Auto-Update: 2024-11-30T09:00:47.953939+00:00

2025-05-07 19:16:29 +00:00 · 2024-11-30 09:03:57 +00:00 · 2024-11-30 09:03:57 +00:00 · 4903063170
commit 4903063170
parent 3b38d769f1
5 changed files with 306 additions and 9 deletions
--- a/CVE-2024/CVE-2024-119xx/CVE-2024-11996.json
+++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11996.json
@ -0,0 +1,145 @@
+{
+  "id": "CVE-2024-11996",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-11-30T08:15:03.937",
+  "lastModified": "2024-11-30T08:15:03.937",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in code-projects Farmacia 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /editar-fornecedor.php. The manipulation of the argument cidade leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/jaychou8023/cve/blob/main/xss1.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.286412",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.286412",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.453702",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-119xx/CVE-2024-11997.json
+++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11997.json
@ -0,0 +1,145 @@
+{
+  "id": "CVE-2024-11997",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-11-30T08:15:05.223",
+  "lastModified": "2024-11-30T08:15:05.223",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in code-projects Farmacia 1.0. It has been classified as problematic. This affects an unknown part of the file /vendas.php. The manipulation of the argument notaFiscal leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/jaychou8023/cve/blob/main/xss2.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.286413",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.286413",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.453703",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-273xx/CVE-2024-27398.json
+++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27398.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-27398",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-05-14T15:12:28.623",
-  "lastModified": "2024-11-30T05:15:05.320",
+  "lastModified": "2024-11-30T08:15:05.417",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -57,6 +57,10 @@
      "url": "http://www.openwall.com/lists/oss-security/2024/11/30/1",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/11/30/2",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
    {
      "url": "https://git.kernel.org/stable/c/012363cb1bec5f33a7b94629ab2c1086f30280f2",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-11-30T07:00:41.265303+00:00
+2024-11-30T09:00:47.953939+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-11-30T06:15:17.580000+00:00
+2024-11-30T08:15:05.417000+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-271712
+271714
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

- [CVE-2024-11252](CVE-2024/CVE-2024-112xx/CVE-2024-11252.json) (`2024-11-30T06:15:17.580`)
+- [CVE-2024-11996](CVE-2024/CVE-2024-119xx/CVE-2024-11996.json) (`2024-11-30T08:15:03.937`)
+- [CVE-2024-11997](CVE-2024/CVE-2024-119xx/CVE-2024-11997.json) (`2024-11-30T08:15:05.223`)


