Auto-Update: 2025-02-17T23:00:21.063407+00:00

2025-05-08 19:47:09 +00:00 · 2025-02-17 23:03:49 +00:00 · 2025-02-17 23:03:49 +00:00 · 39d4da294c
commit 39d4da294c
parent 7e7ecc85f0
4 changed files with 85 additions and 12 deletions
--- a/CVE-2024/CVE-2024-123xx/CVE-2024-12356.json
+++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12356.json
@ -2,8 +2,8 @@
  "id": "CVE-2024-12356",
  "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891",
  "published": "2024-12-17T05:15:06.413",
-  "lastModified": "2024-12-20T15:25:37.347",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2025-02-17T21:15:10.327",
+  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
@ -132,6 +132,10 @@
        "Third Party Advisory",
        "US Government Resource"
      ]
+    },
+    {
+      "url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-250xx/CVE-2024-25066.json
+++ b/CVE-2024/CVE-2024-250xx/CVE-2024-25066.json
@ -0,0 +1,68 @@
+{
+  "id": "CVE-2024-25066",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-02-17T21:15:10.993",
+  "lastModified": "2025-02-17T21:15:10.993",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML External Entity (XXE) attacks via a license file, resulting in attacker-controlled files being stored on the product's server. Data exfiltration cannot occur."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-611"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://community.rsa.com/s/advisories",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://community.rsa.com/s/article/RSA-Authentication-Manager-8-7-SP2-Patch-1-Readme",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/KaiwenTM/CVE_POC/blob/main/CVE-2024-25066.txt",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.rsa.com/en-us/company/vulnerability-response-policy",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-02-17T21:00:24.940202+00:00
+2025-02-17T23:00:21.063407+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-02-17T20:15:29.153000+00:00
+2025-02-17T21:15:10.993000+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-281558
+281559
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `1`

- [CVE-2021-30369](CVE-2021/CVE-2021-303xx/CVE-2021-30369.json) (`2025-02-17T20:15:29.153`)
- [CVE-2024-13837](CVE-2024/CVE-2024-138xx/CVE-2024-13837.json) (`2025-02-17T19:15:09.463`)
+- [CVE-2024-25066](CVE-2024/CVE-2024-250xx/CVE-2024-25066.json) (`2025-02-17T21:15:10.993`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2024-12356](CVE-2024/CVE-2024-123xx/CVE-2024-12356.json) (`2025-02-17T21:15:10.327`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -174823,7 +174823,7 @@ CVE-2021-30359,0,0,45da381242ddf6a750ff455768377f1e9abbcbfa0ec6324e419f42a9152e5
 CVE-2021-3036,0,0,6e33e927274094139602ffb70cc09ea2cd2c0c7532dc595e71075ae930e50fd3,2024-11-21T06:20:48.537000
 CVE-2021-30360,0,0,789dd492f8f8c9bb7bc4ab50980a037b8168edf4eb0a5684069c51fa1cb24577,2024-11-21T06:03:56.813000
 CVE-2021-30361,0,0,7fc59497abcdd5100ad4bceb3b50b4fe7f231a406611ada15d7f88542993e415,2024-11-21T06:03:56.933000
-CVE-2021-30369,1,1,cbf77ce2fec165ba7b72418abfcab51446f4043fb6d4fb9042397bd3f831efa8,2025-02-17T20:15:29.153000
+CVE-2021-30369,0,0,cbf77ce2fec165ba7b72418abfcab51446f4043fb6d4fb9042397bd3f831efa8,2025-02-17T20:15:29.153000
