From 7d524e2add844b921d1909e71af4d25fa37902ce Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 29 Jul 2024 12:03:11 +0000 Subject: [PATCH] Auto-Update: 2024-07-29T12:00:16.577372+00:00 --- CVE-2024/CVE-2024-48xx/CVE-2024-4848.json | 16 +++ CVE-2024/CVE-2024-67xx/CVE-2024-6761.json | 16 +++ CVE-2024/CVE-2024-71xx/CVE-2024-7192.json | 4 + CVE-2024/CVE-2024-71xx/CVE-2024-7193.json | 145 ++++++++++++++++++++++ CVE-2024/CVE-2024-71xx/CVE-2024-7194.json | 141 +++++++++++++++++++++ CVE-2024/CVE-2024-71xx/CVE-2024-7195.json | 137 ++++++++++++++++++++ CVE-2024/CVE-2024-71xx/CVE-2024-7196.json | 137 ++++++++++++++++++++ README.md | 27 ++-- _state.csv | 26 ++-- 9 files changed, 624 insertions(+), 25 deletions(-) create mode 100644 CVE-2024/CVE-2024-48xx/CVE-2024-4848.json create mode 100644 CVE-2024/CVE-2024-67xx/CVE-2024-6761.json create mode 100644 CVE-2024/CVE-2024-71xx/CVE-2024-7193.json create mode 100644 CVE-2024/CVE-2024-71xx/CVE-2024-7194.json create mode 100644 CVE-2024/CVE-2024-71xx/CVE-2024-7195.json create mode 100644 CVE-2024/CVE-2024-71xx/CVE-2024-7196.json diff --git a/CVE-2024/CVE-2024-48xx/CVE-2024-4848.json b/CVE-2024/CVE-2024-48xx/CVE-2024-4848.json new file mode 100644 index 00000000000..b8b05afb63e --- /dev/null +++ b/CVE-2024/CVE-2024-48xx/CVE-2024-4848.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2024-4848", + "sourceIdentifier": "security@huntr.dev", + "published": "2024-07-29T11:15:09.920", + "lastModified": "2024-07-29T11:15:09.920", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6761.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6761.json new file mode 100644 index 00000000000..00fab43dedd --- /dev/null +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6761.json @@ -0,0 +1,16 @@ +{ + "id": "CVE-2024-6761", + "sourceIdentifier": "security@huntr.dev", + "published": "2024-07-29T11:15:10.140", + "lastModified": "2024-07-29T11:15:10.140", + "vulnStatus": "Rejected", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7192.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7192.json index e8d7eb3f56d..cb590d07e40 100644 --- a/CVE-2024/CVE-2024-71xx/CVE-2024-7192.json +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7192.json @@ -9,6 +9,10 @@ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/student.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272613 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": " Una vulnerabilidad fue encontrada en itsourcecode Society Management System 1.0 y clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /admin/student.php. La manipulaci\u00f3n del argumento image conduce a una carga sin restricciones. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-272613." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7193.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7193.json new file mode 100644 index 00000000000..0a4428f794a --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7193.