From 3f3ce85486c8666dd9c2d6e453e26fea62344ef9 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 8 Jul 2024 02:03:46 +0000 Subject: [PATCH] Auto-Update: 2024-07-08T02:00:52.780388+00:00 --- CVE-2024/CVE-2024-397xx/CVE-2024-39723.json | 60 +++++++++++++++++++++ CVE-2024/CVE-2024-57xx/CVE-2024-5711.json | 60 +++++++++++++++++++++ README.md | 13 ++--- _state.csv | 4 +- 4 files changed, 130 insertions(+), 7 deletions(-) create mode 100644 CVE-2024/CVE-2024-397xx/CVE-2024-39723.json create mode 100644 CVE-2024/CVE-2024-57xx/CVE-2024-5711.json diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39723.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39723.json new file mode 100644 index 00000000000..f0e88f13b56 --- /dev/null +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39723.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-39723", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-07-08T01:15:12.283", + "lastModified": "2024-07-08T01:15:12.283", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1299" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/295935", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7159333", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-57xx/CVE-2024-5711.json b/CVE-2024/CVE-2024-57xx/CVE-2024-5711.json new file mode 100644 index 00000000000..64fa8c54673 --- /dev/null +++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5711.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-5711", + "sourceIdentifier": "security@huntr.dev", + "published": "2024-07-08T00:15:01.940", + "lastModified": "2024-07-08T00:15:01.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) - Stored in GitHub repository stitionai/devika prior to -." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.com/bounties/6c00ff84-574b-4b4f-bd58-aa7ec1809662", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7ec167fda69..5b292be017e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-07T23:55:54.901586+00:00 +2024-07-08T02:00:52.780388+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-07T23:15:10.003000+00:00 +2024-07-08T01:15:12.283000+00:00 ``` ### Last Data Feed Release @@ -27,20 +27,21 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-07-07T00:00:08.648162+00:00 +2024-07-08T00:00:08.667445+00:00 ``` ### Total Number of included CVEs ```plain -255980 +255982 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `2` -- [CVE-2024-6539](CVE-2024/CVE-2024-65xx/CVE-2024-6539.json) (`2024-07-07T23:15:10.003`) +- [CVE-2024-39723](CVE-2024/CVE-2024-397xx/CVE-2024-39723.json) (`2024-07-08T01:15:12.283`) +- [CVE-2024-5711](CVE-2024/CVE-2024-57xx/CVE-2024-5711.json) (`2024-07-08T00:15:01.940`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index a8da0d90eca..bdcc4be02ee 100644 --- a/_state.csv +++ b/_state.csv @@ -254219,6 +254219,7 @@ CVE-2024-39705,0,0,91d39f33d5bd2d9618d124407e406b5aefb3921b0f0d526c128476a465358 CVE-2024-39708,0,0,111516979aea28b8e657aa098e90e19a44667358e9b94bc0cc0d55aace553cee,2024-06-28T10:27:00.920000 CVE-2024-3971,0,0,1320cc801330d2d12e5c1ffdfdf6be7f25a4100ca447a2f7a5815c90f2431f60,2024-06-17T12:42:04.623000 CVE-2024-3972,0,0,336c66699a431faa29a5282b5eb6832d488e7d167b3d03dca5d4b3950fce0bec,2024-06-17T12:42:04.623000 +CVE-2024-39723,1,1,d96f5452a9111c88cf72e549ad59361cff4c806be10625ef83db1c7ab2520662,2024-07-08T01:15:12.283000 CVE-2024-3974,0,0,30b94b89b01dd2c6057362330f67dc78937f3f3edffa0c5a57e7602f711f919a,2024-05-14T16:11:39.510000 CVE-2024-3977,0,0,e9f44416847592725fc2cd47ffed9c743bca75989a5c2d940c73903d22d68b79,2024-06-17T12:42:04.623000 CVE-2024-3978,0,0,338ec55d360d0ecf1dfe595690a2d37e24aa4129fa5a75aae324bfa31cd2fe9a,2024-06-17T12:42:04.623000 @@ -255597,6 +255598,7 @@ CVE-2024-5700,0,0,75281b3d92ab48138fa84376c62cf06e3b235ecbf0492685b83c4b5de8ec65 CVE-2024-5701,0,0,c0b77ae9f34889006ada566ff239d80e91c1e1e51e6239a509f45a6d387ce8ce,2024-06-11T13:54:12.057000 CVE-2024-5702,0,0,050114b692a9d22e1a3779ff238583d9efc9d6e8072ff7c077a659f94eb85b8c,2024-06-19T10:15:11.583000 CVE-2024-5710,0,0,bbba5caf4cb4f465fb2a1f44424b7af778bd56d5f1b17eb3b38248b8a0397322,2024-07-01T10:15:30.183000 +CVE-2024-5711,1,1,d9db03d6362abb942f4ac27229f074628c924324fa288e57eb21704281f10e54,2024-07-08T00:15:01.940000 CVE-2024-5712,0,0,782e6f09ec4801a2090922da0634157b6b0760d6d2ff619b99db06cdc44198b4,2024-07-01T12:37:24.220000 CVE-2024-5714,0,0,d09606fe85d7a014a058870c51f9ff79e6af54534c316b686a2562e2d0e92e3e,2024-06-27T19:25:12.067000 CVE-2024-5724,0,0,03384c71395c84af225b0ffa60ba9818c028df2b73c4ae064cd0a263a53e8317,2024-06-20T12:44:01.637000 @@ -255978,4 +255980,4 @@ CVE-2024-6523,0,0,8e944d33060f893d0f8a5de05c5d1f404dc8cc2a3646a4fb123baa591362f9 CVE-2024-6524,0,0,b1cd113fe7421214b7ce9e86517f29da32cdcabbd73db24dd5b2998b8692a1c5,2024-07-05T12:55:51.367000 CVE-2024-6525,0,0,922b367a62eb2afd73317643050f220b58a9c00fbadb87dd5d5b3387d891b6e8,2024-07-05T17:10:58.210000 CVE-2024-6526,0,0,2b85d297bcc6f1e6404a772fb46286a7ad08c157624b810fd8629aa6ecff0f52,2024-07-05T17:10:58.210000 -CVE-2024-6539,1,1,a07c31d1044b80d70124f466f6a8a84ff7e79693e8866eb368f2a7f4d8611c7a,2024-07-07T23:15:10.003000 +CVE-2024-6539,0,0,a07c31d1044b80d70124f466f6a8a84ff7e79693e8866eb368f2a7f4d8611c7a,2024-07-07T23:15:10.003000