Auto-Update: 2024-07-08T02:00:52.780388+00:00

2025-07-11 16:13:34 +00:00 · 2024-07-08 02:03:46 +00:00 · 2024-07-08 02:03:46 +00:00 · 3f3ce85486
commit 3f3ce85486
parent c1440915d6
4 changed files with 130 additions and 7 deletions
--- a/CVE-2024/CVE-2024-397xx/CVE-2024-39723.json
+++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39723.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-39723",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-07-08T01:15:12.283",
+  "lastModified": "2024-07-08T01:15:12.283",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data.  IBM X-Force ID:  295935."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "PHYSICAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 4.6,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1299"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/295935",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7159333",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-57xx/CVE-2024-5711.json
+++ b/CVE-2024/CVE-2024-57xx/CVE-2024-5711.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-5711",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2024-07-08T00:15:01.940",
+  "lastModified": "2024-07-08T00:15:01.940",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site Scripting (XSS) - Stored in GitHub repository stitionai/devika prior to -."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/6c00ff84-574b-4b4f-bd58-aa7ec1809662",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-07-07T23:55:54.901586+00:00
+2024-07-08T02:00:52.780388+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-07-07T23:15:10.003000+00:00
+2024-07-08T01:15:12.283000+00:00
 ```

 ### Last Data Feed Release
@ -27,20 +27,21 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2024-07-07T00:00:08.648162+00:00
+2024-07-08T00:00:08.667445+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-255980
+255982
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

- [CVE-2024-6539](CVE-2024/CVE-2024-65xx/CVE-2024-6539.json) (`2024-07-07T23:15:10.003`)
+- [CVE-2024-39723](CVE-2024/CVE-2024-397xx/CVE-2024-39723.json) (`2024-07-08T01:15:12.283`)
+- [CVE-2024-5711](CVE-2024/CVE-2024-57xx/CVE-2024-5711.json) (`2024-07-08T00:15:01.940`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -254219,6 +254219,7 @@ CVE-2024-39705,0,0,91d39f33d5bd2d9618d124407e406b5aefb3921b0f0d526c128476a465358
 CVE-2024-39708,0,0,111516979aea28b8e657aa098e90e19a44667358e9b94bc0cc0d55aace553cee,2024-06-28T10:27:00.920000
 CVE-2024-3971,0,0,1320cc801330d2d12e5c1ffdfdf6be7f25a4100ca447a2f7a5815c90f2431f60,2024-06-17T12:42:04.623000
 CVE-2024-3972,0,0,336c66699a431faa29a5282b5eb6832d488e7d167b3d03dca5d4b3950fce0bec,2024-06-17T12:42:04.623000
+CVE-2024-39723,1,1,d96f5452a9111c88cf72e549ad59361cff4c806be10625ef83db1c7ab2520662,2024-07-08T01:15:12.283000
 CVE-2024-3974,0,0,30b94b89b01dd2c6057362330f67dc78937f3f3edffa0c5a57e7602f711f919a,2024-05-14T16:11:39.510000
 CVE-2024-3977,0,0,e9f44416847592725fc2cd47ffed9c743bca75989a5c2d940c73903d22d68b79,2024-06-17T12:42:04.623000
 CVE-2024-3978,0,0,338ec55d360d0ecf1dfe595690a2d37e24aa4129fa5a75aae324bfa31cd2fe9a,2024-06-17T12:42:04.623000
@ -255597,6 +255598,7 @@ CVE-2024-5700,0,0,75281b3d92ab48138fa84376c62cf06e3b235ecbf0492685b83c4b5de8ec65
 CVE-2024-5701,0,0,c0b77ae9f34889006ada566ff239d80e91c1e1e51e6239a509f45a6d387ce8ce,2024-06-11T13:54:12.057000
 CVE-2024-5702,0,0,050114b692a9d22e1a3779ff238583d9efc9d6e8072ff7c077a659f94eb85b8c,2024-06-19T10:15:11.583000
 CVE-2024-5710,0,0,bbba5caf4cb4f465fb2a1f44424b7af778bd56d5f1b17eb3b38248b8a0397322,2024-07-01T10:15:30.183000
+CVE-2024-5711,1,1,d9db03d6362abb942f4ac27229f074628c924324fa288e57eb21704281f10e54,2024-07-08T00:15:01.940000
 CVE-2024-5712,0,0,782e6f09ec4801a2090922da0634157b6b0760d6d2ff619b99db06cdc44198b4,2024-07-01T12:37:24.220000
 CVE-2024-5714,0,0,d09606fe85d7a014a058870c51f9ff79e6af54534c316b686a2562e2d0e92e3e,2024-06-27T19:25:12.067000
 CVE-2024-5724,0,0,03384c71395c84af225b0ffa60ba9818c028df2b73c4ae064cd0a263a53e8317,2024-06-20T12:44:01.637000
@ -255978,4 +255980,4 @@ CVE-2024-6523,0,0,8e944d33060f893d0f8a5de05c5d1f404dc8cc2a3646a4fb123baa591362f9
 CVE-2024-6524,0,0,b1cd113fe7421214b7ce9e86517f29da32cdcabbd73db24dd5b2998b8692a1c5,2024-07-05T12:55:51.367000
 CVE-2024-6525,0,0,922b367a62eb2afd73317643050f220b58a9c00fbadb87dd5d5b3387d891b6e8,2024-07-05T17:10:58.210000
 CVE-2024-6526,0,0,2b85d297bcc6f1e6404a772fb46286a7ad08c157624b810fd8629aa6ecff0f52,2024-07-05T17:10:58.210000
-CVE-2024-6539,1,1,a07c31d1044b80d70124f466f6a8a84ff7e79693e8866eb368f2a7f4d8611c7a,2024-07-07T23:15:10.003000
+CVE-2024-6539,0,0,a07c31d1044b80d70124f466f6a8a84ff7e79693e8866eb368f2a7f4d8611c7a,2024-07-07T23:15:10.003000