Auto-Update: 2025-01-05T09:00:19.806563+00:00

2025-05-08 03:27:17 +00:00 · 2025-01-05 09:03:44 +00:00 · 2025-01-05 09:03:44 +00:00 · 555d4ce2e1
commit 555d4ce2e1
parent f85396b8dc
4 changed files with 166 additions and 13 deletions
--- a/CVE-2024/CVE-2024-131xx/CVE-2024-13134.json
+++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13134.json
@ -0,0 +1,145 @@
+{
+  "id": "CVE-2024-13134",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-01-05T08:15:05.443",
+  "lastModified": "2025-01-05T08:15:05.443",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "baseScore": 6.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/ZeroWdd/studentmanager/issues/16",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/ZeroWdd/studentmanager/issues/16#issue-2755347097",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.290208",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.290208",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.467916",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-532xx/CVE-2024-53241.json
+++ b/CVE-2024/CVE-2024-532xx/CVE-2024-53241.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-53241",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-12-24T10:15:06.640",
-  "lastModified": "2024-12-24T10:15:06.640",
+  "lastModified": "2025-01-05T07:15:05.377",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -49,6 +49,14 @@
      "url": "http://www.openwall.com/lists/oss-security/2024/12/23/1",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/01/05/1",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2025/01/05/2",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
    {
      "url": "http://xenbits.xen.org/xsa/advisory-466.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-01-05T07:00:19.990662+00:00
+2025-01-05T09:00:19.806563+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-01-05T06:15:05.183000+00:00
+2025-01-05T08:15:05.443000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-275722
+275723
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

- [CVE-2024-13132](CVE-2024/CVE-2024-131xx/CVE-2024-13132.json) (`2025-01-05T05:15:06.400`)
- [CVE-2024-13133](CVE-2024/CVE-2024-131xx/CVE-2024-13133.json) (`2025-01-05T05:15:07.507`)
- [CVE-2025-0219](CVE-2025/CVE-2025-02xx/CVE-2025-0219.json) (`2025-01-05T06:15:05.183`)
+- [CVE-2024-13134](CVE-2024/CVE-2024-131xx/CVE-2024-13134.json) (`2025-01-05T08:15:05.443`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2024-53241](CVE-2024/CVE-2024-532xx/CVE-2024-53241.json) (`2025-01-05T07:15:05.377`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -245449,8 +245449,9 @@ CVE-2024-13129,0,0,9ca6456491ec5676f6b1be848e2f99ae604ad63b1a6f5bc3973f8c9dea216
 CVE-2024-1313,0,0,cad1078661641c2022e5f0188a431d9a70908db5ab4b61d98e0389abbba8b680,2024-11-21T08:50:18.207000
 CVE-2024-13130,0,0,77c4ccc7f4b52a1e0f4e96b60ad35b6a7aa5cc495dbe174abb9f74b15bedfed5,2025-01-05T01:15:18.493000