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-7193", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-29T10:15:02.107", + "lastModified": "2024-07-29T10:15:02.107", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in Mp3tag up to 3.26d and classified as problematic. This vulnerability affects unknown code in the library tak_deco_lib.dll of the component DLL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Upgrading to version 3.26e is able to address this issue. It is recommended to upgrade the affected component. VDB-272614 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early, responded in a very professional manner and immediately released a fixed version of the affected product." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en Mp3tag hasta la versi\u00f3n 3.26d y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta a c\u00f3digo desconocido en la librer\u00eda tak_deco_lib.dll del componente DLL Handler. La manipulaci\u00f3n conduce a una ruta de b\u00fasqueda no controlada. Es posible lanzar el ataque en el host local. La vulnerabilidad se ha divulgado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 3.26e puede solucionar este problema. Se recomienda actualizar el componente afectado. VDB-272614 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 al proveedor tempranamente, respondi\u00f3 de manera muy profesional e inmediatamente lanz\u00f3 una versi\u00f3n corregida del producto afectado." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 4.3 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 3.1, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "references": [ + { + "url": "https://app.any.run/tasks/37401db6-5584-4f21-8cc5-73240c4ea2dc/", + "source": "cna@vuldb.com" + }, + { + "url": "https://community.mp3tag.de/t/mp3tag-development-build-status/455/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272614", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272614", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.379523", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7194.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7194.json new file mode 100644 index 00000000000..60db0a5ca16 --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7194.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-7194", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-29T10:15:02.933", + "lastModified": "2024-07-29T10:15:02.933", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in itsourcecode Society Management System 1.0 and classified as critical. This issue affects some unknown processing of the file check_student.php. The manipulation of the argument student_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272615." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en itsourcecode Society Management System 1.0 y se ha clasificado como cr\u00edtica. Este problema afecta a algunos procesos desconocidos del archivo check_student.php. La manipulaci\u00f3n del argumento student_id provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. La vulnerabilidad se ha hecho p\u00fablica y puede utilizarse. El identificador asociado a esta vulnerabilidad es VDB-272615." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE7-1.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272615", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272615", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.380383", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7195.