From 2e4c6913702607d6090b79db6831eba8ca36dc4c Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 9 Mar 2024 07:03:18 +0000 Subject: [PATCH] Auto-Update: 2024-03-09T07:00:29.176768+00:00 --- CVE-2023/CVE-2023-464xx/CVE-2023-46426.json | 20 ++++++++ CVE-2023/CVE-2023-464xx/CVE-2023-46427.json | 20 ++++++++ CVE-2023/CVE-2023-493xx/CVE-2023-49340.json | 20 ++++++++ CVE-2023/CVE-2023-493xx/CVE-2023-49341.json | 20 ++++++++ CVE-2023/CVE-2023-500xx/CVE-2023-50015.json | 20 ++++++++ CVE-2024/CVE-2024-259xx/CVE-2024-25951.json | 55 +++++++++++++++++++++ README.md | 18 ++++--- _state.csv | 14 ++++-- 8 files changed, 175 insertions(+), 12 deletions(-) create mode 100644 CVE-2023/CVE-2023-464xx/CVE-2023-46426.json create mode 100644 CVE-2023/CVE-2023-464xx/CVE-2023-46427.json create mode 100644 CVE-2023/CVE-2023-493xx/CVE-2023-49340.json create mode 100644 CVE-2023/CVE-2023-493xx/CVE-2023-49341.json create mode 100644 CVE-2023/CVE-2023-500xx/CVE-2023-50015.json create mode 100644 CVE-2024/CVE-2024-259xx/CVE-2024-25951.json diff --git a/CVE-2023/CVE-2023-464xx/CVE-2023-46426.json b/CVE-2023/CVE-2023-464xx/CVE-2023-46426.json new file mode 100644 index 00000000000..74aba097f8d --- /dev/null +++ b/CVE-2023/CVE-2023-464xx/CVE-2023-46426.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-46426", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-09T06:15:50.637", + "lastModified": "2024-03-09T06:15:50.637", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Heap-based Buffer Overflow vulnerability in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) via gf_fwrite component in at utils/os_file.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/gpac/gpac/issues/2642", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-464xx/CVE-2023-46427.json b/CVE-2023/CVE-2023-464xx/CVE-2023-46427.json new file mode 100644 index 00000000000..bcd2628c6e6 --- /dev/null +++ b/CVE-2023/CVE-2023-464xx/CVE-2023-46427.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-46427", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-09T06:15:50.740", + "lastModified": "2024-03-09T06:15:50.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via null pointer deference in gf_dash_setup_period component in media_tools/dash_client.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/gpac/gpac/issues/2641", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-493xx/CVE-2023-49340.json b/CVE-2023/CVE-2023-493xx/CVE-2023-49340.json new file mode 100644 index 00000000000..ceeb4d243c2 --- /dev/null +++ b/CVE-2023/CVE-2023-493xx/CVE-2023-49340.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-49340", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-09T05:15:08.723", + "lastModified": "2024-03-09T05:15:08.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011, allows remote attackers to escalate privileges and bypass authentication via incorrect access control in the web management portal." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-49340", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-493xx/CVE-2023-49341.json b/CVE-2023/CVE-2023-493xx/CVE-2023-49341.json new file mode 100644 index 00000000000..b73bac2125f --- /dev/null +++ b/CVE-2023/CVE-2023-493xx/CVE-2023-49341.