Auto-Update: 2024-12-10T09:00:35.380323+00:00

CVE-2024/CVE-2024-281xx/CVE-2024-28138.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-28138",
+  "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+  "published": "2024-12-10T08:15:18.943",
+  "lastModified": "2024-12-10T08:15:18.943",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the \"msg_events.php\" script as the www-data user.\u00a0The HTTP GET parameter \"data\" is not properly sanitized."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://r.sec-consult.com/imageaccess",
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
+    },
+    {
+      "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
+    }
+  ]
+}

CVE-2024/CVE-2024-281xx/CVE-2024-28166.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-28166",
   "sourceIdentifier": "cna@sap.com",
   "published": "2024-08-13T04:15:06.867",
-  "lastModified": "2024-09-16T16:17:15.540",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-12-10T07:15:04.890",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -62,7 +62,7 @@
   "weaknesses": [
     {
       "source": "cna@sap.com",
-      "type": "Primary",
+      "type": "Secondary",
       "description": [
         {
           "lang": "en",
@@ -106,6 +106,10 @@
         "Permissions Required"
       ]
     },
+    {
+      "url": "https://me.sap.com/notes/3515653",
+      "source": "cna@sap.com"
+    },
     {
       "url": "https://url.sap/sapsecuritypatchday",
       "source": "cna@sap.com",

CVE-2024/CVE-2024-417xx/CVE-2024-41731.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-41731",
   "sourceIdentifier": "cna@sap.com",
   "published": "2024-08-13T04:15:08.330",
-  "lastModified": "2024-09-11T17:48:18.073",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-12-10T07:15:06.187",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -62,7 +62,7 @@
   "weaknesses": [
     {
       "source": "cna@sap.com",
-      "type": "Primary",
+      "type": "Secondary",
       "description": [
         {
           "lang": "en",
@@ -106,6 +106,10 @@
         "Permissions Required"
       ]
     },
+    {
+      "url": "https://me.sap.com/notes/3515653",
+      "source": "cna@sap.com"
+    },
     {
       "url": "https://url.sap/sapsecuritypatchday",
       "source": "cna@sap.com",

CVE-2024/CVE-2024-423xx/CVE-2024-42375.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-42375",
   "sourceIdentifier": "cna@sap.com",
   "published": "2024-08-13T04:15:10.567",
-  "lastModified": "2024-09-12T13:46:39.527",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-12-10T07:15:06.303",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -116,6 +116,10 @@
         "Permissions Required"
       ]
     },
+    {
+      "url": "https://me.sap.com/notes/3515653",
+      "source": "cna@sap.com"
+    },
     {
       "url": "https://url.sap/sapsecuritypatchday",
       "source": "cna@sap.com",

CVE-2024/CVE-2024-479xx/CVE-2024-47946.json

@@ -0,0 +1,37 @@
+{
+  "id": "CVE-2024-47946",
+  "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+  "published": "2024-12-10T08:15:19.210",
+  "lastModified": "2024-12-10T08:15:19.210",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "If the attacker has access to a valid Poweruser session, remote code execution is possible because specially crafted valid PNG files with injected PHP content can be uploaded as desktop backgrounds or lock screens. After the upload, the PHP script is available in the web root. The PHP code executes once the uploaded file is accessed. This allows the execution of arbitrary PHP code and OS commands on the device as \"www-data\"."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://r.sec-consult.com/imageaccess",
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
+    },
+    {
+      "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en",
+      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-10T07:00:20.390029+00:00
+2024-12-10T09:00:35.380323+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-10T06:15:20.883000+00:00
+2024-12-10T08:15:19.210000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,24 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-272910
+272912
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `5`
+Recently added CVEs: `2`
 
-- [CVE-2023-6947](CVE-2023/CVE-2023-69xx/CVE-2023-6947.json) (`2024-12-10T06:15:19.950`)
-- [CVE-2024-10708](CVE-2024/CVE-2024-107xx/CVE-2024-10708.json) (`2024-12-10T06:15:20.737`)
-- [CVE-2024-11107](CVE-2024/CVE-2024-111xx/CVE-2024-11107.json) (`2024-12-10T06:15:20.883`)
-- [CVE-2024-11205](CVE-2024/CVE-2024-112xx/CVE-2024-11205.json) (`2024-12-10T05:15:05.510`)
-- [CVE-2024-21542](CVE-2024/CVE-2024-215xx/CVE-2024-21542.json) (`2024-12-10T05:15:07.567`)
+- [CVE-2024-28138](CVE-2024/CVE-2024-281xx/CVE-2024-28138.json) (`2024-12-10T08:15:18.943`)
+- [CVE-2024-47946](CVE-2024/CVE-2024-479xx/CVE-2024-47946.json) (`2024-12-10T08:15:19.210`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `3`
 
