Auto-Update: 2024-03-11T13:00:38.242650+00:00

2025-05-07 19:16:29 +00:00 · 2024-03-11 13:03:28 +00:00 · 2024-03-11 13:03:28 +00:00 · 35662f06c6
commit 35662f06c6
parent 8bbca8b5ac
6 changed files with 51 additions and 25 deletions
--- a/CVE-2023/CVE-2023-72xx/CVE-2023-7216.json
+++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7216.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-7216",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2024-02-05T15:15:08.903",
-  "lastModified": "2024-02-19T12:15:44.277",
+  "lastModified": "2024-03-11T11:15:57.017",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
-      "value": "A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which could be utilized to run arbitrary commands on the target system."
+      "value": "A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, this allows writing files in arbitrary directories through symlinks."
    },
    {
      "lang": "es",
@ -41,20 +41,20 @@
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
-          "attackVector": "NETWORK",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
+          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 8.8,
-          "baseSeverity": "HIGH"
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
        },
-        "exploitabilityScore": 2.8,
-        "impactScore": 5.9
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.4
      }
    ]
  },
--- a/CVE-2024/CVE-2024-13xx/CVE-2024-1373.json
+++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1373.json
@ -0,0 +1,15 @@
+{
+  "id": "CVE-2024-1373",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-03-11T10:15:49.383",
+  "lastModified": "2024-03-11T10:15:49.383",
+  "vulnStatus": "Rejected",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-46209. Reason: This candidate is a duplicate of CVE-2023-46209. Notes: All CVE users should reference CVE-2023-46209 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}
--- a/CVE-2024/CVE-2024-288xx/CVE-2024-28816.json
+++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28816.json
@ -2,12 +2,16 @@
  "id": "CVE-2024-28816",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-11T03:15:05.943",
-  "lastModified": "2024-03-11T03:15:05.943",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-11T12:47:42.653",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Student Information Chatbot a0196ab allows SQL injection via the username to the login function in index.php."
+    },
+    {
+      "lang": "es",
+      "value": "Student Information Chatbot a0196ab permite la inyecci\u00f3n de SQL a trav\u00e9s del nombre de usuario en la funci\u00f3n de inicio de sesi\u00f3n en index.php."
    }
  ],
  "metrics": {},
--- a/CVE-2024/CVE-2024-288xx/CVE-2024-28823.json
+++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28823.json
@ -2,12 +2,16 @@
  "id": "CVE-2024-28823",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-11T05:15:05.930",
-  "lastModified": "2024-03-11T05:15:05.930",
-  "vulnStatus": "Received",
+  "lastModified": "2024-03-11T12:47:42.653",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer) 1.0.0 allows XSS via a crafted S3 bucket name to index.html."
+    },
+    {
+      "lang": "es",
+      "value": "Amazon AWS aws-js-s3-explorer (tambi\u00e9n conocido como AWS JavaScript S3 Explorer) 1.0.0 permite XSS a trav\u00e9s de un nombre de dep\u00f3sito S3 manipulado para index.html."
    }
  ],
  "metrics": {},
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-03-11T07:00:38.252009+00:00
+2024-03-11T13:00:38.242650+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-03-11T06:15:06.283000+00:00
+2024-03-11T12:47:42.653000+00:00
 ```

 ### Last Data Feed Release
@ -29,21 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-240953
+240954
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

-* [CVE-2024-28823](CVE-2024/CVE-2024-288xx/CVE-2024-28823.json) (`2024-03-11T05:15:05.930`)
+* [CVE-2024-1373](CVE-2024/CVE-2024-13xx/CVE-2024-1373.json) (`2024-03-11T10:15:49.383`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `3`

