Auto-Update: 2024-07-01T10:03:34.206717+00:00

2025-05-08 03:27:17 +00:00 · 2024-07-01 10:06:27 +00:00 · 2024-07-01 10:06:27 +00:00 · 3f0c1292aa
commit 3f0c1292aa
parent f610b4908a
8 changed files with 235 additions and 13 deletions
--- a/CVE-2023/CVE-2023-424xx/CVE-2023-42464.json
+++ b/CVE-2023/CVE-2023-424xx/CVE-2023-42464.json
@ -2,8 +2,9 @@
  "id": "CVE-2023-42464",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-09-20T15:15:11.817",
-  "lastModified": "2024-01-12T22:18:33.463",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-07-01T09:15:06.080",
+  "vulnStatus": "Modified",
+  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
@ -107,6 +108,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://netatalk.io/security/CVE-2023-42464",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://netatalk.sourceforge.io/",
      "source": "cve@mitre.org",
--- a/CVE-2024/CVE-2024-01xx/CVE-2024-0153.json
+++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0153.json
@ -0,0 +1,33 @@
+{
+  "id": "CVE-2024-0153",
+  "sourceIdentifier": "arm-security@arm.com",
+  "published": "2024-07-01T09:15:06.343",
+  "lastModified": "2024-07-01T09:15:06.343",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "arm-security@arm.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-119"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
+      "source": "arm-security@arm.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-394xx/CVE-2024-39427.json
+++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39427.json
@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-39427",
+  "sourceIdentifier": "security@unisoc.com",
+  "published": "2024-07-01T09:15:06.493",
+  "lastModified": "2024-07-01T09:15:06.493",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@unisoc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762",
+      "source": "security@unisoc.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-394xx/CVE-2024-39428.json
+++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39428.json
@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-39428",
+  "sourceIdentifier": "security@unisoc.com",
+  "published": "2024-07-01T09:15:06.720",
+  "lastModified": "2024-07-01T09:15:06.720",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@unisoc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762",
+      "source": "security@unisoc.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-394xx/CVE-2024-39429.json
+++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39429.json
@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-39429",
+  "sourceIdentifier": "security@unisoc.com",
+  "published": "2024-07-01T09:15:06.893",
+  "lastModified": "2024-07-01T09:15:06.893",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@unisoc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762",
+      "source": "security@unisoc.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-394xx/CVE-2024-39430.json
+++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39430.json
@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-39430",
+  "sourceIdentifier": "security@unisoc.com",
+  "published": "2024-07-01T09:15:07.070",
+  "lastModified": "2024-07-01T09:15:07.070",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@unisoc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1807576926177525762",
+      "source": "security@unisoc.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-07-01T08:02:45.476976+00:00
+2024-07-01T10:03:34.206717+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-07-01T06:15:23.957000+00:00
+2024-07-01T09:15:07.070000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-255529
+255534
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `5`

- [CVE-2024-4934](CVE-2024/CVE-2024-49xx/CVE-2024-4934.json) (`2024-07-01T06:15:23.847`)
- [CVE-2024-6130](CVE-2024/CVE-2024-61xx/CVE-2024-6130.json) (`2024-07-01T06:15:23.957`)
+- [CVE-2024-0153](CVE-2024/CVE-2024-01xx/CVE-2024-0153.json) (`2024-07-01T09:15:06.343`)
+- [CVE-2024-39427](CVE-2024/CVE-2024-394xx/CVE-2024-39427.json) (`2024-07-01T09:15:06.493`)
+- [CVE-2024-39428](CVE-2024/CVE-2024-394xx/CVE-2024-39428.json) (`2024-07-01T09:15:06.720`)
+- [CVE-2024-39429](CVE-2024/CVE-2024-394xx/CVE-2024-39429.json) (`2024-07-01T09:15:06.893`)
+- [CVE-2024-39430](CVE-2024/CVE-2024-394xx/CVE-2024-39430.json) (`2024-07-01T09:15:07.070`)