 CVE-2021-3037,0,0,82ace2bb5465a2bc59ca67bd95592af8dd2974b7280b15d2f67f82faa86f4df9,2024-11-21T06:20:48.697000
 CVE-2021-3038,0,0,0ceaa1e1e95073b7f4583a620ae5b2ec5c1da3f18a3bf955a887e1f1f66c0e1c,2024-11-21T06:20:48.850000
 CVE-2021-3039,0,0,ee946bc7ade2c61abbbbe422283fe799c98c1e20794c9d6df3fd3325ff2756a7,2024-11-21T06:20:49.050000
@ -245611,7 +245611,7 @@ CVE-2024-12352,0,0,32f72a704f1e2542fc20de0d035c196da17ca0c575db05fe3835b61fbee7c
 CVE-2024-12353,0,0,036565fabbbc178396eb3e3c0305ad86dac517256d160df7657b090d3f9dd19d,2024-12-10T23:37:06.613000
 CVE-2024-12354,0,0,b8e15a077e4c1a839cf8211dcd4deb8e8c4036fa20d487417d7ee12337ae44d8,2024-12-10T23:36:25.740000
 CVE-2024-12355,0,0,27ba3231c85cb7bb230de2bfcb71ae509e2205da9b6afc6c150214b3cf17ceaf,2024-12-10T23:36:03.883000
-CVE-2024-12356,0,0,105dac76f068e0a7df26029c27e4dd4c6eb4193ba09a6f3d1c3ed5326b9fe200,2024-12-20T15:25:37.347000
+CVE-2024-12356,0,1,47f76c9ed5ff94ac227aa2822ba21f3a55581c6b79b266287bc2053f23d3f41a,2025-02-17T21:15:10.327000
 CVE-2024-12357,0,0,48fcc186a0b90c08dc56b15842484729758da0392dc94d034d9fe9fdfb82ecb1,2024-12-10T23:35:15.660000
 CVE-2024-12358,0,0,c693e0849f917c8e8b82ecbabaa009531cb87832861cfd247370c207501db351,2024-12-10T23:34:20.467000
 CVE-2024-12359,0,0,c89d1a1aa75e792ebb41728457dc48f1f26a200ebabc2671ae04aee3d706d446,2024-12-10T23:34:02.110000
@ -246722,7 +246722,7 @@ CVE-2024-13829,0,0,0eb68c1cd51e57e24834aa430c28539b9740e4aeaf2e4bf4d57d2d018e612
 CVE-2024-1383,0,0,aa117bb4caae4c90c9ef562f3b17aec83c186c85e2ed83fcc25ce7b11090cff4,2024-11-21T08:50:27.733000
 CVE-2024-13830,0,0,c6d7b41600cf06f096c92eda44ad4947ed0129124f061312ef644e59d67aa0f4,2025-02-13T17:09:11.660000
 CVE-2024-13834,0,0,b3a753413a4c1c1c8fb1941598bdc1cadfaac89f934ae66577e6a8bb7cdc2403,2025-02-15T15:15:23.423000
-CVE-2024-13837,1,1,b186071e4ea62233d731f5821d490b3ab777186a5f4da25e22f6fedfafcbdd0c,2025-02-17T19:15:09.463000
+CVE-2024-13837,0,0,b186071e4ea62233d731f5821d490b3ab777186a5f4da25e22f6fedfafcbdd0c,2025-02-17T19:15:09.463000
 CVE-2024-1384,0,0,f50cb0336a3fe51b62fe599c783d20749a5fb92b8e797d5c0ac36d466c13f7ad,2024-09-19T22:13:04.370000
 CVE-2024-13841,0,0,42857531268142aae6c02637b3b6e7d79dd71736d6804136946d48ddaede14a2,2025-02-07T07:15:14.573000
 CVE-2024-13842,0,0,955b2791810b1a10a02616a1134c790dde9472870ffb2ecef1b260eb338bf89c,2025-02-11T16:15:39.513000
@ -251310,6 +251310,7 @@ CVE-2024-25062,0,0,33d5a68ef3b936424a736429c0cf52857e2954c9e23e61044543b96f4ce8f
 CVE-2024-25063,0,0,66e3d9769be4a072b3ce672f9896271f84fc3a46faea832786d65ef1b0821cb5,2024-11-21T09:00:10.580000
 CVE-2024-25064,0,0,630189d4352af193613c5caf500a30b1ea966acedabfdb6b6c44c8c9c90ff2da,2024-11-21T09:00:10.703000
 CVE-2024-25065,0,0,d9b3f95564df6ce5bbc93b83e6e400dfe73cd962c70fa49bcbdfa1f240e5106e,2025-02-13T18:17:13.343000
+CVE-2024-25066,1,1,cfe99037f8c60bf9e1eb92942e0cb294c42dc1bf159b970776555c22910844c2,2025-02-17T21:15:10.993000
 CVE-2024-2507,0,0,d2bd12e43cb16137b76052767012daeeb5681b81f827ee8546e5b590614b4a24,2025-02-05T17:28:13.613000
 CVE-2024-25073,0,0,b773096cbe22b7b2359c05c5b9b8c5d77df4ed93f4aca2b5ee2c4c6254770bbe,2024-12-04T21:15:22.230000
 CVE-2024-25074,0,0,ceec7e26506d1c51c0a15b70554b53358fa1555c187d8abcdb06a9354ef81f73,2024-11-21T09:00:11.107000