diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49921.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49921.json new file mode 100644 index 00000000000..971b9ef7a2a --- /dev/null +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49921.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-49921", + "sourceIdentifier": "bressers@elastic.co", + "published": "2024-07-26T05:15:10.270", + "lastModified": "2024-07-26T05:15:10.270", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input\u2019s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "bressers@elastic.co", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "bressers@elastic.co", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://discuss.elastic.co/t/elasticsearch-8-11-2-7-17-16-security-update-esa-2023-29/349179", + "source": "bressers@elastic.co" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7117.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7117.json new file mode 100644 index 00000000000..7115e693609 --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7117.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7117", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-26T04:15:02.637", + "lastModified": "2024-07-26T04:15:02.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. Affected is an unknown function of the file /shift_viewmore.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-272448. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/topsky979/Security-Collections/tree/main/cve8", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272448", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272448", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.376889", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7118.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7118.json new file mode 100644 index 00000000000..c4baf7a5ea6 --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7118.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7118", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-26T04:15:02.977", + "lastModified": "2024-07-26T04:15:02.977", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. Affected by this vulnerability is an unknown functionality of the file /department_viewmore.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier VDB-272449 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/topsky979/Security-Collections/tree/main/cve9", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272449", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272449", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.376890", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7119.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7119.json new file mode 100644 index 00000000000..b9f099a4966 --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7119.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7119", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-26T05:15:10.577", + "lastModified": "2024-07-26T05:15:10.577", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. Affected by this issue is some unknown functionality of the file /employee_viewmore.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. VDB-272450 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/topsky979/Security-Collections/tree/main/cve10", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272450", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272450", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.376891", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-71xx/CVE-2024-7120.json b/CVE-2024/CVE-2024-71xx/CVE-2024-7120.json new file mode 100644 index 00000000000..21524b0daf7 --- /dev/null +++ b/CVE-2024/CVE-2024-71xx/CVE-2024-7120.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7120", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-26T05:15:10.857", + "lastModified": "2024-07-26T05:15:10.857", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. This affects an unknown part of the file list_base_config.php of the component Web Interface. The manipulation of the argument template leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272451." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://netsecfish.notion.site/Command-Injection-Vulnerability-in-RAISECOM-Gateway-Devices-673bc7d2f8db499f9de7182d4706c707?