 CVE-2024-13131,0,0,95b9a2d6a08f93879d932e041b311c499d3f0e154f510b263af670d8e3f4e617,2025-01-05T03:15:05.690000
-CVE-2024-13132,1,1,21d2d0a056783edb04baa7102838e18985529312e228439b1f29de893d6c8fa8,2025-01-05T05:15:06.400000
-CVE-2024-13133,1,1,9785e69379d6a0c25057df0e85fe2b0fda922cd10a604d201c02ee6ff38b912f,2025-01-05T05:15:07.507000
+CVE-2024-13132,0,0,21d2d0a056783edb04baa7102838e18985529312e228439b1f29de893d6c8fa8,2025-01-05T05:15:06.400000
+CVE-2024-13133,0,0,9785e69379d6a0c25057df0e85fe2b0fda922cd10a604d201c02ee6ff38b912f,2025-01-05T05:15:07.507000
+CVE-2024-13134,1,1,bf32841e8233339434384501225db38253b29750f711b67f74a58aecb9e0610e,2025-01-05T08:15:05.443000
 CVE-2024-1315,0,0,e1f16e3b2be06db6b65befc45bb21c6efb290182d3477c01a71033b0effe0c2a,2024-11-21T08:50:18.373000
 CVE-2024-1316,0,0,ec6b544cc876a8479e8de890063434d877e95d2641a1a8c864b5c959e6dbfa7d,2024-11-21T08:50:19.090000
 CVE-2024-1317,0,0,a1d296c91e245cb27c998bff4f84250fb1101a61ebac429b7ce35a2ceb239c73,2024-12-31T16:57:11.080000
@ -270367,7 +270368,7 @@ CVE-2024-53238,0,0,6610e7d3aafebef8985c1159594be7c64b8219149820bb4d4db18a3c87d26
 CVE-2024-53239,0,0,2dbcea6108cac685093598ea95a7534dbbbaa2209a1d006a3b3659a533297412,2024-12-27T14:15:32.373000
 CVE-2024-5324,0,0,616d1ba80af339308061f2c79fb4da68886ab2b91b97eb35403d14df6efb4acc,2024-11-21T09:47:25.537000
 CVE-2024-53240,0,0,9b22f872478d25b1b8d5510910ebb2d032d63f29cc9ff7aa44552f79bec6df78,2024-12-24T10:15:06.460000
-CVE-2024-53241,0,0,e0a7f81b93fae72ba3c3e1c22d325444e6c4f06d9da18ac676475905266413bf,2024-12-24T10:15:06.640000
+CVE-2024-53241,0,1,a7e121cbe6737ad10ede045c0fde5c0fb585d55680124447ad43e1c369544bc7,2025-01-05T07:15:05.377000
 CVE-2024-53242,0,0,bfcd83cfb5068348e4b0b254067e4992bd35af5c9120fcbf4b785e99c4fb6a44,2024-12-10T14:30:46.700000
 CVE-2024-53243,0,0,0055f373ee76668c96d6bfcf8a6f00835a4bd98d186934410e0656653ee7c808,2024-12-10T18:15:41.093000
 CVE-2024-53244,0,0,314d52ddee68b7d194db67c48301dcf21a10bd6aaea8b99e26bb6f18d015b1d7,2024-12-10T18:15:41.243000
@ -275707,7 +275708,7 @@ CVE-2025-0211,0,0,b9d423ddc7f5d7131d18e0c6e82ffdb0d7d511a9f93fbce8fd485a1054d607
 CVE-2025-0212,0,0,4580d93240903455f5f37037363ed2ecac8e5e965bf219492073a30508f06c44,2025-01-04T16:15:23.003000
 CVE-2025-0213,0,0,ae6082586b13f3a0897a3a0c9bb93f3136f000a55537ffc29cc265d27526ea6d,2025-01-04T17:15:06.743000
 CVE-2025-0214,0,0,9254508d81ea0b82f0019bc7737a4434f0760310a24cc79081ad4facc4fcf53a,2025-01-04T17:15:07.507000
-CVE-2025-0219,1,1,74ca1a5c2e45573606f215442248239c1abebb58720b73e72827cf6185a790f0,2025-01-05T06:15:05.183000
+CVE-2025-0219,0,0,74ca1a5c2e45573606f215442248239c1abebb58720b73e72827cf6185a790f0,2025-01-05T06:15:05.183000
 CVE-2025-21609,0,0,46e3af17bfffe98fbaec33d01272d23877fbd06c6cc0e4a79625fd3beabb7e1e,2025-01-03T17:15:09.147000
 CVE-2025-21610,0,0,803b1c12bbaab2c87bcfc5865cced8b68fa26746eb8c056e6bba01e1200224ac,2025-01-03T17:15:09.290000
 CVE-2025-22214,0,0,9f9cbba758088c6fe54f3b7aba457fa8b68f7e0bf397744585451dc526c7cea3,2025-01-02T04:15:06.277000