c5d70c7a58a8b2dfa4fff4d4173a1ded6a5dca
CVE-2024-5652,0,0,1dda3b28a95a3027cca32754d8e2a9cb8bd181dca86e7b0a455abcf575817afc,2024-11-21T09:48:05.750000
CVE-2024-56520,0,0,d5cf08096a86ee5091a69d63f922a02ae7d505f736e95f2dafa31155ab9b2521,2024-12-27T05:15:07.837000
CVE-2024-56521,0,0,6c08543a38146e5fc1fde79ac98f99bec226bbcb111f67da05a8800cf78ac8d9,2024-12-27T05:15:07.977000
CVE-2024-56522,0,0,6dae0e689c85bf491c699977f92875650b5b8e79dcab378cab96d24471e2614f,2024-12-27T05:15:08.130000
CVE-2024-56522,0,1,c0719b044dbc0fcdc0d4eaed012a8c95725e84ecda329fba60f601478e6101fc,2024-12-30T16:15:11.920000
CVE-2024-56527,0,0,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000
CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000
CVE-2024-56531,0,0,29081dacccdc16bd19c2c0276ad13d26d67c523fb953bef36fddd8fa7ad7aad5,2024-12-27T14:15:32.503000

Can't render this file because it is too large.