Auto-Update: 2024-04-30T08:00:37.769445+00:00

2025-07-09 16:05:11 +00:00 · 2024-04-30 08:03:29 +00:00 · 2024-04-30 08:03:29 +00:00 · 4614057735
commit 4614057735
parent 3cf92822f1
7 changed files with 114 additions and 19 deletions
--- a/CVE-2017/CVE-2017-79xx/CVE-2017-7938.json
+++ b/CVE-2017/CVE-2017-79xx/CVE-2017-7938.json
@ -2,7 +2,7 @@
  "id": "CVE-2017-7938",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2017-04-20T14:59:00.223",
-  "lastModified": "2017-08-16T01:29:21.603",
+  "lastModified": "2024-04-30T07:15:48.343",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -101,6 +101,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://github.com/jaygreig86/dmitry/pull/12",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://packetstormsecurity.com/files/142210/Dmitry-1.3a-Local-Stack-Buffer-Overflow.html",
      "source": "cve@mitre.org",
--- a/CVE-2022/CVE-2022-255xx/CVE-2022-25517.json
+++ b/CVE-2022/CVE-2022-255xx/CVE-2022-25517.json
@ -2,12 +2,12 @@
  "id": "CVE-2022-25517",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2022-03-22T19:15:07.693",
-  "lastModified": "2022-03-28T20:23:36.327",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-04-30T07:15:48.720",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
-      "value": "MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java."
+      "value": "MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java. NOTE: the vendor's position is that the reported execution of a SQL statement was intended behavior."
    },
    {
      "lang": "es",
@ -100,6 +100,10 @@
        "Exploit",
        "Third Party Advisory"
      ]
+    },
+    {
+      "url": "https://github.com/baomidou/mybatis-plus/issues/4407",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json
+++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-28815",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-27T07:15:49.493",
-  "lastModified": "2024-03-27T12:29:30.307",
+  "lastModified": "2024-04-30T07:15:48.897",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -16,6 +16,14 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "https://cwe.mitre.org/data/definitions/1188.html",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0003-001-v1.pdf",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://www.mitel.com/support/security-advisories",
      "source": "cve@mitre.org"
--- a/CVE-2024/CVE-2024-318xx/CVE-2024-31837.json
+++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31837.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-31837",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-04-30T07:15:48.993",
+  "lastModified": "2024-04-30T07:15:48.993",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "DMitry (Deepmagic Information Gathering Tool) 1.3a has a format-string vulnerability, with a threat model similar to CVE-2017-7938."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/jaygreig86/dmitry/pull/12",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-42xx/CVE-2024-4225.json
