Auto-Update: 2024-07-25T10:00:19.174253+00:00

2025-05-08 11:37:26 +00:00 · 2024-07-25 10:03:15 +00:00 · 2024-07-25 10:03:15 +00:00 · 58d564f6a5
commit 58d564f6a5
parent 5965c8a87f
6 changed files with 167 additions and 9 deletions
--- a/CVE-2024/CVE-2024-410xx/CVE-2024-41012.json
+++ b/CVE-2024/CVE-2024-410xx/CVE-2024-41012.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-41012",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-07-23T08:15:01.877",
-  "lastModified": "2024-07-24T12:55:13.223",
+  "lastModified": "2024-07-25T09:15:02.410",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -21,9 +21,17 @@
      "url": "https://git.kernel.org/stable/c/3cad1bc010416c6dd780643476bc59ed742436b9",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
+    {
+      "url": "https://git.kernel.org/stable/c/5f5d0799eb0a01d550c21b7894e26b2d9db55763",
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+    },
    {
      "url": "https://git.kernel.org/stable/c/b6d223942c34057fdfd8f149e763fa823731b224",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+    },
+    {
+      "url": "https://git.kernel.org/stable/c/ef8fc41cd6f95f9a4a3470f085aecf350569a0b3",
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-417xx/CVE-2024-41705.json
+++ b/CVE-2024/CVE-2024-417xx/CVE-2024-41705.json
@ -0,0 +1,48 @@
+{
+  "id": "CVE-2024-41705",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-25T08:15:02.467",
+  "lastModified": "2024-07-25T08:15:02.467",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored XSS issue was discovered in Archer Platform 6.8 before 2024.06. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. 6.14.P4 (6.14.0.4) and 6.13 P4 (6.13.0.4) are also fixed releases. This vulnerability is similar to, but not identical to, CVE-2023-30639."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.archerirm.community/t5/platform-announcements/announcing-archer-platform-release-2024-06/ta-p/722094",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/739717",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-417xx/CVE-2024-41706.json
+++ b/CVE-2024/CVE-2024-417xx/CVE-2024-41706.json
@ -0,0 +1,48 @@
+{
+  "id": "CVE-2024-41706",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-25T08:15:02.783",
+  "lastModified": "2024-07-25T08:15:02.783",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored XSS issue was discovered in Archer Platform 6 before version 2024.06. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. 6.14 P4 (6.14.0.4) is also a fixed release."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.archerirm.community/t5/platform-announcements/announcing-archer-platform-release-2024-06/ta-p/722094",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/739717",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-417xx/CVE-2024-41707.json
+++ b/CVE-2024/CVE-2024-417xx/CVE-2024-41707.json
@ -0,0 +1,48 @@
+{
+  "id": "CVE-2024-41707",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-25T08:15:02.980",
+  "lastModified": "2024-07-25T08:15:02.980",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Archer Platform 6 before 2024.06. Authenticated users can achieve HTML content injection. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.archerirm.community/t5/platform-announcements/announcing-archer-platform-release-2024-06/ta-p/722094",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/739717",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-07-25T08:00:17.330705+00:00
+2024-07-25T10:00:19.174253+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-07-25T06:15:01.967000+00:00
+2024-07-25T09:15:02.410000+00:00
 ```

 ### Last Data Feed Release
@ -33,20 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-257944