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7195.json new file mode 100644 index 00000000000..c24ce514c3f --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7195.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7195", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-29T11:15:10.197", + "lastModified": "2024-07-29T11:15:10.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in itsourcecode Society Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/check_admin.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272616." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE7-2.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272616", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272616", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.380384", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7196.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7196.json new file mode 100644 index 00000000000..9917f69364b --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7196.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7196", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-29T11:15:10.503", + "lastModified": "2024-07-29T11:15:10.503", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Complaints Report Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272617 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/topsky979/7c314add775caa87b4db700e0bef7f35", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272617", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272617", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.380408", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 5244084a22b..e402aeb7345 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-29T10:00:17.674964+00:00 +2024-07-29T12:00:16.577372+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-29T09:15:03.693000+00:00 +2024-07-29T11:15:10.503000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -258159 +258165 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `6` -- [CVE-2024-41139](CVE-2024/CVE-2024-411xx/CVE-2024-41139.json) (`2024-07-29T09:15:02.563`) -- [CVE-2024-41143](CVE-2024/CVE-2024-411xx/CVE-2024-41143.json) (`2024-07-29T09:15:02.640`) -- [CVE-2024-41726](CVE-2024/CVE-2024-417xx/CVE-2024-41726.json) (`2024-07-29T09:15:02.703`) -- [CVE-2024-41881](CVE-2024/CVE-2024-418xx/CVE-2024-41881.json) (`2024-07-29T09:15:02.773`) -- [CVE-2024-7189](CVE-2024/CVE-2024-71xx/CVE-2024-7189.json) (`2024-07-29T08:15:01.703`) -- [CVE-2024-7190](CVE-2024/CVE-2024-71xx/CVE-2024-7190.json) (`2024-07-29T08:15:02.010`) -- [CVE-2024-7191](CVE-2024/CVE-2024-71xx/CVE-2024-7191.json) (`2024-07-29T09:15:03.410`) -- [CVE-2024-7192](CVE-2024/CVE-2024-71xx/CVE-2024-7192.json) (`2024-07-29T09:15:03.693`) +- [CVE-2024-4848](CVE-2024/CVE-2024-48xx/CVE-2024-4848.json) (`2024-07-29T11:15:09.920`) +- [CVE-2024-6761](CVE-2024/CVE-2024-67xx/CVE-2024-6761.json) (`2024-07-29T11:15:10.140`) +- [CVE-2024-7193](CVE-2024/CVE-2024-71xx/CVE-2024-7193.json) (`2024-07-29T10:15:02.107`) +- [CVE-2024-7194](CVE-2024/CVE-2024-71xx/CVE-2024-7194.json) (`2024-07-29T10:15:02.933`) +- [CVE-2024-7195](CVE-2024/CVE-2024-71xx/CVE-2024-7195.json) (`