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.272451", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.272451", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.380167", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2577d694422..519f062009b 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-26T04:00:16.805767+00:00 +2024-07-26T06:00:16.693151+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-26T03:15:02.087000+00:00 +2024-07-26T05:15:10.857000+00:00 ``` ### Last Data Feed Release @@ -33,17 +33,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -257990 +257995 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `5` -- [CVE-2024-4447](CVE-2024/CVE-2024-44xx/CVE-2024-4447.json) (`2024-07-26T02:15:10.160`) -- [CVE-2024-7114](CVE-2024/CVE-2024-71xx/CVE-2024-7114.json) (`2024-07-26T02:15:10.440`) -- [CVE-2024-7115](CVE-2024/CVE-2024-71xx/CVE-2024-7115.json) (`2024-07-26T02:15:10.720`) -- [CVE-2024-7116](CVE-2024/CVE-2024-71xx/CVE-2024-7116.json) (`2024-07-26T03:15:02.087`) +- [CVE-2023-49921](CVE-2023/CVE-2023-499xx/CVE-2023-49921.json) (`2024-07-26T05:15:10.270`) +- [CVE-2024-7117](CVE-2024/CVE-2024-71xx/CVE-2024-7117.json) (`2024-07-26T04:15:02.637`) +- [CVE-2024-7118](CVE-2024/CVE-2024-71xx/CVE-2024-7118.json) (`2024-07-26T04:15:02.977`) +- [CVE-2024-7119](CVE-2024/CVE-2024-71xx/CVE-2024-7119.json) (`2024-07-26T05:15:10.577`) +- [CVE-2024-7120](CVE-2024/CVE-2024-71xx/CVE-2024-7120.json) (`2024-07-26T05:15:10.857`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index ac71edc2b3b..21ebc893b19 100644 --- a/_state.csv +++ b/_state.csv @@ -236955,6 +236955,7 @@ CVE-2023-49912,0,0,7f28841368210bc0691c0afc3a42ead464f21102210069e934af0e2a983db CVE-2023-49913,0,0,9787c7114d73c4d417e5f8323c916fc32eab2ffa05723aeaf9a3588117501253,2024-04-10T13:24:22.187000 CVE-2023-49914,0,0,b89eb4a3a310cef0cc586b45f3748d12c2ee08c7f8dc70b5705f61fce08caebe,2023-12-07T19:04:24.117000 CVE-2023-49920,0,0,10ff3ef17084bf616ce673a67e0925690ef78be6b2b6b6630c8a8ca5b257ae2f,2023-12-28T13:49:22.483000 +CVE-2023-49921,1,1,965a19f3fe15977ca37a38ec5cd9a0ab9277fbec1b0c3a8a7ce39f5cb315ee56,2024-07-26T05:15:10.270000 CVE-2023-49922,0,0,2895cd4c3f9a214bcf714282482758940b383f1b5313c3e10f62d5e5c7f90ab1,2023-12-19T15:11:00.423000 CVE-2023-49923,0,0,8c5463191a66a374ded20ebbf457fd749a3488a11cf52dd1dfa09195520416ce,2023-12-19T15:07:43.147000 CVE-2023-49926,0,0,38fff8a194f95993dded19af912bc12c507a9daed8ebe448c5987637a13e1fa2,2023-12-06T20:51:09.867000 @@ -256190,7 +256191,7 @@ CVE-2024-4443,0,0,844cc6ae76fc91b0a9b2c7cc836e7c7382ecc4895f252d76709d68a22aac17 CVE-2024-4444,0,0,b8ab3a280e1fea7a38298a9a71737680ed9a07734ba58de04ed034a8b48f0be8,2024-05-14T16:11:39.510000 CVE-2024-4445,0,0,bc137eb49d08335d8d2b32a3f413016c50b301d09f6a742095c80df385aba82a,2024-05-14T19:17:55.627000 CVE-2024-4446,0,0,1f8054153546c06c7cecced2dcd2c53333dc96b1e8806f72a87d7ba3a2b74b3c,2024-05-14T16:11:39.510000 -CVE-2024-4447,1,1,04e88a11ce083a2989a17bd28b0796f07b7b21fab13c567ee1e59394399aa542,2024-07-26T02:15:10.160000 +CVE-2024-4447,0,0,04e88a11ce083a2989a17bd28b0796f07b7b21fab13c567ee1e59394399aa542,2024-07-26T02:15:10.160000 CVE-2024-4448,0,0,ff015519e7eac6c0276d907449baafc4f7a351376bd8c68f68eb22730cad6ec7,2024-05-14T16:11:39.510000 CVE-2024-4449,0,0,dfb61d36a2fe2d114407086a514e9ce225e4230ccc913df40322e3ba386dcfdc,2024-05-14T16:11:39.510000 CVE-2024-4450,0,0,b24b8ce0e053a361cce58b13d2cd04d00806b52c8bf56acc8e9c097bb185241c,2024-06-20T12:44:01.637000 @@ -257986,6 +257987,10 @@ CVE-2024-7091,0,0,e8d0dd8bb435701b961e03b8d58836a663b21eec4a32e53ec9bb349c72e729 CVE-2024-7101,0,0,e38bfce381af474fe5d83b2a017b3d9cde94994938f5c809ee169a4122de7c78,2024-07-25T16:15:04.720000 CVE-2024-7105,0,0,79dd67af39650009390e7b476527237a1b12f53b9ae2bc840f7b6f81f68c2970,2024-07-25T21:15:11.790000 CVE-2024-7106,0,0,5e68ef5aeb0a28231e715ea10bcf9bd287440c3361184536e65db5c8aef6e534,2024-07-25T21:15:12.090000 -CVE-2024-7114,1,1,70750e8bb3aec728e18e66850013fc922cc7247cde15d7cfa83fd23270c1b5ed,2024-07-26T02:15:10.440000 -CVE-2024-7115,1,1,9d2b833fcf667338332b62b251f2e974f1a3125176b5ff926d7c676775ca7879,2024-07-26T02:15:10.720000 -CVE-2024-7116,1,1,777470d129d741ee59b50bb78efc9492f48a06cc99aedf95f15d1e082c29f4b6,2024-07-26T03:15:02.087000 +CVE-2024-7114,0,0,70750e8bb3aec728e18e66850013fc922cc7247cde15d7cfa83fd23270c1b5ed,2024-07-26T02:15:10.440000 +CVE-2024-7115,0,0,9d2b833fcf667338332b62b251f2e974f1a3125176b5ff926d7c676775ca7879,2024-07-26T02:15:10.720000 +CVE-2024-7116,0,0,777470d129d741ee59b50bb78efc9492f48a06cc99aedf95f15d1e082c29f4b6,2024-07-26T03:15:02.087000 +CVE-2024-7117,1,1,4c593ef0b3db6af308f86e525e0b4d9a8ca82cd424bf40f3eef74b6fd93bbcc6,2024-07-26T04:15:02.637000 +CVE-2024-7118,1,1,5d306340a9482b63b17254d004de9aad1ede154f62f8dd804f32888b968028d8,2024-07-26T04:15:02.977000 +CVE-2024-7119,1,1,38c019aba6b1c3282911b10ef75465a73367846bbac40396eb5a9038b3359d69,2024-07-26T05:15:10.577000 +CVE-2024-7120,1,1,bfefe490100dea291c68be2f1b611bef6729d1377601fd87c3c7464f24ab5035,2024-07-26T05:15:10.857000