From 2445fc72fe4160810d9885d0a0c33ac61381d549 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 23 Sep 2024 04:03:15 +0000 Subject: [PATCH] Auto-Update: 2024-09-23T04:00:16.542136+00:00 --- CVE-2024/CVE-2024-90xx/CVE-2024-9094.json | 141 ++++++++++++++++++++++ README.md | 18 +-- _state.csv | 19 +-- 3 files changed, 156 insertions(+), 22 deletions(-) create mode 100644 CVE-2024/CVE-2024-90xx/CVE-2024-9094.json diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9094.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9094.json new file mode 100644 index 00000000000..9599edbb422 --- /dev/null +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9094.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-9094", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-09-23T02:15:02.290", + "lastModified": "2024-09-23T02:15:02.290", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file /admin/blood/update/o-.php. The manipulation of the argument bloodname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/ByKevin1/CVE/blob/main/sql1.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.278272", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.278272", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.412254", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index fa207b16d9e..f957d800018 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-23T02:00:16.708787+00:00 +2024-09-23T04:00:16.542136+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-23T01:15:12.397000+00:00 +2024-09-23T02:15:02.290000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -263555 +263556 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `1` -- [CVE-2024-43989](CVE-2024/CVE-2024-439xx/CVE-2024-43989.json) (`2024-09-23T00:15:10.800`) -- [CVE-2024-43996](CVE-2024/CVE-2024-439xx/CVE-2024-43996.json) (`2024-09-23T01:15:11.510`) -- [CVE-2024-44048](CVE-2024/CVE-2024-440xx/CVE-2024-44048.json) (`2024-09-23T01:15:11.730`) -- [CVE-2024-45453](CVE-2024/CVE-2024-454xx/CVE-2024-45453.json) (`2024-09-23T01:15:11.923`) -- [CVE-2024-9089](CVE-2024/CVE-2024-90xx/CVE-2024-9089.json) (`2024-09-23T00:15:11.040`) -- [CVE-2024-9090](CVE-2024/CVE-2024-90xx/CVE-2024-9090.json) (`2024-09-23T00:15:11.297`) -- [CVE-2024-9091](CVE-2024/CVE-2024-90xx/CVE-2024-9091.json) (`2024-09-23T00:15:11.537`) -- [CVE-2024-9092](CVE-2024/CVE-2024-90xx/CVE-2024-9092.json) (`2024-09-23T01:15:12.153`) -- [CVE-2024-9093](CVE-2024/CVE-2024-90xx/CVE-2024-9093.json) (`2024-09-23T01:15:12.397`) +- [CVE-2024-9094](CVE-2024/CVE-2024-90xx/CVE-2024-9094.json) (`2024-09-23T02:15:02.290`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 87d58703673..a781feb1491 100644 --- a/_state.csv +++ b/_state.csv @@ -259302,14 +259302,14 @@ CVE-2024-43985,0,0,aa1c4ff43ee665dbdf84e97752be7025182a4441fda6e53b1528cb3015c4f CVE-2024-43986,0,0,9478adfda55868d7b94f2eea7c2c936b95469666be97191a74de84a03c2187a9,2024-08-29T13:25:27.537000 CVE-2024-43987,0,0,5f2ad565a5d32bae37360bc37876e8a6cdef75055ca9a1d57a5047cb69a7250c,2024-09-20T12:30:51.220000 CVE-2024-43988,0,0,58810a59167a152a28df3aac148f6a81b7e962eeb8f36cca2c04029c80f728ba,2024-09-20T12:30:51.220000 -CVE-2024-43989,1,1,9f19cbbd07eac2d4997a02808c8ed7b359c9c31bd68dd720d1ab97474c15e7dd,2024-09-23T00:15:10.800000 +CVE-2024-43989,0,0,9f19cbbd07eac2d4997a02808c8ed7b359c9c31bd68dd720d1ab97474c15e7dd,2024-09-23T00:15:10.800000 CVE-2024-4399,0,0,037b40419d6c617c61ec971c9e0affd6b35920b718c94b9e88ff7a43f16d3faf,2024-07-03T02:07:31.827000 CVE-2024-43991,0,0,dda8dfaf96eadcbed1e5201447898b359abd71dadd4fa20fb8b97e3a369fa7a3,2024-09-20T12:30:51.220000 CVE-2024-43992,0,0,ce482abec0688eb2a57431414e5c7c14ed21653accf87cc53624b71f8332ee14,2024-09-20T12:30:51.220000 CVE-2024-43993,0,0,8429fddc72b66938c1cabc2c62cfe7b55cdfd9517ee1a2cff304c65b1cd15c63,2024-09-20T12:30:51.220000 CVE-2024-43994,0,0,92a57f752ce2faa73917c46fd03cd7058c3f4fe6668ac24e011d5cce000e100c,2024-09-20T12:30:51.220000 CVE-2024-43995,0,0,d2bc15228a0936c9d52925ee78d8f61fa4f243d84362a990cf6cd93f080ed156,2024-09-20T12:30:51.220000 -CVE-2024-43996,1,1,d7156f428d1448ad8b6ccd44d882e30f14df1390e059d6ddfa9925733f3aeac4,2024-09-23T01:15:11.510000 +CVE-2024-43996,0,0,d7156f428d1448ad8b6ccd44d882e30f14df1390e059d6ddfa9925733f3aeac4,2024-09-23T01:15:11.510000 CVE-2024-43999,0,0,dcffc3404e52a7bbf6440f499137f398cedd785c7ad8508e3c67849b85d16eca,2024-09-20T12:30:51.220000 CVE-2024-4400,0,0,387fe642c8f26702c425b79a01d9b1ba308ec0bd188f1564ff2c490875133119,2024-05-16T13:03:05.353000 CVE-2024-44001,0,0,43db0f88c3e640d31c1ced26a25fee31b35f13afe37712fdf24ec0f8f0863bb5,2024-09-20T12:30:51.220000 @@ -259324,7 +259324,7 @@ CVE-2024-4401,0,0,48f8e641129f81284635fb93c6fe88c5c5fc547b585fa75e650b46a3bc3c0b CVE-2024-4403,0,0,07b387e13ed3d47c920433d5f499100d4d5e53ffefe1712d98753a4da5408fe2,2024-06-10T18:06:22.600000 CVE-2024-4404,0,0,3ae3ea086edb9bd484931090d5df4b9ee138a4bfd155faf3c535f115da6a15de,2024-06-17T12:42:04.623000 CVE-2024-44047,0,0,3ca711a1cc653b9579857c6add0767ada92d30fe1275f98c949f2f854d5179a0,2024-09-20T12:30:51.220000 -CVE-2024-44048,1,1,96cc8eea74e61ffb80350b4fbbb7e1cb1ce145bd36b7839d4c010d46140d8f39,2024-09-23T01:15:11.730000 +CVE-2024-44048,0,0,96cc8eea74e61ffb80350b4fbbb7e1cb1ce145bd36b7839d4c010d46140d8f39,2024-09-23T01:15:11.730000 CVE-2024-44049,0,0,ef748edf1617fabb389d566975f7c0a6eac60a167e3cd5f1bcd1e2cc72bf4851,2024-09-20T12:30:51.220000 CVE-2024-4405,0,0,45cc63f187ac8ca241b3f6f4ea8115546cfb9789c95e5b84e970d2850f40bb92,2024-05-02T18:00:37.360000 