admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-06T05:00:28.306580+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-06 05:03:51 +00:00
parent ffc26f1f6a
commit 81daee759e
15 changed files with 460 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
CVE-2024/CVE-2024-201xx/CVE-2024-20105.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20105",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:06.363",
"lastModified": "2025-01-06T04:15:06.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20140.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20140",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:06.513",
"lastModified": "2025-01-06T04:15:06.513",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20143.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20143",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:06.630",
"lastModified": "2025-01-06T04:15:06.630",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2069."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20144.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20144",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:06.743",
"lastModified": "2025-01-06T04:15:06.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2041."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20145.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20145",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:06.850",
"lastModified": "2025-01-06T04:15:06.850",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940; Issue ID: MSV-2040."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20146.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20146",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:06.963",
"lastModified": "2025-01-06T04:15:06.963",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20148.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20148",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:07.077",
"lastModified": "2025-01-06T04:15:07.077",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20149.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20149",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:07.193",
"lastModified": "2025-01-06T04:15:07.193",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY01263331 / MOLY01233835; Issue ID: MSV-2165."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20150.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20150",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:07.307",
"lastModified": "2025-01-06T04:15:07.307",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20151.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20151",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:07.413",
"lastModified": "2025-01-06T04:15:07.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20152.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20152",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:07.527",
"lastModified": "2025-01-06T04:15:07.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue ID: MSV-1798."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20153.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20153",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:07.647",
"lastModified": "2025-01-06T04:15:07.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-304"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

33
CVE-2024/CVE-2024-201xx/CVE-2024-20154.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-20154",
"sourceIdentifier": "security@mediatek.com",
"published": "2025-01-06T04:15:07.770",
"lastModified": "2025-01-06T04:15:07.770",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@mediatek.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/January-2025",
"source": "security@mediatek.com"
}
]
}

22
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-06T03:00:31.714138+00:00
2025-01-06T05:00:28.306580+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-06T01:15:06.253000+00:00
2025-01-06T04:15:07.770000+00:00
```
### Last Data Feed Release
@ -33,14 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
275748
275761
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `13`
- [CVE-2024-13145](CVE-2024/CVE-2024-131xx/CVE-2024-13145.json) (`2025-01-06T01:15:06.253`)
- [CVE-2024-20105](CVE-2024/CVE-2024-201xx/CVE-2024-20105.json) (`2025-01-06T04:15:06.363`)
- [CVE-2024-20140](CVE-2024/CVE-2024-201xx/CVE-2024-20140.json) (`2025-01-06T04:15:06.513`)
- [CVE-2024-20143](CVE-2024/CVE-2024-201xx/CVE-2024-20143.json) (`2025-01-06T04:15:06.630`)
- [CVE-2024-20144](CVE-2024/CVE-2024-201xx/CVE-2024-20144.json) (`2025-01-06T04:15:06.743`)
- [CVE-2024-20145](CVE-2024/CVE-2024-201xx/CVE-2024-20145.json) (`2025-01-06T04:15:06.850`)
- [CVE-2024-20146](CVE-2024/CVE-2024-201xx/CVE-2024-20146.json) (`2025-01-06T04:15:06.963`)
