From 551cd766d8ea87d73e4d4aa96775f1a59ede6f41 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 17 Jan 2025 05:04:05 +0000 Subject: [PATCH] Auto-Update: 2025-01-17T05:00:37.058544+00:00 --- CVE-2024/CVE-2024-128xx/CVE-2024-12803.json | 12 ++--- CVE-2024/CVE-2024-128xx/CVE-2024-12805.json | 12 ++--- CVE-2024/CVE-2024-128xx/CVE-2024-12806.json | 12 ++--- CVE-2024/CVE-2024-514xx/CVE-2024-51462.json | 56 +++++++++++++++++++++ README.md | 18 +++---- _state.csv | 15 +++--- 6 files changed, 91 insertions(+), 34 deletions(-) create mode 100644 CVE-2024/CVE-2024-514xx/CVE-2024-51462.json diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12803.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12803.json index 0cfc39b31ed..da66ef5c886 100644 --- a/CVE-2024/CVE-2024-128xx/CVE-2024-12803.json +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12803.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12803", "sourceIdentifier": "PSIRT@sonicwall.com", "published": "2025-01-09T08:15:26.007", - "lastModified": "2025-01-09T15:15:14.877", + "lastModified": "2025-01-17T03:15:06.973", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -22,19 +22,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12805.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12805.json index e3f1ca42694..59708f45101 100644 --- a/CVE-2024/CVE-2024-128xx/CVE-2024-12805.json +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12805.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12805", "sourceIdentifier": "PSIRT@sonicwall.com", "published": "2025-01-09T08:15:26.247", - "lastModified": "2025-01-09T15:15:15.060", + "lastModified": "2025-01-17T03:15:07.167", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -22,19 +22,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12806.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12806.json index b19632f84e9..61cc927768c 100644 --- a/CVE-2024/CVE-2024-128xx/CVE-2024-12806.json +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12806.json @@ -2,7 +2,7 @@ "id": "CVE-2024-12806", "sourceIdentifier": "PSIRT@sonicwall.com", "published": "2025-01-09T08:15:26.417", - "lastModified": "2025-01-09T21:15:24.797", + "lastModified": "2025-01-17T03:15:07.337", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -22,19 +22,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "baseScore": 7.5, - "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 1.2, "impactScore": 3.6 } ] diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51462.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51462.json new file mode 100644 index 00000000000..4e76ace7c2a --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51462.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51462", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-01-17T03:15:07.527", + "lastModified": "2025-01-17T03:15:07.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remote attacker to inject XML data into parameter values due to improper input validation of assumed immutable data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.0, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-471" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7176043", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index bbc7db2ef5f..8a099d08e1c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-17T03:00:26.244914+00:00 +2025-01-17T05:00:37.058544+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-17T02:15:25.060000+00:00 +2025-01-17T03:15:07.527000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -277924 +277925 