diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10607.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10607.json new file mode 100644 index 00000000000..097ac2d2bb9 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10607.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10607", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T01:15:12.153", + "lastModified": "2024-11-01T01:15:12.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Courier Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /track-result.php. The manipulation of the argument Consignment leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/yanhuoshanjin/cve/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282616", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282616", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.434773", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10608.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10608.json new file mode 100644 index 00000000000..2de0d64dd5e --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10608.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10608", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T01:15:12.430", + "lastModified": "2024-11-01T01:15:12.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Courier Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/AXUyaku/cve/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282617", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282617", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.434785", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10609.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10609.json new file mode 100644 index 00000000000..68f8d2f2eb9 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10609.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10609", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T01:15:12.690", + "lastModified": "2024-11-01T01:15:12.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Lanxiy7th/lx_CVE_report-/issues/17", + "source": "cna@vuldb.com" + }, + { + "url": "https://itsourcecode.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282621", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282621", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.434841", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10610.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10610.json new file mode 100644 index 00000000000..6f19efbffb1 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10610.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-10610", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T02:15:03.180", + "lastModified": "2024-11-01T02:15:03.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://flowus.cn/share/0099e10a-5242-4651-a85a-5e8f98abc533?code=G8A6P3", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282622", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282622", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.431326", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10611.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10611.json new file mode 100644 index 00000000000..40c58908c94 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10611.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-10611", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T02:15:03.533", + "lastModified": "2024-11-01T02:15:03.533", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://flowus.cn/share/9967b626-9a33-42f9-b8d2-d001b2a0b24a?code=G8A6P3", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282623", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282623", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.431327", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json index 05696cff04f..07b785fcbe3 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json @@ -2,7 +2,7 @@ "id": "CVE-2024-8553", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-31T15:15:17.243", - "lastModified": "2024-10-31T15:15:17.243", + "lastModified": "2024-11-01T02:15:03.870", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -48,6 +48,18 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:8717", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8718", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8719", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-8553", "source": "secalert@redhat.com" diff --git a/README.md b/README.md index 830f5225f7c..c17976a69a4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-01T00:55:44.576151+00:00 +2024-11-01T03:00:19.528092+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-01T00:15:03.243000+00:00 +2024-11-01T02:15:03.870000+00:00 ``` ### Last Data Feed Release @@ -27,30 +27,31 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-10-31T01:00:10.086718+00:00 +2024-11-01T01:00:10.103272+00:00 ``` ### Total Number of included CVEs ```plain -267773 +267778 