diff --git a/CVE-2017/CVE-2017-79xx/CVE-2017-7938.json b/CVE-2017/CVE-2017-79xx/CVE-2017-7938.json index 4fe49ce7e9f..c0fbced78d1 100644 --- a/CVE-2017/CVE-2017-79xx/CVE-2017-7938.json +++ b/CVE-2017/CVE-2017-79xx/CVE-2017-7938.json @@ -2,7 +2,7 @@ "id": "CVE-2017-7938", "sourceIdentifier": "cve@mitre.org", "published": "2017-04-20T14:59:00.223", - "lastModified": "2017-08-16T01:29:21.603", + "lastModified": "2024-04-30T07:15:48.343", "vulnStatus": "Modified", "descriptions": [ { @@ -101,6 +101,10 @@ "Third Party Advisory" ] }, + { + "url": "https://github.com/jaygreig86/dmitry/pull/12", + "source": "cve@mitre.org" + }, { "url": "https://packetstormsecurity.com/files/142210/Dmitry-1.3a-Local-Stack-Buffer-Overflow.html", "source": "cve@mitre.org", diff --git a/CVE-2022/CVE-2022-255xx/CVE-2022-25517.json b/CVE-2022/CVE-2022-255xx/CVE-2022-25517.json index ca9caeabb0b..8331ee9c81e 100644 --- a/CVE-2022/CVE-2022-255xx/CVE-2022-25517.json +++ b/CVE-2022/CVE-2022-255xx/CVE-2022-25517.json @@ -2,12 +2,12 @@ "id": "CVE-2022-25517", "sourceIdentifier": "cve@mitre.org", "published": "2022-03-22T19:15:07.693", - "lastModified": "2022-03-28T20:23:36.327", - "vulnStatus": "Analyzed", + "lastModified": "2024-04-30T07:15:48.720", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java." + "value": "MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java. NOTE: the vendor's position is that the reported execution of a SQL statement was intended behavior." }, { "lang": "es", @@ -100,6 +100,10 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://github.com/baomidou/mybatis-plus/issues/4407", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json index 59eda01da8f..d0b44284677 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json @@ -2,7 +2,7 @@ "id": "CVE-2024-28815", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-27T07:15:49.493", - "lastModified": "2024-03-27T12:29:30.307", + "lastModified": "2024-04-30T07:15:48.897", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -16,6 +16,14 @@ ], "metrics": {}, "references": [ + { + "url": "https://cwe.mitre.org/data/definitions/1188.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_24-0003-001-v1.pdf", + "source": "cve@mitre.org" + }, { "url": "https://www.mitel.com/support/security-advisories", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-318xx/CVE-2024-31837.json b/CVE-2024/CVE-2024-318xx/CVE-2024-31837.json new file mode 100644 index 00000000000..07ac7db58a1 --- /dev/null +++ b/CVE-2024/CVE-2024-318xx/CVE-2024-31837.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-31837", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-30T07:15:48.993", + "lastModified": "2024-04-30T07:15:48.993", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "DMitry (Deepmagic Information Gathering Tool) 1.3a has a format-string vulnerability, with a threat model similar to CVE-2017-7938." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/jaygreig86/dmitry/pull/12", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-42xx/CVE-2024-4225.json b/CVE-2024/CVE-2024-42xx/CVE-2024-4225.json new file mode 100644 index 00000000000..fca873d5dfe --- /dev/null +++ b/CVE-2024/CVE-2024-42xx/CVE-2024-4225.