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `1` -- [CVE-2024-34579](CVE-2024/CVE-2024-345xx/CVE-2024-34579.json) (`2025-01-17T01:15:22.377`) -- [CVE-2024-52363](CVE-2024/CVE-2024-523xx/CVE-2024-52363.json) (`2025-01-17T02:15:25.060`) -- [CVE-2025-21325](CVE-2025/CVE-2025-213xx/CVE-2025-21325.json) (`2025-01-17T01:15:31.073`) +- [CVE-2024-51462](CVE-2024/CVE-2024-514xx/CVE-2024-51462.json) (`2025-01-17T03:15:07.527`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `3` -- [CVE-2024-50603](CVE-2024/CVE-2024-506xx/CVE-2024-50603.json) (`2025-01-17T02:00:02.040`) +- [CVE-2024-12803](CVE-2024/CVE-2024-128xx/CVE-2024-12803.json) (`2025-01-17T03:15:06.973`) +- [CVE-2024-12805](CVE-2024/CVE-2024-128xx/CVE-2024-12805.json) (`2025-01-17T03:15:07.167`) +- [CVE-2024-12806](CVE-2024/CVE-2024-128xx/CVE-2024-12806.json) (`2025-01-17T03:15:07.337`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 693a6caa2ca..80316bee977 100644 --- a/_state.csv +++ b/_state.csv @@ -245545,9 +245545,9 @@ CVE-2024-12794,0,0,1f45437b8b28f90cd480ff6b28049ee2f0d50b6e09b9de7825840b2430eeb CVE-2024-12798,0,0,5bd2c8c2d17a4f0af35e3d86ea1aab510b9864bd24d1725787e693a4849fe677,2025-01-03T14:15:24.370000 CVE-2024-12801,0,0,0e0d6365f891eca7b68a17e99dee519237772ad2d2b9b95e05e08c492aa73c2f,2025-01-03T14:15:24.500000 CVE-2024-12802,0,0,8f19e7a7cb329c26f5998e730d7f453cd46482968ebb674eef2b4e7f0f5bf48e,2025-01-09T15:15:14.683000 -CVE-2024-12803,0,0,71d62dec252a0f259b2c18f826038e36f57f9a647b87e6ff28541f3fd967bce4,2025-01-09T15:15:14.877000 -CVE-2024-12805,0,0,d6094291885dfb29bd5a5da62c0372feb6c8c3ca251ef60e837bbb54cbe9775b,2025-01-09T15:15:15.060000 -CVE-2024-12806,0,0,c45480b247444cb90e8e7a223e8acaf0bdfdffdda029f1c1e4cf3d9ef4282b4a,2025-01-09T21:15:24.797000 +CVE-2024-12803,0,1,fa686f442d34c33906cbd5c392b50db73035372cd413cc4367e49ae08edbe6b6,2025-01-17T03:15:06.973000 +CVE-2024-12805,0,1,e53ccf7e5ed7d4029905e02b94c08493035711f3a6fbf1927b3a1f3594c5dd3c,2025-01-17T03:15:07.167000 +CVE-2024-12806,0,1,d3ad8b949669d01946d03cf78ae2e87493233ba523f3d23e253ed03518cfb676,2025-01-17T03:15:07.337000 CVE-2024-12814,0,0,9d88ed8035fdc2fe3c6fe32e0accb8f4976205d682521fcc6260cfe967c9dc43,2024-12-24T07:15:10.800000 CVE-2024-12818,0,0,a3cee6dac7f2558cc02053bf5ae1b32f28fed83f74b72abd85104144303936af,2025-01-15T10:15:07.803000 CVE-2024-12819,0,0,d67b85742967f9e166e23a2e5c4440d086b3b3988f6b73108d4bee255219b06d,2025-01-09T11:15:15.657000 @@ -257719,7 +257719,7 @@ CVE-2024-34573,0,0,ecf15fea9a46b1a7d769a0ae7e7a48e67613b9ca12f88eba450bd43ab08c4 CVE-2024-34574,0,0,871147d88ddbbe403ad07267a1d94866cf59f9131e4c297094224e459568fff4,2024-11-21T09:18:58.107000 CVE-2024-34575,0,0,c7e8ae0dfc8ffcb80dad6d4977fccd670908b42388ceb4498b484ec1cf63a0e6,2024-11-21T09:18:58.233000 CVE-2024-34577,0,0,f3255e55536d0eb4bb14c59b08f09dd86b76f85d6d1e936c7770bbe6551a4405,2024-09-03T14:59:01.767000 -CVE-2024-34579,1,1,599457ba6b797b0690d2b8d2623ef583802c3f981c1628b9cfd99cb218ccfb01,2025-01-17T01:15:22.377000 +CVE-2024-34579,0,0,599457ba6b797b0690d2b8d2623ef583802c3f981c1628b9cfd99cb218ccfb01,2025-01-17T01:15:22.377000 CVE-2024-3458,0,0,a2fac5653fa1106e695d9d641fc9dcfcda43439beaaa13eb375906ce69f167a5,2024-11-21T09:29:38.487000 CVE-2024-34580,0,0,45af0526328f2aea2eabd45e84f4b9bd97e31bfab36893128b721024e6204898,2024-11-21T09:18:58.437000 CVE-2024-34581,0,0,c66b7b716fa6a8506c21f90ac27fa18a0c9d46baf752a05e8a667ec61ba2b234,2024-11-21T09:18:58.680000 @@ -269527,7 +269527,7 @@ CVE-2024-50599,0,0,99b41d9153a383085a781f702eda5c5b6c0a4c09361c5d793d58b32c7c8c4 CVE-2024-5060,0,0,774ede4fef00eaff2622d378b43e47e362f56e93e6a9ac286796581c1618e627,2024-11-21T09:46:52.847000 