 ### CVEs modified in the last Commit

 Recently modified CVEs: `1`

- [CVE-2023-4727](CVE-2023/CVE-2023-47xx/CVE-2023-4727.json) (`2024-07-01T06:15:23.500`)
+- [CVE-2023-42464](CVE-2023/CVE-2023-424xx/CVE-2023-42464.json) (`2024-07-01T09:15:06.080`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -231601,7 +231601,7 @@ CVE-2023-42460,0,0,052d6f5ed4dfd0d77c77cf8b6a496729c523835ccab719772417f838b3517
 CVE-2023-42461,0,0,3520c1f3ac39278a8d8c3d4dd1e3ecdd7c69a40b2c547ecadfb3e1ae439829be,2023-09-29T14:36:16.040000
 CVE-2023-42462,0,0,f2697a59ddf6ecc472bd0e84d3d4f79b2073ed6cc999197233ea753565e130dd,2023-09-29T14:05:08.350000
 CVE-2023-42463,0,0,9af5b8834648c08f228ce290cbc665ca2fdab30c63f40498be9c8026b678b831,2024-01-25T16:09:07.937000
-CVE-2023-42464,0,0,725cda30297af21b67bf03a514e07b4a39a1a9bbc088fed642b3ef76bc76b146,2024-01-12T22:18:33.463000
+CVE-2023-42464,0,1,95d22fca0fee18588cd128279b9016874e414c42245be69d4f4660a2b45c5094,2024-07-01T09:15:06.080000
 CVE-2023-42465,0,0,d3edcdf066dde8588c1e0123d917f48474cfcb921f5df713321696b941d7a350,2024-02-18T03:15:07.767000
 CVE-2023-42467,0,0,5caea4cff335f5cd1c49ec0fcf7e54ae0ee6358f319d3eb15814e6c5d8c0759c,2023-11-04T06:15:51.847000
 CVE-2023-42468,0,0,a5562e6b54113da0b273b9e7a51395a771ce68334b1b78aae8b3997814316546,2023-09-18T18:36:35.480000
@ -234914,7 +234914,7 @@ CVE-2023-47263,0,0,677ab9fce589c1d1a7e84495fba44efba88975d28c1c0b358eaa4e3b2e310
 CVE-2023-47264,0,0,9faf020667cc25f07dfb8382df553caabe75eac9b1668d9c999deccefa85a8b6,2023-12-01T18:32:28.423000
 CVE-2023-47265,0,0,e5dd3e8f07e2cde29a7b164b7d2f2d8fb5d2648b52cb927855305ced52fdae4d,2023-12-28T14:00:15.887000
 CVE-2023-47267,0,0,7af787055fd484ddb13b770f63a574a7140e8e765ce3a9c07340594a128f888a,2023-12-29T03:11:24.070000
-CVE-2023-4727,0,1,8e732098410b5a5359141885e0195cfe5555582d292a0bea826d6d65d9419217,2024-07-01T06:15:23.500000
+CVE-2023-4727,0,0,8e732098410b5a5359141885e0195cfe5555582d292a0bea826d6d65d9419217,2024-07-01T06:15:23.500000
 CVE-2023-47271,0,0,9cc05b4e0b65c52657ed8cdc25e16f6a7fc3036ff1196f68571bcac4e63323c6,2023-12-20T01:15:07.297000
 CVE-2023-47272,0,0,6e28ab19abbf3b1b70b10399ba447a3637cdf3f4443fc6db792243e0885fe9db,2023-12-28T17:24:36.373000
 CVE-2023-47279,0,0,77443ef453c9d718722250faa2452d8d4368ad781c70a56bce601eb3ebab7163,2023-12-06T18:38:55.820000
@ -240680,6 +240680,7 @@ CVE-2024-0099,0,0,922026d11edb09689a5419f4b6981b91f643282898008757d63b84ab582e71
 CVE-2024-0100,0,0,bbf51d2ce3c3a951e3f6f4fb5d57dd8d1c73fdd75ab0ade8734c57fcf29d357b,2024-05-14T16:13:02.773000
 CVE-2024-0103,0,0,c0f8f807fdf8426bc2106e7af79b6cd7b7308e8ea4f1780be6db3fdc6d1d8cf2,2024-06-17T12:43:31.090000
 CVE-2024-0151,0,0,aafc841cfb528b9ef4d150e11c8565679b9331c9ad5bf3569e38f74d72962c86,2024-04-25T08:15:07.420000
+CVE-2024-0153,1,1,db5fbf5069a0373aa6dd151d1dc24f802b05515be80a72e6da9193fc3259f404,2024-07-01T09:15:06.343000
 CVE-2024-0154,0,0,fee6d0edd38400fe9a2f331d67a355be9bc81701717352554939ef10dafbbf73,2024-03-13T18:15:58.530000
 CVE-2024-0155,0,0,56d3003aea28bbff1e776f33de697fc847d720d7a8270931f6c22f264f5611eb,2024-03-04T13:58:23.447000
 CVE-2024-0156,0,0,47a5ee4f12284e0f109441891942aa0eb589b2387e172b6366b6741bcabc51b4,2024-03-04T13:58:23.447000
@ -253846,7 +253847,11 @@ CVE-2024-3939,0,0,8db4cbfcc78e197894431199cdad6af4ac1ac13ee2f1028e231ba1f9079317
