diff --git a/CVE-2021/CVE-2021-311xx/CVE-2021-31152.json b/CVE-2021/CVE-2021-311xx/CVE-2021-31152.json index a75fde4ac53..5fc3bb36a5d 100644 --- a/CVE-2021/CVE-2021-311xx/CVE-2021-31152.json +++ b/CVE-2021/CVE-2021-311xx/CVE-2021-31152.json @@ -2,8 +2,8 @@ "id": "CVE-2021-31152", "sourceIdentifier": "cve@mitre.org", "published": "2021-04-14T14:15:14.210", - "lastModified": "2021-06-28T14:45:19.843", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-03T02:15:49.407", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -114,6 +114,10 @@ "VDB Entry" ] }, + { + "url": "http://seclists.org/fulldisclosure/2024/Mar/1", + "source": "cve@mitre.org" + }, { "url": "https://www.youtube.com/watch?v=zN3DVrcu6Eg", "source": "cve@mitre.org", diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1938.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1938.json index b590799db3b..4dc8c1f4e8e 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1938.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1938.json @@ -2,12 +2,16 @@ "id": "CVE-2024-1938", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-02-29T01:43:57.600", - "lastModified": "2024-02-29T13:49:29.390", + "lastModified": "2024-03-03T02:15:49.543", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)" + }, + { + "lang": "es", + "value": "Type Confusion en V8 en Google Chrome anterior a 122.0.6261.94 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n de objetos a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: alta)" } ], "metrics": {}, @@ -19,6 +23,10 @@ { "url": "https://issues.chromium.org/issues/324596281", "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/", + "source": "chrome-cve-admin@google.com" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1939.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1939.json index f38eb05d038..03192c7da5e 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1939.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1939.json @@ -2,12 +2,16 @@ "id": "CVE-2024-1939", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-02-29T01:43:57.640", - "lastModified": "2024-02-29T13:49:29.390", + "lastModified": "2024-03-03T02:15:49.607", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + }, + { + "lang": "es", + "value": "Type Confusion en V8 en Google Chrome anterior a 122.0.6261.94 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: alta)" } ], "metrics": {}, @@ -19,6 +23,10 @@ { "url": "https://issues.chromium.org/issues/323694592", "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/", + "source": "chrome-cve-admin@google.com" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2134.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2134.json new file mode 100644 index 00000000000..1cccb4ec684 --- /dev/null +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2134.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-2134", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-03-03T01:15:06.783", + "lastModified": "2024-03-03T01:15:06.783", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. This vulnerability affects unknown code of the file /investigation/delete/ of the component Investigation Report Handler. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-255496. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://drive.google.com/file/d/1JZ9HXuXetQCpbM8O3LJ498lAo9FpoSrD/view?usp=drivesdk", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.255496", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.255496", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 51e1c0951d2..4195d5d2fff 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-03T00:55:24.028162+00:00 +2024-03-03T03:00:23.868934+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-03T00:15:44.137000+00:00 +2024-03-03T02:15:49.607000+00:00 ``` ### Last Data Feed Release @@ -23,28 +23,29 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-03-02T01:00:28.229907+00:00 +2024-03-03T01:00:28.265427+00:00 ``` ### Total Number of included CVEs ```plain -240357 +240358 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -* [CVE-2024-2133](CVE-2024/CVE-2024-21xx/CVE-2024-2133.json) (`2024-03-03T00:15:44.137`) +* [CVE-2024-2134](CVE-2024/CVE-2024-21xx/CVE-2024-2134.json) (`2024-03-03T01:15:06.783`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `3` -* [CVE-2023-42282](CVE-2023/CVE-2023-422xx/CVE-2023-42282.json) (`2024-03-03T00:15:43.820`) -* [CVE-2024-23743](CVE-2024/CVE-2024-237xx/CVE-2024-23743.json) (`2024-03-03T00:15:44.043`) +* [CVE-2021-31152](CVE-2021/CVE-2021-311xx/CVE-2021-31152.json) (`2024-03-03T02:15:49.407`) +* [CVE-2024-1938](CVE-2024/CVE-2024-19xx/CVE-2024-1938.json) (`2024-03-03T02:15:49.543`) +* [CVE-2024-1939](CVE-2024/CVE-2024-19xx/CVE-2024-1939.json) (`2024-03-03T02:15:49.607`) ## Download and Usage