Auto-Update: 2024-04-08T08:00:38.303029+00:00

CVE-2024/CVE-2024-274xx/CVE-2024-27488.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-27488",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T06:15:07.533",
+  "lastModified": "2024-04-08T06:15:07.533",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote attackers to escalate privileges and obtain sensitive information. The application system enables the http API interface by default and uses the secret parameter method to authenticate the http restful api interface, but the secret is hardcoded by default."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://gist.github.com/tr4pmaker/44442d6f068458175213f4ba71da1312",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-306xx/CVE-2024-30659.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-30659",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T07:15:09.143",
+  "lastModified": "2024-04-08T07:15:09.143",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Shell Injection vulnerability in ROS (Robot Operating System) Melodic Morenia versions ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code, escalate privileges, and obtain sensitive information."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yashpatelphd/CVE-2024-30659",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-306xx/CVE-2024-30661.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-30661",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T07:15:09.370",
+  "lastModified": "2024-04-08T07:15:09.370",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An unauthorized access vulnerability has been discovered in ROS Melodic Morenia versions where ROS_VERSION is 1 and ROS_PYTHON_VERSION is 3. This vulnerability could potentially allow a malicious user to gain unauthorized information access to multiple ROS nodes remotely. Unauthorized information access to these nodes could result in compromised system integrity, the execution of arbitrary commands, and disclosure of sensitive information."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yashpatelphd/CVE-2024-30661",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-306xx/CVE-2024-30662.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-30662",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T07:15:09.493",
+  "lastModified": "2024-04-08T07:15:09.493",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, where the system transmits messages in plaintext. This flaw exposes sensitive information, making it vulnerable to man-in-the-middle (MitM) attacks, and allowing attackers to easily intercept and access this data."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yashpatelphd/CVE-2024-30662",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-306xx/CVE-2024-30663.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-30663",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T07:15:09.570",
+  "lastModified": "2024-04-08T07:15:09.570",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the default configurations of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability allows unauthenticated attackers to gain access using default credentials, posing a serious threat to the integrity and security of the system."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yashpatelphd/CVE-2024-30663",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-306xx/CVE-2024-30665.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-30665",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T07:15:09.643",
