Auto-Update: 2024-11-30T13:00:25.532545+00:00

CVE-2024/CVE-2024-120xx/CVE-2024-12000.json

@@ -0,0 +1,145 @@
+{
+  "id": "CVE-2024-12000",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-11-30T12:15:17.200",
+  "lastModified": "2024-11-30T12:15:17.200",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/jaychou8023/cve/blob/main/xss3.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.286415",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.286415",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.453717",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-437xx/CVE-2024-43700.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-43700",
   "sourceIdentifier": "vultures@jpcert.or.jp",
   "published": "2024-08-29T11:15:26.757",
-  "lastModified": "2024-10-15T14:35:01.987",
+  "lastModified": "2024-11-30T12:15:17.720",
   "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
@@ -23,6 +23,8 @@
         "cvssData": {
           "version": "3.1",
           "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH",
           "attackVector": "LOCAL",
           "attackComplexity": "LOW",
           "privilegesRequired": "NONE",
@@ -30,9 +32,7 @@
           "scope": "UNCHANGED",
           "confidentialityImpact": "HIGH",
           "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 7.8,
-          "baseSeverity": "HIGH"
+          "availabilityImpact": "HIGH"
         },
         "exploitabilityScore": 1.8,
         "impactScore": 5.9
@@ -43,6 +43,8 @@
         "cvssData": {
           "version": "3.1",
           "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "baseScore": 7.0,
+          "baseSeverity": "HIGH",
           "attackVector": "LOCAL",
           "attackComplexity": "HIGH",
           "privilegesRequired": "NONE",
@@ -50,9 +52,7 @@
           "scope": "UNCHANGED",
           "confidentialityImpact": "HIGH",
           "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 7.0,
-          "baseSeverity": "HIGH"
+          "availabilityImpact": "HIGH"
         },
         "exploitabilityScore": 1.0,
         "impactScore": 5.9
@@ -120,6 +120,10 @@
       "tags": [
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00034.html",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
     }
   ]
 }

CVE-2024/CVE-2024-457xx/CVE-2024-45751.json

@@ -2,8 +2,9 @@
   "id": "CVE-2024-45751",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2024-09-06T05:15:13.840",
-  "lastModified": "2024-11-25T20:15:08.047",
+  "lastModified": "2024-11-30T12:15:18.030",
   "vulnStatus": "Awaiting Analysis",
+  "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
@@ -66,6 +67,10 @@
     {
       "url": "http://www.openwall.com/lists/oss-security/2024/09/07/2",
       "source": "af854a3a-2127-422b-91ae-364da2661108"
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00033.html",
+      "source": "af854a3a-2127-422b-91ae-364da2661108"
     }
   ]
 }