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-49341", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-09T05:15:08.870", + "lastModified": "2024-03-09T05:15:08.870", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-II_G_V1.00.011, allows remote attackers to obtain sensitive information via cleartext credential storage in backup.htm component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-49341", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-500xx/CVE-2023-50015.json b/CVE-2023/CVE-2023-500xx/CVE-2023-50015.json new file mode 100644 index 00000000000..b5ea3c1747f --- /dev/null +++ b/CVE-2023/CVE-2023-500xx/CVE-2023-50015.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-50015", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-09T05:15:08.923", + "lastModified": "2024-03-09T05:15:08.923", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/n0obit4/Vulnerability_Disclosure/tree/main/CVE-2023-50015", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25951.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25951.json new file mode 100644 index 00000000000..1ce6af6014f --- /dev/null +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25951.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25951", + "sourceIdentifier": "security_alert@emc.com", + "published": "2024-03-09T06:15:50.797", + "lastModified": "2024-03-09T06:15:50.797", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1288" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000222591/dsa-2024-089-security-update-for-dell-idrac8-local-racadm-vulnerability", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 98b0fea471f..4215ffe9af6 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-09T03:00:31.217266+00:00 +2024-03-09T07:00:29.176768+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-09T01:15:07.573000+00:00 +2024-03-09T06:15:50.797000+00:00 ``` ### Last Data Feed Release @@ -29,17 +29,19 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -240919 +240925 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `6` -* [CVE-2024-28122](CVE-2024/CVE-2024-281xx/CVE-2024-28122.json) (`2024-03-09T01:15:06.940`) -* [CVE-2024-28176](CVE-2024/CVE-2024-281xx/CVE-2024-28176.json) (`2024-03-09T01:15:07.147`) -* [CVE-2024-28180](CVE-2024/CVE-2024-281xx/CVE-2024-28180.json) (`2024-03-09T01:15:07.340`) -* [CVE-2024-28184](CVE-2024/CVE-2024-281xx/CVE-2024-28184.json) (`2024-03-09T01:15:07.573`) +* [CVE-2023-46426](CVE-2023/CVE-2023-464xx/CVE-2023-46426.json) (`2024-03-09T06:15:50.637`) +* [CVE-2023-46427](CVE-2023/CVE-2023-464xx/CVE-2023-46427.json) (`2024-03-09T06:15:50.740`) +* [CVE-2023-49340](CVE-2023/CVE-2023-493xx/CVE-2023-49340.json) (`2024-03-09T05:15:08.723`) +* [CVE-2023-49341](CVE-2023/CVE-2023-493xx/CVE-2023-49341.json) (`2024-03-09T05:15:08.870`) +* [CVE-2023-50015](CVE-2023/CVE-2023-500xx/CVE-2023-50015.json) (`2024-03-09T05:15:08.923`) +* [CVE-2024-25951](CVE-2024/CVE-2024-259xx/CVE-2024-25951.json) (`2024-03-09T06:15:50.797`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index