-* [CVE-2024-0743](CVE-2024/CVE-2024-07xx/CVE-2024-0743.json) (`2024-03-11T06:15:06.283`)
+* [CVE-2023-7216](CVE-2023/CVE-2023-72xx/CVE-2023-7216.json) (`2024-03-11T11:15:57.017`)
+* [CVE-2024-28816](CVE-2024/CVE-2024-288xx/CVE-2024-28816.json) (`2024-03-11T12:47:42.653`)
+* [CVE-2024-28823](CVE-2024/CVE-2024-288xx/CVE-2024-28823.json) (`2024-03-11T12:47:42.653`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -237507,7 +237507,7 @@ CVE-2023-7212,0,0,79d1d721588ec6fee9312db4d618398b1921fcf5c938a32d629fcefd81868f
 CVE-2023-7213,0,0,dcb36a46605e3c6a3105da694308e63a193a561e121d48c47f3aebdcfff316c2,2024-02-29T01:43:00.563000
 CVE-2023-7214,0,0,38b343e2ef3ebe439366e1faf773feb984fcb878a75079d45d82e8c4e22ac8ef,2024-02-29T01:43:00.663000
 CVE-2023-7215,0,0,3b9f3d0932c0a9066538fbd50547c7cd207b8f16024907c458fb724c2bdd81fc,2024-02-29T01:43:00.757000
-CVE-2023-7216,0,0,209d24f04368c6f013e093799111e95d859ee92cfb36b26dfa80bca71c254576,2024-02-19T12:15:44.277000
+CVE-2023-7216,0,1,f549bbfabe40d68ffd7e9f0240ec73e27fb45e02146cb907adfd469188bbec90,2024-03-11T11:15:57.017000
 CVE-2023-7218,0,0,997caf33100cd20bf7c911b456121cfd7490406f2f4ee5f6ea17044b58c740d4,2024-02-29T01:43:00.860000
 CVE-2023-7219,0,0,6572233655301e556670ceb1176d411546e5bee98a818b734f4f538794ff15bf,2024-02-29T01:43:00.957000
 CVE-2023-7220,0,0,7c65969bdcbdbd7b3901a2c212c596c57db7467dcffafbf0d426a13be394a84d,2024-02-29T01:43:01.043000
@ -238018,7 +238018,7 @@ CVE-2024-0738,0,0,e180008c6191582af8846975460523b38bf746526c1330b21eec59d5ba0663
 CVE-2024-0739,0,0,92b1abf635667968fc6fc797839e0df67043fa3679af54f39fb17a879e4f027e,2024-02-29T01:43:27.693000
 CVE-2024-0741,0,0,a9fda7b42aa854b426665305c7828769c163150b209cbb19ab9d616db9041a98,2024-02-02T17:19:30.117000
 CVE-2024-0742,0,0,1ae741d10e1bed36bf34ad7f16caeaf1531efb403a5a51e45593c25df5bee474,2024-02-02T17:19:23.497000
-CVE-2024-0743,0,1,1e3106514b83a3ec85879ce51d0a8504c81591e73c89d2da5c893f5c6b902372,2024-03-11T06:15:06.283000
+CVE-2024-0743,0,0,1e3106514b83a3ec85879ce51d0a8504c81591e73c89d2da5c893f5c6b902372,2024-03-11T06:15:06.283000
 CVE-2024-0744,0,0,e96805dde96bfb723552d652089a0f0d2e0f936866d1fca2d8bc36dda88ad35c,2024-01-29T22:47:40.353000
 CVE-2024-0745,0,0,e95f46af45f166ba44148aad2d02421e51785e292696d491c32d77e99976a28a,2024-01-30T16:08:53.497000
 CVE-2024-0746,0,0,86e154f7304b77b0253dd3ebca2a1985a3fb1b8ae7973ed11288f18ffe31e532,2024-02-02T17:19:10.737000
@ -238412,6 +238412,7 @@ CVE-2024-1367,0,0,c7d0c61b44ec49f91e60f0f66492f38fa7ca52e01168f39d5ee8a77f3ed2b9
 CVE-2024-1368,0,0,4942898dc0cda867f223a3a338598e98ff3b4ceab62d7bcc8729f71cf52128cb,2024-02-28T14:06:45.783000
 CVE-2024-1369,0,0,3b9400e51aa638758466cd578c61a464d544a6e8f00f7ecbfeaefa54887b9eb9,2024-03-05T17:42:45.630000
 CVE-2024-1372,0,0,fd6a0b0bdbecc63f56aef495458a3c5dd8f2e76f436e6cb5f113766b10bba4a3,2024-03-05T17:12:04.487000
+CVE-2024-1373,1,1,6182eba24b857bc2b56524dd4b982074bd00b00d58fe9873ed20ec6b67a1b251,2024-03-11T10:15:49.383000
 CVE-2024-1374,0,0,7fe6e2944b2df04d1912da5645567f3da2009d2f734eda817ead1dbb0beca205,2024-03-06T15:26:34.817000
 CVE-2024-1377,0,0,76e2b469816a5f01575bd35c8b248dabb148d14ddf8df784749e6781cc820f88,2024-03-07T13:52:27.110000
 CVE-2024-1378,0,0,861a3323ec8efaeb758681460069e84c3f0f238c20d369cc8b41f972b8f59fb9,2024-03-01T23:02:21.513000
@ -240950,5 +240951,5 @@ CVE-2024-28230,0,0,3036aa70102b53b9cc695265dc4a11e5a4f5b8d26f6120835dbd1a9c3d93e
 CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526c36,2024-03-11T01:32:39.697000
 CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3b2c,2024-03-11T01:32:39.697000
 CVE-2024-28757,0,0,2ea8a9bd701b62a4c7d927e860f5361b09b4376e3bc3bbb014ff5d4ca725cec6,2024-03-11T01:32:29.610000
-CVE-2024-28816,0,0,19c229cca4d41a838e493de6d8cb2c7dd54cd637523929ed045df5ac4261ae68,2024-03-11T03:15:05.943000
-CVE-2024-28823,1,1,d5d35e9f5d1cf5b9f6e77cf2e486d103fcceac40902fe7f326235a7c1035b6b3,2024-03-11T05:15:05.930000
+CVE-2024-28816,0,1,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000
+CVE-2024-28823,0,1,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000