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-11-30T11:00:22.734536+00:00
+2024-11-30T13:00:25.532545+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-11-30T10:15:04.340000+00:00
+2024-11-30T12:15:18.030000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,20 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-271715
+271716
 ```
 
 ### CVEs added in the last Commit
 
 Recently added CVEs: `1`
 
-- [CVE-2024-11998](CVE-2024/CVE-2024-119xx/CVE-2024-11998.json) (`2024-11-30T10:15:04.340`)
+- [CVE-2024-12000](CVE-2024/CVE-2024-120xx/CVE-2024-12000.json) (`2024-11-30T12:15:17.200`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `2`
 
+- [CVE-2024-43700](CVE-2024/CVE-2024-437xx/CVE-2024-43700.json) (`2024-11-30T12:15:17.720`)
+- [CVE-2024-45751](CVE-2024/CVE-2024-457xx/CVE-2024-45751.json) (`2024-11-30T12:15:18.030`)
 
 
 ## Download and Usage

_state.csv

@@ -243892,8 +243892,9 @@ CVE-2024-11992,0,0,dec6f82d309a9ca3d0c0e65e3be01067bf6c8b19cbafb67c3c3b2120ec9fb
 CVE-2024-11995,0,0,659ce94b6e16e4b5841f6ecdfa5b75901b46fdf4f7f3359160ef6a760f2f39d5,2024-11-29T21:15:04.290000
 CVE-2024-11996,0,0,d80b8507fc172b9a86f6ab141fb0a9044d43c80de0d910c996155f10dde992d0,2024-11-30T08:15:03.937000
 CVE-2024-11997,0,0,95224e93a9082cc1de0a1beded60b60246bebbe18db37af5480d5a7cc7cf8119,2024-11-30T08:15:05.223000
-CVE-2024-11998,1,1,f0265b44321a393a9a2577dcf38bfa269cf779efa8c3d964a6a6f01f1ceb81ee,2024-11-30T10:15:04.340000
+CVE-2024-11998,0,0,f0265b44321a393a9a2577dcf38bfa269cf779efa8c3d964a6a6f01f1ceb81ee,2024-11-30T10:15:04.340000
 CVE-2024-1200,0,0,cbf824dd51d7a3b837d210f60d3bc2fcd8c0de7dc55b64bf2469e6bd3fafa8cd,2024-05-17T02:35:18.673000
+CVE-2024-12000,1,1,b554fb7516e14db1feaba750220ae1f899d45d1ef9cfed719bdd93039699e21a,2024-11-30T12:15:17.200000
 CVE-2024-1201,0,0,f9834193bbb62b403f23d3357a53cc3ad9bb6173e269e5c9bf81a47c0a1a0786,2024-02-09T19:27:29.517000
 CVE-2024-1202,0,0,6132da5e9762048f130f38f4ec670738f94221153725a0b95c9666bf5c59cb16,2024-08-01T19:15:32.277000
 CVE-2024-1203,0,0,b776394b4b874eaeeae3e5b604198862b49ad905e4e26e755c608f17ba381dab,2024-03-13T18:16:18.563000
@@ -262166,7 +262167,7 @@ CVE-2024-43697,0,0,aafe4540255caf8b19befcf934243317e12360bb6a3de5ba411c529a93412
 CVE-2024-43698,0,0,9e6aaeefdd041f9881f7e87adb25bf5508d197b685354237269da3292e62e8bb,2024-10-23T15:12:34.673000
 CVE-2024-43699,0,0,78534d33d290678062dddcdfe24e803feecb99e21dbcb3ac97f746608e5c52e4,2024-10-08T15:44:29.183000
 CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000
-CVE-2024-43700,0,0,0a06b833e6fd1b1e874ef27bf2dcddebe6eeed2fb3b70101d743561cb29959e0,2024-10-15T14:35:01.987000
+CVE-2024-43700,0,1,9af24154d87c62c89db7b8ec0c730177a2ad4fbcee653b9099d7ab0097d91088,2024-11-30T12:15:17.720000
 CVE-2024-43701,0,0,806d05bc9a9c57505164825be7dbf8680f4cf63f26e698ce90f59cb6324208a0,2024-10-15T15:35:16.050000
 CVE-2024-43702,0,0,8a2638259ef7d0c0bd5ed169f1bc8777f60d13fe6bd61e7083d6d48b42f35850,2024-11-30T03:15:13.903000
 CVE-2024-43703,0,0,9541812b1f1e1f53c274c0839d61438b11d7c3f5eb2e292d5cebbf841568c53c,2024-11-30T03:15:14.030000
@@ -263463,7 +263464,7 @@ CVE-2024-45745,0,0,095415295fb9e908dbd1bbbd24ecc8e41cf81936c17bbb0aa6290e6785ab2
 CVE-2024-45746,0,0,7abeeb28473d4d90b0f40fa029a9f40cc62f9f19130bf135cc7a0a985dde62f8,2024-10-11T21:36:34.350000
 CVE-2024-4575,0,0,9d22d248e877183fb374174504fab6bfc500414f16c234b88b687abe10cd48be,2024-05-24T01:15:30.977000
 CVE-2024-45750,0,0,f86fce6cd4045728a00882dd42402a213a9d23f5fcb44064e442c5967c556b92,2024-09-26T19:35:17.850000
-CVE-2024-45751,0,0,a77f37e4ea9f9cb9a24bf925f3f2164ba340c3e11435309a55bc717109619c08,2024-11-25T20:15:08.047000
+CVE-2024-45751,0,1,c113307e7e909e4cf70f9b4ddd341f71fe3fe4857c3b9883d860c17d4c9a21ae,2024-11-30T12:15:18.030000
 CVE-2024-45752,0,0,c56d2e99daff13fa264a8e02ee453ba88231a536487b9dd847b13fefb0df4a91,2024-09-25T16:54:27.520000
 CVE-2024-45754,0,0,27881b9f8c3e60f9d5e35efd217ea03a3a53beb79b5679c0a5048b58d7f60f46,2024-10-15T16:35:07.827000
 CVE-2024-45755,0,0,3380a03454f7c2bac1206898ca4fa4184680be886daa8fa0e017d976f6eee31b,2024-11-26T16:15:15.597000