2024-07-29T11:15:10.197`) +- [CVE-2024-7196](CVE-2024/CVE-2024-71xx/CVE-2024-7196.json) (`2024-07-29T11:15:10.503`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `1` -- [CVE-2024-26621](CVE-2024/CVE-2024-266xx/CVE-2024-26621.json) (`2024-07-29T09:15:02.400`) -- [CVE-2024-6387](CVE-2024/CVE-2024-63xx/CVE-2024-6387.json) (`2024-07-29T09:15:02.853`) +- [CVE-2024-7192](CVE-2024/CVE-2024-71xx/CVE-2024-7192.json) (`2024-07-29T09:15:03.693`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 58b68b29e5e..4a6a0463332 100644 --- a/_state.csv +++ b/_state.csv @@ -246920,7 +246920,7 @@ CVE-2024-26618,0,0,60b49f9e86fa8f37acfeac63f8f4575f9654dbd2ab502c8b6c5996ed00c24 CVE-2024-26619,0,0,3a172888bab0a927d52b4fdd413d891b072fc341af639a3741034834064d6310,2024-03-12T12:40:13.500000 CVE-2024-2662,0,0,a2a94c73f74aa4424a4c3682e7ac78c6136565b797b4f728bf1a976cab864da5,2024-05-14T16:13:02.773000 CVE-2024-26620,0,0,65e5941945418b21a4c03b7b48584bf25732d23092fb7ebb20991b07ac64fe5a,2024-03-12T12:40:13.500000 -CVE-2024-26621,0,1,86dd105998222d554e0d89a99385ede99614096aaab551dd47af98d6befbdb87,2024-07-29T09:15:02.400000 +CVE-2024-26621,0,0,86dd105998222d554e0d89a99385ede99614096aaab551dd47af98d6befbdb87,2024-07-29T09:15:02.400000 CVE-2024-26622,0,0,4cd7d655a251310c444f077e2df4271fb89c449a25650c0bd38a0c088f0ade16,2024-06-25T22:15:19.240000 CVE-2024-26623,0,0,072badb03b6dfd11f30eaa3dc91549de4bb838c1b1cb59508b9c081211145520,2024-03-06T15:18:08.093000 CVE-2024-26624,0,0,dfec722c86cb19deabe85be0fdccacdcf71bc34ee8cead4ebe6ca2d88e75d73c,2024-03-27T14:15:10.163000 @@ -255890,9 +255890,9 @@ CVE-2024-41133,0,0,a5a4a3159caddd26c0f915a077a27191a1bfb56c31d18d6814d32ccb9198e CVE-2024-41134,0,0,8fa2334156a39d1ebf7e99e45685034ae3d6b02c155d7c1f1ec7acc21744b79d,2024-07-25T12:36:39.947000 CVE-2024-41135,0,0,66c622d4a15bea76906fc51ad68d43d1d4fd2725282204f137e1bed500fb2fb7,2024-07-25T12:36:39.947000 CVE-2024-41136,0,0,020b11b93feff063252b1869b912101e066c5fabc26a5328aa1d1ff14a3e25e0,2024-07-26T13:22:02.033000 -CVE-2024-41139,1,1,64f5dee7b2554e7c4591201cd1f90856f38818ef633fdc0df3197e870bc65ffc,2024-07-29T09:15:02.563000 +CVE-2024-41139,0,0,64f5dee7b2554e7c4591201cd1f90856f38818ef633fdc0df3197e870bc65ffc,2024-07-29T09:15:02.563000 CVE-2024-4114,0,0,387f9ca6df27ba000d0f44d990ccd6bb074258bb946c87938379db9652dc0a14,2024-05-17T02:40:15.917000 -CVE-2024-41143,1,1,90b6b330637709750a9782da2f64b8e9e33bddb28d06be1bfcc042cebbc98779,2024-07-29T09:15:02.640000 +CVE-2024-41143,0,0,90b6b330637709750a9782da2f64b8e9e33bddb28d06be1bfcc042cebbc98779,2024-07-29T09:15:02.640000 CVE-2024-4115,0,0,89bc89df66a101d446d6568b359dec67345256fa579984420e2e2fe7ea4994ac,2024-06-04T19:20:29.937000 CVE-2024-4116,0,0,6ee64e85b69f8f11f599040da371bf02d3a94742e1ecd0f467d9a48f26243458,2024-05-17T02:40:16.110000 CVE-2024-4117,0,0,439d2da59fd01a25f254df6698027149837f261eb1a16ba5752d7e62667d1bfc,2024-06-04T19:20:30.043000 @@ -256011,7 +256011,7 @@ CVE-2024-41707,0,0,3c5ea333b2404f7e0d9195aa6339fef455f6fa8292255904be4c6dce5c96f CVE-2024-41709,0,0,6713bfc73e81c65bc7923627db30413fcbe413ec587fff89449c3abd86e7e93b,2024-07-25T15:22:06.140000 CVE-2024-4171,0,0,87597e8caa4479ab69c883527c35fc22af72d614757313d16953f50dcfa107c2,2024-06-04T19:20:31.980000 