+++ b/CVE-2024/CVE-2024-42xx/CVE-2024-4225.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-4225",
+  "sourceIdentifier": "cve_disclosure@tech.gov.sg",
+  "published": "2024-04-30T07:15:49.107",
+  "lastModified": "2024-04-30T07:15:49.107",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Multiple security vulnerabilities has been discovered in web interface of NetGuardian DIN Remote Telemetry Unit (RTU), by DPS Telecom. Attackers can exploit those security vulnerabilities to perform critical actions such as escalate user's privilege, steal user's credential, Cross Site Scripting (XSS) and Cross-Site Request Forgery (CSRF)."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve_disclosure@tech.gov.sg",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.6,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 5.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve_disclosure@tech.gov.sg",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://govtech-csg.github.io/security-advisories/2024/04/29/CVE-2024-4225.html",
+      "source": "cve_disclosure@tech.gov.sg"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-04-30T04:00:44.788958+00:00
+2024-04-30T08:00:37.769445+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-04-30T03:15:06.237000+00:00
+2024-04-30T07:15:49.107000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-247171
+247173
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `2`

- [CVE-2024-0216](CVE-2024/CVE-2024-02xx/CVE-2024-0216.json) (`2024-04-30T02:15:06.383`)
- [CVE-2024-1371](CVE-2024/CVE-2024-13xx/CVE-2024-1371.json) (`2024-04-30T03:15:06.237`)
- [CVE-2024-4226](CVE-2024/CVE-2024-42xx/CVE-2024-4226.json) (`2024-04-30T02:15:06.577`)
+- [CVE-2024-31837](CVE-2024/CVE-2024-318xx/CVE-2024-31837.json) (`2024-04-30T07:15:48.993`)
+- [CVE-2024-4225](CVE-2024/CVE-2024-42xx/CVE-2024-4225.json) (`2024-04-30T07:15:49.107`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `3`

+- [CVE-2017-7938](CVE-2017/CVE-2017-79xx/CVE-2017-7938.json) (`2024-04-30T07:15:48.343`)
+- [CVE-2022-25517](CVE-2022/CVE-2022-255xx/CVE-2022-25517.json) (`2024-04-30T07:15:48.720`)
+- [CVE-2024-28815](CVE-2024/CVE-2024-288xx/CVE-2024-28815.json) (`2024-04-30T07:15:48.897`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -107877,7 +107877,7 @@ CVE-2017-7934,0,0,6509ad1210147a2f37f99de18e77bec245bc09c56f84bb9b94b5fbcaa5a1c2
 CVE-2017-7935,0,0,c5b12e45bd362aa8b8c96239cac3088010c77b7957ce01a05282debacb0084a6,2019-10-09T23:30:01.030000
 CVE-2017-7936,0,0,ee771e0b581393ddde2c1929f0985e971498f5b2e1fb63d557fd8cf900b8544c,2019-10-09T23:30:01.157000
 CVE-2017-7937,0,0,22c3662b5698f152a3ca69e20a068cacf1bc487977b467bca5a0881756320ef8,2019-10-09T23:30:01.593000
-CVE-2017-7938,0,0,76860b9c4f508e6359ba5c4188007ca1c6e532da45e240692d5fe1cb7a806c08,2017-08-16T01:29:21.603000
+CVE-2017-7938,0,1,4ffebf7db337676f4207e98e9d663eae30c19fdd4c100bb4112e52d4b5697bf2,2024-04-30T07:15:48.343000
 CVE-2017-7939,0,0,cc88ad4617c70e129da4ca01930c326cd1795f28efd38af7e0b79c0cb9c73bb6,2019-10-03T00:03:26.223000
