From 15074c89517953f43d7f862874f0f0bb60871ded Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 19 Feb 2024 07:00:27 +0000 Subject: [PATCH] Auto-Update: 2024-02-19T07:00:24.124559+00:00 --- CVE-2024/CVE-2024-247xx/CVE-2024-24722.json | 28 +++++++++++++++++++++ CVE-2024/CVE-2024-263xx/CVE-2024-26327.json | 20 +++++++++++++++ CVE-2024/CVE-2024-263xx/CVE-2024-26328.json | 20 +++++++++++++++ README.md | 23 ++++++----------- 4 files changed, 76 insertions(+), 15 deletions(-) create mode 100644 CVE-2024/CVE-2024-247xx/CVE-2024-24722.json create mode 100644 CVE-2024/CVE-2024-263xx/CVE-2024-26327.json create mode 100644 CVE-2024/CVE-2024-263xx/CVE-2024-26328.json diff --git a/CVE-2024/CVE-2024-247xx/CVE-2024-24722.json b/CVE-2024/CVE-2024-247xx/CVE-2024-24722.json new file mode 100644 index 00000000000..27f012683b9 --- /dev/null +++ b/CVE-2024/CVE-2024-247xx/CVE-2024-24722.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-24722", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-19T06:15:07.890", + "lastModified": "2024-02-19T06:15:07.890", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://files.12dsynergy.com/downloads/download.aspx", + "source": "cve@mitre.org" + }, + { + "url": "https://help.12dsynergy.com/v1/docs/cve-2024-24722", + "source": "cve@mitre.org" + }, + { + "url": "https://www.12dsynergy.com/security-statement/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-263xx/CVE-2024-26327.json b/CVE-2024/CVE-2024-263xx/CVE-2024-26327.json new file mode 100644 index 00000000000..9e64751c5e2 --- /dev/null +++ b/CVE-2024/CVE-2024-263xx/CVE-2024-26327.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-26327", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-19T05:15:22.527", + "lastModified": "2024-02-19T05:15:22.527", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://lore.kernel.org/all/20240214-reuse-v4-5-89ad093a07f4%40daynix.com/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-263xx/CVE-2024-26328.json b/CVE-2024/CVE-2024-263xx/CVE-2024-26328.json new file mode 100644 index 00000000000..26794372ba3 --- /dev/null +++ b/CVE-2024/CVE-2024-263xx/CVE-2024-26328.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-26328", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-19T05:15:26.263", + "lastModified": "2024-02-19T05:15:26.263", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://lore.kernel.org/all/20240213055345-mutt-send-email-mst%40kernel.org/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index e28e971838d..68aa42ad7c4 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-02-19T05:00:23.982630+00:00 +2024-02-19T07:00:24.124559+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-02-19T04:15:07.400000+00:00 +2024-02-19T06:15:07.890000+00:00 ``` ### Last Data Feed Release @@ -29,29 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -238869 +238872 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `3` -* [CVE-2024-26318](CVE-2024/CVE-2024-263xx/CVE-2024-26318.json) (`2024-02-19T04:15:07.400`) +* [CVE-2024-26327](CVE-2024/CVE-2024-263xx/CVE-2024-26327.json) (`2024-02-19T05:15:22.527`) +* [CVE-2024-26328](CVE-2024/CVE-2024-263xx/CVE-2024-26328.json) (`2024-02-19T05:15:26.263`) +* [CVE-2024-24722](CVE-2024/CVE-2024-247xx/CVE-2024-24722.json) (`2024-02-19T06:15:07.890`) ### CVEs modified in the last Commit -Recently modified CVEs: `9` +Recently modified CVEs: `0` -* [CVE-2021-43784](CVE-2021/CVE-2021-437xx/CVE-2021-43784.json) (`2024-02-19T03:15:07.330`) -* [CVE-2023-45142](CVE-2023/CVE-2023-451xx/CVE-2023-45142.json) (`2024-02-19T03:15:07.697`) -* [CVE-2023-4408](CVE-2023/CVE-2023-44xx/CVE-2023-4408.json) (`2024-02-19T03:15:07.860`) -* [CVE-2023-50387](CVE-2023/CVE-2023-503xx/CVE-2023-50387.json) (`2024-02-19T03:15:07.980`) -* [CVE-2023-50868](CVE-2023/CVE-2023-508xx/CVE-2023-50868.json) (`2024-02-19T03:15:08.100`) -* [CVE-2023-5517](CVE-2023/CVE-2023-55xx/CVE-2023-5517.json) (`2024-02-19T03:15:08.170`) -* [CVE-2023-5679](CVE-2023/CVE-2023-56xx/CVE-2023-5679.json) (`2024-02-19T03:15:08.260`) -* [CVE-2023-6516](CVE-2023/CVE-2023-65xx/CVE-2023-6516.json) (`2024-02-19T03:15:08.343`) -* [CVE-2024-21626](CVE-2024/CVE-2024-216xx/CVE-2024-21626.json) (`2024-02-19T03:15:08.413`) ## Download and Usage