From 3d1e36669e3d3ede2e50d14b2a6fc92baa0fbd9f Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 1 Jan 2024 23:00:27 +0000 Subject: [PATCH] Auto-Update: 2024-01-01T23:00:24.001481+00:00 --- CVE-2023/CVE-2023-517xx/CVE-2023-51766.json | 6 +- CVE-2023/CVE-2023-57xx/CVE-2023-5764.json | 14 ++-- CVE-2024/CVE-2024-01xx/CVE-2024-0182.json | 84 +++++++++++++++++++++ README.md | 17 ++--- 4 files changed, 104 insertions(+), 17 deletions(-) create mode 100644 CVE-2024/CVE-2024-01xx/CVE-2024-0182.json diff --git a/CVE-2023/CVE-2023-517xx/CVE-2023-51766.json b/CVE-2023/CVE-2023-517xx/CVE-2023-51766.json index c2ec0c869f5..a4b617c00c3 100644 --- a/CVE-2023/CVE-2023-517xx/CVE-2023-51766.json +++ b/CVE-2023/CVE-2023-517xx/CVE-2023-51766.json @@ -2,7 +2,7 @@ "id": "CVE-2023-51766", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-24T06:15:07.673", - "lastModified": "2024-01-01T18:15:09.243", + "lastModified": "2024-01-01T21:15:24.403", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -32,6 +32,10 @@ "url": "http://www.openwall.com/lists/oss-security/2024/01/01/1", "source": "cve@mitre.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/01/01/2", + "source": "cve@mitre.org" + }, { "url": "https://bugs.exim.org/show_bug.cgi?id=3063", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-57xx/CVE-2023-5764.json b/CVE-2023/CVE-2023-57xx/CVE-2023-5764.json index 067c7cee73b..ab7ddb2811c 100644 --- a/CVE-2023/CVE-2023-57xx/CVE-2023-5764.json +++ b/CVE-2023/CVE-2023-57xx/CVE-2023-5764.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5764", "sourceIdentifier": "secalert@redhat.com", "published": "2023-12-12T22:15:22.747", - "lastModified": "2023-12-20T17:35:31.823", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-01T21:15:24.487", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", - "userInteraction": "REQUIRED", + "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" + "baseScore": 7.1, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 1.3, + "exploitabilityScore": 1.8, "impactScore": 5.2 } ] diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0182.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0182.json new file mode 100644 index 00000000000..a9b77ca940d --- /dev/null +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0182.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2024-0182", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-01T21:15:24.777", + "lastModified": "2024-01-01T21:15:24.777", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ of the component Admin Login. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-249440." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.249440", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249440", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 73479274cb4..47c27277712 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-01T19:00:25.508423+00:00 +2024-01-01T23:00:24.001481+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-01T18:15:09.243000+00:00 +2024-01-01T21:15:24.777000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234621 +234622 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `1` -* [CVE-2023-50094](CVE-2023/CVE-2023-500xx/CVE-2023-50094.json) (`2024-01-01T18:15:09.130`) -* [CVE-2023-50096](CVE-2023/CVE-2023-500xx/CVE-2023-50096.json) (`2024-01-01T18:15:09.197`) -* [CVE-2024-0181](CVE-2024/CVE-2024-01xx/CVE-2024-0181.json) (`2024-01-01T17:15:08.543`) +* [CVE-2024-0182](CVE-2024/CVE-2024-01xx/CVE-2024-0182.json) (`2024-01-01T21:15:24.777`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `2` -* [CVE-2023-51766](CVE-2023/CVE-2023-517xx/CVE-2023-51766.json) (`2024-01-01T18:15:09.243`) +* [CVE-2023-51766](CVE-2023/CVE-2023-517xx/CVE-2023-51766.json) (`2024-01-01T21:15:24.403`) +* [CVE-2023-5764](CVE-2023/CVE-2023-57xx/CVE-2023-5764.json) (`2024-01-01T21:15:24.487`) ## Download and Usage