admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-06T05:00:24.160042+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-06 05:00:27 +00:00
parent 709e9010c9
commit 7020558c80
20 changed files with 857 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2024/CVE-2024-208xx/CVE-2024-20810.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20810",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:07.723",
"lastModified": "2024-02-06T03:15:07.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows attackers to get sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20811.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20811",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:07.923",
"lastModified": "2024-02-06T03:15:07.923",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20812.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20812",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:08.100",
"lastModified": "2024-02-06T03:15:08.100",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20813.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20813",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:08.297",
"lastModified": "2024-02-06T03:15:08.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20814.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20814",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:08.533",
"lastModified": "2024-02-06T03:15:08.533",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows attacker access unauthorized information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20815.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20815",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:08.720",
"lastModified": "2024-02-06T03:15:08.720",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.8
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20816.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20816",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:08.907",
"lastModified": "2024-02-06T03:15:08.907",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.8
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20817.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20817",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:09.097",
"lastModified": "2024-02-06T03:15:09.097",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out out bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20818.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20818",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:09.287",
"lastModified": "2024-02-06T03:15:09.287",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out out bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20819.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20819",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:09.480",
"lastModified": "2024-02-06T03:15:09.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out out bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20820.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20820",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:09.670",
"lastModified": "2024-02-06T03:15:09.670",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows attacker to cause an Out-Of-Bounds read."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20822.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20822",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:09.867",
"lastModified": "2024-02-06T03:15:09.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20823.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20823",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:10.057",
"lastModified": "2024-02-06T03:15:10.057",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20824.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20824",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:10.240",
"lastModified": "2024-02-06T03:15:10.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20825.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20825",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:10.430",
"lastModified": "2024-02-06T03:15:10.430",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20826.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20826",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:10.623",
"lastModified": "2024-02-06T03:15:10.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Implicit intent hijacking vulnerability in UPHelper library prior to version 4.0.0 allows local attackers to access sensitive information via implicit intent."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20827.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20827",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:10.813",
"lastModified": "2024-02-06T03:15:10.813",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

43
CVE-2024/CVE-2024-208xx/CVE-2024-20828.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-20828",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2024-02-06T03:15:11.010",
"lastModified": "2024-02-06T03:15:11.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02",
"source": "mobile.security@samsung.com"
}
]
}

59
CVE-2024/CVE-2024-248xx/CVE-2024-24808.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-24808",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-06T04:15:08.260",
"lastModified": "2024-02-06T04:15:08.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the `get_redirect_url` function when redirecting users at login. This vulnerability has been patched with commit fe94451."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://github.com/pyload/pyload/commit/fe94451dcc2be90b3889e2fd9d07b483c8a6dccd",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pyload/pyload/security/advisories/GHSA-g3cm-qg2v-2hj5",
"source": "security-advisories@github.com"
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-06T03:00:25.770920+00:00
2024-02-06T05:00:24.160042+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-06T02:15:09.113000+00:00