+  "lastModified": "2024-04-08T07:15:09.643",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An OS command injection vulnerability has been discovered in ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3. This vulnerability primarily affects the command processing or system call components in ROS, making them susceptible to manipulation by malicious entities. Through this, unauthorized commands can be executed, leading to remote code execution (RCE), data theft, and malicious activities. The affected components include External Command Execution Modules, System Call Handlers, and Interface Scripts."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yashpatelphd/CVE-2024-30665",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-306xx/CVE-2024-30666.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-30666",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T07:15:09.713",
+  "lastModified": "2024-04-08T07:15:09.713",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A buffer overflow vulnerability has been discovered in the C++ components of ROS (Robot Operating System) Melodic Morenia in ROS_VERSION 1 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code via improper handling of arrays or strings within these components."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yashpatelphd/CVE-2024-30666",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-310xx/CVE-2024-31022.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-31022",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-08T06:15:07.690",
+  "lastModified": "2024-04-08T06:15:07.690",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://www.xuxblog.top/2024/03/25/CandyCMS-Pre-Auth-RCE/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-04-08T06:00:29.594468+00:00
+2024-04-08T08:00:38.303029+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-04-08T05:15:07.923000+00:00
+2024-04-08T07:15:09.713000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,19 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-244386
+244394
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `6`
+Recently added CVEs: `8`
 
-- [CVE-2024-1292](CVE-2024/CVE-2024-12xx/CVE-2024-1292.json) (`2024-04-08T05:15:07.577`)
-- [CVE-2024-1588](CVE-2024/CVE-2024-15xx/CVE-2024-1588.json) (`2024-04-08T05:15:07.710`)
-- [CVE-2024-1589](CVE-2024/CVE-2024-15xx/CVE-2024-1589.json) (`2024-04-08T05:15:07.763`)
-- [CVE-2024-1752](CVE-2024/CVE-2024-17xx/CVE-2024-1752.json) (`2024-04-08T05:15:07.820`)
-- [CVE-2024-1956](CVE-2024/CVE-2024-19xx/CVE-2024-1956.json) (`2024-04-08T05:15:07.870`)
-- [CVE-2024-1958](CVE-2024/CVE-2024-19xx/CVE-2024-1958.json) (`2024-04-08T05:15:07.923`)
+- [CVE-2024-27488](CVE-2024/CVE-2024-274xx/CVE-2024-27488.json) (`2024-04-08T06:15:07.533`)
+- [CVE-2024-30659](CVE-2024/CVE-2024-306xx/CVE-2024-30659.json) (`2024-04-08T07:15:09.143`)
+- [CVE-2024-30661](CVE-2024/CVE-2024-306xx/CVE-2024-30661.json) (`2024-04-08T07:15:09.370`)
+- [CVE-2024-30662](CVE-2024/CVE-2024-306xx/CVE-2024-30662.json) (`2024-04-08T07:15:09.493`)
+- [CVE-2024-30663](CVE-2024/CVE-2024-306xx/CVE-2024-30663.json) (`2024-04-08T07:15:09.570`)
+- [CVE-2024-30665](CVE-2024/CVE-2024-306xx/CVE-2024-30665.json) (`2024-04-08T07:15:09.643`)
+- [CVE-2024-30666](CVE-2024/CVE-2024-306xx/CVE-2024-30666.json) (`2024-04-08T07:15:09.713`)
+- [CVE-2024-31022](CVE-2024/CVE-2024-310xx/CVE-2024-31022.json) (`2024-04-08T06:15:07.690`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -239056,7 +239056,7 @@ CVE-2024-1285,0,0,a8d06021bbbc067e01fc0fb972479a24043fbf71636156ee5faa6d7cb6a0d1
 CVE-2024-1288,0,0,b2fb26eabaee4b1e084af1c3f59636d52924d41dd7ccd2b4bc0724034e1cf5e4,2024-02-29T13:49:29.390000
 CVE-2024-1290,0,0,baece1538df8c22d28fd0bd05c4e563303d939ac74c0bd56e489e067e52ccdf9,2024-03-12T12:40:13.500000