 CVE-2017-7940,0,0,e6315dda7bb4159979b6f2383fb2002b6137e1a073f8f8a41fedc549a7f15f90,2019-09-16T14:33:28.640000
 CVE-2017-7941,0,0,046b4e9e2f5936b9dee3468621e77878134ca79650e8b0d28f3d271668fd2ebb,2019-10-03T00:03:26.223000
@ -193888,7 +193888,7 @@ CVE-2022-25512,0,0,b1c52ac21af7250e857ad7d3985d7bc7f57879f1a24979d1fb5e09eddb0eb
 CVE-2022-25514,0,0,f1c59f22d2e4b565c8a11c7a6bfeec9d476bf98622771797a7f4a62a438a26f7,2024-04-11T01:14:51.077000
 CVE-2022-25515,0,0,172f8e1e5d01426a23d61bd25b6ebc6f4d75111de98d4a5d3e8cc93d80a1deae,2024-04-11T01:14:51.140000
 CVE-2022-25516,0,0,465345018be8e617c1a005efa2d9875ffde962bc2da0eb32f30ac004005a22a4,2024-04-11T01:14:51.197000
-CVE-2022-25517,0,0,3e82dfa3064b8c7f47742f19529020af9352430a1fc34ebb0eaed29b1d04f228,2022-03-28T20:23:36.327000
+CVE-2022-25517,0,1,ee1f736415d1d6f570e99015d022356ab2037b736141809a5b1c7311ffd48f3d,2024-04-30T07:15:48.720000
 CVE-2022-25518,0,0,d1a9366eab4bd91c59f6bf12692e59eb1c69dbadcaea3ad3132182cbffcfd280,2022-03-28T20:08:30.037000
 CVE-2022-2552,0,0,125fa71079048e18e7435d117a5f8b319e30f8387bf3eb810bcd3b5b3c73dabb,2023-11-07T03:46:39.677000
 CVE-2022-25521,0,0,369c8b3e5327b316aa0ef07431129995f3d0b64c4960eae6c42480cc301fc961,2023-11-07T03:44:47.390000
@ -238548,7 +238548,7 @@ CVE-2024-0210,0,0,781036576e9440a1fc9b46af37779ad41f7628892147fe8c09565ff6a5500f
 CVE-2024-0211,0,0,132c1e68c983ae1726dff7033a7c58b323bdbba6ca03a16f37ef48af56ba99b7,2024-01-10T14:11:32.643000
 CVE-2024-0212,0,0,176f1e85021c46b07cf711472e72d7c3933d12fb54e6a141094ead004c90430e,2024-02-02T02:08:12.603000
 CVE-2024-0213,0,0,efc1cba36a0709768500695a8bf5cdea216d80feaac8230621431353bab77852,2024-01-12T19:27:52.903000
-CVE-2024-0216,1,1,c798ead602d270e48bfc47f705b0292bbdb1ff7a81408e04ec0e2194850d144d,2024-04-30T02:15:06.383000
+CVE-2024-0216,0,0,c798ead602d270e48bfc47f705b0292bbdb1ff7a81408e04ec0e2194850d144d,2024-04-30T02:15:06.383000
 CVE-2024-0217,0,0,dd01d727db94168ec31074ce4ceda987570c82fa71063e5b71a04f8652b2db98,2024-02-02T15:20:25.843000
 CVE-2024-0218,0,0,fa1b7e43fdfa87f09c7cfd9423883c7684725567a30c2ca01bd0c2786f62edda,2024-04-10T19:49:51.183000
 CVE-2024-0219,0,0,08cd905d8c2f2b5ea06be461dbdf5e387e4da253b37b0a0173de3b73c1ae4883,2024-02-09T17:15:31.870000
@ -239553,7 +239553,7 @@ CVE-2024-1367,0,0,736f26f77d0768a9fa480e418fdffb55d19a4ca3b9b227f204041ec9397a23
 CVE-2024-1368,0,0,1ed1ec2af9ec321b25d39e3abfc1a4417f436b0a874e460355539a037575c773,2024-02-28T14:06:45.783000
 CVE-2024-1369,0,0,3b9400e51aa638758466cd578c61a464d544a6e8f00f7ecbfeaefa54887b9eb9,2024-03-05T17:42:45.630000
 CVE-2024-1370,0,0,84757623f4e23dd39dcfa82cdc913f7491d74846654bf422edb6c7f18e7e25f1,2024-03-13T18:16:18.563000
-CVE-2024-1371,1,1,181e330e2a35f6cc8a8f2fd910abc254f7c010c48d224a0abd381e12d468e1f3,2024-04-30T03:15:06.237000
+CVE-2024-1371,0,0,181e330e2a35f6cc8a8f2fd910abc254f7c010c48d224a0abd381e12d468e1f3,2024-04-30T03:15:06.237000
 CVE-2024-1372,0,0,fd6a0b0bdbecc63f56aef495458a3c5dd8f2e76f436e6cb5f113766b10bba4a3,2024-03-05T17:12:04.487000
 CVE-2024-1373,0,0,6182eba24b857bc2b56524dd4b982074bd00b00d58fe9873ed20ec6b67a1b251,2024-03-11T10:15:49.383000
