From 6202a154b8454f67e8d0557c0b45207e95fbe41f Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 1 Nov 2024 03:03:20 +0000 Subject: [PATCH] Auto-Update: 2024-11-01T03:00:19.528092+00:00 --- CVE-2024/CVE-2024-106xx/CVE-2024-10607.json | 141 ++++++++++++++++++++ CVE-2024/CVE-2024-106xx/CVE-2024-10608.json | 141 ++++++++++++++++++++ CVE-2024/CVE-2024-106xx/CVE-2024-10609.json | 141 ++++++++++++++++++++ CVE-2024/CVE-2024-106xx/CVE-2024-10610.json | 137 +++++++++++++++++++ CVE-2024/CVE-2024-106xx/CVE-2024-10611.json | 137 +++++++++++++++++++ CVE-2024/CVE-2024-85xx/CVE-2024-8553.json | 14 +- README.md | 21 +-- _state.csv | 17 ++- 8 files changed, 732 insertions(+), 17 deletions(-) create mode 100644 CVE-2024/CVE-2024-106xx/CVE-2024-10607.json create mode 100644 CVE-2024/CVE-2024-106xx/CVE-2024-10608.json create mode 100644 CVE-2024/CVE-2024-106xx/CVE-2024-10609.json create mode 100644 CVE-2024/CVE-2024-106xx/CVE-2024-10610.json create mode 100644 CVE-2024/CVE-2024-106xx/CVE-2024-10611.json diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10607.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10607.json new file mode 100644 index 00000000000..097ac2d2bb9 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10607.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10607", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T01:15:12.153", + "lastModified": "2024-11-01T01:15:12.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Courier Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /track-result.php. The manipulation of the argument Consignment leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/yanhuoshanjin/cve/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282616", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282616", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.434773", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10608.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10608.json new file mode 100644 index 00000000000..2de0d64dd5e --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10608.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10608", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T01:15:12.430", + "lastModified": "2024-11-01T01:15:12.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Courier Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/AXUyaku/cve/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282617", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282617", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.434785", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10609.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10609.json new file mode 100644 index 00000000000..68f8d2f2eb9 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10609.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10609", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T01:15:12.690", + "lastModified": "2024-11-01T01:15:12.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Lanxiy7th/lx_CVE_report-/issues/17", + "source": "cna@vuldb.com" + }, + { + "url": "https://itsourcecode.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282621", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282621", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.434841", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10610.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10610.json new file mode 100644 index 00000000000..6f19efbffb1 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10610.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-10610", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T02:15:03.180", + "lastModified": "2024-11-01T02:15:03.