Auto-Update: 2024-04-04T08:00:52.475629+00:00

This commit is contained in:
cad-safe-bot 2024-04-04 08:03:40 +00:00
parent 92b3ce0667
commit 18d0c73f60
9 changed files with 159 additions and 19 deletions

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-25199",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-04T07:15:07.923",
"lastModified": "2024-04-04T07:15:07.923",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the MT Safeline X-Ray X3310 webserver version NXG 19.05 that enables a remote attacker to execute JavaScript code and obtain sensitive information in a victim's browser."
}
],
"metrics": {},
"references": [
{
"url": "https://summitinfosec.com/blog/x-ray-vision-identifying-cve-2023-25199-and-cve-2023-25200-in-manufacturing-equipment/",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-25200",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-04T07:15:08.103",
"lastModified": "2024-04-04T07:15:08.103",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An HTML injection vulnerability exists in the MT Safeline X-Ray X3310 webserver version NXG 19.05 that enables a remote attacker to render malicious HTML and obtain sensitive information in a victim's browser."
}
],
"metrics": {},
"references": [
{
"url": "https://summitinfosec.com/blog/x-ray-vision-identifying-cve-2023-25199-and-cve-2023-25200-in-manufacturing-equipment/",
"source": "cve@mitre.org"
}
]
}

View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38408",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T03:15:10.170",
"lastModified": "2023-12-22T22:15:07.490",
"lastModified": "2024-04-04T06:15:08.430",
"vulnStatus": "Modified",
"descriptions": [
{
@ -213,6 +213,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1418",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-04T06:15:08.783",
"lastModified": "2024-04-04T06:15:08.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The CGC Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2 via the REST API. This makes it possible for unauthenticated attackers to view protected posts via REST API even when maintenance mode is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://wordpress.org/plugins/cgc-maintenance-mode/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1cd5fa89-ed3b-4ac1-9200-9f5eb26cb534?source=cve",
"source": "security@wordfence.com"
}
]
}

View File

@ -2,12 +2,12 @@
"id": "CVE-2024-20848",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-04-02T03:15:09.557",
"lastModified": "2024-04-02T12:50:42.233",
"lastModified": "2024-04-04T06:15:09.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Out-of-bound Write vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code."
"value": "Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory."
},
{
"lang": "es",
@ -21,20 +21,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
"impactScore": 1.4
}
]
},

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-28520",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-04T06:15:09.460",
