Auto-Update: 2024-11-04T07:00:19.831398+00:00

This commit is contained in:
cad-safe-bot 2024-11-04 07:03:19 +00:00
parent 058fdbfc5f
commit 3dbd81b99f
8 changed files with 337 additions and 33 deletions

View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10760",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-04T05:15:03.810",
"lastModified": "2024-11-04T05:15:03.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects University Event Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dodelete.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/MurphyEutopia/cve/blob/main/sql15.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282929",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282929",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.436442",
"source": "cna@vuldb.com"
}
]
}

View File

@ -0,0 +1,133 @@
{
"id": "CVE-2024-10761",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-04T05:15:04.693",
"lastModified": "2024-11-04T05:15:04.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Umbraco CMS 12.3.6. It has been classified as problematic. Affected is an unknown function of the file /Umbraco/preview/frame?id{} of the component Dashboard. The manipulation of the argument culture leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.282930",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282930",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427091",
"source": "cna@vuldb.com"
}
]
}

View File

@ -2,13 +2,20 @@
"id": "CVE-2024-51424",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T21:15:14.973",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-04T06:15:03.767",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the Owned.setOwner function"
"value": "An issue in the PepeGxng smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact via the Owned.setOwner function. NOTE: this is disputed by third parties because the impact is limited to function calls."
},
{
"lang": "es",

View File

@ -2,13 +2,20 @@
"id": "CVE-2024-51425",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T21:15:15.027",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-04T06:15:04.053",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate privileges via the WaterToken Contract."
"value": "An issue in the WaterToken smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact. NOTE: this is disputed by third parties because the impact is limited to function calls."
},
{
"lang": "es",

View File

@ -2,13 +2,20 @@
"id": "CVE-2024-51426",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T21:15:15.083",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-04T06:15:04.200",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate privileges via the _transfer function."
"value": "An issue in the PepeGxng smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact via the _transfer function. NOTE: this is disputed by third parties because the impact is limited to function calls."
},
{
"lang": "es",

View File

@ -2,13 +2,20 @@
"id": "CVE-2024-51427",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T21:15:15.147",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-04T06:15:04.340",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the PepeGxng smart contract mint function."
"value": "An issue in the PepeGxng smart contract (which can be run on the Ethereum blockchain) allows remote attackers to have an unspecified impact via the mint function. NOTE: this is disputed by third parties because the impact is limited to function calls."
},
{
"lang": "es",

