From 12f4fe581a84445492a4d9b29dc569e89e76b435 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 8 Jul 2024 08:04:30 +0000 Subject: [PATCH] Auto-Update: 2024-07-08T08:01:37.390510+00:00 --- CVE-2024/CVE-2024-346xx/CVE-2024-34602.json | 44 +++++++++++++++++++++ CVE-2024/CVE-2024-346xx/CVE-2024-34603.json | 44 +++++++++++++++++++++ README.md | 14 +++---- _state.csv | 6 ++- 4 files changed, 99 insertions(+), 9 deletions(-) create mode 100644 CVE-2024/CVE-2024-346xx/CVE-2024-34602.json create mode 100644 CVE-2024/CVE-2024-346xx/CVE-2024-34603.json diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34602.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34602.json new file mode 100644 index 00000000000..bc8c4336081 --- /dev/null +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34602.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2024-34602", + "sourceIdentifier": "mobile.security@samsung.com", + "published": "2024-07-08T07:15:02.663", + "lastModified": "2024-07-08T07:15:02.663", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "mobile.security@samsung.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=07", + "source": "mobile.security@samsung.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-346xx/CVE-2024-34603.json b/CVE-2024/CVE-2024-346xx/CVE-2024-34603.json new file mode 100644 index 00000000000..cf74d1cc17a --- /dev/null +++ b/CVE-2024/CVE-2024-346xx/CVE-2024-34603.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2024-34603", + "sourceIdentifier": "mobile.security@samsung.com", + "published": "2024-07-08T07:15:04.100", + "lastModified": "2024-07-08T07:15:04.100", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "mobile.security@samsung.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=07", + "source": "mobile.security@samsung.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 701a9860072..85c0c42efa6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-08T06:00:32.497982+00:00 +2024-07-08T08:01:37.390510+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-08T05:15:02.400000+00:00 +2024-07-08T07:15:04.100000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -255985 +255987 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `2` +- [CVE-2024-34602](CVE-2024/CVE-2024-346xx/CVE-2024-34602.json) (`2024-07-08T07:15:02.663`) +- [CVE-2024-34603](CVE-2024/CVE-2024-346xx/CVE-2024-34603.json) (`2024-07-08T07:15:04.100`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `0` -- [CVE-2023-5090](CVE-2023/CVE-2023-50xx/CVE-2023-5090.json) (`2024-07-08T05:15:02.033`) -- [CVE-2024-4418](CVE-2024/CVE-2024-44xx/CVE-2024-4418.json) (`2024-07-08T05:15:02.400`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 9cce97a2276..6c204c04f02 100644 --- a/_state.csv +++ b/_state.csv @@ -237339,7 +237339,7 @@ CVE-2023-50894,0,0,58a58225d742f654da7bcdccd2cf24db4ef5c63461a5cc7cf3fc28c586982 CVE-2023-50895,0,0,983bb9264ba2c8683f575e79001c719a5d1f72b56ef941db6ead73b118a4d289,2024-03-26T17:09:53.043000 CVE-2023-50896,0,0,32a10544fdac61db8a171df746dccf1d232f13684a47de05af905306e155cf06,2024-01-05T17:32:59.937000 CVE-2023-50898,0,0,8aff62c643d7aeddc95a67a99b868adeecf42b7f0720ae7af339a4744e3e221f,2024-03-15T16:26:49.320000 -CVE-2023-5090,0,1,857f8555c13090b0b0748252e1a3763df646adb22c2b1003dc4bd042a71884da,2024-07-08T05:15:02.033000 +CVE-2023-5090,0,0,857f8555c13090b0b0748252e1a3763df646adb22c2b1003dc4bd042a71884da,2024-07-08T05:15:02.033000 CVE-2023-50900,0,0,d20000b011b3912839a1e3e9a3d806a35dbcfc59ee224e38266be4fc064bc4cc,2024-06-20T12:44:01.637000 CVE-2023-50901,0,0,fa1245dfad58609576f971f16b5ea532f1ca81c051130c99f667ea1205d37921,2024-01-05T17:34:07.947000 CVE-2023-50902,0,0,1513c647ffec3bccc364b057fe7be8ad3f21264b604f6b5475cb44c0c9074864,2024-01-05T16:21:34.563000 @@ -251889,6 +251889,8 @@ CVE-2024-34599,0,0,a6a02ad306f0c667d9b45f855de943b1e86d6818ea503b59522cbea821b71 CVE-2024-3460,0,0,5d753d09cd0688d7cf59cbd53a149eb7d45b8f22859b402f63de2cfaab817466,2024-05-14T16:11:39.510000 CVE-2024-34600,0,0,35051d817085423dbdeb6ae129690762237334bf5ea735f991f5984e5199c534,2024-07-02T18:05:54.487000 CVE-2024-34601,0,0,ba64108f851deae844e8486d0d241f7b45e96c9b76d20a149cd00653a5152768,2024-07-02T18:07:05.737000 +CVE-2024-34602,1,1,a092ec376b20b5bae003e3af1b412b2662656f4989316a07694f2689d75bbbb4,2024-07-08T07:15:02.663000 +CVE-2024-34603,1,1,4f0c1e7202d10e8101cb7ffe013b0c0b325405fef25e0e9452e429bef704a4aa,2024-07-08T07:15:04.100000 CVE-2024-3461,0,0,2a4b7c0e1a8d6b06d86abf0c486b3a9f2d1fa6266081d4aec9284221b4574ee3,2024-05-14T16:11:39.510000 CVE-2024-3462,0,0,42d76b75905cddaca7c4512a98c3e5490f6eba6d1a37db8a52d4bde8c84e9ded,2024-05-14T16:11:39.510000 CVE-2024-3463,0,0,ec14f43c3b7b14f535006ee59b80bf351769520d95be8808071caf75bd274960,2024-05-17T02:39:57.447000 @@ -254608,7 +254610,7 @@ CVE-2024-4409,0,0,7dd623ac9467a0484d209647a6b8fb064b225334d3e5c23c1ee095e63ba208 CVE-2024-4411,0,0,c7fa179581fd2f838a938c9431cc636dd9fa2af2bec9103de58ade770f105c65,2024-05-14T16:11:39.510000 CVE-2024-4413,0,0,cca9f27cd31d87a0c2b601e673b97ef7118798e076ad06575846010a4eaaeef8,2024-05-14T16:11:39.510000 CVE-2024-4417,0,0,56d1a7db112c78a6a4f4098b6b92b23b4d7cd4e314ee26ae65a28dbbe4d8642e,2024-05-14T16:11:39.510000 -CVE-2024-4418,0,1,55b6ef248046882ee283f7d73bda2fd4f51ba2385d2460fbf9412eca6865c5c6,2024-07-08T05:15:02.400000 +CVE-2024-4418,0,0,55b6ef248046882ee283f7d73bda2fd4f51ba2385d2460fbf9412eca6865c5c6,2024-07-08T05:15:02.400000 CVE-2024-4419,0,0,e2d8f545d71f8d9558ae0290474349668dafdd9730a778cdbbf911c6b4cf5157,2024-05-29T13:02:09.280000 CVE-2024-4420,0,0,9b75921df8e16106b48e4c0d4f1fc07ba699b6ee751657d557cf95a2815ddc11,2024-05-21T12:37:59.687000 CVE-2024-4422,0,0,033ffa151e9f7c26ec50c74ca266b6c48fb375132593b1334657790301503e16,2024-05-30T13:15:41.297000