Auto-Update: 2024-02-04T07:00:24.057502+00:00

2025-07-09 16:05:11 +00:00 · 2024-02-04 07:00:27 +00:00 · 2024-02-04 07:00:27 +00:00 · 71900fb2a5
commit 71900fb2a5
parent 081aa58bc2
3 changed files with 185 additions and 5 deletions
--- a/CVE-2015/CVE-2015-101xx/CVE-2015-10129.json
+++ b/CVE-2015/CVE-2015-101xx/CVE-2015-10129.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2015-10129",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-02-04T05:15:49.087",
+  "lastModified": "2024-02-04T05:15:49.087",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/inc/auth.inc.php. The manipulation of the argument auth leads to incorrect comparison. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is 6ad38c58a45642eb8c7844e2f272ef199f59550d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-252716."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.7,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "HIGH",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.6
+        },
+        "baseSeverity": "LOW",
+        "exploitabilityScore": 4.9,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-697"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/samwilson/planet-freo/commit/6ad38c58a45642eb8c7844e2f272ef199f59550d",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.252716",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.252716",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2019/CVE-2019-251xx/CVE-2019-25159.json
+++ b/CVE-2019/CVE-2019-251xx/CVE-2019-25159.json
@ -0,0 +1,92 @@
+{
+  "id": "CVE-2019-25159",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-02-04T06:15:07.383",
+  "lastModified": "2024-02-04T06:15:07.383",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been classified as critical. This affects an unknown part of the file config/cargos.php. The manipulation of the argument dni_profe leads to sql injection. Upgrading to version 4.51.0 is able to address this issue. The identifier of the patch is 678190bee1dfd64b54a2b0e88abfd009e78adce8. It is recommended to upgrade the affected component. The identifier VDB-252717 was assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "ADJACENT_NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 5.2
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 5.1,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/mpedraza2020/IESMONTEROSOINTRANET/commit/678190bee1dfd64b54a2b0e88abfd009e78adce8",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/mpedraza2020/IESMONTEROSOINTRANET/releases/tag/v4.51.0",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.252717",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.252717",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-02-04T03:00:54.933557+00:00
+2024-02-04T07:00:24.057502+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-02-04T01:15:25.040000+00:00
+2024-02-04T06:15:07.383000+00:00
 ```

 ### Last Data Feed Release
@ -29,15 +29,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-237509
+237511
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `2`

-* [CVE-2023-33851](CVE-2023/CVE-2023-338xx/CVE-2023-33851.json) (`2024-02-04T01:15:24.490`)
-* [CVE-2023-50947](CVE-2023/CVE-2023-509xx/CVE-2023-50947.json) (`2024-02-04T01:15:25.040`)
+* [CVE-2015-10129](CVE-2015/CVE-2015-101xx/CVE-2015-10129.json) (`2024-02-04T05:15:49.087`)
+* [CVE-2019-25159](CVE-2019/CVE-2019-251xx/CVE-2019-25159.json) (`2024-02-04T06:15:07.383`)


 ### CVEs modified in the last Commit