2024-02-06T04:15:08.260000+00:00
```
### Last Data Feed Release
@ -29,60 +29,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237697
237716
```
### CVEs added in the last Commit
Recently added CVEs: `16`
Recently added CVEs: `19`
* [CVE-2023-46359](CVE-2023/CVE-2023-463xx/CVE-2023-46359.json) (`2024-02-06T01:15:07.877`)
* [CVE-2023-46360](CVE-2023/CVE-2023-463xx/CVE-2023-46360.json) (`2024-02-06T01:15:07.930`)
* [CVE-2023-47022](CVE-2023/CVE-2023-470xx/CVE-2023-47022.json) (`2024-02-06T01:15:07.987`)
* [CVE-2023-47353](CVE-2023/CVE-2023-473xx/CVE-2023-47353.json) (`2024-02-06T01:15:08.037`)
* [CVE-2023-47889](CVE-2023/CVE-2023-478xx/CVE-2023-47889.json) (`2024-02-06T01:15:08.087`)
* [CVE-2023-6229](CVE-2023/CVE-2023-62xx/CVE-2023-6229.json) (`2024-02-06T01:15:08.137`)
* [CVE-2023-6230](CVE-2023/CVE-2023-62xx/CVE-2023-6230.json) (`2024-02-06T01:15:08.350`)
* [CVE-2023-6231](CVE-2023/CVE-2023-62xx/CVE-2023-6231.json) (`2024-02-06T01:15:08.547`)
* [CVE-2023-6232](CVE-2023/CVE-2023-62xx/CVE-2023-6232.json) (`2024-02-06T01:15:08.740`)
* [CVE-2023-6233](CVE-2023/CVE-2023-62xx/CVE-2023-6233.json) (`2024-02-06T01:15:08.930`)
* [CVE-2023-6234](CVE-2023/CVE-2023-62xx/CVE-2023-6234.json) (`2024-02-06T01:15:09.107`)
* [CVE-2024-0244](CVE-2024/CVE-2024-02xx/CVE-2024-0244.json) (`2024-02-06T01:15:09.300`)
* [CVE-2024-22773](CVE-2024/CVE-2024-227xx/CVE-2024-22773.json) (`2024-02-06T01:15:09.647`)
* [CVE-2024-24112](CVE-2024/CVE-2024-241xx/CVE-2024-24112.json) (`2024-02-06T01:15:09.700`)
* [CVE-2024-22852](CVE-2024/CVE-2024-228xx/CVE-2024-22852.json) (`2024-02-06T02:15:08.663`)
* [CVE-2024-22853](CVE-2024/CVE-2024-228xx/CVE-2024-22853.json) (`2024-02-06T02:15:08.757`)
* [CVE-2024-20810](CVE-2024/CVE-2024-208xx/CVE-2024-20810.json) (`2024-02-06T03:15:07.723`)
* [CVE-2024-20811](CVE-2024/CVE-2024-208xx/CVE-2024-20811.json) (`2024-02-06T03:15:07.923`)
* [CVE-2024-20812](CVE-2024/CVE-2024-208xx/CVE-2024-20812.json) (`2024-02-06T03:15:08.100`)
* [CVE-2024-20813](CVE-2024/CVE-2024-208xx/CVE-2024-20813.json) (`2024-02-06T03:15:08.297`)
* [CVE-2024-20814](CVE-2024/CVE-2024-208xx/CVE-2024-20814.json) (`2024-02-06T03:15:08.533`)
* [CVE-2024-20815](CVE-2024/CVE-2024-208xx/CVE-2024-20815.json) (`2024-02-06T03:15:08.720`)
* [CVE-2024-20816](CVE-2024/CVE-2024-208xx/CVE-2024-20816.json) (`2024-02-06T03:15:08.907`)
* [CVE-2024-20817](CVE-2024/CVE-2024-208xx/CVE-2024-20817.json) (`2024-02-06T03:15:09.097`)
* [CVE-2024-20818](CVE-2024/CVE-2024-208xx/CVE-2024-20818.json) (`2024-02-06T03:15:09.287`)
* [CVE-2024-20819](CVE-2024/CVE-2024-208xx/CVE-2024-20819.json) (`2024-02-06T03:15:09.480`)
* [CVE-2024-20820](CVE-2024/CVE-2024-208xx/CVE-2024-20820.json) (`2024-02-06T03:15:09.670`)
* [CVE-2024-20822](CVE-2024/CVE-2024-208xx/CVE-2024-20822.json) (`2024-02-06T03:15:09.867`)
* [CVE-2024-20823](CVE-2024/CVE-2024-208xx/CVE-2024-20823.json) (`2024-02-06T03:15:10.057`)
* [CVE-2024-20824](CVE-2024/CVE-2024-208xx/CVE-2024-20824.json) (`2024-02-06T03:15:10.240`)
* [CVE-2024-20825](CVE-2024/CVE-2024-208xx/CVE-2024-20825.json) (`2024-02-06T03:15:10.430`)
* [CVE-2024-20826](CVE-2024/CVE-2024-208xx/CVE-2024-20826.json) (`2024-02-06T03:15:10.623`)
* [CVE-2024-20827](CVE-2024/CVE-2024-208xx/CVE-2024-20827.json) (`2024-02-06T03:15:10.813`)
* [CVE-2024-20828](CVE-2024/CVE-2024-208xx/CVE-2024-20828.json) (`2024-02-06T03:15:11.010`)
* [CVE-2024-24808](CVE-2024/CVE-2024-248xx/CVE-2024-24808.json) (`2024-02-06T04:15:08.260`)
### CVEs modified in the last Commit
Recently modified CVEs: `119`
Recently modified CVEs: `0`
* [CVE-2024-0859](CVE-2024/CVE-2024-08xx/CVE-2024-0859.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-0869](CVE-2024/CVE-2024-08xx/CVE-2024-0869.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-0954](CVE-2024/CVE-2024-09xx/CVE-2024-0954.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-0961](CVE-2024/CVE-2024-09xx/CVE-2024-0961.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-0969](CVE-2024/CVE-2024-09xx/CVE-2024-0969.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1046](CVE-2024/CVE-2024-10xx/CVE-2024-1046.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1072](CVE-2024/CVE-2024-10xx/CVE-2024-1072.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1075](CVE-2024/CVE-2024-10xx/CVE-2024-1075.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1092](CVE-2024/CVE-2024-10xx/CVE-2024-1092.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1121](CVE-2024/CVE-2024-11xx/CVE-2024-1121.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1177](CVE-2024/CVE-2024-11xx/CVE-2024-1177.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1208](CVE-2024/CVE-2024-12xx/CVE-2024-1208.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1209](CVE-2024/CVE-2024-12xx/CVE-2024-1209.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-1210](CVE-2024/CVE-2024-12xx/CVE-2024-1210.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-24595](CVE-2024/CVE-2024-245xx/CVE-2024-24595.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-0964](CVE-2024/CVE-2024-09xx/CVE-2024-0964.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-23049](CVE-2024/CVE-2024-230xx/CVE-2024-23049.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-24398](CVE-2024/CVE-2024-243xx/CVE-2024-24398.json) (`2024-02-06T01:00:55.997`)
* [CVE-2024-22319](CVE-2024/CVE-2024-223xx/CVE-2024-22319.json) (`2024-02-06T01:15:09.500`)
* [CVE-2024-1086](CVE-2024/CVE-2024-10xx/CVE-2024-1086.json) (`2024-02-06T02:15:08.303`)
* [CVE-2024-21626](CVE-2024/CVE-2024-216xx/CVE-2024-21626.json) (`2024-02-06T02:15:08.420`)
* [CVE-2024-23206](CVE-2024/CVE-2024-232xx/CVE-2024-23206.json) (`2024-02-06T02:15:08.810`)
* [CVE-2024-23213](CVE-2024/CVE-2024-232xx/CVE-2024-23213.json) (`2024-02-06T02:15:08.903`)
* [CVE-2024-23222](CVE-2024/CVE-2024-232xx/CVE-2024-23222.json) (`2024-02-06T02:15:09.010`)
* [CVE-2024-23849](CVE-2024/CVE-2024-238xx/CVE-2024-23849.json) (`2024-02-06T02:15:09.113`)
## Download and Usage