+- [CVE-2024-28166](CVE-2024/CVE-2024-281xx/CVE-2024-28166.json) (`2024-12-10T07:15:04.890`)
+- [CVE-2024-41731](CVE-2024/CVE-2024-417xx/CVE-2024-41731.json) (`2024-12-10T07:15:06.187`)
+- [CVE-2024-42375](CVE-2024/CVE-2024-423xx/CVE-2024-42375.json) (`2024-12-10T07:15:06.303`)
 
 
 ## Download and Usage

_state.csv

@@ -241659,7 +241659,7 @@ CVE-2023-6943,0,0,089d337a8ecf415142a8459096aefe6b0ccb59116eef8afca750cc59e44d1b
 CVE-2023-6944,0,0,df2b7229c517209019fce35466d5ffbbde525fb676023ff8b16393577f2b89f6,2024-11-21T08:44:53.520000
 CVE-2023-6945,0,0,479c9fda5ccba9693dcf388278c19a19fda669c289a4366c0f6291cccf514bd4,2024-11-21T08:44:53.660000
 CVE-2023-6946,0,0,d11da4da13dc038beb075b5af1213743f8b40d251e7b7ea3b52df4c6657ce74d,2024-11-21T08:44:53.810000
-CVE-2023-6947,1,1,f9ceb9c69f9af7bc35cb22ae00cc89fe49c6a238e31c37cb849eeeceb76f4da3,2024-12-10T06:15:19.950000
+CVE-2023-6947,0,0,f9ceb9c69f9af7bc35cb22ae00cc89fe49c6a238e31c37cb849eeeceb76f4da3,2024-12-10T06:15:19.950000
 CVE-2023-6948,0,0,fe5733c12b0ee41b32ac32792a9499fb1c2fbb29abf274a6083757f7f49e4eea,2024-11-21T08:44:53.957000
 CVE-2023-6949,0,0,078850d39f1204331fbc98d392a0469ded8443843d8a5c473dc39bd1460bfcd6,2024-11-21T08:44:54.107000
 CVE-2023-6950,0,0,abe9e2e0d7383949fcddc1e9a1bdb75c1a66b8207ce4e95629fab56a059c4d2f,2024-11-21T08:44:54.263000
@@ -243427,7 +243427,7 @@ CVE-2024-10700,0,0,47463adc515feae701fdd6df43b426f169c9e406b10e3ad8dd4832a0c6070
 CVE-2024-10701,0,0,641858d6153e165cc2c7dd6027743f3ae6b69eef2b92c96e3594e0be239333fa,2024-11-05T16:52:44.937000
 CVE-2024-10702,0,0,694400dab46a9218fb3a1006ad113a17ad1c8c5f4f2232220945883eb4081eae,2024-11-05T16:52:11.193000
 CVE-2024-10704,0,0,ba32dc9400bcf601c7de3ed1f96e389b9876b8709121dc8baeae8e0502050909,2024-11-29T15:15:15.777000
-CVE-2024-10708,1,1,915fc94c6de0496c38791426a8b6a993429b200041b827298838cab8bee39149,2024-12-10T06:15:20.737000
+CVE-2024-10708,0,0,915fc94c6de0496c38791426a8b6a993429b200041b827298838cab8bee39149,2024-12-10T06:15:20.737000
 CVE-2024-10709,0,0,41eadf98fd4f942149bd2d66f39b1d32e2fbc20d0415ec457a4d209de40f95b0,2024-11-25T21:15:08.837000
 CVE-2024-1071,0,0,511789b6fa5ad5f82a1b86953aeffe2ca3b5c7e6b5a99f94e7636c9edfe8a8b3,2024-11-21T08:49:43.920000
 CVE-2024-10710,0,0,e03984cb3009dc782d788c1b806be248c0ef7aa6de922ac24071c55d616e1630,2024-11-25T17:15:11.747000
@@ -243735,7 +243735,7 @@ CVE-2024-11101,0,0,dd5f01c6c10626fada5843d26d25ecc9c303026b11e1f85af9563bdd8086a
 CVE-2024-11102,0,0,ec70fa86628f0582db7e97e83cef58a9123c92079aa9ea3641e1de155f8fc492,2024-11-18T20:00:09.120000