 CVE-2024-3940,0,0,52f7bf6d70193ddf6b45db8d32585f84af1f44b7487d20897766e34b437b8581,2024-05-14T16:11:39.510000
 CVE-2024-3941,0,0,3315566f834adaa65bc779c72609390662785ebcc4aac50a6cb30731cb96d90c,2024-05-14T16:11:39.510000
 CVE-2024-3942,0,0,e822d69f7c80cdc7914f6c6d228f749a2878411b19bb34f624a4ef0b72687edf,2024-05-02T18:00:37.360000
+CVE-2024-39427,1,1,97ebd32b94b990e6a96aade54601ab1fede76695773d47c643ab956eb9e6420b,2024-07-01T09:15:06.493000
+CVE-2024-39428,1,1,fdca9ac58fdcb5c4a018626e1f08f6383edc562d9c099912b8be86e42a849c58,2024-07-01T09:15:06.720000
+CVE-2024-39429,1,1,19c7465af4b4d1acbd63407a3f742cf0809d20c02be61deb95b849cbb7c38fd2,2024-07-01T09:15:06.893000
 CVE-2024-3943,0,0,e07ef944084da93a178b1d893c19c63f640132688c11e19da99f30e04e5e47e2,2024-05-30T13:15:41.297000
+CVE-2024-39430,1,1,284310b6f1d6a2b38d75f5dde401069ef17e08698c98ddf6f5ba6c3cab3d25a0,2024-07-01T09:15:07.070000
 CVE-2024-3945,0,0,87d1ab8fe16ba408f307c5379ed22b3c751c5d4b07b1a3f5bec08826673ff46f,2024-05-30T13:15:41.297000
 CVE-2024-39458,0,0,fddd464380a09267e09b57b66272561b89c59455a10d641fa61f771d4f530d41,2024-06-27T12:47:19.847000
 CVE-2024-39459,0,0,d1d8498393c450e178fa7bc147e75f870b75d424b183c32cba625d84c2757e63,2024-06-27T12:47:19.847000
@ -254671,7 +254676,7 @@ CVE-2024-4930,0,0,6ff76d7aaffb879ad1ba04c82aee4d6862810bf82c41e96981364c74ee8131
 CVE-2024-4931,0,0,83efd803f055d34e0373b998807732a66d1be28ff93405fe1ae45ba9ee6af2a3,2024-06-04T19:20:54.543000
 CVE-2024-4932,0,0,2da4bffdf4d6e38ae009aae9065c7b2f8049c53fc8beaf73dfbb4354175c5b68,2024-05-17T02:40:43.357000
 CVE-2024-4933,0,0,9fe90c4f8856bf6bdad48e78d639ea10366bef215c1d0d507cc52649860ab1b1,2024-06-04T19:20:54.643000
-CVE-2024-4934,1,1,6199c6082df89b8cd0bd1353d23a00d0f49be5cb7c793c5bf2645e1b9c18a302,2024-07-01T06:15:23.847000
+CVE-2024-4934,0,0,6199c6082df89b8cd0bd1353d23a00d0f49be5cb7c793c5bf2645e1b9c18a302,2024-07-01T06:15:23.847000
 CVE-2024-4936,0,0,a731ea39a2abdd8ed5ffb7274944b4c3b5578233bd6509536eab3c4454adaafe,2024-06-17T12:42:04.623000
 CVE-2024-4939,0,0,6859feec38f69c636602db339fa7ab03b302bd67a24dc957bb8f045d97aede0c,2024-06-11T17:08:33.350000
 CVE-2024-4940,0,0,cb78cb49a43bd348a99dcd2f7e1d39ee831dc08e65c1988e89651f8662313063,2024-06-24T12:57:36.513000
@ -255418,7 +255423,7 @@ CVE-2024-6125,0,0,85b92914638eb24a081146fd823c584c2333b183768ef26d618955e8364631
 CVE-2024-6127,0,0,8f3f3591469382ebb006087ec5b5be799ca274948ebd71b090f997c1ae2c89a9,2024-06-28T10:27:00.920000
 CVE-2024-6128,0,0,cd2531d89b3a76f4be34b5ead44f5b65458326ae9dfb5c97dcd0243e237eb5b3,2024-06-21T16:15:12.570000
 CVE-2024-6129,0,0,dfa20fd20a0a3099fcdc2f66c56de27040819ee45bd7efe66cb95f894b77d645,2024-06-20T12:44:01.637000
-CVE-2024-6130,1,1,4dec67f3f43a5f70bce86d325489d8791714dd8bdb534ec2e2d88fdd2f96eaf4,2024-07-01T06:15:23.957000
+CVE-2024-6130,0,0,4dec67f3f43a5f70bce86d325489d8791714dd8bdb534ec2e2d88fdd2f96eaf4,2024-07-01T06:15:23.957000
 CVE-2024-6132,0,0,c816ab5ddbf096dbfac6131f33b5d3d3e264dd5fbb695e6c347719e5920b43ca,2024-06-20T12:44:01.637000
 CVE-2024-6139,0,0,5267393f199f3e6d04675c179e30c182dfe9af96089cf21d4ca0eef7a0895473,2024-06-27T19:25:12.067000
 CVE-2024-6142,0,0,23f480e47c156f1dad9ad13e0d7590969d38d5491fbe00b3021017412ace7767,2024-06-20T12:44:01.637000