ec3a55233b5..26ee2404f43 100644 --- a/_state.csv +++ b/_state.csv @@ -232234,6 +232234,8 @@ CVE-2023-46421,0,0,20c19b3af247cd93c6c12b505ba6b896d24101e71f7247c22397f1d65ac40 CVE-2023-46422,0,0,5182b3b451a6b24665b985bcbdba4481577c22242c366b7f03d7fb205d48ddeb,2023-11-01T16:37:31.890000 CVE-2023-46423,0,0,29c6043c53d4300d469e5f00a95575e9de3ac28d2c1d498f1bd8e22aadedbeb1,2023-11-01T16:37:41.027000 CVE-2023-46424,0,0,7e9334fca9f037f0c4b2f5d577d386acd135c556e1fc09d9726e45dba7e4d855,2023-11-01T16:37:51.027000 +CVE-2023-46426,1,1,809d08be8adb70f858fa5903f61478c60bdca3d0c1d9d5ac4a5770d126e124ae,2024-03-09T06:15:50.637000 +CVE-2023-46427,1,1,6451dde6a5aa40ac65c46af7e6328b7ed5d73e53ee5b507082dfdc8a7408fd2e,2024-03-09T06:15:50.740000 CVE-2023-46428,0,0,f03709d76e6aaf56c11ec05b60a8549c04afb1757c3c8e03726933870c46712e,2023-11-06T19:30:17.810000 CVE-2023-4643,0,0,aa57b480c65e6583e3382ac73b3539d1486e0e702169fdb4a50c44bd56bfc930,2023-11-07T04:22:48.657000 CVE-2023-46435,0,0,7c6638dab75a246acd77e2e49a895792d1a90d49fc12bde2d27e3c27d34e6bab,2023-10-30T16:20:21.103000 @@ -234186,6 +234188,8 @@ CVE-2023-49337,0,0,5d23a029ed0e63d8031b0089bd22446fabded7af6c71ba8e0cf290627c376 CVE-2023-49338,0,0,1c5fcb5c9ab92278082e9a0f7769e43d635d96321323ff96b1c4bc08b7f9e397,2024-02-29T13:49:47.277000 CVE-2023-49339,0,0,5e0b0c12f27e752a168c99793f0c0ee1088d5fc0e77c7aa77b0e94e5e50795d6,2024-02-13T14:01:40.577000 CVE-2023-4934,0,0,45742cc0d80ec0a49dab27f6d0aa9e7ea22167e8e8cbe0de26584abca13e725c,2023-10-02T16:39:41.720000 +CVE-2023-49340,1,1,85e4a3843c214023f7009e6223778dacf0ff335a4b0452ec13f990f51cf1422d,2024-03-09T05:15:08.723000 +CVE-2023-49341,1,1,e5fb9757de7a9cf47b8f4bde1720e43438cd28d081ea6039046589508ac3061c,2024-03-09T05:15:08.870000 CVE-2023-49342,0,0,b10ee5f9bcce22db5c28eecc3da84e28b3a02b849278c1bc31042101c32d6f84,2023-12-20T21:02:43.633000 CVE-2023-49343,0,0,8d62dff1275f70103265d4cda1e1019bb92665b6186d17ba82011cf4506f3651,2023-12-20T21:05:50.880000 CVE-2023-49344,0,0,9755e1ae97c973e34cf38025159d3f7bf41602fe25b2bf94e6b51430f18620bf,2023-12-20T21:06:04.320000 @@ -234570,6 +234574,7 @@ CVE-2023-50001,0,0,33e47489b66bd60e9877824f089790399b23639f53e49566fa335b7b69124 CVE-2023-50002,0,0,ad59b32b385c86725f92348f95075dd05fba97ffb9b3fde14a5d228194c9c7ba,2023-12-09T04:45:15.093000 CVE-2023-5001,0,0,120c5181763c7387df7f687f126d9404f11130c2243d24ca423f864190eb3341,2023-11-07T04:23:17.670000 CVE-2023-50011,0,0,06fd9011277607c300a2f1116cc8f443fed8d39fba75e4e4358f7ede2b673b13,2023-12-19T13:49:18.530000 +CVE-2023-50015,1,1,c8877dcfd62c2ac4adde322056aafec1654db5474cda878d2f601c7e18323386,2024-03-09T05:15:08.923000 CVE-2023-50017,0,0,94a085d3b9a01b673efd08f3fd6d1c5bd5fec950ce7fd1026d076a4011d3d29a,2023-12-19T02:36:27.887000 CVE-2023-50019,0,0,a40ef52011e4db27daaf0069b6fee08a9e027c75c96c570f8b4358261c22b37a,2024-01-11T17:28:54.257000 CVE-2023-5002,0,0,0991cedcf62364817568a0faf96339db65a0ddfdacb3c1d49e93ee1fba4db72a,2023-11-07T04:23:17.827000 @@ -240622,6 +240627,7 @@ CVE-2024-25931,0,0,cced732a62b8661206eb106d5ae979a2d16189f2911f7eaa9ca025496e8df CVE-2024-25932,0,0,b47ba5ecf2a19427a2d0c7404d84cf9b82c7d738bc913534568255e83139261d,2024-02-29T13:49:29.390000 