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `5` -- [CVE-2024-10600](CVE-2024/CVE-2024-106xx/CVE-2024-10600.json) (`2024-10-31T23:15:12.067`) -- [CVE-2024-10601](CVE-2024/CVE-2024-106xx/CVE-2024-10601.json) (`2024-10-31T23:15:12.343`) -- [CVE-2024-10602](CVE-2024/CVE-2024-106xx/CVE-2024-10602.json) (`2024-11-01T00:15:02.973`) -- [CVE-2024-10605](CVE-2024/CVE-2024-106xx/CVE-2024-10605.json) (`2024-11-01T00:15:03.243`) +- [CVE-2024-10607](CVE-2024/CVE-2024-106xx/CVE-2024-10607.json) (`2024-11-01T01:15:12.153`) +- [CVE-2024-10608](CVE-2024/CVE-2024-106xx/CVE-2024-10608.json) (`2024-11-01T01:15:12.430`) +- [CVE-2024-10609](CVE-2024/CVE-2024-106xx/CVE-2024-10609.json) (`2024-11-01T01:15:12.690`) +- [CVE-2024-10610](CVE-2024/CVE-2024-106xx/CVE-2024-10610.json) (`2024-11-01T02:15:03.180`) +- [CVE-2024-10611](CVE-2024/CVE-2024-106xx/CVE-2024-10611.json) (`2024-11-01T02:15:03.533`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2023-2062](CVE-2023/CVE-2023-20xx/CVE-2023-2062.json) (`2024-10-31T23:15:11.873`) +- [CVE-2024-8553](CVE-2024/CVE-2024-85xx/CVE-2024-8553.json) (`2024-11-01T02:15:03.870`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 2c66b60b3d1..77d7265e7ff 100644 --- a/_state.csv +++ b/_state.csv @@ -215034,7 +215034,7 @@ CVE-2023-20615,0,0,403d2208ea9cfe7674ec83dce5bd02fbc023ef44016fa56e0176ea8c1c6ce CVE-2023-20616,0,0,3092ae68b1a37fd77970d6937f7300306f59e3a93bd4cb5a02257aa2d42d5447,2023-02-14T17:59:08.763000 CVE-2023-20618,0,0,bfc9c086da18547a444623e23619ddcb0ce992b631ecf6ed8d966be502829b8d,2023-02-14T18:02:12.267000 CVE-2023-20619,0,0,b2fd6630cee592c2582609468e56ceabcfe7c2d157b79665609b43c3d2a735f5,2023-02-14T18:10:07.637000 -CVE-2023-2062,0,1,3259b85ada336c249c0a3127aa4a92c6b50d3c8d3c87bdb21bc9db2b1076dfcc,2024-10-31T23:15:11.873000 +CVE-2023-2062,0,0,3259b85ada336c249c0a3127aa4a92c6b50d3c8d3c87bdb21bc9db2b1076dfcc,2024-10-31T23:15:11.873000 CVE-2023-20620,0,0,c185d10c903b959c24e1ba03baa3c548712f99a8095b9a842a3b855269c7669a,2023-03-13T03:57:10.570000 CVE-2023-20621,0,0,085abfcd6a2e25116d69f753d336955a363b8c522cae98983eb845b1a00e5b7e,2023-03-13T03:57:00.093000 CVE-2023-20623,0,0,4a739139ff8c04950bc70f9d126619146f9f37a276b7be7f445065eef2b13a69,2023-03-13T03:56:40.467000 @@ -242673,11 +242673,16 @@ CVE-2024-10597,0,0,e5c082b349a51a1b6f0ee07ba6030bc60245ddd1b7e068b73a97bdc442998 CVE-2024-10598,0,0,c44377b1077988455a06c0b4e2acbae274518924cc0ed44dd3e440b21fcc1734,2024-10-31T22:15:02.960000 CVE-2024-10599,0,0,763b8efbfd0c5d284ab90275072b60fcec14f32211193fad12ef4d7af1c43894,2024-10-31T22:15:03.267000 CVE-2024-1060,0,0,d653064ebc7376d659eeceb53018669b809b93fa1e3915db85367d79da8fa5c6,2024-02-05T20:49:55.413000 -CVE-2024-10600,1,1,1bea1a7b10b438194688009d120bfd1ff9709bd75db4bcc5ccc94bf8e5f334ed,2024-10-31T23:15:12.067000 -CVE-2024-10601,1,1,7b8255e9af3488a6a39c1d0a5dfdeb386957e032065b46d4068072fbb9667706,2024-10-31T23:15:12.343000 -CVE-2024-10602,1,1,96d2ae9bab76099abc9d680c159fbb5dc171ea7c8d49aec28979a944835cde6f,2024-11-01T00:15:02.973000 -CVE-2024-10605,1,1,e29ff38a00b23eefa1c3da967b46cee3d2cf09ab833c3586b164656be09dc238,2024-11-01T00:15:03.243000 +CVE-2024-10600,0,0,1bea1a7b10b438194688009d120bfd1ff9709bd75db4bcc5ccc94bf8e5f334ed,2024-10-31T23:15:12.067000 +CVE-2024-10601,0,0,7b8255e9af3488a6a39c1d0a5dfdeb386957e032065b46d4068072fbb9667706,2024-10-31T23:15:12.343000 +CVE-2024-10602,0,0,96d2ae9bab76099abc9d680c159fbb5dc171ea7c8d49aec28979a944835cde6f,2024-11-01T00:15:02.973000 +CVE-2024-10605,0,0,e29ff38a00b23eefa1c3da967b46cee3d2cf09ab833c3586b164656be09dc238,2024-11-01T00:15:03.243000 +CVE-2024-10607,1,1,2507b7dca8d5b2aea9a1f9fa5822930e77348ecd5d0e5902894f125c3dfe0632,2024-11-01T01:15:12.153000 +CVE-2024-10608,1,1,e9ae04f74c82c272bbf6afacf6f8454552be4b3f85baa31f4b5466d0d0f65b69,2024-11-01T01:15:12.430000 +CVE-2024-10609,1,1,4a253e2de772b41bcf57400e6453748537a73b07837de06981acbd92eeb5d7d7,2024-11-01T01:15:12.690000 CVE-2024-1061,0,0,b0142398cd9b9f174f90c4c080cff8303ffcef7270f68849f3de92ae586ec72f,2024-02-05T18:21:08.577000 +CVE-2024-10610,1,1,2b69dcf629a95a5c93096752e379fd396a70f9a4385e27ef639dd500f55ed8ce,2024-11-01T02:15:03.180000 +CVE-2024-10611,1,1,0dc059b8fea51edc9a4a016e1565b56716d43af624a620398442be78de0e1439,2024-11-01T02:15:03.533000 CVE-2024-1062,0,0,96fd163b87faa7f96df00eff21b1688e595dd6d409735135ea0e59da2984f85b,2024-10-10T14:22:28.617000 CVE-2024-1063,0,0,74a897918202555ab7dea6b1737e329d32a036051a3381cf0244644b537611c7,2024-02-05T18:25:57.167000 CVE-2024-1064,0,0,f25346ba7587521e1585b34f9b82a63a0a8099891451ea7215e7704632eec54a,2024-02-12T18:42:14.777000 @@ -266902,7 +266907,7 @@ CVE-2024-8547,0,0,a5c726f624e35e2e38ae2311e7ed395da023cf1c888c1c750584ab5f9e8492 CVE-2024-8548,0,0,79d6b79af13a38bbe8eb976675ec8fe70e73bfe199b20619eaaa02e33fc56380,2024-10-04T13:51:25.567000 CVE-2024-8549,0,0,9d15342b3eb4ac6ebd08188bbf5727cd19e2d1db961fed83db600a8a3150700d,2024-10-02T16:04:41.970000 CVE-2024-8552,0,0,ab7cb4c880b3ec4297f7ff802068bed1b689ce05b544a01cb748e0f63a229aea,2024-10-02T17:00:45.083000 -CVE-2024-8553,0,0,fcb661fb871f1ab923e0fe102980875df01a71eb9eefe665b53b72a154876bc6,2024-10-31T15:15:17.243000 +CVE-2024-8553,0,1,91afd0faecdead23bced3ff961746a4a8aa65aa3664ec7c5dc2e48d3087a4345,2024-11-01T02:15:03.870000 CVE-2024-8554,0,0,46c32adbe15332664cfc930fe8c32bff96db8190902ab789492b593fa03348f1,2024-09-10T13:52:23.250000 CVE-2024-8555,0,0,0c0685cb1cca90ba97dbbe7724af46b71d0ab057cb41b6cc62e81df56a2985b7,2024-09-10T13:53:11.847000 CVE-2024-8557,0,0,86ab04a42076aa0fe9f792cba1f27d54b98becfc358809b664a63ce528fde776,2024-09-10T14:19:36.280000