admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-11T00:55:25.309742+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-11 00:55:29 +00:00
parent 762c6eb084
commit 4dd3ca4392
8 changed files with 204 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
CVE-2022/CVE-2022-457xx/CVE-2022-45794.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-45794",
"sourceIdentifier": "ot-cert@dragos.com",
"published": "2024-01-10T23:15:08.397",
"lastModified": "2024-01-10T23:15:08.397",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files form the PLC internal memory and memory card.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ot-cert@dragos.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ot-cert@dragos.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/",
"source": "ot-cert@dragos.com"
},
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-002_en.pdf",
"source": "ot-cert@dragos.com"
}
]
}

20
CVE-2023/CVE-2023-419xx/CVE-2023-41999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41999",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-11-27T17:15:07.980",
"lastModified": "2023-12-04T14:41:44.107",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-10T23:15:08.663",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -41,20 +41,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH"
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 3.7
"impactScore": 5.9
}
]
},

18
CVE-2023/CVE-2023-420xx/CVE-2023-42000.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42000",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-11-27T17:15:08.160",
"lastModified": "2023-12-04T14:42:39.750",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-10T23:15:08.883",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -41,20 +41,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
"impactScore": 5.9
}
]
},

8
CVE-2023/CVE-2023-484xx/CVE-2023-48418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48418",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-01-02T23:15:11.000",
"lastModified": "2024-01-09T17:30:39.360",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-10T23:15:09.053",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -110,6 +110,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176446/Android-DeviceVersionFragment.java-Privilege-Escalation.html",
"source": "dsap-vuln-management@google.com"
},
{
"url": "https://source.android.com/docs/security/bulletin/pixel-watch/2023/2023-12-01",
"source": "dsap-vuln-management@google.com",

36
CVE-2024/CVE-2024-217xx/CVE-2024-21773.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2024-21773",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.560",
"lastModified": "2024-01-11T00:15:44.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Archer AX5400 firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Deco X50 firmware versions prior to \"Deco X50(JP)_V1_1.4.1 Build 20231122\", and Deco XE200 firmware versions prior to \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"."
}
],
"metrics": {},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware",
"source": "vultures@jpcert.or.jp"
}
]
}

32
CVE-2024/CVE-2024-218xx/CVE-2024-21821.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-21821",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.633",
"lastModified": "2024-01-11T00:15:44.633",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Archer AX5400 firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", and Archer AXE75 firmware versions prior to \"Archer AXE75(JP)_V1_231115\"."
}
],
"metrics": {},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware",
"source": "vultures@jpcert.or.jp"
}
]
}

40
CVE-2024/CVE-2024-218xx/CVE-2024-21833.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2024-21833",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.683",
"lastModified": "2024-01-11T00:15:44.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Archer AX5400 firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Archer AXE75 firmware versions prior to \"Archer AXE75(JP)_V1_231115\", Deco X50 firmware versions prior to \"Deco X50(JP)_V1_1.4.1 Build 20231122\", and Deco XE200 firmware versions prior to \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"."
}
],
"metrics": {},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware",
"source": "vultures@jpcert.or.jp"
}
]
}