CVE-2024-4172,0,0,ae5cefdd41ee745a5f3463347f20f3f77110439c81ed1ad285dedf4b40da1c57,2024-06-04T19:20:32.077000 -CVE-2024-41726,1,1,88f414969bd3200f6ad1a06603de912af8c9a5c4b5de27c4b2891456308d4dd9,2024-07-29T09:15:02.703000 +CVE-2024-41726,0,0,88f414969bd3200f6ad1a06603de912af8c9a5c4b5de27c4b2891456308d4dd9,2024-07-29T09:15:02.703000 CVE-2024-4173,0,0,47f39f3e8e603eac743ed4815cd724decf015716a2f0d9c17daf4d8fa3affc2d,2024-04-25T23:15:47.240000 CVE-2024-4174,0,0,e168dfb28a2573f66b3120de326c0954bda564c12e3831aed75de7f1338d3089,2024-04-25T13:18:02.660000 CVE-2024-4175,0,0,2f40401bb337bcc37138495e1928fb4d762f69fc829f768d707a278e8a423e1a,2024-04-25T13:18:02.660000 @@ -256042,7 +256042,7 @@ CVE-2024-41839,0,0,5fe8ccf2e82b1dbd1e8f5be23a4b35f149d0ed119de3feeae98a945913864 CVE-2024-4185,0,0,2ebb1e96affd30f65338d1aa453a686ffeaefddcc6c26d6c3c25de17e937fc18,2024-04-30T13:11:16.690000 CVE-2024-4186,0,0,c07cd0df6ca0a9d2dc3c3ba29e1f05004c0a2ac49601b699a13f07e112f9c5ca,2024-05-07T13:39:32.710000 CVE-2024-41880,0,0,2045bc24fb104b692bbe32c5951eb01a25f3639f665062ea76ff47318e893861,2024-07-24T12:55:13.223000 -CVE-2024-41881,1,1,b5402f88b0c46cef5e334380d91d9e96c28f6965e9ee0d73c905b76c007d1742,2024-07-29T09:15:02.773000 +CVE-2024-41881,0,0,b5402f88b0c46cef5e334380d91d9e96c28f6965e9ee0d73c905b76c007d1742,2024-07-29T09:15:02.773000 CVE-2024-4190,0,0,937461468fcd73b26e47070e7d0620ac3009210ef2f47e2156f0b87dd1c21bc4,2024-06-13T18:36:09.013000 CVE-2024-41914,0,0,3890dc2e9dfadd1c89a9c37c2efa6249276e0e28c3236b40dae7af311b3a8be5,2024-07-25T17:47:35.247000 CVE-2024-4192,0,0,0768e429bccaed861e82d220deefd437e5feb26a94e95c7a121626318970662c,2024-05-01T13:02:20.750000 @@ -256631,6 +256631,7 @@ CVE-2024-4844,0,0,8d4783b6be8eb3ca86bdecf4aaa281d65ab414ff769f738cde8b6bc1a2becc CVE-2024-4845,0,0,f8e5a569577a931ed62905431d3e7dc57f80df89344697bf8fc7f196d4c6a1d9,2024-07-23T17:23:41.597000 CVE-2024-4846,0,0,354213cecebbad5d2830809199864dadc70a5508c38afeb47a24b8f17c4c0fe1,2024-06-25T18:50:42.040000 CVE-2024-4847,0,0,3e175fcde7743d0dafc07697dcd3c0585505cba50a8840c440513434f4a1e2f1,2024-05-15T16:40:19.330000 +CVE-2024-4848,1,1,e9a992014a82f7f25ea8b020a59a54821debcc21ba29ea30b909eb2d249ee224,2024-07-29T11:15:09.920000 CVE-2024-4849,0,0,ea1119b37dea5602dfce7972c7449fed4caaba21295f1145a8612489a3c2fd07,2024-05-20T13:00:34.807000 CVE-2024-4851,0,0,cdc6cbe948e120051439ba4105c24946466b84d7a624559fd86ce63f704d51cd,2024-06-07T14:56:05.647000 CVE-2024-4853,0,0,da541001c8e0367662c3b06a50d7cccd28783ae7fb220bc7e41519bc4667edc5,2024-06-10T18:15:37.097000 @@ -257799,7 +257800,7 @@ CVE-2024-6381,0,0,2822fb12d769fe1cca32125b45cae52ba3e5807419213b6087c6db8de8d2b3 CVE-2024-6382,0,0,9f140af24f460b4413fa844f95383cc153754360a136939b8743c2d8327ebf99,2024-07-03T12:53:24.977000 CVE-2024-6383,0,0,4622f4fc90fbde51d6570a14e2ee494e3e71659c68201475e4e4eb659c036ac0,2024-07-05T12:55:51.367000 CVE-2024-6385,0,0,13d2095bcd11ed43b6c47262c7b96c8a9e162b20cb975895bc98c3af67d39ff6,2024-07-12T16:49:14.047000 -CVE-2024-6387,0,1,18a0eee254c378cec8300ccfc21cb8052a8dc8829e64291b38d5c6284633aacb,2024-07-29T09:15:02.853000 +CVE-2024-6387,0,0,18a0eee254c378cec8300ccfc21cb8052a8dc8829e64291b38d5c6284633aacb,2024-07-29T09:15:02.853000 