CVE-2024-44050,0,0,1ff55ac869ad3ea12c7c7d98e92859a501ab18429c03f30696257b4b773cae5c,2024-09-20T12:30:51.220000 @@ -259914,7 +259914,7 @@ CVE-2024-4545,0,0,864a22773c6eaa7a20fdb4cf4c4b7a2709a2c8e64cfe98132d05364d67e97a CVE-2024-45450,0,0,aa5d1afac94647878136a29faab537df333625d6375aa0ea38189e29e05bb108,2024-09-12T19:30:22.863000 CVE-2024-45451,0,0,a5f3c269bfe73aa36bb7e68d30b413496a52a46e472afc8b3f53dbd5cc7f8a36,2024-09-20T12:30:51.220000 CVE-2024-45452,0,0,2ea26ae6193cf50ec971738f633c24b782bc76d27deae32253c71dc02fedbfa3,2024-09-20T12:30:51.220000 -CVE-2024-45453,1,1,bb3a8aaa7954777d3aa9635504c34c96f8cc4336ef5a6f0756ed7dd58888f5e4,2024-09-23T01:15:11.923000 +CVE-2024-45453,0,0,bb3a8aaa7954777d3aa9635504c34c96f8cc4336ef5a6f0756ed7dd58888f5e4,2024-09-23T01:15:11.923000 CVE-2024-45455,0,0,4d27dc502cdc314ca65322205c1992846fdc5d39734d6d904b9bfe916c2c58d0,2024-09-19T18:51:15.433000 CVE-2024-45456,0,0,47f416b4ad02b4137088267164d544ec869b0c8806ca776b6a7c643c5eb500b1,2024-09-19T18:38:57.500000 CVE-2024-45457,0,0,5900191db09039069fbddda66128c2809bcb929085a84aed28a0c8f708ed46f3,2024-09-19T20:53:46.313000 @@ -263549,8 +263549,9 @@ CVE-2024-9085,0,0,81aa0dfb4f5019831f841378181f944eb206bbbc088679eae52e76ba4cb4ec CVE-2024-9086,0,0,7e7b21b694ab62f84d3b7a86d59048c6730d56b0ceb29d59976980dcab448d4e,2024-09-22T21:15:10.813000 CVE-2024-9087,0,0,0e6c2aa42b11af9980101e2e6cb77574d8b2b66a047d609c06d3cc6d1bc7f5fe,2024-09-22T22:15:02.177000 CVE-2024-9088,0,0,acb66b0a460df4ed3f521799f2db72a4c3af137bc121c9421b3aa0e7e9831d85,2024-09-22T22:15:02.447000 -CVE-2024-9089,1,1,010089573b803e5494db7ecf7d4cbb69775d0b1fcdbd723703dc1ac21ac7d9f6,2024-09-23T00:15:11.040000 -CVE-2024-9090,1,1,6f5359aa884325b491f15078122dc10a747f3129208c41f866767d28d36fa28e,2024-09-23T00:15:11.297000 -CVE-2024-9091,1,1,dd0c4181c9cebd1724087613a8f14499a1c11b7d8978304e7db23b64c9d6b130,2024-09-23T00:15:11.537000 -CVE-2024-9092,1,1,f51078b662d0fa87f13a1c2b2a8f39772bb1bf1e2106b52a00ceedceb2be97fe,2024-09-23T01:15:12.153000 -CVE-2024-9093,1,1,438238c069c5ac6529bb6292011378d5d671dd4896066b5e610aac0da08b63e7,2024-09-23T01:15:12.397000 +CVE-2024-9089,0,0,010089573b803e5494db7ecf7d4cbb69775d0b1fcdbd723703dc1ac21ac7d9f6,2024-09-23T00:15:11.040000 +CVE-2024-9090,0,0,6f5359aa884325b491f15078122dc10a747f3129208c41f866767d28d36fa28e,2024-09-23T00:15:11.297000 +CVE-2024-9091,0,0,dd0c4181c9cebd1724087613a8f14499a1c11b7d8978304e7db23b64c9d6b130,2024-09-23T00:15:11.537000 +CVE-2024-9092,0,0,f51078b662d0fa87f13a1c2b2a8f39772bb1bf1e2106b52a00ceedceb2be97fe,2024-09-23T01:15:12.153000 +CVE-2024-9093,0,0,438238c069c5ac6529bb6292011378d5d671dd4896066b5e610aac0da08b63e7,2024-09-23T01:15:12.397000 +CVE-2024-9094,1,1,73f29876641967f48e743806e18be47edac1de549021375f728e997ae5717f94,2024-09-23T02:15:02.290000