48
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-10T23:00:25.016727+00:00
2024-01-11T00:55:25.309742+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-10T22:15:51.837000+00:00
2024-01-11T00:15:44.683000+00:00
```
### Last Data Feed Release
@ -29,50 +29,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
235537
235541
```
### CVEs added in the last Commit
Recently added CVEs: `69`
Recently added CVEs: `4`
* [CVE-2023-41987](CVE-2023/CVE-2023-419xx/CVE-2023-41987.json) (`2024-01-10T22:15:49.290`)
* [CVE-2023-41994](CVE-2023/CVE-2023-419xx/CVE-2023-41994.json) (`2024-01-10T22:15:49.640`)
* [CVE-2023-42826](CVE-2023/CVE-2023-428xx/CVE-2023-42826.json) (`2024-01-10T22:15:49.707`)
* [CVE-2023-42828](CVE-2023/CVE-2023-428xx/CVE-2023-42828.json) (`2024-01-10T22:15:49.757`)
* [CVE-2023-42829](CVE-2023/CVE-2023-428xx/CVE-2023-42829.json) (`2024-01-10T22:15:49.803`)
* [CVE-2023-42830](CVE-2023/CVE-2023-428xx/CVE-2023-42830.json) (`2024-01-10T22:15:49.850`)
* [CVE-2023-42831](CVE-2023/CVE-2023-428xx/CVE-2023-42831.json) (`2024-01-10T22:15:49.903`)
* [CVE-2023-42832](CVE-2023/CVE-2023-428xx/CVE-2023-42832.json) (`2024-01-10T22:15:49.953`)
* [CVE-2023-42833](CVE-2023/CVE-2023-428xx/CVE-2023-42833.json) (`2024-01-10T22:15:50.000`)
* [CVE-2023-42862](CVE-2023/CVE-2023-428xx/CVE-2023-42862.json) (`2024-01-10T22:15:50.047`)
* [CVE-2023-42865](CVE-2023/CVE-2023-428xx/CVE-2023-42865.json) (`2024-01-10T22:15:50.093`)
* [CVE-2023-42866](CVE-2023/CVE-2023-428xx/CVE-2023-42866.json) (`2024-01-10T22:15:50.143`)
* [CVE-2023-42869](CVE-2023/CVE-2023-428xx/CVE-2023-42869.json) (`2024-01-10T22:15:50.200`)
* [CVE-2023-42870](CVE-2023/CVE-2023-428xx/CVE-2023-42870.json) (`2024-01-10T22:15:50.240`)
* [CVE-2023-42871](CVE-2023/CVE-2023-428xx/CVE-2023-42871.json) (`2024-01-10T22:15:50.280`)
* [CVE-2023-42872](CVE-2023/CVE-2023-428xx/CVE-2023-42872.json) (`2024-01-10T22:15:50.327`)
* [CVE-2023-42876](CVE-2023/CVE-2023-428xx/CVE-2023-42876.json) (`2024-01-10T22:15:50.370`)
* [CVE-2023-42929](CVE-2023/CVE-2023-429xx/CVE-2023-42929.json) (`2024-01-10T22:15:50.417`)
* [CVE-2023-42933](CVE-2023/CVE-2023-429xx/CVE-2023-42933.json) (`2024-01-10T22:15:50.460`)
* [CVE-2023-42934](CVE-2023/CVE-2023-429xx/CVE-2023-42934.json) (`2024-01-10T22:15:50.507`)
* [CVE-2023-42941](CVE-2023/CVE-2023-429xx/CVE-2023-42941.json) (`2024-01-10T22:15:50.543`)
* [CVE-2023-49295](CVE-2023/CVE-2023-492xx/CVE-2023-49295.json) (`2024-01-10T22:15:50.610`)
* [CVE-2023-51123](CVE-2023/CVE-2023-511xx/CVE-2023-51123.json) (`2024-01-10T22:15:50.823`)
* [CVE-2024-0333](CVE-2024/CVE-2024-03xx/CVE-2024-0333.json) (`2024-01-10T22:15:50.907`)
* [CVE-2024-21638](CVE-2024/CVE-2024-216xx/CVE-2024-21638.json) (`2024-01-10T22:15:51.563`)
* [CVE-2022-45794](CVE-2022/CVE-2022-457xx/CVE-2022-45794.json) (`2024-01-10T23:15:08.397`)
* [CVE-2024-21773](CVE-2024/CVE-2024-217xx/CVE-2024-21773.json) (`2024-01-11T00:15:44.560`)
* [CVE-2024-21821](CVE-2024/CVE-2024-218xx/CVE-2024-21821.json) (`2024-01-11T00:15:44.633`)
* [CVE-2024-21833](CVE-2024/CVE-2024-218xx/CVE-2024-21833.json) (`2024-01-11T00:15:44.683`)
### CVEs modified in the last Commit
Recently modified CVEs: `6`
Recently modified CVEs: `3`
* [CVE-2023-5981](CVE-2023/CVE-2023-59xx/CVE-2023-5981.json) (`2024-01-10T21:15:09.230`)
* [CVE-2023-41991](CVE-2023/CVE-2023-419xx/CVE-2023-41991.json) (`2024-01-10T22:15:49.337`)
* [CVE-2023-41992](CVE-2023/CVE-2023-419xx/CVE-2023-41992.json) (`2024-01-10T22:15:49.427`)
* [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2024-01-10T22:15:49.500`)
* [CVE-2024-22164](CVE-2024/CVE-2024-221xx/CVE-2024-22164.json) (`2024-01-10T22:15:51.760`)
* [CVE-2024-22165](CVE-2024/CVE-2024-221xx/CVE-2024-22165.json) (`2024-01-10T22:15:51.837`)
* [CVE-2023-41999](CVE-2023/CVE-2023-419xx/CVE-2023-41999.json) (`2024-01-10T23:15:08.663`)
* [CVE-2023-42000](CVE-2023/CVE-2023-420xx/CVE-2023-42000.json) (`2024-01-10T23:15:08.883`)
* [CVE-2023-48418](CVE-2023/CVE-2023-484xx/CVE-2023-48418.json) (`2024-01-10T23:15:09.053`)
## Download and Usage