 CVE-2024-1291,0,0,fe166acb5d95f395c2c2fc690290a718609fcb00811b1e4c9c8ca50b4e3f8de7,2024-03-13T18:16:18.563000
-CVE-2024-1292,1,1,022758cc4e37db5ca6a376923c774065220a728cd51526b15d9128d5a1c33d50,2024-04-08T05:15:07.577000
+CVE-2024-1292,0,0,022758cc4e37db5ca6a376923c774065220a728cd51526b15d9128d5a1c33d50,2024-04-08T05:15:07.577000
 CVE-2024-1293,0,0,51959b2d10b4ca1210a0917015b6e0ba4809214d01553289260d6a92beabc64d,2024-03-13T18:16:18.563000
 CVE-2024-1294,0,0,1a6fde55ee17952393d258a28e1938bfe41cafec05fa305cc82057814b7c2b7d,2024-02-29T13:49:29.390000
 CVE-2024-1296,0,0,ab648d9dba58ca530bb990b50d92c4f5ce9f591faa8fbeeb49385095b8425c33,2024-03-13T18:16:18.563000
@@ -239262,8 +239262,8 @@ CVE-2024-1580,0,0,4a10e63fa95d49470234e2661449f906487822e0aeb3a95c53a88e84627958
 CVE-2024-1582,0,0,5801086f12a7b25e0a24481309300eacfe3989ff6a37128452730610efa279b1,2024-03-13T12:33:51.697000
 CVE-2024-1585,0,0,28463bd155a05d2316353e6514b9a508a20ac865f3758bba518e17e798be46b0,2024-03-13T18:15:58.530000
 CVE-2024-1586,0,0,5d29863fd70aac8e717d245accca9ae08ad8b931c761848e1bfdc8f128a7bab7,2024-02-29T13:49:29.390000
-CVE-2024-1588,1,1,1fcda3e91bea86fbe307d873f59b0a75e2ba79a60e6beffc5bd33449fef37ca8,2024-04-08T05:15:07.710000
-CVE-2024-1589,1,1,598be4e01f2215f250cfec212378603de9149b0d9a3da3e68631a36e5af94513,2024-04-08T05:15:07.763000
+CVE-2024-1588,0,0,1fcda3e91bea86fbe307d873f59b0a75e2ba79a60e6beffc5bd33449fef37ca8,2024-04-08T05:15:07.710000
+CVE-2024-1589,0,0,598be4e01f2215f250cfec212378603de9149b0d9a3da3e68631a36e5af94513,2024-04-08T05:15:07.763000
 CVE-2024-1590,0,0,8cf7a30592711c236a58c08f65bffca938f2cb5ec79513db7f6cedfa37d0bfed,2024-02-23T16:14:43.447000
 CVE-2024-1591,0,0,5be9d5eb37b54abd94768ebbe67eba50cb17a1e413e20ea4b748010438d82a94,2024-02-16T19:26:55.393000
 CVE-2024-1592,0,0,965346d0a7ca3e51ca977c4fd26f0e3560a08e1634c83ba1c6c4fb2880b00740,2024-03-04T13:58:23.447000
@@ -239351,7 +239351,7 @@ CVE-2024-1748,0,0,a1a1f7681d1932e3ea41ce7e8da7520324aed5033ef9de6f1db40d70b550d4
 CVE-2024-1749,0,0,157921a0789d1f5d5cee383bd3415c4cc802d107acd7e3a9523ab5635f24af99,2024-03-21T02:51:45.117000
 CVE-2024-1750,0,0,c2f13cd129a5c8fb0e80be583fb0e105f62a04d7586c83a1b4c45c6735a28f0a,2024-03-21T02:51:45.190000
 CVE-2024-1751,0,0,7aa616bef5e27ed13b371ce9dacd4080fc5ffa6154b1e45a0ce11f0de1f1df9e,2024-03-13T18:15:58.530000
-CVE-2024-1752,1,1,ca575f35a51d8a51446016aab2f95aba501a548c805eaaea28134218b61a6c5c,2024-04-08T05:15:07.820000
+CVE-2024-1752,0,0,ca575f35a51d8a51446016aab2f95aba501a548c805eaaea28134218b61a6c5c,2024-04-08T05:15:07.820000
 CVE-2024-1753,0,0,aa30df1cb172801f871eb1fa3df691669f8009710c533f5936be4b1cb4f55960,2024-04-03T02:15:07.693000
 CVE-2024-1758,0,0,ec8762d154074e4ab58ddeb13f4d095ad000df3cc9355e1ac29cd6bfbf89fabc,2024-02-26T16:32:25.577000
 CVE-2024-1760,0,0,0a20f47041faa81845898be9ba0faa3a27a19a140e382ff1058d2f999acd0fd1,2024-03-06T15:18:08.093000
@@ -239487,8 +239487,8 @@ CVE-2024-1951,0,0,11a38d2f06372febfe2ad92386723f9076b01d60cd04929a8bf0a4c554bc12
 CVE-2024-1952,0,0,4f51a0a2619e0b7d7585d4f5094fabc08d8671ca4cd7813916ceff95c94fce31,2024-02-29T13:49:29.390000
 CVE-2024-1953,0,0,953ea70933b18c1b5068610a47d8a866bc2c7077f3ab729f06b51449c0c4e529,2024-02-29T13:49:29.390000
 CVE-2024-1954,0,0,7fadc688eebc9f9d8a117615a238e699db3daf8bc72b3b9023cf31ebedfa45c8,2024-02-28T14:06:45.783000
-CVE-2024-1956,1,1,16ed331bdd037011324d27dd3115c10e584b7965c161275964166469051c7107,2024-04-08T05:15:07.870000
-CVE-2024-1958,1,1,f0de3d298ef73fd3b0d01d0e40de29b1bd32b85cdee2e7c30fc27392c5b14938,2024-04-08T05:15:07.923000
+CVE-2024-1956,0,0,16ed331bdd037011324d27dd3115c10e584b7965c161275964166469051c7107,2024-04-08T05:15:07.870000
