Auto-Update: 2024-04-04T08:00:52.475629+00:00

2025-07-11 16:13:34 +00:00 · 2024-04-04 08:03:40 +00:00 · 2024-04-04 08:03:40 +00:00 · 18d0c73f60
commit 18d0c73f60
parent 92b3ce0667
9 changed files with 159 additions and 19 deletions
--- a/CVE-2023/CVE-2023-251xx/CVE-2023-25199.json
+++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25199.json
@ -0,0 +1,20 @@
 {
  "id": "CVE-2023-25199",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-04-04T07:15:07.923",
  "lastModified": "2024-04-04T07:15:07.923",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "A reflected cross-site scripting (XSS) vulnerability exists in the MT Safeline X-Ray X3310 webserver version NXG 19.05 that enables a remote attacker to execute JavaScript code and obtain sensitive information in a victim's browser."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://summitinfosec.com/blog/x-ray-vision-identifying-cve-2023-25199-and-cve-2023-25200-in-manufacturing-equipment/",
      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-252xx/CVE-2023-25200.json
+++ b/CVE-2023/CVE-2023-252xx/CVE-2023-25200.json
@ -0,0 +1,20 @@
 {
  "id": "CVE-2023-25200",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-04-04T07:15:08.103",
  "lastModified": "2024-04-04T07:15:08.103",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "An HTML injection vulnerability exists in the MT Safeline X-Ray X3310 webserver version NXG 19.05 that enables a remote attacker to render malicious HTML and obtain sensitive information in a victim's browser."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://summitinfosec.com/blog/x-ray-vision-identifying-cve-2023-25199-and-cve-2023-25200-in-manufacturing-equipment/",
      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-384xx/CVE-2023-38408.json
+++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38408.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-38408",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-07-20T03:15:10.170",
-  "lastModified": "2023-12-22T22:15:07.490",
+  "lastModified": "2024-04-04T06:15:08.430",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -213,6 +213,10 @@
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408",
      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-14xx/CVE-2024-1418.json
+++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1418.json
@ -0,0 +1,47 @@
 {
  "id": "CVE-2024-1418",
  "sourceIdentifier": "security@wordfence.com",
  "published": "2024-04-04T06:15:08.783",
  "lastModified": "2024-04-04T06:15:08.783",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "The CGC Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2 via the REST API. This makes it possible for unauthenticated attackers to view protected posts via REST API even when maintenance mode is enabled."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security@wordfence.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "references": [
    {
      "url": "https://wordpress.org/plugins/cgc-maintenance-mode/",
      "source": "security@wordfence.com"
    },
    {
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1cd5fa89-ed3b-4ac1-9200-9f5eb26cb534?source=cve",
      "source": "security@wordfence.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-208xx/CVE-2024-20848.json
+++ b/CVE-2024/CVE-2024-208xx/CVE-2024-20848.json
@ -2,12 +2,12 @@
  "id": "CVE-2024-20848",
  "sourceIdentifier": "mobile.security@samsung.com",
  "published": "2024-04-02T03:15:09.557",
-  "lastModified": "2024-04-02T12:50:42.233",