CVE-2024-50601,0,0,f1ed1f41be3342c5f62bc0e6c95ce90f7003505883e3692b4481b9f4c5037234,2024-11-12T16:35:22.810000 CVE-2024-50602,0,0,4b4971c64777a836fd26303daa5582edc7318e926eac34f5212c388d763a3479,2024-10-30T18:35:16.237000 -CVE-2024-50603,0,1,c040a2a4c7325b01fabcba54050ded66fe917fce755fc35bf5da8d49ea65f756,2025-01-17T02:00:02.040000 +CVE-2024-50603,0,0,c040a2a4c7325b01fabcba54050ded66fe917fce755fc35bf5da8d49ea65f756,2025-01-17T02:00:02.040000 CVE-2024-5061,0,0,9654397355be6aedfaab6f6a3d8afb7e3d2327090cc58e5161ccd13e41cf9460,2024-09-03T15:11:56.787000 CVE-2024-50610,0,0,a6949359060222ba84619cd69ce2c024dafba181530f6c2f1bcffd979ed6b752,2024-10-30T19:35:30.033000 CVE-2024-50611,0,0,b9620b3c83eac2420d030761399b3b8b0064775db1dd093c666a92cebb22685a,2024-10-30T19:35:30.853000 @@ -269874,6 +269874,7 @@ CVE-2024-51442,0,0,663939a871d0d38a9b2a62d30b7d5c04a240d1619da5f372debf5ffd926c4 CVE-2024-5145,0,0,1ce6a725d120216d833ed23f25099d9f4810ecb9d4c63ffcf11012cbf68534d1,2024-11-21T09:47:03.920000 CVE-2024-51456,0,0,3c61638caa50a72d686c2513f141dc47a94982f4575920b49a722ee25ad1568a,2025-01-12T14:15:06.550000 CVE-2024-51460,0,0,df7bada56a61ae8e12a2e4d5be2899c3081302373c6923b3ae2a7f5e2e034bd4,2025-01-14T19:40:36.670000 +CVE-2024-51462,1,1,4aa6af44dd00035e691904904248f459982eed07031553bccc0d04464c322f81,2025-01-17T03:15:07.527000 CVE-2024-51463,0,0,c0364c05afe1e0b2d0890e7f96c1b512b7afe4d3c2862d4a930e0585099ce1e6,2024-12-21T14:15:21.453000 CVE-2024-51464,0,0,1b2031370218977af474f39ea7b9c6eb15448100f9427860fc8d10cdd981ce8b,2024-12-31T07:15:11.307000 CVE-2024-51465,0,0,b984a1f47331a027471db6ecd22c9db67a7b4679236a111706732d4e42cb3082,2024-12-04T14:15:20.223000 @@ -270535,7 +270536,7 @@ CVE-2024-52359,0,0,509efcb95ef880ccde43fccb440c416e0525cc864ec20eeb05761e61ccf2a CVE-2024-5236,0,0,2567479af261d5b21b924e08416f98f775dfb54600e5bcd680efa9c7d4ca6153,2024-11-21T09:47:14.757000 CVE-2024-52360,0,0,bdf752aab28a84a7b3de79826a68d96a66c86dd4dcfd4d6f09f0c3b534e4dfec,2024-11-19T21:56:45.533000 CVE-2024-52361,0,0,0f590da84310a3a70b1ce4708563ee9a1181dbd1f95752797a9808951be26140,2024-12-18T16:15:13.967000 -CVE-2024-52363,1,1,f378b587a04a1ed78a29b94eca7f10ccecce7f7c3e17ba5ada2892abe89eb1aa,2025-01-17T02:15:25.060000 +CVE-2024-52363,0,0,f378b587a04a1ed78a29b94eca7f10ccecce7f7c3e17ba5ada2892abe89eb1aa,2025-01-17T02:15:25.060000 CVE-2024-52366,0,0,5eb5d532a2a455b08ea0a92266486ecbd59be84360d732dbaa7ab966f9474b5c,2025-01-07T12:15:24.680000 CVE-2024-52367,0,0,c8bd249cf84afc9db3295deb602b0f010566468527c0212f3c545dd982041f33,2025-01-07T12:15:24.847000 CVE-2024-52369,0,0,e081cda06af085b69b5cce5744190264c91cd87aef2aa4d459e7fe8f2ad5e6bb,2024-11-15T13:58:08.913000 @@ -277299,7 +277300,7 @@ CVE-2025-21320,0,0,19083e6f6e8363e1985ecbfa7ed5eb05ed9bfa8a16256cbd6f87157132edd CVE-2025-21321,0,0,39238e71ff9cce84ad4d75ec88e235c3c13fa3b042168c5d5b3a1d68b9097bd5,2025-01-14T18:15:56.533000 CVE-2025-21323,0,0,80d2e58831aed30d71ace7fb32f7722200f206121e91e5e1a318cc67246cc38e,2025-01-14T18:15:56.760000 CVE-2025-21324,0,0,ee4c35a08202d89247477c39a64dd370157d9abbc04c99ad753b64e9498cb517,2025-01-14T18:15:56.970000 -CVE-2025-21325,1,1,55889c91a0cef261931b49b981b96e2166b235b4af72005aebec2c81b77da865,2025-01-17T01:15:31.073000 +CVE-2025-21325,0,0,55889c91a0cef261931b49b981b96e2166b235b4af72005aebec2c81b77da865,2025-01-17T01:15:31.073000 CVE-2025-21326,0,0,47b18b7d697f3956a4c899179c4627d3df601a34ea8edb7d401cab7d63bff9a5,2025-01-14T18:15:57.170000 CVE-2025-21327,0,0,f7abd2485df724fa1d2bc1deb0a30d7e8df242390186f6c16e037e2facbc6c38,2025-01-14T18:15:57.340000 CVE-2025-21328,0,0,70305526faed98260488cfcbf761b07df229dc3e21c1469ebeafd06439cc1021,2025-01-14T18:15:57.530000