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-11-04T05:00:20.194798+00:00
2024-11-04T07:00:19.831398+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-11-04T04:15:03.273000+00:00
2024-11-04T06:15:04.340000+00:00
```
### Last Data Feed Release
@ -33,25 +33,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
268069
268071
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `2`
- [CVE-2024-10754](CVE-2024/CVE-2024-107xx/CVE-2024-10754.json) (`2024-11-04T03:15:03.513`)
- [CVE-2024-10755](CVE-2024/CVE-2024-107xx/CVE-2024-10755.json) (`2024-11-04T03:15:03.800`)
- [CVE-2024-10756](CVE-2024/CVE-2024-107xx/CVE-2024-10756.json) (`2024-11-04T03:15:04.107`)
- [CVE-2024-10757](CVE-2024/CVE-2024-107xx/CVE-2024-10757.json) (`2024-11-04T03:15:04.400`)
- [CVE-2024-10758](CVE-2024/CVE-2024-107xx/CVE-2024-10758.json) (`2024-11-04T04:15:02.970`)
- [CVE-2024-10759](CVE-2024/CVE-2024-107xx/CVE-2024-10759.json) (`2024-11-04T04:15:03.273`)
- [CVE-2024-10760](CVE-2024/CVE-2024-107xx/CVE-2024-10760.json) (`2024-11-04T05:15:03.810`)
- [CVE-2024-10761](CVE-2024/CVE-2024-107xx/CVE-2024-10761.json) (`2024-11-04T05:15:04.693`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `4`
- [CVE-2024-51424](CVE-2024/CVE-2024-514xx/CVE-2024-51424.json) (`2024-11-04T06:15:03.767`)
- [CVE-2024-51425](CVE-2024/CVE-2024-514xx/CVE-2024-51425.json) (`2024-11-04T06:15:04.053`)
- [CVE-2024-51426](CVE-2024/CVE-2024-514xx/CVE-2024-51426.json) (`2024-11-04T06:15:04.200`)
- [CVE-2024-51427](CVE-2024/CVE-2024-514xx/CVE-2024-51427.json) (`2024-11-04T06:15:04.340`)
## Download and Usage

View File

@ -242753,13 +242753,15 @@ CVE-2024-10750,0,0,a5ab38ab4e0a30803b76cb92f36d106e28cb9646c5f450e7b359c617fa79d
CVE-2024-10751,0,0,ece80e95a2cea401caf01f16c80e716d345300d1a9937ae65bf2b9b198d7fbdc,2024-11-04T02:15:14.993000
CVE-2024-10752,0,0,8a3cbd606c9961479f693d42867703d9117f36820b9a355e369e4c3dc6e7a45d,2024-11-04T02:15:15.310000
CVE-2024-10753,0,0,bba63f6afd5c7db41ec944ca9e3254b1565ead11d9f0f9c2936fcd3fdd183f4d,2024-11-04T02:15:15.613000
CVE-2024-10754,1,1,016ef701d7c69b529eb18fd8ed82404dc42714da0860044ae592468ce5e54716,2024-11-04T03:15:03.513000
CVE-2024-10755,1,1,2c1547538aa19f33bfb8ab269f8c5de9accf18db53f0c38af0fdd2224a47abdd,2024-11-04T03:15:03.800000
CVE-2024-10756,1,1,1734d7c6860835ec5fd594c365496c8bc60607d9c8dfdf93f1bd68e80a64f827,2024-11-04T03:15:04.107000
CVE-2024-10757,1,1,513ddaeb765e10d55f4e446466726a7990128dbf7a5f480b895888b3c8d46a19,2024-11-04T03:15:04.400000
CVE-2024-10758,1,1,2924398b36195839f05c27f30f0725070d4ebf30d1c28448bd0beb3b8614ec33,2024-11-04T04:15:02.970000
CVE-2024-10759,1,1,2090035a24a06a2d3a108f47d883fe4483d74d7ca2e479a8d375879b9d69a296,2024-11-04T04:15:03.273000
CVE-2024-10754,0,0,016ef701d7c69b529eb18fd8ed82404dc42714da0860044ae592468ce5e54716,2024-11-04T03:15:03.513000
CVE-2024-10755,0,0,2c1547538aa19f33bfb8ab269f8c5de9accf18db53f0c38af0fdd2224a47abdd,2024-11-04T03:15:03.800000
CVE-2024-10756,0,0,1734d7c6860835ec5fd594c365496c8bc60607d9c8dfdf93f1bd68e80a64f827,2024-11-04T03:15:04.107000
CVE-2024-10757,0,0,513ddaeb765e10d55f4e446466726a7990128dbf7a5f480b895888b3c8d46a19,2024-11-04T03:15:04.400000
CVE-2024-10758,0,0,2924398b36195839f05c27f30f0725070d4ebf30d1c28448bd0beb3b8614ec33,2024-11-04T04:15:02.970000
CVE-2024-10759,0,0,2090035a24a06a2d3a108f47d883fe4483d74d7ca2e479a8d375879b9d69a296,2024-11-04T04:15:03.273000
CVE-2024-1076,0,0,1eec5a2aed6def26ca78a00c90cdc2a9e26a823100b6419a30b16c630a915a03,2024-08-30T13:15:12.257000
CVE-2024-10760,1,1,c1b97cdc012b2f50785c2e0167af3453e98e8cc5ee57d3d44f5455b7ef0a2f33,2024-11-04T05:15:03.810000
CVE-2024-10761,1,1,54968b3fe81ba0bc14f1452c83bfb4ab3ae60e7e693855ea590d6ede139b6d26,2024-11-04T05:15:04.693000
CVE-2024-1077,0,0,9052c519c4a7de5cf3516fc923116c25b788d5b36a137a2e416fb3d37403344d,2024-07-03T01:44:58.330000
CVE-2024-1078,0,0,88568fa2f20f5ea8de25fda48576808429bbc616448df571a879f056db565620,2024-02-14T18:39:51.437000
CVE-2024-1079,0,0,0a964f4e43e1a2d85a40a4753c5354fe293facf65d0ebcc06031e68ccad95a0f,2024-02-14T19:33:09.977000
@ -264362,10 +264364,10 @@ CVE-2024-51407,0,0,cdf72967db2c69b5defcb1138df761cb190d06df523f018741079aa6438aa
CVE-2024-5141,0,0,5b006751fd2d8ca9e95fc8cef49a641b35089e8e5594eecd996fab7cf0d4e5e8,2024-07-24T17:58:54.867000
CVE-2024-51419,0,0,e145fdc3d6134b228049cf2c0ec561624aa79dc4de0c1da7a3c5f83de9d39a5f,2024-11-01T12:57:03.417000
CVE-2024-5142,0,0,8102929b9600e5392a308a1b7cfd863bc4b2848bde33508d601b388a9c02231d,2024-08-27T11:15:04.540000
CVE-2024-51424,0,0,dd3331cfa90af7cfa9808e4057a4744fa2a2c8a9c4f5b22acc2aa8be623b5524,2024-11-01T12:57:03.417000
CVE-2024-51425,0,0,0987dd66b2c95d211cc2ea7b276f94ce04cf8e7e088627bbf9f13ba5f991a45a,2024-11-01T12:57:03.417000
CVE-2024-51426,0,0,3d7a3e5c360b90e2d784277cfccac6afd1d2cb042190aff9772e8c297d0478b0,2024-11-01T12:57:03.417000
CVE-2024-51427,0,0,ffcdc2905c6d5efd4ba06681e6f523d640c47f2a505a411a696ff606bb21ff58,2024-11-01T12:57:03.417000
CVE-2024-51424,0,1,8074d3681dc009f545c0b5b1ed4c51a9f136d3c18afaa9c4384405256aed3ba2,2024-11-04T06:15:03.767000
CVE-2024-51425,0,1,53ab0aa708c9b43a2cf1a93dce648aa1bc3d18e6a93bde5d39ed5fb860afb7f0,2024-11-04T06:15:04.053000
CVE-2024-51426,0,1,5d33521d8b96e38633b5f868464693826d0cf60bba0992fdeeaa0d9e10eb58ac,2024-11-04T06:15:04.200000
CVE-2024-51427,0,1,8620fe2fe9783598011162ebda7f5b78a4941fc646ad43a32bd7b2f439c18153,2024-11-04T06:15:04.340000
CVE-2024-5143,0,0,5ac39d02075c8e32566e12e6b75645e72f6b53d1cd5d8a84d8661f31cb199459,2024-10-31T15:35:44.950000
CVE-2024-51430,0,0,ff23326a74158832e3c36a3da3cf40ac4ba003ba8db91bd39e91a6a5bd9de288,2024-11-01T12:57:03.417000
CVE-2024-51431,0,0,ae4ea87885399ca20809740aa83c76657f25771a3072d37738bc514622348a08,2024-11-01T20:24:53.730000

Can't render this file because it is too large.