 CVE-2024-11103,0,0,525c56d7b3f8fec3123e98bad3867c199a9a90e84f6b6962f9d506a460e4664c,2024-11-28T10:15:06.197000
 CVE-2024-11104,0,0,b75d8ded53ff668230e72c743fffcbea02289181c30609ae66856a5e9653031c,2024-11-22T06:15:19.093000
-CVE-2024-11107,1,1,c5956665d8c7ce6fcd0a182467a15d9156b0276ffd181b7a1b3ebd79cb232eaf,2024-12-10T06:15:20.883000
+CVE-2024-11107,0,0,c5956665d8c7ce6fcd0a182467a15d9156b0276ffd181b7a1b3ebd79cb232eaf,2024-12-10T06:15:20.883000
 CVE-2024-1111,0,0,1e2a4c53f023bbf8c3b556fe6d8a896ca169d10bbf6dcef8f8f730e5e086694a,2024-11-21T08:49:49.257000
 CVE-2024-11110,0,0,d490bd60a369a1b46dbdb1050197f0676234294cb261b9f35d39066213c16bbc,2024-11-13T17:01:16.850000
 CVE-2024-11111,0,0,da9ee8d75f19a39df28c4985a5537997054eaf20345ca454e34c488f64fe6a62,2024-11-13T17:01:16.850000
@@ -243800,7 +243800,7 @@ CVE-2024-11201,0,0,2400a3fff7c4756286421f46f94ce219c368f9dae4da912926dc56c7db0d6
 CVE-2024-11202,0,0,1c4fa16dc439f105ac28005f4d485fd2d81fcbfbfe746e38e05c1690388ba0cf,2024-11-26T08:15:03.710000
 CVE-2024-11203,0,0,89d9b670ca6e709dbc000e307eb68d5ac4e965c1f4c84f129e9430d049a2c78f,2024-11-28T09:15:04.007000
 CVE-2024-11204,0,0,1b902872d8d56ac838bb30e32deaa2c5385b128a323037f02bc4a73a9bc76977,2024-12-06T09:15:05.667000
-CVE-2024-11205,1,1,d46b7e976805c156b42bb00f93b285a4c7f33ed907e6a277b077e49fc4a8600b,2024-12-10T05:15:05.510000
+CVE-2024-11205,0,0,d46b7e976805c156b42bb00f93b285a4c7f33ed907e6a277b077e49fc4a8600b,2024-12-10T05:15:05.510000
 CVE-2024-11206,0,0,6963a23aa18d59f7f19667610c66a14f0573301879dfe182d608b9677a2a6c4e,2024-11-15T13:58:08.913000
 CVE-2024-11207,0,0,d5124d43b027ffc76512a295e16e94e98be02da33ee04487c126007b70c98e32,2024-11-15T13:58:08.913000
 CVE-2024-11208,0,0,1f38b0ac0ea75542119613bff44f8a5a87d53bc938d1d19c87e8fa8f533ca20f,2024-11-19T19:38:51.637000
@@ -246509,7 +246509,7 @@ CVE-2024-21539,0,0,5b71b48f136ea0a133f42f5e9ff41239f19728230b6ea876d025e715b63e9
 CVE-2024-2154,0,0,0457c00e24736b547ac4f7f247e75fccaa09d13ea0de83ed7c8761e6cfd867ea,2024-11-21T09:09:08.927000
 CVE-2024-21540,0,0,ca361900c1eaa9a3b1242a94b8aed82eaba7c8170c10a4efa35cbfaad6b1984c,2024-11-17T09:15:11.853000
 CVE-2024-21541,0,0,5334d81827b035e812e898c211255fb4104fa0827d052caba8f8153293e7f7ad,2024-11-19T16:20:37.887000
-CVE-2024-21542,1,1,71d7ac2f297762d496c833f12b77f71c133bcff4cded6f12936512da06dfadcb,2024-12-10T05:15:07.567000
+CVE-2024-21542,0,0,71d7ac2f297762d496c833f12b77f71c133bcff4cded6f12936512da06dfadcb,2024-12-10T05:15:07.567000
 CVE-2024-21545,0,0,12417d057214273e4a76243ffeaf97d513746844d668a1420616fa022f5af746,2024-09-26T13:32:02.803000
