Auto-Update: 2024-05-27T23:55:30.229868+00:00

2025-05-08 19:47:09 +00:00 · 2024-05-27 23:58:24 +00:00 · 2024-05-27 23:58:24 +00:00 · 642fbc6baa
commit 642fbc6baa
parent 7e66f75cf1
4 changed files with 57 additions and 7 deletions
--- a/CVE-2024/CVE-2024-364xx/CVE-2024-36426.json
+++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36426.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-36426",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-05-27T22:15:08.507",
+  "lastModified": "2024-05-27T22:15:08.507",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://community.targit.com/hc/en-us/articles/12618082416028-Change-Log-On-prem",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/DMCERTCE/DecisionSuite_Token_in_Url",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-364xx/CVE-2024-36428.json
+++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36428.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-36428",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-05-27T23:15:13.120",
+  "lastModified": "2024-05-27T23:15:13.120",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/4rdr/proofs/blob/main/info/OrangeHRM_3.3.3_SQLi_via_sortOrder.md",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://sourceforge.net/projects/orangehrm/files/stable/3.3.3/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-05-27T22:00:37.924069+00:00
+2024-05-27T23:55:30.229868+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-05-27T20:15:09.060000+00:00
+2024-05-27T23:15:13.120000+00:00
 ```

 ### Last Data Feed Release
@ -33,15 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-251883
+251885
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `2`

- [CVE-2024-29415](CVE-2024/CVE-2024-294xx/CVE-2024-29415.json) (`2024-05-27T20:15:08.970`)
- [CVE-2024-34923](CVE-2024/CVE-2024-349xx/CVE-2024-34923.json) (`2024-05-27T20:15:09.060`)
+- [CVE-2024-36426](CVE-2024/CVE-2024-364xx/CVE-2024-36426.json) (`2024-05-27T22:15:08.507`)
+- [CVE-2024-36428](CVE-2024/CVE-2024-364xx/CVE-2024-36428.json) (`2024-05-27T23:15:13.120`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -247386,7 +247386,7 @@ CVE-2024-29401,0,0,679ee7eb07f94632974ee3a3d5e9f1f36658f780199e198816f5b2401b4ea
 CVE-2024-29402,0,0,fda5605a49d434b54f664af40772780310034556d5d1866a088f676172e81755,2024-04-17T12:48:07.510000
 CVE-2024-2941,0,0,6f2f6134f947aa41f2aefc33410d7cbe9590eb8960b4800ff78298df311745af,2024-05-17T02:38:38.410000
 CVE-2024-29413,0,0,a58c13bdf67afd8b98d238166eefb90262a9870531d3d5f182e9810c30b452cd,2024-04-04T12:48:41.700000
-CVE-2024-29415,1,1,5fc3a1756908b9e94744404b65167fcee76f6cfaf6f0a7c94cd668cf1f450907,2024-05-27T20:15:08.970000
+CVE-2024-29415,0,0,5fc3a1756908b9e94744404b65167fcee76f6cfaf6f0a7c94cd668cf1f450907,2024-05-27T20:15:08.970000
 CVE-2024-29417,0,0,89d07e3eb8e147d93c431f357bf92973ead1b3854c21888d1e99630fdc9218d4,2024-05-03T15:32:19.637000
 CVE-2024-29419,0,0,2f1c2a30167616ce2f7264d13a2e39c4e307caf2a0fab8a1d39f77c0f2b7d31b,2024-03-20T17:18:21.343000
 CVE-2024-2942,0,0,441f0a67703a8db7af5d599581bb10078cc400b1f49682a90a1d996555281551,2024-05-17T02:38:38.500000
@ -250337,7 +250337,7 @@ CVE-2024-34913,0,0,482ab417b16d36cac885da18c13005f6c4dcc004509b2b573a33dd2947f7d
 CVE-2024-34914,0,0,70a7c11501909b39ef53f8b81e0474e671bd02725d09e7751be6f86dc2b4f270,2024-05-14T19:17:55.627000
 CVE-2024-34919,0,0,76beccc7ee306fce0aae029e497d6e83a0c5a3aea6f0c11ac1da266396722275,2024-05-17T18:35:35.070000
 CVE-2024-34921,0,0,dbf53dbc9b81b9221c12f4c1ada0297cc361fc3675871ab0069ddf8fe9b53895,2024-05-14T16:12:23.490000
-CVE-2024-34923,1,1,b2833e04d3815a5b8e3572d8ea818bf6f05096f416d160f6fd259d301fa093dc,2024-05-27T20:15:09.060000
+CVE-2024-34923,0,0,b2833e04d3815a5b8e3572d8ea818bf6f05096f416d160f6fd259d301fa093dc,2024-05-27T20:15:09.060000
 CVE-2024-34927,0,0,f64d4b3fa2d75a498f29da3e6338e873aaa7fe95b7d4cb54fa8a5234118d8251,2024-05-24T01:15:30.977000
 CVE-2024-34928,0,0,43cd769ec4fdb33239ced280adaf59383cf7b652fcf6735a7ca67fa759cc6693,2024-05-24T01:15:30.977000
 CVE-2024-34929,0,0,ef37f14987963fad9ab35b4d2ebf05a2e84c97cdb2ecbc61ba0c98ed773a4ba4,2024-05-24T01:15:30.977000
@ -250844,6 +250844,8 @@ CVE-2024-36384,0,0,a0d79da3fdcabd7b9bb7cff9348fa87578adddb020086454394ad176d2bb3
 CVE-2024-3640,0,0,abbf5a33cbca708fe19710dda7a796491ae1d1614e9cd03f43d6cddef8b09500,2024-05-17T18:36:31.297000
 CVE-2024-3641,0,0,c281de95cce057acff2793609e8f843aad579a2f0257c0c2e0b6442733e87b14,2024-05-16T13:03:05.353000
 CVE-2024-3642,0,0,bbed1ee941355da6f32a6eba37e95a843dd7913c7dd227d8da7f65dcb683674b,2024-05-16T13:03:05.353000
+CVE-2024-36426,1,1,2ba75340c0210bb8004d8d51594bd16fe0890e2daaa89efea2abaf2de430698e,2024-05-27T22:15:08.507000
+CVE-2024-36428,1,1,3e75b809ab1020fb15243e78f62cd833777fcf19f9a1e8d806b8526ebae7763a,2024-05-27T23:15:13.120000
 CVE-2024-3643,0,0,52bab63bfc91b1f0b9d75e6e14dccb142e0861ecbf55c57479143676f8644d3b,2024-05-16T13:03:05.353000
 CVE-2024-3644,0,0,4e49052df3e8a0f31e3394cce710c4ef728e2bd6bf109b57603d53a5d48d8bab,2024-05-16T13:03:05.353000
 CVE-2024-3645,0,0,9bfaa42192c6fa49951fba1d7645fb7975d3a2b4cd9bcc55a7dd9ceef33e077c,2024-04-22T19:24:12.920000