CVE-2024-6388,0,0,0ce37f83493b5d79bb3fdc963327390bc09266ac17f5f1de660cf43d4cdce70d,2024-06-27T17:11:52.390000 CVE-2024-6391,0,0,f39301e9680e09028795caddd1f0219ac421e8fbe3773aa2e024531728c8f9e1,2024-07-09T18:19:14.047000 CVE-2024-6392,0,0,59a0778055c9ae4fa55c964a2a449c5eba0adacd372cf3ba0a728f148d4da23a,2024-07-12T12:49:07.030000 @@ -257997,6 +257998,7 @@ CVE-2024-6753,0,0,79cd533ef788d1e388d91ad96dd06c23d644eb06446486c79597aa813abb65 CVE-2024-6754,0,0,bc8cde0e84d8997b1c75c8ce06ab5236a2f6d5b64ebe5ed2b11b2213361d556f,2024-07-24T12:55:13.223000 CVE-2024-6755,0,0,ab1b630d4d60f43a14793abf6a91e747f24cf32e85dd2f18d0c7fae990d4845c,2024-07-24T12:55:13.223000 CVE-2024-6756,0,0,f587e50343ba8d4d9984018181e54a04ca58befeaa1fc8ceb12c6bae56622e09,2024-07-24T12:55:13.223000 +CVE-2024-6761,1,1,f38b3ccdc89aa0093bd659ba31741817a9ff74cb3bee1ce8404957bf0a35b578,2024-07-29T11:15:10.140000 CVE-2024-6765,0,0,582116fb1612a7c43e0b570dc3dd773f185a6bed827d147d00793764d2f2774e,2024-07-17T14:15:04.327000 CVE-2024-6772,0,0,cc08723700878586fe2b2cb702b9aeb8e7ff85837a231851739a99e842cb1c05,2024-07-17T13:34:20.520000 CVE-2024-6773,0,0,a5867869124c1a4b8949c923d047a73abaebfa5c6d8b0baadecd79e09f60d48f,2024-07-17T13:34:20.520000 @@ -258152,9 +258154,13 @@ CVE-2024-7185,0,0,c52e16bf9f9f42a8927241cae4302277dea92592a051435fb99b8b22f06fb1 CVE-2024-7186,0,0,1fca5bf3b4e197b63e258046d7ceffac9bb5f4226bedafb5e3b93fcdf29c8281,2024-07-29T06:15:03.420000 CVE-2024-7187,0,0,f35654ac501888a0f278af49d6fb4bcb3ef738af2e2b97cc401df743772848a7,2024-07-29T07:15:07.830000 CVE-2024-7188,0,0,becd39a6aa7990584748f5287876db63518ab0ae9f2005c4ef08178e66949aa8,2024-07-29T07:15:08.713000 -CVE-2024-7189,1,1,35eeb18c886375b73bd239786d0dd9e06eb28ad1148bfdbab13be9366afd5de7,2024-07-29T08:15:01.703000 -CVE-2024-7190,1,1,ca1374ebbe0d80aa77b5e602ff3d9a9186474bf4da7cd883864d55234de117dc,2024-07-29T08:15:02.010000 -CVE-2024-7191,1,1,03be4729ed5cdd408154ea492efb83ab303676d2b1c6438848697eed77545b91,2024-07-29T09:15:03.410000 -CVE-2024-7192,1,1,56eab8502537289b54abe11e07f961272986215cef710818328b47882c39c7d0,2024-07-29T09:15:03.693000 +CVE-2024-7189,0,0,35eeb18c886375b73bd239786d0dd9e06eb28ad1148bfdbab13be9366afd5de7,2024-07-29T08:15:01.703000 +CVE-2024-7190,0,0,ca1374ebbe0d80aa77b5e602ff3d9a9186474bf4da7cd883864d55234de117dc,2024-07-29T08:15:02.010000 +CVE-2024-7191,0,0,03be4729ed5cdd408154ea492efb83ab303676d2b1c6438848697eed77545b91,2024-07-29T09:15:03.410000 +CVE-2024-7192,0,1,ae47a94e3c72124e5358a3ce89431bc11204defc4d6e7ff84b9cec92c7e6969f,2024-07-29T09:15:03.693000 +CVE-2024-7193,1,1,df52f6dfb8dfa1e38ce458f960c0d0a45b32c7b4dd234893f1d04240fa045b9b,2024-07-29T10:15:02.107000 +CVE-2024-7194,1,1,5f1eeb91325db7d845067d278313c17e707631f1547243ba6b16165375156100,2024-07-29T10:15:02.933000 +CVE-2024-7195,1,1,a98e1012bc097fd53cccbe36a849d8a9d349afa5daabb788e9cc4b77f6e702e0,2024-07-29T11:15:10.197000 +CVE-2024-7196,1,1,37fd9337dd71a37fc30835e792f4223b80ebae8b024e8cbc74f38ff7d2b11cea,2024-07-29T11:15:10.503000 CVE-2024-7201,0,0,7be4dae6a4185f4cd25c1f8f884039dbbeadd8a2aceec8d6c898f20222370dfb,2024-07-29T03:15:03.267000 CVE-2024-7202,0,0,65ac55258284a64f4b9d6679d59d4464aa901cdf53880e6ffdc4430ae23e65ac,2024-07-29T04:15:02.807000