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-4225", + "sourceIdentifier": "cve_disclosure@tech.gov.sg", + "published": "2024-04-30T07:15:49.107", + "lastModified": "2024-04-30T07:15:49.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple security vulnerabilities has been discovered in web interface of NetGuardian DIN Remote Telemetry Unit (RTU), by DPS Telecom. Attackers can exploit those security vulnerabilities to perform critical actions such as escalate user's privilege, steal user's credential, Cross Site Scripting (XSS) and Cross-Site Request Forgery (CSRF)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve_disclosure@tech.gov.sg", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "cve_disclosure@tech.gov.sg", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://govtech-csg.github.io/security-advisories/2024/04/29/CVE-2024-4225.html", + "source": "cve_disclosure@tech.gov.sg" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f5ca7818012..22f944abdd6 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-30T04:00:44.788958+00:00 +2024-04-30T08:00:37.769445+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-30T03:15:06.237000+00:00 +2024-04-30T07:15:49.107000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -247171 +247173 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `2` -- [CVE-2024-0216](CVE-2024/CVE-2024-02xx/CVE-2024-0216.json) (`2024-04-30T02:15:06.383`) -- [CVE-2024-1371](CVE-2024/CVE-2024-13xx/CVE-2024-1371.json) (`2024-04-30T03:15:06.237`) -- [CVE-2024-4226](CVE-2024/CVE-2024-42xx/CVE-2024-4226.json) (`2024-04-30T02:15:06.577`) +- [CVE-2024-31837](CVE-2024/CVE-2024-318xx/CVE-2024-31837.json) (`2024-04-30T07:15:48.993`) +- [CVE-2024-4225](CVE-2024/CVE-2024-42xx/CVE-2024-4225.json) (`2024-04-30T07:15:49.107`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `3` +- [CVE-2017-7938](CVE-2017/CVE-2017-79xx/CVE-2017-7938.json) (`2024-04-30T07:15:48.343`) +- [CVE-2022-25517](CVE-2022/CVE-2022-255xx/CVE-2022-25517.json) (`2024-04-30T07:15:48.720`) +- [CVE-2024-28815](CVE-2024/CVE-2024-288xx/CVE-2024-28815.json) (`2024-04-30T07:15:48.897`) ## Download and Usage diff --git a/_state.csv b/_state.csv index fbeeeb49ac4..ee3fb15c054 100644 --- a/_state.csv +++ b/_state.csv @@ -107877,7 +107877,7 @@ CVE-2017-7934,0,0,6509ad1210147a2f37f99de18e77bec245bc09c56f84bb9b94b5fbcaa5a1c2 CVE-2017-7935,0,0,c5b12e45bd362aa8b8c96239cac3088010c77b7957ce01a05282debacb0084a6,2019-10-09T23:30:01.030000 CVE-2017-7936,0,0,ee771e0b581393ddde2c1929f0985e971498f5b2e1fb63d557fd8cf900b8544c,2019-10-09T23:30:01.157000 CVE-2017-7937,0,0,22c3662b5698f152a3ca69e20a068cacf1bc487977b467bca5a0881756320ef8,2019-10-09T23:30:01.593000 -CVE-2017-7938,0,0,76860b9c4f508e6359ba5c4188007ca1c6e532da45e240692d5fe1cb7a806c08,2017-08-16T01:29:21.603000 +CVE-2017-7938,0,1,4ffebf7db337676f4207e98e9d663eae30c19fdd4c100bb4112e52d4b5697bf2,2024-04-30T07:15:48.343000 