diff --git a/CVE-2021/CVE-2021-376xx/CVE-2021-37600.json b/CVE-2021/CVE-2021-376xx/CVE-2021-37600.json index ee1615e783b..1ef5a039df5 100644 --- a/CVE-2021/CVE-2021-376xx/CVE-2021-37600.json +++ b/CVE-2021/CVE-2021-376xx/CVE-2021-37600.json @@ -2,12 +2,12 @@ "id": "CVE-2021-37600", "sourceIdentifier": "cve@mitre.org", "published": "2021-07-30T14:15:18.737", - "lastModified": "2023-11-07T03:36:58.380", + "lastModified": "2024-01-07T09:15:08.003", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments" + "value": "An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments." }, { "lang": "es", @@ -126,6 +126,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202401-08", + "source": "cve@mitre.org" + }, { "url": "https://security.netapp.com/advisory/ntap-20210902-0002/", "source": "cve@mitre.org", diff --git a/CVE-2021/CVE-2021-39xx/CVE-2021-3995.json b/CVE-2021/CVE-2021-39xx/CVE-2021-3995.json index ac8bda2b145..9a18032eb81 100644 --- a/CVE-2021/CVE-2021-39xx/CVE-2021-3995.json +++ b/CVE-2021/CVE-2021-39xx/CVE-2021-3995.json @@ -2,8 +2,8 @@ "id": "CVE-2021-3995", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-23T20:15:08.493", - "lastModified": "2023-02-03T23:30:56.377", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-07T09:15:08.413", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -143,6 +143,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202401-08", + "source": "secalert@redhat.com" + }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0002/", "source": "secalert@redhat.com", diff --git a/CVE-2021/CVE-2021-39xx/CVE-2021-3996.json b/CVE-2021/CVE-2021-39xx/CVE-2021-3996.json index 7eba071d24f..d4b11a3158a 100644 --- a/CVE-2021/CVE-2021-39xx/CVE-2021-3996.json +++ b/CVE-2021/CVE-2021-39xx/CVE-2021-3996.json @@ -2,8 +2,8 @@ "id": "CVE-2021-3996", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-23T20:15:08.560", - "lastModified": "2023-01-26T20:38:54.537", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-07T09:15:08.600", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -151,6 +151,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202401-08", + "source": "secalert@redhat.com" + }, { "url": "https://security.netapp.com/advisory/ntap-20221209-0002/", "source": "secalert@redhat.com", diff --git a/CVE-2022/CVE-2022-05xx/CVE-2022-0563.json b/CVE-2022/CVE-2022-05xx/CVE-2022-0563.json index dcd4d0cd353..6da8be0715d 100644 --- a/CVE-2022/CVE-2022-05xx/CVE-2022-0563.json +++ b/CVE-2022/CVE-2022-05xx/CVE-2022-0563.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0563", "sourceIdentifier": "secalert@redhat.com", "published": "2022-02-21T19:15:08.393", - "lastModified": "2023-11-07T03:41:23.727", + "lastModified": "2024-01-07T09:15:08.713", "vulnStatus": "Modified", "descriptions": [ { @@ -75,7 +75,7 @@ ] }, { - "source": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "source": "secalert@redhat.com", "type": "Secondary", "description": [ { @@ -123,6 +123,10 @@ "url": "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u", "source": "secalert@redhat.com" }, + { + "url": "https://security.gentoo.org/glsa/202401-08", + "source": "secalert@redhat.com" + }, { "url": "https://security.netapp.com/advisory/ntap-20220331-0002/", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0809.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0809.json index e9a28b39589..8af501e93cd 100644 --- a/CVE-2023/CVE-2023-08xx/CVE-2023-0809.json +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0809.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0809", "sourceIdentifier": "emo@eclipse.org", "published": "2023-10-02T19:15:09.717", - "lastModified": "2023-10-04T17:01:04.683", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-07T10:15:08.310", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -105,6 +105,10 @@ "tags": [ "Release Notes" ] + }, + { + "url": "https://security.gentoo.org/glsa/202401-09", + "source": "emo@eclipse.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28366.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28366.json index 894d45d0f5f..fad3e1509c9 100644 --- a/CVE-2023/CVE-2023-283xx/CVE-2023-28366.json +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28366.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28366", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-01T16:15:07.790", - "lastModified": "2023-11-07T04:10:29.467", + "lastModified": "2024-01-07T10:15:08.467", "vulnStatus": "Modified", "descriptions": [ { @@ -95,6 +95,10 @@ "Release Notes" ] }, + { + "url": "https://security.gentoo.org/glsa/202401-09", + "source": "cve@mitre.org" + }, { "url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3592.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3592.json index 9133467c249..9cf97b0c219 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3592.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3592.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3592", "sourceIdentifier": "emo@eclipse.org", "published": "2023-10-02T20:15:10.123", - "lastModified": "2023-10-04T17:00:37.197", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-07T10:15:08.563", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -105,6 +105,10 @@ "tags": [ "Release Notes" ] + }, + { + "url": "https://security.gentoo.org/glsa/202401-09", + "source": "emo@eclipse.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7209.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7209.json new file mode 100644 index 00000000000..5bf55a71f0b --- /dev/null +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7209.