 ### CVEs modified in the last Commit

 Recently modified CVEs: `1`

- [CVE-2024-27398](CVE-2024/CVE-2024-273xx/CVE-2024-27398.json) (`2024-11-30T05:15:05.320`)
+- [CVE-2024-27398](CVE-2024/CVE-2024-273xx/CVE-2024-27398.json) (`2024-11-30T08:15:05.417`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -243542,7 +243542,7 @@ CVE-2024-11248,0,0,4b443be48ce8c0ac739bd8e1e543cf49244a70dde1362a8604cecd8601bec
 CVE-2024-1125,0,0,f1d015036f4cdda32f03ba210c93a8838e991a1e1d168cce1bd81d56428097c5,2024-03-11T01:32:39.697000
 CVE-2024-11250,0,0,b4820e7b4c32719c1293f43a37edd055a8fc217b09b6b40bc790c864314ccbee,2024-11-18T17:11:56.587000
 CVE-2024-11251,0,0,9ac244f132ebb74fe7dc564429d4c9f6a76eead3d9d81e83ddd43f46265382d0,2024-11-18T17:11:56.587000
-CVE-2024-11252,1,1,fb6dd864d369bcaaa178c38411440a597d4952ec3ac8a3258e6be67833d6e094,2024-11-30T06:15:17.580000
+CVE-2024-11252,0,0,fb6dd864d369bcaaa178c38411440a597d4952ec3ac8a3258e6be67833d6e094,2024-11-30T06:15:17.580000
 CVE-2024-11256,0,0,29e00e0ee4d12938f6e2912644ef71a80cda2431b2f5fea5964a69693712d8d3,2024-11-19T21:49:04.790000
 CVE-2024-11257,0,0,585c01a54f1385c2a001e222fb74644a8874e08d56dfcf6a642daa13e730e553,2024-11-19T21:24:40.443000
 CVE-2024-11258,0,0,4c929a765c19f3d13acbcc084dd9b1be8b2bf3ca4132bc34b1e32fe14a03df6a,2024-11-19T21:24:27.473000
@ -243890,6 +243890,8 @@ CVE-2024-1199,0,0,9a04e528b30ee4387e68bb38a7f1be0392a71f3796108477e123a7601c79c0
 CVE-2024-11990,0,0,0ea61f760bb00d4ee0bb54c1c5f4898913a822219e93c4dad86c6424a909019a,2024-11-29T13:15:04.170000
 CVE-2024-11992,0,0,dec6f82d309a9ca3d0c0e65e3be01067bf6c8b19cbafb67c3c3b2120ec9fbb36,2024-11-29T13:15:05.210000
 CVE-2024-11995,0,0,659ce94b6e16e4b5841f6ecdfa5b75901b46fdf4f7f3359160ef6a760f2f39d5,2024-11-29T21:15:04.290000
+CVE-2024-11996,1,1,d80b8507fc172b9a86f6ab141fb0a9044d43c80de0d910c996155f10dde992d0,2024-11-30T08:15:03.937000
+CVE-2024-11997,1,1,95224e93a9082cc1de0a1beded60b60246bebbe18db37af5480d5a7cc7cf8119,2024-11-30T08:15:05.223000
 CVE-2024-1200,0,0,cbf824dd51d7a3b837d210f60d3bc2fcd8c0de7dc55b64bf2469e6bd3fafa8cd,2024-05-17T02:35:18.673000
 CVE-2024-1201,0,0,f9834193bbb62b403f23d3357a53cc3ad9bb6173e269e5c9bf81a47c0a1a0786,2024-02-09T19:27:29.517000
 CVE-2024-1202,0,0,6132da5e9762048f130f38f4ec670738f94221153725a0b95c9666bf5c59cb16,2024-08-01T19:15:32.277000
@ -250356,7 +250358,7 @@ CVE-2024-27394,0,0,08a27f4278e90895db869570c2ad1394d2b1b7ce2eebd13c81985e703b3d5
 CVE-2024-27395,0,0,0717a5340b130d9ad6c83d02a6a375ee46786932fc1ca7bcae52c4e65548e91e,2024-11-05T10:16:29.630000
 CVE-2024-27396,0,0,f99b3ed9649441d52beedad6717e389342b6bd13026bafae1f070293d6b326f9,2024-11-05T10:16:29.910000
 CVE-2024-27397,0,0,a0f40ad4c2f891849c489ae4b9841685ad4e227c084159373a42e20fef210207,2024-08-19T05:15:06.293000
-CVE-2024-27398,0,1,a5dd55c90df6f8e9d6058842983c03968400530681520b33ec05d53e74e91f57,2024-11-30T05:15:05.320000
+CVE-2024-27398,0,1,5d668964db5f8581f993f825ac2b92d8b5b4a6d169822c73d205cf76d493b5f2,2024-11-30T08:15:05.417000
 CVE-2024-27399,0,0,99d9510b637361dde4a735c6783496f5b872927f33529f36ec6d87018b5bc247,2024-11-05T10:16:30.393000
 CVE-2024-2740,0,0,7545651108e8514acefb2b72311b601ee7dbdf24da5bdaec2774b5ead308107f,2024-04-11T12:47:44.137000
 CVE-2024-27400,0,0,069e4b8cc0d3bf02e960ba37e8375912ae86e06a0fac9563b07518abcdfda328,2024-11-05T10:16:30.580000