CVE-2024-25940,0,0,81faf8084be28ad3443bfad1349de788b40c215e318cb61e901b3079aac1c24e,2024-02-15T06:23:39.303000 CVE-2024-25941,0,0,ca1cef65d30f17057b47421c2700ecf50e418e7bf4da35eb3fcc2989f17ef1eb,2024-02-15T06:23:39.303000 +CVE-2024-25951,1,1,ba7288e646a44ba31be2201d63c1232de8f0f6558f3bec2aba577040e985f05b,2024-03-09T06:15:50.797000 CVE-2024-25972,0,0,03be68c424c2117dfe63b169d17d7f8ada85eec42d35f349ee6876cb9f658b31,2024-03-01T14:04:04.827000 CVE-2024-25973,0,0,fca2cd3fc869e318a8dbf83dd06094ef0c34286b7d421da7c64a9a5612af38b9,2024-02-21T07:15:58.040000 CVE-2024-25974,0,0,455908519f9c0b510f9276a34d5bc0fdc3808298a4e41e75f9e5535d39103827,2024-02-21T07:15:58.427000 @@ -240886,7 +240892,7 @@ CVE-2024-28097,0,0,ad0a3d7a6b96970687d28d32c41921c3200422c4265f25f269de512c4cb80 CVE-2024-28110,0,0,0aa63c709bee34101fee09332c67840fa8b7d5aea01ed58b7f238cd7f26f2f87,2024-03-07T13:52:27.110000 CVE-2024-28111,0,0,ef109000cb681b8950a504435d888106cd334990070bd9ca1f33bba165c1974a,2024-03-07T13:52:27.110000 CVE-2024-28115,0,0,3e0e705412ec4ecfb9fabefcb95634cd838a6bf7c9c03087d677ba199986f693,2024-03-08T14:02:57.420000 -CVE-2024-28122,1,1,fda19940cddf3c43c85f1263bb21fd0f3c6eda799819a07018fd0196480f432e,2024-03-09T01:15:06.940000 +CVE-2024-28122,0,0,fda19940cddf3c43c85f1263bb21fd0f3c6eda799819a07018fd0196480f432e,2024-03-09T01:15:06.940000 CVE-2024-28149,0,0,bb1327eb2ceb44ae2cc8e952fde2f54b109f1740591e1ece1b912c644025402b,2024-03-06T21:42:54.697000 CVE-2024-28150,0,0,bd9c785686979f74fc956d3a9d80b65ba208ec849a10e17a7f0c9226761980a2,2024-03-06T21:42:54.697000 CVE-2024-28151,0,0,473d59d35d2166d8f0877541c6be6e5f16e5683e6e89c2ed65e060f312f6c9a8,2024-03-06T21:42:54.697000 @@ -240903,9 +240909,9 @@ CVE-2024-28161,0,0,a8b5439e973c7cdb8f91b0ae68db3c77b6c3c773d21694d3bca0cd7aa2867 CVE-2024-28162,0,0,9f95dea899a301f3d7e776202ce6567032bc57cf37ea2c387cd5d210ccf05a4b,2024-03-06T21:42:54.697000 CVE-2024-28173,0,0,e0fed71b03fa1080cdfc47a71a0b80da5e87b19e624557c11c0e172f4b2c098a,2024-03-06T21:42:54.697000 CVE-2024-28174,0,0,fa1674b985861bddf4d0ff5ab075ec0e4328a9665c668bfe339f9f0de580d6b1,2024-03-06T21:42:54.697000 -CVE-2024-28176,1,1,ec66585e52c3c8e3b4fb9f83e97cc916a02934873883e31c12138152edd61a21,2024-03-09T01:15:07.147000 -CVE-2024-28180,1,1,36948ee811f0956f6903e72d9246c3ebee20cdd663526ac3d8c5fb4fc67d1cd0,2024-03-09T01:15:07.340000 -CVE-2024-28184,1,1,175c0a55aefc92aa2382d5f4b6fba98002e10cf3cfcd47cb089861bb42bf966f,2024-03-09T01:15:07.573000 +CVE-2024-28176,0,0,ec66585e52c3c8e3b4fb9f83e97cc916a02934873883e31c12138152edd61a21,2024-03-09T01:15:07.147000 +CVE-2024-28180,0,0,36948ee811f0956f6903e72d9246c3ebee20cdd663526ac3d8c5fb4fc67d1cd0,2024-03-09T01:15:07.340000 +CVE-2024-28184,0,0,175c0a55aefc92aa2382d5f4b6fba98002e10cf3cfcd47cb089861bb42bf966f,2024-03-09T01:15:07.573000 CVE-2024-28211,0,0,c1ed1ddd829861cccd703be6254c437e62099ef974f2a29a31d06b3aa407dda5,2024-03-07T13:52:27.110000 CVE-2024-28212,0,0,5a2751cb50b15d5c440d2b8966e76c727b56c2f7e1085394c9464fe62a449a7f,2024-03-07T13:52:27.110000 CVE-2024-28213,0,0,123dce2bcd1dc69568d6c5cbaff040ae81dbab0468f48456713cfbf9a03f5945,2024-03-07T13:52:27.110000