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7209", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-07T09:15:08.853", + "lastModified": "2024-01-07T09:15:08.853", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Uniway Router up to 2.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boaform/device_reset.cgi of the component Device Reset Handler. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249758 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "COMPLETE", + "baseScore": 7.8 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-404" + } + ] + } + ], + "references": [ + { + "url": "https://drive.google.com/file/d/1XDZA4ibiYNcxTwq60vYCr03_6M_cvJ_2/view?usp=sharing", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249758", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249758", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7210.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7210.json new file mode 100644 index 00000000000..44c5380b92e --- /dev/null +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7210.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7210", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-07T10:15:08.660", + "lastModified": "2024-01-07T10:15:08.660", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in OneNav up to 0.9.33. It has been classified as critical. This affects an unknown part of the file /index.php?c=api of the component API. The manipulation of the argument X-Token leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249765 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://note.zhaoj.in/share/eRbUygGMiJcp", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249765", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249765", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7211.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7211.json new file mode 100644 index 00000000000..cc776fdf99c --- /dev/null +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7211.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7211", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-07T10:15:08.907", + "lastModified": "2024-01-07T10:15:08.907", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This vulnerability affects unknown code of the component Administrative Web Interface. The manipulation leads to reliance on ip address for authentication. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-249766 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.1 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 4.9, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-291" + } + ] + } + ], + "references": [ + { + "url": "https://drive.google.com/file/d/11thSuALGcn0C_9tbmYu8_QzTXtBnCoNS/view?usp=sharing", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249766", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249766", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0271.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0271.json new file mode 100644 index 00000000000..0c9a862938b --- /dev/null +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0271.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-0271", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-01-07T09:15:09.140", + "lastModified": "2024-01-07T09:15:09.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in Kashipara Food Management System up to 1.0 and classified as critical. This vulnerability affects unknown code of the file addmaterial_edit.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249826 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Food%20Management%20System/Food%20Management%20System%20-%20vuln%206.pdf", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249826", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249826", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 9f55dd445ba..cc865f69db5 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-07T09:00:24.273638+00:00 +2024-01-07T11:00:24.841428+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-07T08:15:07.840000+00:00 +2024-01-07T10:15:08.907000+00:00 ``` ### Last Data Feed Release @@ -29,22 +29,30 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234980 +234984 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `4` -* [CVE-2023-7208](CVE-2023/CVE-2023-72xx/CVE-2023-7208.json) (`2024-01-07T07:15:07.777`) -* [CVE-2024-0268](CVE-2024/CVE-2024-02xx/CVE-2024-0268.json) (`2024-01-07T08:15:07.393`) -* [CVE-2024-0270](CVE-2024/CVE-2024-02xx/CVE-2024-0270.json) (`2024-01-07T08:15:07.840`) +* [CVE-2023-7209](CVE-2023/CVE-2023-72xx/CVE-2023-7209.json) (`2024-01-07T09:15:08.853`) +* [CVE-2023-7210](CVE-2023/CVE-2023-72xx/CVE-2023-7210.json) (`2024-01-07T10:15:08.660`) +* [CVE-2023-7211](CVE-2023/CVE-2023-72xx/CVE-2023-7211.json) (`2024-01-07T10:15:08.907`) +* [CVE-2024-0271](CVE-2024/CVE-2024-02xx/CVE-2024-0271.json) (`2024-01-07T09:15:09.140`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `7` +* [CVE-2021-37600](CVE-2021/CVE-2021-376xx/CVE-2021-37600.json) (`2024-01-07T09:15:08.003`) +* [CVE-2021-3995](CVE-2021/CVE-2021-39xx/CVE-2021-3995.json) (`2024-01-07T09:15:08.413`) +* [CVE-2021-3996](CVE-2021/CVE-2021-39xx/CVE-2021-3996.json) (`2024-01-07T09:15:08.600`) +* [CVE-2022-0563](CVE-2022/CVE-2022-05xx/CVE-2022-0563.json) (`2024-01-07T09:15:08.713`) +* [CVE-2023-0809](CVE-2023/CVE-2023-08xx/CVE-2023-0809.json) (`2024-01-07T10:15:08.310`) +* [CVE-2023-28366](CVE-2023/CVE-2023-283xx/CVE-2023-28366.json) (`2024-01-07T10:15:08.467`) +* [CVE-2023-3592](CVE-2023/CVE-2023-35xx/CVE-2023-3592.json) (`2024-01-07T10:15:08.563`) ## Download and Usage