 CVE-2024-2155,0,0,1def2d989b10107bcc4deca9404884628c1ba17bdc1993a4df13bb309b4ac8eb,2024-11-21T09:09:09.070000
 CVE-2024-21550,0,0,6b574e14ae55a92be9fd93a1bb9ebb56cb79876aa6e47f41fbbb48bbd5163e82,2024-08-13T17:33:13.537000
@@ -251416,6 +251416,7 @@ CVE-2024-28134,0,0,176d7778d5677e5c126fff541f7ec5fbb5db5093236274cdce961e0bb3c00
 CVE-2024-28135,0,0,6d8627a9b034ba8daa88a5653a4fa0fcc3873b400b81ab25bdd0e76c225d5345,2024-11-21T09:05:53.393000
 CVE-2024-28136,0,0,398b3e60c35d63350ccdd7436d0410a7095050774975b3a534ff55e78c95c043,2024-11-21T09:05:53.517000
 CVE-2024-28137,0,0,d00b9036b2b7e693ab669d43cf51d8844983db366103d517587e7601c3ae558f,2024-11-21T09:05:53.637000
+CVE-2024-28138,1,1,8e8430e07e5eb86f0af8594168d8711d765f536091815ae62bd7e28ccd38d0d5,2024-12-10T08:15:18.943000
 CVE-2024-2814,0,0,266291004cb50fc9fa499704214f3d6d747ab61c03d4ecf60b55016bd9e70c6a,2024-11-21T09:10:35.307000
 CVE-2024-28147,0,0,385f022ef3b9e74c16d2ca430dbfe84754b0905ec234f9f62a2995438a07dfd7,2024-11-21T09:05:53.770000
 CVE-2024-28148,0,0,3ac8f61b51b12f3a297806b3219d55d9a6d8e022b2f823c428c505a4ab5ae12c,2024-11-21T09:05:53.983000
@@ -251438,7 +251439,7 @@ CVE-2024-28162,0,0,3d0c8c813848fd4595729329c1221c4461a25bce88a1db0357fec1f5b68b9
 CVE-2024-28163,0,0,f0786eb8a55b2107c9c8530ce9a1356514868e1bafb3dd6977e9398b8c6af2d3,2024-11-21T09:05:56.313000
 CVE-2024-28164,0,0,24b2fc8e011258c1fe15ee039c82029ed20288c63d204c64789ef05d689e62b6,2024-11-21T09:05:56.460000
 CVE-2024-28165,0,0,00fe9dbcfbda7d0502bb925a273755d2fe9045ac911ce8d0f0780a1aff2e17a6,2024-11-21T09:05:56.627000
-CVE-2024-28166,0,0,2625789afdfcb2bd2acea3e5092f023b9a73018651a8b5457583b8f4e441057e,2024-09-16T16:17:15.540000
+CVE-2024-28166,0,1,ce7a22aa7eb4b031ae3feff7dcca320e589ae40be1913cf0dd48bec79bbc3393,2024-12-10T07:15:04.890000
 CVE-2024-28167,0,0,ea7dda0032e16a90beabc9010f67cb5afcf61578d494e1efd177d5ad7f1a783d,2024-11-21T09:05:56.840000
 CVE-2024-28168,0,0,106d68fadfb8e3c8d500032ab0e8f971a8e7849c99f4e79b005ca196e57c1e8a,2024-11-21T09:05:56.967000
 CVE-2024-28169,0,0,2776b7b56181449ea9ec7e25a05e8048eedcbf49742d40c227a37c09c347f188,2024-11-15T14:00:09.720000
@@ -261241,7 +261242,7 @@ CVE-2024-41728,0,0,da066a33d0f0d2dfaa585ea4e3472de9187a4f59e3c0192c0243458b46de0
 CVE-2024-41729,0,0,96dc04676b815e555a804314dc8047d39c132aa5becf84a2c900894243d11d5b,2024-09-10T12:09:50.377000
 CVE-2024-4173,0,0,c74e598c37e99fd510f42e1f5cc707854d4d9a1737c7799575c9e437d2ae7add,2024-11-21T09:42:19.913000