+  "lastModified": "2024-04-04T06:15:09.067",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
-      "value": "Out-of-bound Write vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code."
+      "value": "Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory."
    },
    {
      "lang": "es",
@ -21,20 +21,20 @@
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
-          "integrityImpact": "LOW",
+          "integrityImpact": "NONE",
          "availabilityImpact": "LOW",
-          "baseScore": 5.1,
+          "baseScore": 4.0,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.5,
-        "impactScore": 2.5
+        "impactScore": 1.4
      }
    ]
  },
--- a/CVE-2024/CVE-2024-285xx/CVE-2024-28520.json
+++ b/CVE-2024/CVE-2024-285xx/CVE-2024-28520.json
@ -0,0 +1,20 @@
 {
  "id": "CVE-2024-28520",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-04-04T06:15:09.460",
  "lastModified": "2024-04-04T06:15:09.460",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain sensitive information via the uploadfile.php component."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/aknbg1thub/cve/blob/main/upload.md",
      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-293xx/CVE-2024-29375.json
+++ b/CVE-2024/CVE-2024-293xx/CVE-2024-29375.json
@ -0,0 +1,20 @@
 {
  "id": "CVE-2024-29375",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-04-04T07:15:08.190",
  "lastModified": "2024-04-04T07:15:08.190",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name (inside Input Triangles) and Yield Curve Name parameters."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/ismailcemunver/CVE-2024-29375",
      "source": "cve@mitre.org"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2024-04-04T06:00:38.027809+00:00
+2024-04-04T08:00:52.475629+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2024-04-04T05:15:19.010000+00:00
+2024-04-04T07:15:08.190000+00:00
 ```
 ### Last Data Feed Release
@ -33,22 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-244038
+244043
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `1`
+Recently added CVEs: `5`
- [CVE-2024-31025](CVE-2024/CVE-2024-310xx/CVE-2024-31025.json) (`2024-04-04T05:15:19.010`)
+- [CVE-2023-25199](CVE-2023/CVE-2023-251xx/CVE-2023-25199.json) (`2024-04-04T07:15:07.923`)
 - [CVE-2023-25200](CVE-2023/CVE-2023-252xx/CVE-2023-25200.json) (`2024-04-04T07:15:08.103`)
 - [CVE-2024-1418](CVE-2024/CVE-2024-14xx/CVE-2024-1418.json) (`2024-04-04T06:15:08.783`)
 - [CVE-2024-28520](CVE-2024/CVE-2024-285xx/CVE-2024-28520.json) (`2024-04-04T06:15:09.460`)
 - [CVE-2024-29375](CVE-2024/CVE-2024-293xx/CVE-2024-29375.json) (`2024-04-04T07:15:08.190`)
 ### CVEs modified in the last Commit
 Recently modified CVEs: `2`
- [CVE-2024-3273](CVE-2024/CVE-2024-32xx/CVE-2024-3273.json) (`2024-04-04T04:15:08.763`)
+- [CVE-2023-38408](CVE-2023/CVE-2023-384xx/CVE-2023-38408.json) (`2024-04-04T06:15:08.430`)
- [CVE-2024-3274](CVE-2024/CVE-2024-32xx/CVE-2024-3274.json) (`2024-04-04T04:15:09.273`)
+- [CVE-2024-20848](CVE-2024/CVE-2024-208xx/CVE-2024-20848.json) (`2024-04-04T06:15:09.067`)
 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -217726,7 +217726,9 @@ CVE-2023-25194,0,0,5439c758fa3fb561e024e651988dec569f66d723a27e32e4c5e7149b3ab42
 CVE-2023-25195,0,0,1acbed03ece4c24fc9b4c3f1e0b260107070a737aef093d782a3e128cd9ca39a,2023-11-07T04:08:56.857000
 CVE-2023-25196,0,0,699234895607a5f2d3804d8e95cad080ec02442067f07505d07eb52c95e8735f,2023-11-07T04:08:56.920000
 CVE-2023-25197,0,0,913684f6f76b3970a5edbd4b861d3e3ba71f8a386c7cb6d51b58922e102fa9f4,2023-11-07T04:08:56.980000