CVE-2017-7939,0,0,cc88ad4617c70e129da4ca01930c326cd1795f28efd38af7e0b79c0cb9c73bb6,2019-10-03T00:03:26.223000 CVE-2017-7940,0,0,e6315dda7bb4159979b6f2383fb2002b6137e1a073f8f8a41fedc549a7f15f90,2019-09-16T14:33:28.640000 CVE-2017-7941,0,0,046b4e9e2f5936b9dee3468621e77878134ca79650e8b0d28f3d271668fd2ebb,2019-10-03T00:03:26.223000 @@ -193888,7 +193888,7 @@ CVE-2022-25512,0,0,b1c52ac21af7250e857ad7d3985d7bc7f57879f1a24979d1fb5e09eddb0eb CVE-2022-25514,0,0,f1c59f22d2e4b565c8a11c7a6bfeec9d476bf98622771797a7f4a62a438a26f7,2024-04-11T01:14:51.077000 CVE-2022-25515,0,0,172f8e1e5d01426a23d61bd25b6ebc6f4d75111de98d4a5d3e8cc93d80a1deae,2024-04-11T01:14:51.140000 CVE-2022-25516,0,0,465345018be8e617c1a005efa2d9875ffde962bc2da0eb32f30ac004005a22a4,2024-04-11T01:14:51.197000 -CVE-2022-25517,0,0,3e82dfa3064b8c7f47742f19529020af9352430a1fc34ebb0eaed29b1d04f228,2022-03-28T20:23:36.327000 +CVE-2022-25517,0,1,ee1f736415d1d6f570e99015d022356ab2037b736141809a5b1c7311ffd48f3d,2024-04-30T07:15:48.720000 CVE-2022-25518,0,0,d1a9366eab4bd91c59f6bf12692e59eb1c69dbadcaea3ad3132182cbffcfd280,2022-03-28T20:08:30.037000 CVE-2022-2552,0,0,125fa71079048e18e7435d117a5f8b319e30f8387bf3eb810bcd3b5b3c73dabb,2023-11-07T03:46:39.677000 CVE-2022-25521,0,0,369c8b3e5327b316aa0ef07431129995f3d0b64c4960eae6c42480cc301fc961,2023-11-07T03:44:47.390000 @@ -238548,7 +238548,7 @@ CVE-2024-0210,0,0,781036576e9440a1fc9b46af37779ad41f7628892147fe8c09565ff6a5500f CVE-2024-0211,0,0,132c1e68c983ae1726dff7033a7c58b323bdbba6ca03a16f37ef48af56ba99b7,2024-01-10T14:11:32.643000 CVE-2024-0212,0,0,176f1e85021c46b07cf711472e72d7c3933d12fb54e6a141094ead004c90430e,2024-02-02T02:08:12.603000 CVE-2024-0213,0,0,efc1cba36a0709768500695a8bf5cdea216d80feaac8230621431353bab77852,2024-01-12T19:27:52.903000 -CVE-2024-0216,1,1,c798ead602d270e48bfc47f705b0292bbdb1ff7a81408e04ec0e2194850d144d,2024-04-30T02:15:06.383000 +CVE-2024-0216,0,0,c798ead602d270e48bfc47f705b0292bbdb1ff7a81408e04ec0e2194850d144d,2024-04-30T02:15:06.383000 CVE-2024-0217,0,0,dd01d727db94168ec31074ce4ceda987570c82fa71063e5b71a04f8652b2db98,2024-02-02T15:20:25.843000 CVE-2024-0218,0,0,fa1b7e43fdfa87f09c7cfd9423883c7684725567a30c2ca01bd0c2786f62edda,2024-04-10T19:49:51.183000 CVE-2024-0219,0,0,08cd905d8c2f2b5ea06be461dbdf5e387e4da253b37b0a0173de3b73c1ae4883,2024-02-09T17:15:31.870000 @@ -239553,7 +239553,7 @@ CVE-2024-1367,0,0,736f26f77d0768a9fa480e418fdffb55d19a4ca3b9b227f204041ec9397a23 CVE-2024-1368,0,0,1ed1ec2af9ec321b25d39e3abfc1a4417f436b0a874e460355539a037575c773,2024-02-28T14:06:45.783000 CVE-2024-1369,0,0,3b9400e51aa638758466cd578c61a464d544a6e8f00f7ecbfeaefa54887b9eb9,2024-03-05T17:42:45.630000 CVE-2024-1370,0,0,84757623f4e23dd39dcfa82cdc913f7491d74846654bf422edb6c7f18e7e25f1,2024-03-13T18:16:18.563000 -CVE-2024-1371,1,1,181e330e2a35f6cc8a8f2fd910abc254f7c010c48d224a0abd381e12d468e1f3,2024-04-30T03:15:06.237000 +CVE-2024-1371,0,0,181e330e2a35f6cc8a8f2fd910abc254f7c010c48d224a0abd381e12d468e1f3,2024-04-30T03:15:06.237000 CVE-2024-1372,0,0,fd6a0b0bdbecc63f56aef495458a3c5dd8f2e76f436e6cb5f113766b10bba4a3,2024-03-05T17:12:04.487000 