"lastModified": "2024-04-04T06:15:09.460",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain sensitive information via the uploadfile.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/aknbg1thub/cve/blob/main/upload.md",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-29375",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-04T07:15:08.190",
"lastModified": "2024-04-04T07:15:08.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name (inside Input Triangles) and Yield Curve Name parameters."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ismailcemunver/CVE-2024-29375",
"source": "cve@mitre.org"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-04-04T06:00:38.027809+00:00
2024-04-04T08:00:52.475629+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-04-04T05:15:19.010000+00:00
2024-04-04T07:15:08.190000+00:00
```
### Last Data Feed Release
@ -33,22 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
244038
244043
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `5`
- [CVE-2024-31025](CVE-2024/CVE-2024-310xx/CVE-2024-31025.json) (`2024-04-04T05:15:19.010`)
- [CVE-2023-25199](CVE-2023/CVE-2023-251xx/CVE-2023-25199.json) (`2024-04-04T07:15:07.923`)
- [CVE-2023-25200](CVE-2023/CVE-2023-252xx/CVE-2023-25200.json) (`2024-04-04T07:15:08.103`)
- [CVE-2024-1418](CVE-2024/CVE-2024-14xx/CVE-2024-1418.json) (`2024-04-04T06:15:08.783`)
- [CVE-2024-28520](CVE-2024/CVE-2024-285xx/CVE-2024-28520.json) (`2024-04-04T06:15:09.460`)
- [CVE-2024-29375](CVE-2024/CVE-2024-293xx/CVE-2024-29375.json) (`2024-04-04T07:15:08.190`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
- [CVE-2024-3273](CVE-2024/CVE-2024-32xx/CVE-2024-3273.json) (`2024-04-04T04:15:08.763`)
- [CVE-2024-3274](CVE-2024/CVE-2024-32xx/CVE-2024-3274.json) (`2024-04-04T04:15:09.273`)
- [CVE-2023-38408](CVE-2023/CVE-2023-384xx/CVE-2023-38408.json) (`2024-04-04T06:15:08.430`)
- [CVE-2024-20848](CVE-2024/CVE-2024-208xx/CVE-2024-20848.json) (`2024-04-04T06:15:09.067`)
## Download and Usage

View File

@ -217726,7 +217726,9 @@ CVE-2023-25194,0,0,5439c758fa3fb561e024e651988dec569f66d723a27e32e4c5e7149b3ab42
CVE-2023-25195,0,0,1acbed03ece4c24fc9b4c3f1e0b260107070a737aef093d782a3e128cd9ca39a,2023-11-07T04:08:56.857000
CVE-2023-25196,0,0,699234895607a5f2d3804d8e95cad080ec02442067f07505d07eb52c95e8735f,2023-11-07T04:08:56.920000
CVE-2023-25197,0,0,913684f6f76b3970a5edbd4b861d3e3ba71f8a386c7cb6d51b58922e102fa9f4,2023-11-07T04:08:56.980000
CVE-2023-25199,1,1,22f724ebe7864d4ded5535cc14af13c2177cfdc52c676880197026dfca81c2c0,2024-04-04T07:15:07.923000
CVE-2023-2520,0,0,c1bdc3a63d359e62f5a788fcccfe55d3cf2bb5383fe9701afdd36df420440179,2024-03-21T02:47:14.407000
CVE-2023-25200,1,1,d6892a71ef6eaf90aa71e3a901fbe5dda7e97808ee3470f9f396343113da2476,2024-04-04T07:15:08.103000
CVE-2023-25201,0,0,b2956da7b7ecace4001c8e78fcd43c4f8a0aaa09eee4e6f70a0decf1ce045592,2023-07-17T18:42:15.550000
CVE-2023-25206,0,0,daa679a2f273c41c808fe00ddd18d8984c18d7cb2378f1f968de9a1e814f620f,2023-03-17T17:32:19.313000
CVE-2023-25207,0,0,8afa427842b31194eab2890fb0b1dd71a67e9ad76d0303b5b31456a95cf81e58,2023-03-15T18:52:24.190000
@ -227291,7 +227293,7 @@ CVE-2023-38404,0,0,3dc6ba7796bd771a65b22048e59c9ab5fef46da9252fb3726f228bc9dd4b4
CVE-2023-38405,0,0,c9debfd5593845ef6520958dbc49abb74fd74ee699fbdda9849aeefe8e69acd0,2023-07-27T03:46:14.810000