 CVE-2024-41730,0,0,2130c3f7d182f7694cb7d3d3b2bed06f572c02805d91ecea89fca74a8a715588,2024-09-12T13:56:51.237000
-CVE-2024-41731,0,0,6f48edf3065fbf576f3bbd8edbf1965aa11a354b495c4701c1871f3649f0ea74,2024-09-11T17:48:18.073000
+CVE-2024-41731,0,1,7f6ce829b3a6b52699cc7791567c1d7481d25780a79c7094f5b678756c6190c1,2024-12-10T07:15:06.187000
 CVE-2024-41732,0,0,8bfe4c2fcb6c965e1260a4713476ae411b9ce3b0a3f11da9ea27c89aada979ab,2024-09-11T17:52:39.477000
 CVE-2024-41733,0,0,bcfb5c7c3ca57c285a897cad79ad70ac82b2748ad0a2f2857c535bd0797f72b3,2024-09-12T13:55:49.880000
 CVE-2024-41734,0,0,b9ff0433b239a9a566a2f49d61fbbdb51ad9622c17b9edca140866aa6997e3f0,2024-09-12T13:28:03.450000
@@ -261783,7 +261784,7 @@ CVE-2024-42371,0,0,79d0e8d47270daebec3558cc4f9f2971aa2c0eef2d46f12550a8ae9aa1311
 CVE-2024-42372,0,0,f7515fc63bd8d58ab7ded6dddec55b5533c33f15e14b5bb1471595528163282b,2024-11-12T13:55:21.227000
 CVE-2024-42373,0,0,ea5156bc3ee0e02f46a3808ae8f3c493de401defc2b18df4241834746de6ae3b,2024-09-12T13:26:37.753000
 CVE-2024-42374,0,0,a1d3fa7879107027356b614b8faebb974ee0b17246632f4f1f6231bc2085d535,2024-09-16T16:25:54.430000
-CVE-2024-42375,0,0,eb3c492a8d14601806d58dd3a63e8df72cdd4a9698eea1f205cb97fb9c447a1e,2024-09-12T13:46:39.527000
+CVE-2024-42375,0,1,9f73f9f73bc60f8f38d638c51620490c795bb8af377e0e88bb54015ec01f32de,2024-12-10T07:15:06.303000
 CVE-2024-42376,0,0,70b2ed844f5f5d52a703acc017ce3f1167373ce910b91a9fa309c0ccf1aa8205,2024-09-12T13:43:27.507000
 CVE-2024-42377,0,0,f117b4c9befba2072a8dc0e5c8763a040d85fe6515fb405918250c2bc79d576d,2024-09-12T13:42:11.890000
 CVE-2024-42378,0,0,f8fcdf03a2ac8ef7442ea7c682b701390cfc77596b63801c492b2f8e02149cd9,2024-09-10T12:09:50.377000
@@ -265512,6 +265513,7 @@ CVE-2024-47942,0,0,190daf764e5f1f44b05a91e0a7fd865a95bc2b3c7431d3b3d142de153ead5
 CVE-2024-47943,0,0,d4d5358ab48548c04867b54233602bd267d194af91388df45333461289a48f25,2024-10-15T12:57:46.880000
 CVE-2024-47944,0,0,2b62f766b4e887a556703c4ed0cb75befb46953f16e7999cc97a39c4906c4816,2024-10-15T16:35:09.410000
 CVE-2024-47945,0,0,4eaa4330fd6e6ea36aef0bbee2681edcaf5e4575b714ff483b0a9415275f4700,2024-10-21T19:41:10.407000
+CVE-2024-47946,1,1,ee189e084ef2ce307b61e5f5ca3165fcf3b82770c351969d8c2d68fa96cf146f,2024-12-10T08:15:19.210000
 CVE-2024-47948,0,0,517ff2cf40b380f17f0ca0cb700d9beda797d40f6236e57145e952b4be3c000e,2024-10-11T19:56:44.863000
 CVE-2024-47949,0,0,c7868bf3f997ce1e01baff6d85be7f51aca23f28e73102f98ffda228afc78456,2024-10-11T19:57:06.207000
 CVE-2024-4795,0,0,874142283439f7d65325bd0714cbf0599f4b631a02f97bcc512f2aca94da1495,2024-11-21T09:43:37.747000