 CVE-2023-25199,1,1,22f724ebe7864d4ded5535cc14af13c2177cfdc52c676880197026dfca81c2c0,2024-04-04T07:15:07.923000
 CVE-2023-2520,0,0,c1bdc3a63d359e62f5a788fcccfe55d3cf2bb5383fe9701afdd36df420440179,2024-03-21T02:47:14.407000
 CVE-2023-25200,1,1,d6892a71ef6eaf90aa71e3a901fbe5dda7e97808ee3470f9f396343113da2476,2024-04-04T07:15:08.103000
 CVE-2023-25201,0,0,b2956da7b7ecace4001c8e78fcd43c4f8a0aaa09eee4e6f70a0decf1ce045592,2023-07-17T18:42:15.550000
 CVE-2023-25206,0,0,daa679a2f273c41c808fe00ddd18d8984c18d7cb2378f1f968de9a1e814f620f,2023-03-17T17:32:19.313000
 CVE-2023-25207,0,0,8afa427842b31194eab2890fb0b1dd71a67e9ad76d0303b5b31456a95cf81e58,2023-03-15T18:52:24.190000
@ -227291,7 +227293,7 @@ CVE-2023-38404,0,0,3dc6ba7796bd771a65b22048e59c9ab5fef46da9252fb3726f228bc9dd4b4
 CVE-2023-38405,0,0,c9debfd5593845ef6520958dbc49abb74fd74ee699fbdda9849aeefe8e69acd0,2023-07-27T03:46:14.810000
 CVE-2023-38406,0,0,53664c0ac92a6a642347f5a5b1cfadb2353026ad1b135845142bf4ee408ff41f,2023-11-14T20:03:32.717000
 CVE-2023-38407,0,0,e6e482bbeb9b1ec4c08137dc31311a16b63901519c781f9f82a524f9167d2222,2023-11-14T17:38:10.273000
-CVE-2023-38408,0,0,fa3cee30e7248c242e0c7653cd550f1e4819602adda16069ef456aef1ac8d3fe,2023-12-22T22:15:07.490000
+CVE-2023-38408,0,1,d096ce6b1e1ae5ca92da22ae6b0e69e0a183709fb248f60799d11a2af22a33e3,2024-04-04T06:15:08.430000
 CVE-2023-38409,0,0,6490e149eaf901300003e5cb5fe2beb3e6bba4dd1431a86db788223f5e63097f,2023-07-27T03:49:09.943000
 CVE-2023-3841,0,0,838ab98803191909876b79ad9eae78a15ea9bd3a8aaa15183800cf74a246d706,2024-03-21T02:48:48
 CVE-2023-38410,0,0,dacab55bd139fa677a3b09e8882ef5d31eb8780377d0feebcd0e9b7c3e9a7a6e,2023-08-01T19:54:15.847000
@ -239096,6 +239098,7 @@ CVE-2024-1410,0,0,535308bfcb5b14b9cf6546577fa611ecf7473e04ab146e149a1b5e72425241
 CVE-2024-1411,0,0,030f897eed6e6219f0d1c0b9b3349832bbb4c8ad1dac44c5a94f383da8f08bf9,2024-02-29T13:49:29.390000
 CVE-2024-1413,0,0,6aa464349bbf11ec5072ac1ca50df93a7b461f7b0af9c0cd6b20e490ba03edbb,2024-03-13T18:15:58.530000
 CVE-2024-1414,0,0,7c23a7ce5ddbf41f4f2b563f7544816af98ea31dd891fa1a4032e28edd4761e3,2024-03-13T18:15:58.530000
 CVE-2024-1418,1,1,357bb27f7840af6bddabe768850b8f379c890df4cc1ea3113390bc2ec027c5bd,2024-04-04T06:15:08.783000
 CVE-2024-1419,0,0,2c70f60b0f2ce39c1fb701bf4c4f420108cacd5e876318aed7a6153508e9a501,2024-03-07T13:52:27.110000
 CVE-2024-1420,0,0,63be6135cf11500708980f0eb6e023d1c00fd2eeb1aa055b1a9dd099f6d1d32a,2024-02-12T15:15:07.733000
 CVE-2024-1421,0,0,f03d7f3ef1765f0f145e59552c7f2e0551f5780bf62fafd3ac0b92ab1fea1897,2024-03-13T12:33:51.697000
@ -239759,7 +239762,7 @@ CVE-2024-20844,0,0,95f0af507d45eac6adfed828ff57bea848cc6f6a9b17eae59c428ec4d317f
 CVE-2024-20845,0,0,4ff492c5e5d119646490e7085e30e1b47c0d027425ae85d9449df4a607480a1b,2024-04-02T12:50:42.233000
 CVE-2024-20846,0,0,2ca2db5a4ac97050385f2bcc4a9cf0fc7b9944f87fcb74481a22cc4178913c0f,2024-04-02T12:50:42.233000
 CVE-2024-20847,0,0,e34623d17c59510fa0ffb1d4949bbaab2581f06b877c2f828642bcc6ea333bcf,2024-04-02T12:50:42.233000
-CVE-2024-20848,0,0,7cbcd9e495edc5250496c5b44ec4166618feb7744a85c88c8cbdb1c383ab5ead,2024-04-02T12:50:42.233000
+CVE-2024-20848,0,1,28558009806042e22975004f4d315ee4c95d0a2ccf7ebcf4fea146bbbda2976f,2024-04-04T06:15:09.067000
 CVE-2024-20849,0,0,304a651418a8ce9d1a25b3ad787581695ada9ff568713c47127ce67970d5b195,2024-04-02T12:50:42.233000
 CVE-2024-20850,0,0,8b24ff806adae50d98fcd86bfbc4b04fd0d38c532d1a0ae3d7a07329b240d8b4,2024-04-02T12:50:42.233000
 CVE-2024-20851,0,0,297204ff3342a0021fed72f789d061868b3c384706199689d6e8354fbcf49067,2024-04-02T12:50:42.233000