CVE-2023-38406,0,0,53664c0ac92a6a642347f5a5b1cfadb2353026ad1b135845142bf4ee408ff41f,2023-11-14T20:03:32.717000
CVE-2023-38407,0,0,e6e482bbeb9b1ec4c08137dc31311a16b63901519c781f9f82a524f9167d2222,2023-11-14T17:38:10.273000
CVE-2023-38408,0,0,fa3cee30e7248c242e0c7653cd550f1e4819602adda16069ef456aef1ac8d3fe,2023-12-22T22:15:07.490000
CVE-2023-38408,0,1,d096ce6b1e1ae5ca92da22ae6b0e69e0a183709fb248f60799d11a2af22a33e3,2024-04-04T06:15:08.430000
CVE-2023-38409,0,0,6490e149eaf901300003e5cb5fe2beb3e6bba4dd1431a86db788223f5e63097f,2023-07-27T03:49:09.943000
CVE-2023-3841,0,0,838ab98803191909876b79ad9eae78a15ea9bd3a8aaa15183800cf74a246d706,2024-03-21T02:48:48
CVE-2023-38410,0,0,dacab55bd139fa677a3b09e8882ef5d31eb8780377d0feebcd0e9b7c3e9a7a6e,2023-08-01T19:54:15.847000
@ -239096,6 +239098,7 @@ CVE-2024-1410,0,0,535308bfcb5b14b9cf6546577fa611ecf7473e04ab146e149a1b5e72425241
CVE-2024-1411,0,0,030f897eed6e6219f0d1c0b9b3349832bbb4c8ad1dac44c5a94f383da8f08bf9,2024-02-29T13:49:29.390000
CVE-2024-1413,0,0,6aa464349bbf11ec5072ac1ca50df93a7b461f7b0af9c0cd6b20e490ba03edbb,2024-03-13T18:15:58.530000
CVE-2024-1414,0,0,7c23a7ce5ddbf41f4f2b563f7544816af98ea31dd891fa1a4032e28edd4761e3,2024-03-13T18:15:58.530000
CVE-2024-1418,1,1,357bb27f7840af6bddabe768850b8f379c890df4cc1ea3113390bc2ec027c5bd,2024-04-04T06:15:08.783000
CVE-2024-1419,0,0,2c70f60b0f2ce39c1fb701bf4c4f420108cacd5e876318aed7a6153508e9a501,2024-03-07T13:52:27.110000
CVE-2024-1420,0,0,63be6135cf11500708980f0eb6e023d1c00fd2eeb1aa055b1a9dd099f6d1d32a,2024-02-12T15:15:07.733000
CVE-2024-1421,0,0,f03d7f3ef1765f0f145e59552c7f2e0551f5780bf62fafd3ac0b92ab1fea1897,2024-03-13T12:33:51.697000
@ -239759,7 +239762,7 @@ CVE-2024-20844,0,0,95f0af507d45eac6adfed828ff57bea848cc6f6a9b17eae59c428ec4d317f
CVE-2024-20845,0,0,4ff492c5e5d119646490e7085e30e1b47c0d027425ae85d9449df4a607480a1b,2024-04-02T12:50:42.233000
CVE-2024-20846,0,0,2ca2db5a4ac97050385f2bcc4a9cf0fc7b9944f87fcb74481a22cc4178913c0f,2024-04-02T12:50:42.233000
CVE-2024-20847,0,0,e34623d17c59510fa0ffb1d4949bbaab2581f06b877c2f828642bcc6ea333bcf,2024-04-02T12:50:42.233000
CVE-2024-20848,0,0,7cbcd9e495edc5250496c5b44ec4166618feb7744a85c88c8cbdb1c383ab5ead,2024-04-02T12:50:42.233000
CVE-2024-20848,0,1,28558009806042e22975004f4d315ee4c95d0a2ccf7ebcf4fea146bbbda2976f,2024-04-04T06:15:09.067000
CVE-2024-20849,0,0,304a651418a8ce9d1a25b3ad787581695ada9ff568713c47127ce67970d5b195,2024-04-02T12:50:42.233000
CVE-2024-20850,0,0,8b24ff806adae50d98fcd86bfbc4b04fd0d38c532d1a0ae3d7a07329b240d8b4,2024-04-02T12:50:42.233000
CVE-2024-20851,0,0,297204ff3342a0021fed72f789d061868b3c384706199689d6e8354fbcf49067,2024-04-02T12:50:42.233000
@ -243114,6 +243117,7 @@ CVE-2024-2850,0,0,18a7df7924646d54c8018dc44d3ceaaa7b16c75f99276cbe6ac98b765122f7
CVE-2024-2851,0,0,9a668cf4331e419a65111b1e6f8abf3e27bc0fce212b623cd8a47fdd549e170b,2024-03-26T03:15:36.833000
CVE-2024-28515,0,0,a2f38351769a80f01f300fd8c83038fe9060fc0b0320f8b6c711930dd11ec84b,2024-04-03T12:38:04.840000
CVE-2024-2852,0,0,d7c0051b0398ed6771fdd69c5942366e1b233545fdf7340abf88db5b663c134a,2024-03-26T03:15:47.310000
