diff --git a/CVE-2024/CVE-2024-120xx/CVE-2024-12000.json b/CVE-2024/CVE-2024-120xx/CVE-2024-12000.json new file mode 100644 index 00000000000..de8c3f6210a --- /dev/null +++ b/CVE-2024/CVE-2024-120xx/CVE-2024-12000.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-12000", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-30T12:15:17.200", + "lastModified": "2024-11-30T12:15:17.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/jaychou8023/cve/blob/main/xss3.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.286415", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.286415", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.453717", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json b/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json index 0cdfc59ff83..e24dd346dc2 100644 --- a/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json +++ b/CVE-2024/CVE-2024-437xx/CVE-2024-43700.json @@ -2,7 +2,7 @@ "id": "CVE-2024-43700", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-08-29T11:15:26.757", - "lastModified": "2024-10-15T14:35:01.987", + "lastModified": "2024-11-30T12:15:17.720", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -43,6 +43,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -50,9 +52,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.0, "impactScore": 5.9 @@ -120,6 +120,10 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00034.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45751.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45751.json index 9b066bccedf..14d76886bf8 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45751.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45751.json @@ -2,8 +2,9 @@ "id": "CVE-2024-45751", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-06T05:15:13.840", - "lastModified": "2024-11-25T20:15:08.047", + "lastModified": "2024-11-30T12:15:18.030", "vulnStatus": "Awaiting Analysis", + "cveTags": [], "descriptions": [ { "lang": "en", @@ -66,6 +67,10 @@ { "url": "http://www.openwall.com/lists/oss-security/2024/09/07/2", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00033.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/README.md b/README.md index d6d3b8c8edd..48e8e1296a5 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-30T11:00:22.734536+00:00 +2024-11-30T13:00:25.532545+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-30T10:15:04.340000+00:00 +2024-11-30T12:15:18.030000+00:00 ``` ### Last Data Feed Release @@ -33,20 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -271715 +271716 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -- [CVE-2024-11998](CVE-2024/CVE-2024-119xx/CVE-2024-11998.json) (`2024-11-30T10:15:04.340`) +- [CVE-2024-12000](CVE-2024/CVE-2024-120xx/CVE-2024-12000.json) (`2024-11-30T12:15:17.200`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `2` +- [CVE-2024-43700](CVE-2024/CVE-2024-437xx/CVE-2024-43700.json) (`2024-11-30T12:15:17.720`) +- [CVE-2024-45751](CVE-2024/CVE-2024-457xx/CVE-2024-45751.json) (`2024-11-30T12:15:18.030`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 61f5de3b5ef..c95dbbba058 100644 --- a/_state.csv +++ b/_state.csv @@ -243892,8 +243892,9 @@ CVE-2024-11992,0,0,dec6f82d309a9ca3d0c0e65e3be01067bf6c8b19cbafb67c3c3b2120ec9fb CVE-2024-11995,0,0,659ce94b6e16e4b5841f6ecdfa5b75901b46fdf4f7f3359160ef6a760f2f39d5,2024-11-29T21:15:04.290000 CVE-2024-11996,0,0,d80b8507fc172b9a86f6ab141fb0a9044d43c80de0d910c996155f10dde992d0,2024-11-30T08:15:03.937000 CVE-2024-11997,0,0,95224e93a9082cc1de0a1beded60b60246bebbe18db37af5480d5a7cc7cf8119,2024-11-30T08:15:05.223000 -CVE-2024-11998,1,1,f0265b44321a393a9a2577dcf38bfa269cf779efa8c3d964a6a6f01f1ceb81ee,2024-11-30T10:15:04.340000 +CVE-2024-11998,0,0,f0265b44321a393a9a2577dcf38bfa269cf779efa8c3d964a6a6f01f1ceb81ee,2024-11-30T10:15:04.340000 CVE-2024-1200,0,0,cbf824dd51d7a3b837d210f60d3bc2fcd8c0de7dc55b64bf2469e6bd3fafa8cd,2024-05-17T02:35:18.673000 +CVE-2024-12000,1,1,b554fb7516e14db1feaba750220ae1f899d45d1ef9cfed719bdd93039699e21a,2024-11-30T12:15:17.200000 CVE-2024-1201,0,0,f9834193bbb62b403f23d3357a53cc3ad9bb6173e269e5c9bf81a47c0a1a0786,2024-02-09T19:27:29.517000 CVE-2024-1202,0,0,6132da5e9762048f130f38f4ec670738f94221153725a0b95c9666bf5c59cb16,2024-08-01T19:15:32.277000 CVE-2024-1203,0,0,b776394b4b874eaeeae3e5b604198862b49ad905e4e26e755c608f17ba381dab,2024-03-13T18:16:18.563000 @@ -262166,7 +262167,7 @@ CVE-2024-43697,0,0,aafe4540255caf8b19befcf934243317e12360bb6a3de5ba411c529a93412 CVE-2024-43698,0,0,9e6aaeefdd041f9881f7e87adb25bf5508d197b685354237269da3292e62e8bb,2024-10-23T15:12:34.673000 CVE-2024-43699,0,0,78534d33d290678062dddcdfe24e803feecb99e21dbcb3ac97f746608e5c52e4,2024-10-08T15:44:29.183000 CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000 -CVE-2024-43700,0,0,0a06b833e6fd1b1e874ef27bf2dcddebe6eeed2fb3b70101d743561cb29959e0,2024-10-15T14:35:01.987000 +CVE-2024-43700,0,1,9af24154d87c62c89db7b8ec0c730177a2ad4fbcee653b9099d7ab0097d91088,2024-11-30T12:15:17.720000 CVE-2024-43701,0,0,806d05bc9a9c57505164825be7dbf8680f4cf63f26e698ce90f59cb6324208a0,2024-10-15T15:35:16.050000 CVE-2024-43702,0,0,8a2638259ef7d0c0bd5ed169f1bc8777f60d13fe6bd61e7083d6d48b42f35850,2024-11-30T03:15:13.903000 CVE-2024-43703,0,0,9541812b1f1e1f53c274c0839d61438b11d7c3f5eb2e292d5cebbf841568c53c,2024-11-30T03:15:14.030000 @@ -263463,7 +263464,7 @@ CVE-2024-45745,0,0,095415295fb9e908dbd1bbbd24ecc8e41cf81936c17bbb0aa6290e6785ab2 CVE-2024-45746,0,0,7abeeb28473d4d90b0f40fa029a9f40cc62f9f19130bf135cc7a0a985dde62f8,2024-10-11T21:36:34.350000 CVE-2024-4575,0,0,9d22d248e877183fb374174504fab6bfc500414f16c234b88b687abe10cd48be,2024-05-24T01:15:30.977000 CVE-2024-45750,0,0,f86fce6cd4045728a00882dd42402a213a9d23f5fcb44064e442c5967c556b92,2024-09-26T19:35:17.850000 -CVE-2024-45751,0,0,a77f37e4ea9f9cb9a24bf925f3f2164ba340c3e11435309a55bc717109619c08,2024-11-25T20:15:08.047000 +CVE-2024-45751,0,1,c113307e7e909e4cf70f9b4ddd341f71fe3fe4857c3b9883d860c17d4c9a21ae,2024-11-30T12:15:18.030000 CVE-2024-45752,0,0,c56d2e99daff13fa264a8e02ee453ba88231a536487b9dd847b13fefb0df4a91,2024-09-25T16:54:27.520000 CVE-2024-45754,0,0,27881b9f8c3e60f9d5e35efd217ea03a3a53beb79b5679c0a5048b58d7f60f46,2024-10-15T16:35:07.827000 CVE-2024-45755,0,0,3380a03454f7c2bac1206898ca4fa4184680be886daa8fa0e017d976f6eee31b,2024-11-26T16:15:15.597000