- [CVE-2024-20148](CVE-2024/CVE-2024-201xx/CVE-2024-20148.json) (`2025-01-06T04:15:07.077`)
- [CVE-2024-20149](CVE-2024/CVE-2024-201xx/CVE-2024-20149.json) (`2025-01-06T04:15:07.193`)
- [CVE-2024-20150](CVE-2024/CVE-2024-201xx/CVE-2024-20150.json) (`2025-01-06T04:15:07.307`)
- [CVE-2024-20151](CVE-2024/CVE-2024-201xx/CVE-2024-20151.json) (`2025-01-06T04:15:07.413`)
- [CVE-2024-20152](CVE-2024/CVE-2024-201xx/CVE-2024-20152.json) (`2025-01-06T04:15:07.527`)
- [CVE-2024-20153](CVE-2024/CVE-2024-201xx/CVE-2024-20153.json) (`2025-01-06T04:15:07.647`)
- [CVE-2024-20154](CVE-2024/CVE-2024-201xx/CVE-2024-20154.json) (`2025-01-06T04:15:07.770`)
### CVEs modified in the last Commit

15
_state.csv
View File

@ -245462,7 +245462,7 @@ CVE-2024-13141,0,0,d5aafc5c2992d7fd196249b8402b4122a413e79572fd119e168213fe09269
CVE-2024-13142,0,0,6528e6e437f3189459fe285c1e2c55ac5a019c331ae6dbee4c3df3b7145731b6,2025-01-05T23:15:06.467000
CVE-2024-13143,0,0,c2afc4876e46cd380fd1d10a980312da4d2e603db0d42920d20cd1d81d1bf391,2025-01-06T00:15:05.460000
CVE-2024-13144,0,0,bc673dcb37833b727fc98157fce26807cef4c158cb3987428cbd5bd61bbe52b2,2025-01-06T00:15:05.633000
CVE-2024-13145,1,1,5293851792dc3cb6491b0cda78aca9c898b2b603a3534d53245e0430e746e1ed,2025-01-06T01:15:06.253000
CVE-2024-13145,0,0,5293851792dc3cb6491b0cda78aca9c898b2b603a3534d53245e0430e746e1ed,2025-01-06T01:15:06.253000
CVE-2024-1315,0,0,e1f16e3b2be06db6b65befc45bb21c6efb290182d3477c01a71033b0effe0c2a,2024-11-21T08:50:18.373000
CVE-2024-1316,0,0,ec6b544cc876a8479e8de890063434d877e95d2641a1a8c864b5c959e6dbfa7d,2024-11-21T08:50:19.090000
CVE-2024-1317,0,0,a1d296c91e245cb27c998bff4f84250fb1101a61ebac429b7ce35a2ceb239c73,2024-12-31T16:57:11.080000
@ -246219,6 +246219,7 @@ CVE-2024-20101,0,0,1b0fb6e30099544a0610e30130e11f942644076950411627a0f652b03e31c
CVE-2024-20102,0,0,b14add8569cfdfeb4728ddac4e0e984ab758a4a9669d75ca24872fa709a753de,2024-10-10T18:20:31.820000
CVE-2024-20103,0,0,b3d4791efc226cea589196d5aa87bb175b0cd70d652f826dda4aaaf08c792fe4,2024-10-07T19:36:43.530000
CVE-2024-20104,0,0,279f9fe03a80621edf85d2b9a94aa3e729ef63f418ac218ae57c55ba1b018348,2024-11-04T18:50:05.607000
CVE-2024-20105,1,1,5653ea694ce25aefdab871eb063f68eb8bae5956b8094b5274f6e480722c8195,2025-01-06T04:15:06.363000
CVE-2024-20106,0,0,9ed0edd0d93f818e255d40207e291113a66f7f07a64b246dc551c45e71818d67,2024-11-04T18:50:05.607000
CVE-2024-20107,0,0,d68c82e7ac5cc57e7b2ad3153d74aa648615bf6a91a48360aabd997b2db586b8,2024-11-04T18:50:05.607000
CVE-2024-20108,0,0,1396ac71b05c962e52132dffa47ef1234f2c2dca3e32a1fef4c04be9e6eb1fb6,2024-11-04T18:50:05.607000
@ -246256,7 +246257,19 @@ CVE-2024-20137,0,0,53377c7194035f3c7335cd23304ae7e34fb32383669eff1b9c9a22598ab07
CVE-2024-20138,0,0,1264e7fcc71f95b0ae39f37ee36146e7c465bf599e4b07c736bd426b81382a8a,2024-12-02T16:15:08.603000
CVE-2024-20139,0,0,434bf1878b4edcc6ee42c87512888b556d261e46d1cb8ef2e233401120fa701b,2024-12-02T16:15:08.770000
CVE-2024-2014,0,0,9c6b7427d7e4ecbb91bf5ac0c5393a05c9efb2a90a5cef1334b8ef37b43c6713,2024-11-21T09:08:48.813000
CVE-2024-20140,1,1,4a7d9d941c815cd13d33c6c8541d20fc6042ecce0ce37962751812f643564062,2025-01-06T04:15:06.513000
CVE-2024-20143,1,1,3ed02d9b81e2efdfc09a6ef8f0d25431f322c74ef63e0f1819cbd6a0fa0f33b9,2025-01-06T04:15:06.630000
CVE-2024-20144,1,1,a0d9e799b5f8f8ac4873e724e8f21a1cf6074598874496f83b31e473b386cb55,2025-01-06T04:15:06.743000
CVE-2024-20145,1,1,ff66458ab13a2cae9033455b76dbb4e46d3abe493a86e5c0b437ab1666c6bec7,2025-01-06T04:15:06.850000
CVE-2024-20146,1,1,94878967925ac12686b096f6f41385c22252014542edb4b7fb378387d3ff7f14,2025-01-06T04:15:06.963000
CVE-2024-20148,1,1,6345fc1bacd9123cc6f7f6f27082e3c29ae54fbb78a35f07a1aed659dd8a3ead,2025-01-06T04:15:07.077000
CVE-2024-20149,1,1,f56f6784cbba14e94e8701fa81ee587ecc420d27b209b8f5d71b81ad9e6554cd,2025-01-06T04:15:07.193000
CVE-2024-2015,0,0,4b2b7166fa9575a7c1050901ca90dd43f109899611c303f2828bf2e2cf52681a,2024-11-21T09:08:48.950000
CVE-2024-20150,1,1,ab9d0d1053723fc68d900be57253a4ab2589c6f361ab4983821200623fd713a3,2025-01-06T04:15:07.307000
CVE-2024-20151,1,1,bc3aad3953553f1701ebf0bdf3c966093d621dc1da6e163abc2116443feb89c7,2025-01-06T04:15:07.413000
CVE-2024-20152,1,1,7bc6f761506dc2f1b60be14ccdc25abe0066ff28a040b6161c0da4eddc913292,2025-01-06T04:15:07.527000
CVE-2024-20153,1,1,899a25f829fb1ac6516524036d87b68f526a2155294ddff230ca646ba2941f8e,2025-01-06T04:15:07.647000
CVE-2024-20154,1,1,ffbe03d71f351936b370aed1bad9ddee8955b0536f32104b46c86174d20ffb23,2025-01-06T04:15:07.770000
CVE-2024-2016,0,0,0a76e7b2522ebfe55ed8955c44da83c1e8d58430e6a8d9e2f2e7fd6c0d9d0b3c,2024-11-21T09:08:49.083000
CVE-2024-2017,0,0,236856e0dda8caa97c3fd2d0292540757fbfb28961569fc651286f391f5350fe,2024-11-21T09:08:49.250000
CVE-2024-2018,0,0,6e829569b26c1c6d9562c5c1edf6c63df592bace683bac56acb5cd3f3ac34712,2024-11-21T09:08:49.413000

Can't render this file because it is too large.