 CVE-2024-1374,0,0,7fe6e2944b2df04d1912da5645567f3da2009d2f734eda817ead1dbb0beca205,2024-03-06T15:26:34.817000
@ -244636,7 +244636,7 @@ CVE-2024-28782,0,0,2c346a16649d57b4cd6688055d888a86d12f94177200ab9afb6a4e0c69d4e
 CVE-2024-28784,0,0,c979b0334a0081e1847a4bc955e67dbbc0397aed136c4d3aa1b489c4f3f267b2,2024-03-27T15:49:51.300000
 CVE-2024-28787,0,0,466884053e2fb97771b0b18e87658d91d7f6894823937327962bdc9b1ecfdc33,2024-04-04T19:24:50.670000
 CVE-2024-2879,0,0,b3cb63a21efa9503ae3e8fbd2c3fbecce8466a6f50871d6397f8e38479a77e62,2024-04-08T22:49:41.533000
-CVE-2024-28815,0,0,f9ba7e38674697b7d17d51e7b24c9c896d5b8cd72333d8b6833bda1b0cb49c74,2024-03-27T12:29:30.307000
+CVE-2024-28815,0,1,e7bdcd0ac6977f9c059dbb312ad54d9a388fdc8f6a137aa4ed5f32fc20fa20fd,2024-04-30T07:15:48.897000
 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000
 CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000
 CVE-2024-28824,0,0,5a9476ae0fdb0520e3a986c832f5f9e27a50da5cb3aa11e06910544296f0e530,2024-03-22T12:45:36.130000
@ -246099,6 +246099,7 @@ CVE-2024-31821,0,0,e6b107a08767c4659cc5cd5ec36d2173bbd9e6a1567ae281bf420ac79ebda
 CVE-2024-31822,0,0,d1a2d153e2e72301c5ee224300dd8256de2a7637db4ea4fe3cdd06ef29d2a953,2024-04-29T18:15:07.817000
 CVE-2024-31823,0,0,b12a6c84fe9735ba90ffa046a7e378a0f142a42d4e6b1c6d4c5d047b60c30cb2,2024-04-29T18:15:07.880000
 CVE-2024-31828,0,0,13feac7cf63f02c8d248e7c048b8aecc3b5bd73dc02c3a86ce1d7360cb58bb31,2024-04-29T12:42:03.667000
+CVE-2024-31837,1,1,ed72a0044974cd73b52bc5804bc2eee175db23fb84bbc5d56300ac09b898bbd5,2024-04-30T07:15:48.993000
 CVE-2024-31839,0,0,25a7daa33bac03a27a09e1621adb92d9361c02bf4ef6c11d27831735c896c138,2024-04-15T13:15:51.577000
 CVE-2024-31841,0,0,e807a83ca93985dc842f15dd9311ce37f6ae1c5acd5a2d45df542202c187b560,2024-04-19T16:19:49.043000
 CVE-2024-31846,0,0,ec1f3478d8b62b2fb094bc9ce16da74fa6c5e7add097c8b7f5b857bd703bef58,2024-04-19T16:19:49.043000
@ -247128,7 +247129,8 @@ CVE-2024-4182,0,0,e7bfd5d03ac4e50248987fdc4c50fca364e9bca2384ff17427febaa9cba5bb
 CVE-2024-4183,0,0,ccc399a2445bf78d9e7d0cacf88ee6d06233217c2d933caf866c50fd88c63c71,2024-04-26T12:58:17.720000
 CVE-2024-4195,0,0,320e8c641dbb71fd3a637ea44d2a1260b2aea61b9d12f44c9e97c80bff500815,2024-04-26T12:58:17.720000
 CVE-2024-4198,0,0,845a410de3c7b102462b76b86fccfba72df0a0950e69dc55e9742bae00fec8d9,2024-04-26T12:58:17.720000
-CVE-2024-4226,1,1,b0c1e922b4532c695b1b593c555201ee563ec3e11f0284c146f42fa3db283ee7,2024-04-30T02:15:06.577000
+CVE-2024-4225,1,1,46281fee3cca773fc8eddf2650a3f4b13f2b07ad86ca3e4b2f133be2c8c6a4ad,2024-04-30T07:15:49.107000
+CVE-2024-4226,0,0,b0c1e922b4532c695b1b593c555201ee563ec3e11f0284c146f42fa3db283ee7,2024-04-30T02:15:06.577000
 CVE-2024-4234,0,0,007b9b5f266bd1a230094439603af6b2584a9759013139ef15c8a83c147fb7e2,2024-04-26T15:32:22.523000
 CVE-2024-4235,0,0,99093520f9467f6bc9df1e67ba828ed8d5a52b47abe017780b1bbfac822d38bb,2024-04-26T19:59:19.793000
 CVE-2024-4236,0,0,0ea63c80ef5a1e0a1b7de7daa05065980f1ac12c4af4da3f2aa1c276e47c5740,2024-04-26T19:59:19.793000