+CVE-2024-1958,0,0,f0de3d298ef73fd3b0d01d0e40de29b1bd32b85cdee2e7c30fc27392c5b14938,2024-04-08T05:15:07.923000
 CVE-2024-1962,0,0,8c71ccd644902c0f670c27728543c4472e05aeb359cd7fb7b0615991cb743fd6,2024-03-25T13:47:14.087000
 CVE-2024-1965,0,0,53b8948dc1992d8ed8a6fb1de9b8b2c61bce73181655f1de36932a04b4a837af,2024-02-28T14:06:45.783000
 CVE-2024-1970,0,0,835d140386c580ffc327871f48ec14503592777ef908d4246cad4f581a8b7207,2024-03-21T02:51:49.893000
@@ -242898,6 +242898,7 @@ CVE-2024-27454,0,0,6d3a09532b89ef204254e66da503964dcbafd450b5bdda0990f449d144c8e
 CVE-2024-27455,0,0,2d941179924c9f77cb732b35f1b7b9f5792b70ca51de1e84f09167eb77852176,2024-03-26T16:15:12.263000
 CVE-2024-27456,0,0,3292722b93148b4ab52923fa8e4498babe5b306f79794afb1b6b9f9d803c4911,2024-02-26T16:32:25.577000
 CVE-2024-2748,0,0,cea6a4ab9c8e50f2f7b04d95a9a3a983480b862f6880d1aa4b59ef11a50c4683,2024-03-21T12:58:51.093000
+CVE-2024-27488,1,1,d2acc61ff2c5780f8481fd737d4dad25d116f1df04201245ff36f6bbbf31b746,2024-04-08T06:15:07.533000
 CVE-2024-27497,0,0,bf2a79c4e0ba614def454bde2dd33c58ed2360c3c6db31ca982c34485458d0c9,2024-03-01T15:23:36.177000
 CVE-2024-27499,0,0,390358464fa22ad31b65f9d31827086f66523c12c4d3b7c65414a80ffe5fd4f0,2024-03-01T22:22:25.913000
 CVE-2024-27507,0,0,8c49360d0ef5426050d1f79db1fc5fe5b76497de80bce0c2485f14be48a59a03,2024-03-23T03:15:11.443000
@@ -244113,6 +244114,12 @@ CVE-2024-30637,0,0,08a72ae3945dbc8426c1fcf549781118e319e52e6929a1d19f5c23c1cf06f
 CVE-2024-30638,0,0,476165b7ba1121567d55c67d54d9d40e3e29ea068ff3cb9f8e442a4ce4566f0b,2024-04-01T01:12:59.077000
 CVE-2024-30639,0,0,46b7c5471e103449855c9fbd2240c66d12c0c2b4b2c2dd58c9da71634c442509,2024-04-01T01:12:59.077000
 CVE-2024-30645,0,0,00b9821a66dbca80d2d2c9c63858e19e8817ea8f49dc6578caf9fd20dddfbebc,2024-04-01T01:12:59.077000
+CVE-2024-30659,1,1,f62cd119985e7d93e8a51eb0745b42ce42f967212b326d9de2d1ca70ea104891,2024-04-08T07:15:09.143000
+CVE-2024-30661,1,1,3bfceed688914c6d9758b579a227320c9ba4f8c1210b0625ec7351de4b1fc1ef,2024-04-08T07:15:09.370000
+CVE-2024-30662,1,1,35c3434415314c61cb393aa3b842dd98f797f4eed263740a71c7e457461757ee,2024-04-08T07:15:09.493000
+CVE-2024-30663,1,1,737663de3656dcf37b52b3bbcf60fbb2b0b510d0af9d12f0fffaa895488340f4,2024-04-08T07:15:09.570000
+CVE-2024-30665,1,1,0ce28e7f2034c94fbe58aeb864f7ce5c1e19365ca3d6a6e46d7a8e04ee9eef54,2024-04-08T07:15:09.643000
+CVE-2024-30666,1,1,a0617822df55b25994d3d75b00ccb3d7c40630d60ff0257f08992a61a7940225,2024-04-08T07:15:09.713000
 CVE-2024-3077,0,0,df42d4a62ceb1c6a6275b9b1d36ac8da42c0ae3505d0e07beac8238605b5504b,2024-03-29T12:45:02.937000
 CVE-2024-3078,0,0,cde724dd3faba12829b2b6702d06fc6a91a021819aa4d3333d39ab34ce48e248,2024-03-29T13:28:22.880000
 CVE-2024-30806,0,0,3c4bbd71defb52c4de24f9ad1626459edef6b60997b976e6d74aead4ee0b3b0f,2024-04-02T20:31:58.463000
@@ -244159,6 +244166,7 @@ CVE-2024-31010,0,0,22d3a5a8802df0899a91f29c1da59c9756b041e238b139f6c5446937f944e
 CVE-2024-31011,0,0,e280dc2325f8c749d256893287e9934a0b438d76a624897891275e16b92e2305,2024-04-03T12:38:04.840000
 CVE-2024-31012,0,0,59265fe10316d43a2acb459ea9de60f6a264c8b6d13bc4dae0d363d3b5d71397,2024-04-03T12:38:04.840000
 CVE-2024-31013,0,0,137ba39b03bbaab20823954557195167ac08df3fa32a6782dd4080f1d723f338,2024-04-03T12:38:04.840000
+CVE-2024-31022,1,1,7b9960cbecdd063af926bdd4b2137a05b056f06b70db19f4d8daca510d2651e1,2024-04-08T06:15:07.690000
 CVE-2024-31025,0,0,049c3aee715c9c75f255eea2ba7d71aee620ad97e93ef3b0e0a948ae51dd0b57,2024-04-04T12:48:41.700000
 CVE-2024-31032,0,0,71dbb2a787f73b1914bf5d51e1b83b5365eb112b3ab9ed4df5d1066682b5223b,2024-04-01T01:12:59.077000
 CVE-2024-31033,0,0,897cdecff344b121550f3f8e1b3cb821fdde5689eabf8f2834a81266f3e9da87,2024-04-03T03:15:10.670000