+257947
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `3`

- [CVE-2024-6972](CVE-2024/CVE-2024-69xx/CVE-2024-6972.json) (`2024-07-25T06:15:01.967`)
+- [CVE-2024-41705](CVE-2024/CVE-2024-417xx/CVE-2024-41705.json) (`2024-07-25T08:15:02.467`)
+- [CVE-2024-41706](CVE-2024/CVE-2024-417xx/CVE-2024-41706.json) (`2024-07-25T08:15:02.783`)
+- [CVE-2024-41707](CVE-2024/CVE-2024-417xx/CVE-2024-41707.json) (`2024-07-25T08:15:02.980`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2024-41012](CVE-2024/CVE-2024-410xx/CVE-2024-41012.json) (`2024-07-25T09:15:02.410`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -255794,7 +255794,7 @@ CVE-2024-41008,0,0,86de6e2be092cac70f5596fb96d0253f26291855f34ae4ddc015775261181
 CVE-2024-41009,0,0,b973764a3f5390614759bf6dad52e86dad86b20c98263f759698c0703f8fb179,2024-07-19T15:06:23.827000
 CVE-2024-41010,0,0,ae8d1d1b3ebaab40dc6ac6afde49ce66895bb7f4e7ee92f295ff5ca1fa79b217,2024-07-19T15:24:59.137000
 CVE-2024-41011,0,0,4c2c460e7d99f33158a9c285f2b0882c56a6716b8d689bc4bd4c6463e3fba1ea,2024-07-18T12:28:43.707000
-CVE-2024-41012,0,0,98ac685beec3c2bc99dfb952de6ca6d29eb3b71fe5532ae565f113eafbf11346,2024-07-24T12:55:13.223000
+CVE-2024-41012,0,1,2bebfd65b0377a9602c1feec303ce4be2b51c9440ed80c757deb9b16aefab66d,2024-07-25T09:15:02.410000
 CVE-2024-4102,0,0,1b0aaa7efbf772a3034d5138f2cde018af6a8f41a0229b0c5f36e4d66092a2a3,2024-07-09T18:19:14.047000
 CVE-2024-4103,0,0,ff27f3988e30e41f465bfc5b7800f7ae2f96b1e2cd71c1414de16617b75fe4fe,2024-05-14T16:11:39.510000
 CVE-2024-4104,0,0,069e7afb1610585640d00d566d3fc4756dff3571ed269cd2ef1d63c8e8ce45e5,2024-05-14T16:11:39.510000
@ -255909,6 +255909,9 @@ CVE-2024-4169,0,0,c62ff626929882f5d2c6f5c5b02ad92c379b5b400e34f72b774f8d063efba0
 CVE-2024-4170,0,0,62435f89f96f29247c44c5e589e7b97688efd61a202de53db89b1fe5fd4975dc,2024-06-04T19:20:31.883000
 CVE-2024-41703,0,0,1c3b299376ef5ce17a21e7b5646c9d050d5b45bd92d1e35dddd90617bf6ddc38,2024-07-22T13:00:31.330000
 CVE-2024-41704,0,0,0be617904c777d7b9dc53e786f05db778e1c4b756b7b2091d648829174b58747,2024-07-22T13:00:31.330000
+CVE-2024-41705,1,1,5ffeb4f3b1ed5768c105eab2d087d4a880ca48ab071f0bf50fc47b993fad7e85,2024-07-25T08:15:02.467000
+CVE-2024-41706,1,1,65753859841076a2c598d5e988db4c971c37a1bf17a162950021d17e8e874c15,2024-07-25T08:15:02.783000
+CVE-2024-41707,1,1,8afa17852c89022131cbf2f2cb75902b0724eef0c75229a5ce3250312652b8be,2024-07-25T08:15:02.980000
 CVE-2024-41709,0,0,2bdff8d893d96056721920d5bf998022e35373c018be8a15f2bfa536aa265890,2024-07-22T13:00:31.330000
 CVE-2024-4171,0,0,87597e8caa4479ab69c883527c35fc22af72d614757313d16953f50dcfa107c2,2024-06-04T19:20:31.980000
 CVE-2024-4172,0,0,ae5cefdd41ee745a5f3463347f20f3f77110439c81ed1ad285dedf4b40da1c57,2024-06-04T19:20:32.077000
@ -257928,7 +257931,7 @@ CVE-2024-6967,0,0,5f19e165dee42428e0d969fa8fc5f74084843adc50630c62175a00d155773d
 CVE-2024-6968,0,0,8e5752619c85b26bba4ce547fa3d54bdd5591cb73642b239c05438d96051005a,2024-07-22T13:00:31.330000
 CVE-2024-6969,0,0,b23347441c89b903c83a899acb9bf7f48b605b0728961bbb1ac995d86a8850d6,2024-07-22T13:00:31.330000
 CVE-2024-6970,0,0,521037b9963b74c39659cf9df97626ee5f8ca87b48a1750eb71f414432d46515,2024-07-22T13:00:31.330000
-CVE-2024-6972,1,1,0166795684092dc8a7acd1c9b41656ff0f1c534b59789d4c54d365f1592c49e2,2024-07-25T06:15:01.967000
+CVE-2024-6972,0,0,0166795684092dc8a7acd1c9b41656ff0f1c534b59789d4c54d365f1592c49e2,2024-07-25T06:15:01.967000
 CVE-2024-7014,0,0,bf4bcb57365a86d29a45ebd019245eec542daaec8aac5d2bd790565f954bcfee,2024-07-24T12:55:13.223000
 CVE-2024-7027,0,0,5a505a0256616ae7086bad971714674072a78d2b5b489c23bd05df293d4823ce,2024-07-24T12:55:13.223000
 CVE-2024-7047,0,0,2b1573f3cc18c2aa026dba40654687716fbeec1cc6b14e4dee9e3be223e6f721,2024-07-25T01:15:09.830000