Auto-Update: 2024-12-27T05:00:19.127241+00:00

2025-07-11 16:13:34 +00:00 · 2024-12-27 05:03:41 +00:00 · 2024-12-27 05:03:41 +00:00 · 3d28ea5d0a
commit 3d28ea5d0a
parent ad7e129855
4 changed files with 162 additions and 13 deletions
--- a/CVE-2024/CVE-2024-129xx/CVE-2024-12978.json
+++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12978.json
@ -0,0 +1,145 @@
+{
+  "id": "CVE-2024-12978",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-12-27T04:15:05.603",
+  "lastModified": "2024-12-27T04:15:05.603",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. This vulnerability affects the function add_req of the file /_parse/_all_edits.php. The manipulation of the argument jid/limit leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/UnrealdDei/cve/blob/main/sql7.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.289354",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.289354",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.469145",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-97xx/CVE-2024-9774.json
+++ b/CVE-2024/CVE-2024-97xx/CVE-2024-9774.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-9774",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2024-12-27T02:15:07.330",
-  "lastModified": "2024-12-27T02:15:07.330",
+  "lastModified": "2024-12-27T03:15:04.790",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
@ -38,7 +38,7 @@
  "weaknesses": [
    {
      "source": "secalert@redhat.com",
-      "type": "Primary",
+      "type": "Secondary",
      "description": [
        {
          "lang": "en",
@ -51,6 +51,10 @@
    {
      "url": "https://discuss.tryton.org/t/security-release-for-issue-93/7889/3",
      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00023.html",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-12-27T03:00:19.338538+00:00
+2024-12-27T05:00:19.127241+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-12-27T02:15:07.330000+00:00
+2024-12-27T04:15:05.603000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-274743
+274744
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

- [CVE-2024-12976](CVE-2024/CVE-2024-129xx/CVE-2024-12976.json) (`2024-12-27T02:15:06.063`)
- [CVE-2024-12977](CVE-2024/CVE-2024-129xx/CVE-2024-12977.json) (`2024-12-27T02:15:07.130`)
- [CVE-2024-9774](CVE-2024/CVE-2024-97xx/CVE-2024-9774.json) (`2024-12-27T02:15:07.330`)
+- [CVE-2024-12978](CVE-2024/CVE-2024-129xx/CVE-2024-12978.json) (`2024-12-27T04:15:05.603`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2024-9774](CVE-2024/CVE-2024-97xx/CVE-2024-9774.json) (`2024-12-27T03:15:04.790`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -245175,8 +245175,9 @@ CVE-2024-12967,0,0,ba8cde12b66bcb16be5a127b6d62440c1ec18d2d86c570d4e17758238dcb3
 CVE-2024-12968,0,0,98eff8f6392edea4f7cae0c974800d088e75e03d5974ef7539a1b2768d28bdb1,2024-12-26T22:15:11.557000
 CVE-2024-12969,0,0,4bbcd7139cc2c7f1babb3318390dc8531852894fa6d58b398e8d066bcc3c9352,2024-12-26T23:15:05.600000
 CVE-2024-1297,0,0,0d9e22e56ecef1715a16e9d7809dba48ba55def0e741f79f7098027ea7ebc7ff,2024-11-21T08:50:15.770000
-CVE-2024-12976,1,1,881e367356f5af137bfa0b6f42d2733b95c2606d7a1d6ffba9137fbc1ec6d825,2024-12-27T02:15:06.063000
-CVE-2024-12977,1,1,e0c792ee9d7dc7bc23cebbcafeadddd9c49d7359d6ea51dd9e4880db7f1cc233,2024-12-27T02:15:07.130000
+CVE-2024-12976,0,0,881e367356f5af137bfa0b6f42d2733b95c2606d7a1d6ffba9137fbc1ec6d825,2024-12-27T02:15:06.063000
+CVE-2024-12977,0,0,e0c792ee9d7dc7bc23cebbcafeadddd9c49d7359d6ea51dd9e4880db7f1cc233,2024-12-27T02:15:07.130000
+CVE-2024-12978,1,1,44c620eab0235bfac84c347c46b47d995addca4a0853a22295c1d04680f5ad15,2024-12-27T04:15:05.603000
 CVE-2024-1298,0,0,04246e35362f6f4b760051526529d0b042d99f56b78c06a26d303553264d4594,2024-11-21T08:50:15.890000
 CVE-2024-1299,0,0,c7f245e662ec35ddd87c48ae29ff03e74531f9ba7973bf15293ed4e82f111599,2024-12-11T20:23:27.497000
 CVE-2024-1300,0,0,1449d51d635587092ee7e467b53bae80464f92cc07a6bda2595172832d29c1e4,2024-11-25T03:15:10.053000
@ -274545,7 +274546,7 @@ CVE-2024-9767,0,0,80d36f7190a9ee1712fc0bac7af287f8aeae0caf94e9c8386dc03bfd7eb71f
 CVE-2024-9768,0,0,904cffc60d5e826fadde1f9279bf1637d0038b817b76c6a013f678cc172cfc96,2024-11-26T17:14:14.327000
 CVE-2024-9769,0,0,c2696bf31f1ba7076083554371447a32b4e26b069c06f2ff37292495919c4490,2024-12-06T04:15:05.200000
 CVE-2024-9772,0,0,00de6e2212e38deec5d85dcbb0fb26ecbb8065a78c6c2a56178e317ffc908e8d,2024-11-25T20:03:01.613000
-CVE-2024-9774,1,1,0377867bd7cdf29d78185f6164e0cd6bb0007aefa1638d3ea2b693b781e7f7f0,2024-12-27T02:15:07.330000
+CVE-2024-9774,0,1,c8e49e7439b73477632267ef33f188046ee568d6a3b65a3e8a86838418a036fe,2024-12-27T03:15:04.790000
 CVE-2024-9775,0,0,67011f9891bd518291e230fce5bb1e646dc07c3ccf350d707077824dc265951b,2024-11-26T01:45:57.317000
 CVE-2024-9776,0,0,691b7d4a970bfdfe6f45a48f305ac12244ac4e899e8a5e612ebd4c9c1703b9b5,2024-11-25T18:45:54.377000
 CVE-2024-9777,0,0,93ee86692c4d166322b2f54769a2de3ae116ef1efe45b8b5542abe4611d31128,2024-11-29T20:57:53.423000