Auto-Update: 2024-02-29T19:00:59.939071+00:00

CVE-2022/CVE-2022-486xx/CVE-2022-48618.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-48618",
   "sourceIdentifier": "product-security@apple.com",
   "published": "2024-01-09T18:15:45.120",
-  "lastModified": "2024-02-27T02:00:01.320",
+  "lastModified": "2024-02-29T17:46:18.173",
   "vulnStatus": "Analyzed",
   "cisaExploitAdd": "2024-01-31",
   "cisaActionDue": "2024-02-21",
@@ -25,19 +25,19 @@
         "type": "Primary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
           "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
+          "attackComplexity": "HIGH",
           "privilegesRequired": "LOW",
           "userInteraction": "NONE",
           "scope": "UNCHANGED",
           "confidentialityImpact": "HIGH",
           "integrityImpact": "HIGH",
           "availabilityImpact": "HIGH",
-          "baseScore": 7.8,
+          "baseScore": 7.0,
           "baseSeverity": "HIGH"
         },
-        "exploitabilityScore": 1.8,
+        "exploitabilityScore": 1.0,
         "impactScore": 5.9
       }
     ]
@@ -49,7 +49,7 @@
       "description": [
         {
           "lang": "en",
-          "value": "CWE-287"
+          "value": "CWE-367"
         }
       ]
     }

CVE-2023/CVE-2023-524xx/CVE-2023-52485.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-52485",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-02-29T15:15:07.397",
-  "lastModified": "2024-02-29T15:15:07.397",
-  "vulnStatus": "Received",
+  "lastModified": "2024-02-29T18:06:42.010",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-61xx/CVE-2023-6132.json

@@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-6132",
+  "sourceIdentifier": "ics-cert@hq.dhs.gov",
+  "published": "2024-02-29T18:15:16.283",
+  "lastModified": "2024-02-29T18:15:16.283",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nThe vulnerability, if exploited, could allow a malicious entity with access to the file system to achieve arbitrary code execution and privilege escalation by tricking AVEVA Edge to load an unsafe DLL.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "ics-cert@hq.dhs.gov",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "ics-cert@hq.dhs.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-427"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/",
+      "source": "ics-cert@hq.dhs.gov"
+    },
+    {
+      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-032-03",
+      "source": "ics-cert@hq.dhs.gov"
+    }
+  ]
+}

CVE-2024/CVE-2024-207xx/CVE-2024-20765.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-20765",
+  "sourceIdentifier": "psirt@adobe.com",
+  "published": "2024-02-29T17:15:07.110",
+  "lastModified": "2024-02-29T18:06:42.010",
+  "vulnStatus": "Awaiting Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@adobe.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@adobe.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://helpx.adobe.com/security/products/acrobat/apsb24-07.html",
+      "source": "psirt@adobe.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-20xx/CVE-2024-2001.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-2001",
   "sourceIdentifier": "cve-coordination@incibe.es",
   "published": "2024-02-29T14:15:45.280",
-  "lastModified": "2024-02-29T14:15:45.280",
-  "vulnStatus": "Received",
+  "lastModified": "2024-02-29T18:06:42.010",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2024/CVE-2024-251xx/CVE-2024-25180.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-25180",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-02-29T18:15:16.520",
+  "lastModified": "2024-02-29T18:15:16.520",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted POST request to the path '/pdf'."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/joaoviictorti/My-CVES/blob/main/CVE-2024-25180/README.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-02-29T17:00:25.814086+00:00
+2024-02-29T19:00:59.939071+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-02-29T15:15:07.473000+00:00
+2024-02-29T18:15:16.520000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,21 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-240119
+240122
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `3`
 
-* [CVE-2023-52485](CVE-2023/CVE-2023-524xx/CVE-2023-52485.json) (`2024-02-29T15:15:07.397`)
+* [CVE-2023-6132](CVE-2023/CVE-2023-61xx/CVE-2023-6132.json) (`2024-02-29T18:15:16.283`)
+* [CVE-2024-20765](CVE-2024/CVE-2024-207xx/CVE-2024-20765.json) (`2024-02-29T17:15:07.110`)
+* [CVE-2024-25180](CVE-2024/CVE-2024-251xx/CVE-2024-25180.json) (`2024-02-29T18:15:16.520`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `3`
 
-* [CVE-2024-1163](CVE-2024/CVE-2024-11xx/CVE-2024-1163.json) (`2024-02-29T15:15:07.473`)
+* [CVE-2022-48618](CVE-2022/CVE-2022-486xx/CVE-2022-48618.json) (`2024-02-29T17:46:18.173`)
+* [CVE-2023-52485](CVE-2023/CVE-2023-524xx/CVE-2023-52485.json) (`2024-02-29T18:06:42.010`)
+* [CVE-2024-2001](CVE-2024/CVE-2024-20xx/CVE-2024-2001.json) (`2024-02-29T18:06:42.010`)
 
 
 ## Download and Usage