@ -243114,6 +243117,7 @@ CVE-2024-2850,0,0,18a7df7924646d54c8018dc44d3ceaaa7b16c75f99276cbe6ac98b765122f7
 CVE-2024-2851,0,0,9a668cf4331e419a65111b1e6f8abf3e27bc0fce212b623cd8a47fdd549e170b,2024-03-26T03:15:36.833000
 CVE-2024-28515,0,0,a2f38351769a80f01f300fd8c83038fe9060fc0b0320f8b6c711930dd11ec84b,2024-04-03T12:38:04.840000
 CVE-2024-2852,0,0,d7c0051b0398ed6771fdd69c5942366e1b233545fdf7340abf88db5b663c134a,2024-03-26T03:15:47.310000
 CVE-2024-28520,1,1,f10d79a71f5de370059e8dae45369e2bbc199a75425906dec16beba39bcb8e0e,2024-04-04T06:15:09.460000
 CVE-2024-28521,0,0,8ab5b6bd1cc025dda03cab07eeddd7e1f81756c34e55025f1870bf6a0feb8a5b,2024-03-22T12:45:36.130000
 CVE-2024-2853,0,0,e510059736f729514b8634c28eabbedda89b99502b90c04b4a57c0f56252c1ab,2024-03-26T03:15:50.793000
 CVE-2024-28535,0,0,174c70ce71a26af929a40c7b6a103a5242ac3321f34f35a982d598e918b67152,2024-03-21T20:58:46.217000
@ -243397,6 +243401,7 @@ CVE-2024-2935,0,0,9598fcd68e01ecba7444a707189fa4b4b4ef241167bfeef7a3068949307f2a
 CVE-2024-2936,0,0,950f133afd27a35b983b84ccf28c6c243f93c3bc3f8164a88ae2811823762a38,2024-03-29T12:45:02.937000
 CVE-2024-29366,0,0,970a4db6ccd44fa8fff843a083b23c4276fdabe942805276e1033f4579523e8f,2024-03-22T19:02:10.300000
 CVE-2024-29374,0,0,f8a146770d52182e0c10b15b21ebc5da7e22091690385e976078b28de6736be7,2024-03-21T19:47:03.943000
 CVE-2024-29375,1,1,416b8d1ecd3fcaede2474824b2ac028e88219f6d46c677c4bec20e3597648fc3,2024-04-04T07:15:08.190000
 CVE-2024-2938,0,0,74cee8ddd44bab6f9e56f6f66215742d85b488aeba84c862b69365829e2e81e5,2024-03-27T12:29:30.307000
 CVE-2024-29385,0,0,77dce7c3f8675f81eb6a00c8f1d149f72619312873eb8bb6e829225e587309f5,2024-03-22T19:02:10.300000
 CVE-2024-2939,0,0,da1b78713b2ffab9e788aedae3466ad09fc771d3ff8f225a843c9a7dc25c77cd,2024-03-27T12:29:30.307000
@ -243925,7 +243930,7 @@ CVE-2024-31010,0,0,22d3a5a8802df0899a91f29c1da59c9756b041e238b139f6c5446937f944e
 CVE-2024-31011,0,0,e280dc2325f8c749d256893287e9934a0b438d76a624897891275e16b92e2305,2024-04-03T12:38:04.840000
 CVE-2024-31012,0,0,59265fe10316d43a2acb459ea9de60f6a264c8b6d13bc4dae0d363d3b5d71397,2024-04-03T12:38:04.840000
 CVE-2024-31013,0,0,137ba39b03bbaab20823954557195167ac08df3fa32a6782dd4080f1d723f338,2024-04-03T12:38:04.840000
-CVE-2024-31025,1,1,5ccf5f11a750a35e7effb30b7cf68d9d2ea1ccdaaabe136a76897db0de69e918,2024-04-04T05:15:19.010000
+CVE-2024-31025,0,0,5ccf5f11a750a35e7effb30b7cf68d9d2ea1ccdaaabe136a76897db0de69e918,2024-04-04T05:15:19.010000
 CVE-2024-31032,0,0,c23457a1b61188b806e7f7013717ab2174a595288e28b36b486645ce08e16035,2024-04-01T01:12:59.077000
 CVE-2024-31033,0,0,897cdecff344b121550f3f8e1b3cb821fdde5689eabf8f2834a81266f3e9da87,2024-04-03T03:15:10.670000
 CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000
@ -244035,5 +244040,5 @@ CVE-2024-3258,0,0,16d450bc3554c2a319117adc94d8a7dcb1f68b8821fc173e15562a1ba48b30
 CVE-2024-3259,0,0,59128ca045cd2f7fbe88d58e11ffcce19ef1d2f5d6abea61087e98d65d4fd821,2024-04-03T17:24:18.150000
 CVE-2024-3270,0,0,ee7ab86f7bf43358544c245654b91101b254fc6f7c652d1821c4b3bc289b1731,2024-04-03T23:15:13.650000
 CVE-2024-3272,0,0,ec957dadeec43e12f55685313ce87fc6f1845369f9e4bed1d35809970a1013da,2024-04-04T01:15:50.123000
-CVE-2024-3273,0,1,8f6b35ec9da3c04c04de1c010b3b6aa0772cd3407f505a2ed48fc8f40699399d,2024-04-04T04:15:08.763000
+CVE-2024-3273,0,0,8f6b35ec9da3c04c04de1c010b3b6aa0772cd3407f505a2ed48fc8f40699399d,2024-04-04T04:15:08.763000
-CVE-2024-3274,0,1,32f206f5d47657ec51c93682e19fe774d99f54a5c66292b062cd9d87bb3be3fe,2024-04-04T04:15:09.273000
+CVE-2024-3274,0,0,32f206f5d47657ec51c93682e19fe774d99f54a5c66292b062cd9d87bb3be3fe,2024-04-04T04:15:09.273000