CVE-2024-1373,0,0,6182eba24b857bc2b56524dd4b982074bd00b00d58fe9873ed20ec6b67a1b251,2024-03-11T10:15:49.383000 CVE-2024-1374,0,0,7fe6e2944b2df04d1912da5645567f3da2009d2f734eda817ead1dbb0beca205,2024-03-06T15:26:34.817000 @@ -244636,7 +244636,7 @@ CVE-2024-28782,0,0,2c346a16649d57b4cd6688055d888a86d12f94177200ab9afb6a4e0c69d4e CVE-2024-28784,0,0,c979b0334a0081e1847a4bc955e67dbbc0397aed136c4d3aa1b489c4f3f267b2,2024-03-27T15:49:51.300000 CVE-2024-28787,0,0,466884053e2fb97771b0b18e87658d91d7f6894823937327962bdc9b1ecfdc33,2024-04-04T19:24:50.670000 CVE-2024-2879,0,0,b3cb63a21efa9503ae3e8fbd2c3fbecce8466a6f50871d6397f8e38479a77e62,2024-04-08T22:49:41.533000 -CVE-2024-28815,0,0,f9ba7e38674697b7d17d51e7b24c9c896d5b8cd72333d8b6833bda1b0cb49c74,2024-03-27T12:29:30.307000 +CVE-2024-28815,0,1,e7bdcd0ac6977f9c059dbb312ad54d9a388fdc8f6a137aa4ed5f32fc20fa20fd,2024-04-30T07:15:48.897000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000 CVE-2024-28824,0,0,5a9476ae0fdb0520e3a986c832f5f9e27a50da5cb3aa11e06910544296f0e530,2024-03-22T12:45:36.130000 @@ -246099,6 +246099,7 @@ CVE-2024-31821,0,0,e6b107a08767c4659cc5cd5ec36d2173bbd9e6a1567ae281bf420ac79ebda CVE-2024-31822,0,0,d1a2d153e2e72301c5ee224300dd8256de2a7637db4ea4fe3cdd06ef29d2a953,2024-04-29T18:15:07.817000 CVE-2024-31823,0,0,b12a6c84fe9735ba90ffa046a7e378a0f142a42d4e6b1c6d4c5d047b60c30cb2,2024-04-29T18:15:07.880000 CVE-2024-31828,0,0,13feac7cf63f02c8d248e7c048b8aecc3b5bd73dc02c3a86ce1d7360cb58bb31,2024-04-29T12:42:03.667000 +CVE-2024-31837,1,1,ed72a0044974cd73b52bc5804bc2eee175db23fb84bbc5d56300ac09b898bbd5,2024-04-30T07:15:48.993000 CVE-2024-31839,0,0,25a7daa33bac03a27a09e1621adb92d9361c02bf4ef6c11d27831735c896c138,2024-04-15T13:15:51.577000 CVE-2024-31841,0,0,e807a83ca93985dc842f15dd9311ce37f6ae1c5acd5a2d45df542202c187b560,2024-04-19T16:19:49.043000 CVE-2024-31846,0,0,ec1f3478d8b62b2fb094bc9ce16da74fa6c5e7add097c8b7f5b857bd703bef58,2024-04-19T16:19:49.043000 @@ -247128,7 +247129,8 @@ CVE-2024-4182,0,0,e7bfd5d03ac4e50248987fdc4c50fca364e9bca2384ff17427febaa9cba5bb CVE-2024-4183,0,0,ccc399a2445bf78d9e7d0cacf88ee6d06233217c2d933caf866c50fd88c63c71,2024-04-26T12:58:17.720000 CVE-2024-4195,0,0,320e8c641dbb71fd3a637ea44d2a1260b2aea61b9d12f44c9e97c80bff500815,2024-04-26T12:58:17.720000 CVE-2024-4198,0,0,845a410de3c7b102462b76b86fccfba72df0a0950e69dc55e9742bae00fec8d9,2024-04-26T12:58:17.720000 -CVE-2024-4226,1,1,b0c1e922b4532c695b1b593c555201ee563ec3e11f0284c146f42fa3db283ee7,2024-04-30T02:15:06.577000 +CVE-2024-4225,1,1,46281fee3cca773fc8eddf2650a3f4b13f2b07ad86ca3e4b2f133be2c8c6a4ad,2024-04-30T07:15:49.107000 +CVE-2024-4226,0,0,b0c1e922b4532c695b1b593c555201ee563ec3e11f0284c146f42fa3db283ee7,2024-04-30T02:15:06.577000 CVE-2024-4234,0,0,007b9b5f266bd1a230094439603af6b2584a9759013139ef15c8a83c147fb7e2,2024-04-26T15:32:22.523000 CVE-2024-4235,0,0,99093520f9467f6bc9df1e67ba828ed8d5a52b47abe017780b1bbfac822d38bb,2024-04-26T19:59:19.793000 CVE-2024-4236,0,0,0ea63c80ef5a1e0a1b7de7daa05065980f1ac12c4af4da3f2aa1c276e47c5740,2024-04-26T19:59:19.793000