CVE-2024-28520,1,1,f10d79a71f5de370059e8dae45369e2bbc199a75425906dec16beba39bcb8e0e,2024-04-04T06:15:09.460000
CVE-2024-28521,0,0,8ab5b6bd1cc025dda03cab07eeddd7e1f81756c34e55025f1870bf6a0feb8a5b,2024-03-22T12:45:36.130000
CVE-2024-2853,0,0,e510059736f729514b8634c28eabbedda89b99502b90c04b4a57c0f56252c1ab,2024-03-26T03:15:50.793000
CVE-2024-28535,0,0,174c70ce71a26af929a40c7b6a103a5242ac3321f34f35a982d598e918b67152,2024-03-21T20:58:46.217000
@ -243397,6 +243401,7 @@ CVE-2024-2935,0,0,9598fcd68e01ecba7444a707189fa4b4b4ef241167bfeef7a3068949307f2a
CVE-2024-2936,0,0,950f133afd27a35b983b84ccf28c6c243f93c3bc3f8164a88ae2811823762a38,2024-03-29T12:45:02.937000
CVE-2024-29366,0,0,970a4db6ccd44fa8fff843a083b23c4276fdabe942805276e1033f4579523e8f,2024-03-22T19:02:10.300000
CVE-2024-29374,0,0,f8a146770d52182e0c10b15b21ebc5da7e22091690385e976078b28de6736be7,2024-03-21T19:47:03.943000
CVE-2024-29375,1,1,416b8d1ecd3fcaede2474824b2ac028e88219f6d46c677c4bec20e3597648fc3,2024-04-04T07:15:08.190000
CVE-2024-2938,0,0,74cee8ddd44bab6f9e56f6f66215742d85b488aeba84c862b69365829e2e81e5,2024-03-27T12:29:30.307000
CVE-2024-29385,0,0,77dce7c3f8675f81eb6a00c8f1d149f72619312873eb8bb6e829225e587309f5,2024-03-22T19:02:10.300000
CVE-2024-2939,0,0,da1b78713b2ffab9e788aedae3466ad09fc771d3ff8f225a843c9a7dc25c77cd,2024-03-27T12:29:30.307000
@ -243925,7 +243930,7 @@ CVE-2024-31010,0,0,22d3a5a8802df0899a91f29c1da59c9756b041e238b139f6c5446937f944e
CVE-2024-31011,0,0,e280dc2325f8c749d256893287e9934a0b438d76a624897891275e16b92e2305,2024-04-03T12:38:04.840000
CVE-2024-31012,0,0,59265fe10316d43a2acb459ea9de60f6a264c8b6d13bc4dae0d363d3b5d71397,2024-04-03T12:38:04.840000
CVE-2024-31013,0,0,137ba39b03bbaab20823954557195167ac08df3fa32a6782dd4080f1d723f338,2024-04-03T12:38:04.840000
CVE-2024-31025,1,1,5ccf5f11a750a35e7effb30b7cf68d9d2ea1ccdaaabe136a76897db0de69e918,2024-04-04T05:15:19.010000
CVE-2024-31025,0,0,5ccf5f11a750a35e7effb30b7cf68d9d2ea1ccdaaabe136a76897db0de69e918,2024-04-04T05:15:19.010000
CVE-2024-31032,0,0,c23457a1b61188b806e7f7013717ab2174a595288e28b36b486645ce08e16035,2024-04-01T01:12:59.077000
CVE-2024-31033,0,0,897cdecff344b121550f3f8e1b3cb821fdde5689eabf8f2834a81266f3e9da87,2024-04-03T03:15:10.670000
CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000
@ -244035,5 +244040,5 @@ CVE-2024-3258,0,0,16d450bc3554c2a319117adc94d8a7dcb1f68b8821fc173e15562a1ba48b30
CVE-2024-3259,0,0,59128ca045cd2f7fbe88d58e11ffcce19ef1d2f5d6abea61087e98d65d4fd821,2024-04-03T17:24:18.150000
CVE-2024-3270,0,0,ee7ab86f7bf43358544c245654b91101b254fc6f7c652d1821c4b3bc289b1731,2024-04-03T23:15:13.650000
CVE-2024-3272,0,0,ec957dadeec43e12f55685313ce87fc6f1845369f9e4bed1d35809970a1013da,2024-04-04T01:15:50.123000
CVE-2024-3273,0,1,8f6b35ec9da3c04c04de1c010b3b6aa0772cd3407f505a2ed48fc8f40699399d,2024-04-04T04:15:08.763000
CVE-2024-3274,0,1,32f206f5d47657ec51c93682e19fe774d99f54a5c66292b062cd9d87bb3be3fe,2024-04-04T04:15:09.273000
CVE-2024-3273,0,0,8f6b35ec9da3c04c04de1c010b3b6aa0772cd3407f505a2ed48fc8f40699399d,2024-04-04T04:15:08.763000
CVE-2024-3274,0,0,32f206f5d47657ec51c93682e19fe774d99f54a5c66292b062cd9d87bb3be3fe,2024-04-04T04:15:09.273000

Can't render this file because it is too large.