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://flowus.cn/share/0099e10a-5242-4651-a85a-5e8f98abc533?code=G8A6P3", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282622", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282622", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.431326", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-106xx/CVE-2024-10611.json b/CVE-2024/CVE-2024-106xx/CVE-2024-10611.json new file mode 100644 index 00000000000..40c58908c94 --- /dev/null +++ b/CVE-2024/CVE-2024-106xx/CVE-2024-10611.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-10611", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-01T02:15:03.533", + "lastModified": "2024-11-01T02:15:03.533", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://flowus.cn/share/9967b626-9a33-42f9-b8d2-d001b2a0b24a?code=G8A6P3", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282623", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282623", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.431327", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json index 05696cff04f..07b785fcbe3 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json @@ -2,7 +2,7 @@ "id": "CVE-2024-8553", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-31T15:15:17.243", - "lastModified": "2024-10-31T15:15:17.243", + "lastModified": "2024-11-01T02:15:03.870", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -48,6 +48,18 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2024:8717", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8718", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8719", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-8553", "source": "secalert@redhat.com" diff --git a/README.md b/README.md index 830f5225f7c..c17976a69a4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-01T00:55:44.576151+00:00 +2024-11-01T03:00:19.528092+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-01T00:15:03.243000+00:00 +2024-11-01T02:15:03.870000+00:00 ``` ### Last Data Feed Release @@ -27,30 +27,31 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-10-31T01:00:10.086718+00:00 +2024-11-01T01:00:10.103272+00:00 ``` ### Total Number of included CVEs ```plain -267773 +267778 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `5` -- [CVE-2024-10600](CVE-2024/CVE-2024-106xx/CVE-2024-10600.json) (`2024-10-31T23:15:12.067`) -- [CVE-2024-10601](CVE-2024/CVE-2024-106xx/CVE-2024-10601.json) (`2024-10-31T23:15:12.343`) -- [CVE-2024-10602](CVE-2024/CVE-2024-106xx/CVE-2024-10602.json) (`2024-11-01T00:15:02.973`) -- [CVE-2024-10605](CVE-2024/CVE-2024-106xx/CVE-2024-10605.json) (`2024-11-01T00:15:03.243`) +- [CVE-2024-10607](CVE-2024/CVE-2024-106xx/CVE-2024-10607.json) (`2024-11-01T01:15:12.153`) +- [CVE-2024-10608](CVE-2024/CVE-2024-106xx/CVE-2024-10608.json) (`2024-11-01T01:15:12.430`) +- [CVE-2024-10609](CVE-2024/CVE-2024-106xx/CVE-2024-10609.json) (`2024-11-01T01:15:12.690`) +- [CVE-2024-10610](CVE-2024/CVE-2024-106xx/CVE-2024-10610.json) (`2024-11-01T02:15:03.180`) +- [CVE-2024-10611](CVE-2024/CVE-2024-106xx/CVE-2024-10611.json) (`2024-11-01T02:15:03.533`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2023-2062](CVE-2023/CVE-2023-20xx/CVE-2023-2062.json) (`2024-10-31T23:15:11.873`) +- [CVE-2024-8553](CVE-2024/CVE-2024-85xx/CVE-2024-8553.json) (`2024-11-01T02:15:03.870`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 2c66b60b3d1..77d7265e7ff 100644 --- a/_state.csv +++ b/_state.csv @@ -215034,7 +215034,7 @@ CVE-2023-20615,0,0,403d2208ea9cfe7674ec83dce5bd02fbc023ef44016fa56e0176ea8c1c6ce CVE-2023-20616,0,0,3092ae68b1a37fd77970d6937f7300306f59e3a93bd4cb5a02257aa2d42d5447,2023-02-14T17:59:08.763000 CVE-2023-20618,0,0,bfc9c086da18547a444623e23619ddcb0ce992b631ecf6ed8d966be502829b8d,2023-02-14T18:02:12.267000 CVE-2023-20619,0,0,b2fd6630cee592c2582609468e56ceabcfe7c2d157b79665609b43c3d2a735f5,2023-02-14T18:10:07.637000 -CVE-2023-2062,0,1,3259b85ada336c249c0a3127aa4a92c6b50d3c8d3c87bdb21bc9db2b1076dfcc,2024-10-31T23:15:11.873000 +CVE-2023-2062,0,0,3259b85ada336c249c0a3127aa4a92c6b50d3c8d3c87bdb21bc9db2b1076dfcc,2024-10-31T23:15:11.873000 CVE-2023-20620,0,0,c185d10c903b959c24e1ba03baa3c548712f99a8095b9a842a3b855269c7669a,2023-03-13T03:57:10.570000 CVE-2023-20621,0,0,085abfcd6a2e25116d69f753d336955a363b8c522cae98983eb845b1a00e5b7e,2023-03-13T03:57:00.093000 CVE-2023-20623,0,0,4a739139ff8c04950bc70f9d126619146f9f37a276b7be7f445065eef2b13a69,2023-03-13T03:56:40.467000 @@ -242673,11 +242673,16 @@ CVE-2024-10597,0,0,e5c082b349a51a1b6f0ee07ba6030bc60245ddd1b7e068b73a97bdc442998 CVE-2024-10598,0,0,c44377b1077988455a06c0b4e2acbae274518924cc0ed44dd3e440b21fcc1734,2024-10-31T22:15:02.960000 CVE-2024-10599,0,0,763b8efbfd0c5d284ab90275072b60fcec14f32211193fad12ef4d7af1c43894,2024-10-31T22:15:03.267000 CVE-2024-1060,0,0,d653064ebc7376d659eeceb53018669b809b93fa1e3915db85367d79da8fa5c6,2024-02-05T20:49:55.413000 -CVE-2024-10600,1,1,1bea1a7b10b438194688009d120bfd1ff9709bd75db4bcc5ccc94bf8e5f334ed,2024-10-31T23:15:12.067000 -CVE-2024-10601,1,1,7b8255e9af3488a6a39c1d0a5dfdeb386957e032065b46d4068072fbb9667706,2024-10-31T23:15:12.343000 -CVE-2024-10602,1,1,96d2ae9bab76099abc9d680c159fbb5dc171ea7c8d49aec28979a944835cde6f,2024-11-01T00:15:02.973000 -CVE-2024-10605,1,1,e29ff38a00b23eefa1c3da967b46cee3d2cf09ab833c3586b164656be09dc238,2024-11-01T00:15:03.243000 +CVE-2024-10600,0,0,1bea1a7b10b438194688009d120bfd1ff9709bd75db4bcc5ccc94bf8e5f334ed,2024-10-31T23:15:12.067000 +CVE-2024-10601,0,0,7b8255e9af3488a6a39c1d0a5dfdeb386957e032065b46d4068072fbb9667706,2024-10-31T23:15:12.343000 +CVE-2024-10602,0,0,96d2ae9bab76099abc9d680c159fbb5dc171ea7c8d49aec28979a944835cde6f,2024-11-01T00:15:02.973000 +CVE-2024-10605,0,0,e29ff38a00b23eefa1c3da967b46cee3d2cf09ab833c3586b164656be09dc238,2024-11-01T00:15:03.243000 +CVE-2024-10607,1,1,2507b7dca8d5b2aea9a1f9fa5822930e77348ecd5d0e5902894f125c3dfe0632,2024-11-01T01:15:12.153000 +CVE-2024-10608,1,1,e9ae04f74c82c272bbf6afacf6f8454552be4b3f85baa31f4b5466d0d0f65b69,2024-11-01T01:15:12.430000 +CVE-2024-10609,1,1,4a253e2de772b41bcf57400e6453748537a73b07837de06981acbd92eeb5d7d7,2024-11-01T01:15:12.690000 CVE-2024-1061,0,0,b0142398cd9b9f174f90c4c080cff8303ffcef7270f68849f3de92ae586ec72f,2024-02-05T18:21:08.577000 +CVE-2024-10610,1,1,2b69dcf629a95a5c93096752e379fd396a70f9a4385e27ef639dd500f55ed8ce,2024-11-01T02:15:03.180000 +CVE-2024-10611,1,1,0dc059b8fea51edc9a4a016e1565b56716d43af624a620398442be78de0e1439,2024-11-01T02:15:03.533000 CVE-2024-1062,0,0,96fd163b87faa7f96df00eff21b1688e595dd6d409735135ea0e59da2984f85b,2024-10-10T14:22:28.617000 CVE-2024-1063,0,0,74a897918202555ab7dea6b1737e329d32a036051a3381cf0244644b537611c7,2024-02-05T18:25:57.167000 CVE-2024-1064,0,0,f25346ba7587521e1585b34f9b82a63a0a8099891451ea7215e7704632eec54a,2024-02-12T18:42:14.777000 @@ -266902,7 +266907,7 @@ CVE-2024-8547,0,0,a5c726f624e35e2e38ae2311e7ed395da023cf1c888c1c750584ab5f9e8492 CVE-2024-8548,0,0,79d6b79af13a38bbe8eb976675ec8fe70e73bfe199b20619eaaa02e33fc56380,2024-10-04T13:51:25.567000 CVE-2024-8549,0,0,9d15342b3eb4ac6ebd08188bbf5727cd19e2d1db961fed83db600a8a3150700d,2024-10-02T16:04:41.970000 CVE-2024-8552,0,0,ab7cb4c880b3ec4297f7ff802068bed1b689ce05b544a01cb748e0f63a229aea,2024-10-02T17:00:45.083000 -CVE-2024-8553,0,0,fcb661fb871f1ab923e0fe102980875df01a71eb9eefe665b53b72a154876bc6,2024-10-31T15:15:17.243000 +CVE-2024-8553,0,1,91afd0faecdead23bced3ff961746a4a8aa65aa3664ec7c5dc2e48d3087a4345,2024-11-01T02:15:03.870000 CVE-2024-8554,0,0,46c32adbe15332664cfc930fe8c32bff96db8190902ab789492b593fa03348f1,2024-09-10T13:52:23.250000 CVE-2024-8555,0,0,0c0685cb1cca90ba97dbbe7724af46b71d0ab057cb41b6cc62e81df56a2985b7,2024-09-10T13:53:11.847000 CVE-2024-8557,0,0,86ab04a42076aa0fe9f792cba1f27d54b98becfc358809b664a63ce528fde776,2024-09-10T14:19:36.280000