admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-25T10:00:16.889136+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-25 10:03:14 +00:00
parent 3c491ded51
commit 8ee31fdaf7
5 changed files with 354 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
CVE-2024/CVE-2024-423xx/CVE-2024-42340.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42340",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2024-08-25T08:15:03.290",
"lastModified": "2024-08-25T08:15:03.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-602"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

141
CVE-2024/CVE-2024-81xx/CVE-2024-8146.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-8146",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-25T08:15:03.597",
"lastModified": "2024-08-25T08:15:03.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/maqingnan/cve/blob/main/sql1.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.275728",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.275728",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.397417",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-81xx/CVE-2024-8147.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-8147",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-25T09:15:04.243",
"lastModified": "2024-08-25T09:15:04.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/maqingnan/cve/blob/main/sql2.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.275729",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.275729",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.397418",
"source": "cna@vuldb.com"
}
]
}

18
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-08-25T08:00:17.045819+00:00
2024-08-25T10:00:16.889136+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-08-25T07:15:11.067000+00:00
2024-08-25T09:15:04.243000+00:00
```
### Last Data Feed Release
@ -33,24 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
261110
261113
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `3`
- [CVE-2024-42337](CVE-2024/CVE-2024-423xx/CVE-2024-42337.json) (`2024-08-25T07:15:08.540`)
- [CVE-2024-42338](CVE-2024/CVE-2024-423xx/CVE-2024-42338.json) (`2024-08-25T07:15:10.350`)
- [CVE-2024-42339](CVE-2024/CVE-2024-423xx/CVE-2024-42339.json) (`2024-08-25T07:15:11.067`)
- [CVE-2024-8145](CVE-2024/CVE-2024-81xx/CVE-2024-8145.json) (`2024-08-25T06:15:03.910`)
- [CVE-2024-42340](CVE-2024/CVE-2024-423xx/CVE-2024-42340.json) (`2024-08-25T08:15:03.290`)
- [CVE-2024-8146](CVE-2024/CVE-2024-81xx/CVE-2024-8146.json) (`2024-08-25T08:15:03.597`)
- [CVE-2024-8147](CVE-2024/CVE-2024-81xx/CVE-2024-8147.json) (`2024-08-25T09:15:04.243`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2024-1430](CVE-2024/CVE-2024-14xx/CVE-2024-1430.json) (`2024-08-25T06:15:03.247`)
## Download and Usage

13
_state.csv
View File

@ -242369,7 +242369,7 @@ CVE-2024-1426,0,0,58297813532bddd72ed4f278824b8276e78c437596064bf3a5aa32ce1b4813
CVE-2024-1427,0,0,cab6a0307295e866b43ac26f256e1637a37d7a2b197239c60a9da244492c16fe,2024-07-03T15:44:40.083000
CVE-2024-1428,0,0,3cc3b1a9efed5e9bd932f5f4b32240359ff16f5465557beabc74530c2a820d28,2024-04-08T18:48:40.217000
CVE-2024-1429,0,0,e6662f9b0f545f55c7ee8bcb23a23604a89d336e239381f2a1bde6ff8a245229,2024-04-18T13:04:28.900000
CVE-2024-1430,0,1,5f572c70d25522d061e4003dc5db707a19ced2389745e1d9c2e010c648602583,2024-08-25T06:15:03.247000
CVE-2024-1430,0,0,5f572c70d25522d061e4003dc5db707a19ced2389745e1d9c2e010c648602583,2024-08-25T06:15:03.247000
CVE-2024-1431,0,0,dffeae7ac141470af7be0b2328a469b677a187755a6f5b33a0e207b69e8951ff,2024-05-17T02:35:26.750000
CVE-2024-1432,0,0,c5cced34d488ad6451a389f4ef94ad47e3a692cf248f0465497b6f18a4764cd4,2024-08-01T19:15:36.183000
CVE-2024-1433,0,0,fc501baa3742da2eca2c8d6dbd68b98ba191ec1168203c3ad2d0a6bbc1a9ee77,2024-05-17T02:35:26.970000
@ -257696,10 +257696,11 @@ CVE-2024-4233,0,0,e3336c43dd885f8db6271cd8e49f7796169d1b724e733d53d39e8dcd56cab2
CVE-2024-42334,0,0,63554eb6ad9440efa3ee44750a635a89b93444804b44759a759c86799c0d08da,2024-08-21T15:59:56.493000
CVE-2024-42335,0,0,2b9b97973dd654c6eb68cc221bad7788b92938b457385b73625ca969f07db996,2024-08-21T13:49:19.863000
CVE-2024-42336,0,0,2a147ce2c01a7e418a5959472912788f2794cc01211d2520283d06f56199ab5d,2024-08-20T15:44:20.567000
CVE-2024-42337,1,1,47e1940a0e7d8f836173649e1092c05c4a599d6952732f048ef06f63fe0c62ed,2024-08-25T07:15:08.540000
CVE-2024-42338,1,1,00b1ab80b5a0024a676edd49282a142c1d301f4b5e828f08f344e9a0e94c0116,2024-08-25T07:15:10.350000
CVE-2024-42339,1,1,f4ee840292c50c15be4fdc2b991811af45baa71c81082da6eef96531aabf104d,2024-08-25T07:15:11.067000
CVE-2024-42337,0,0,47e1940a0e7d8f836173649e1092c05c4a599d6952732f048ef06f63fe0c62ed,2024-08-25T07:15:08.540000
CVE-2024-42338,0,0,00b1ab80b5a0024a676edd49282a142c1d301f4b5e828f08f344e9a0e94c0116,2024-08-25T07:15:10.350000
CVE-2024-42339,0,0,f4ee840292c50c15be4fdc2b991811af45baa71c81082da6eef96531aabf104d,2024-08-25T07:15:11.067000
CVE-2024-4234,0,0,18c98986f4d0c323ca7a76881b57d07f11d740fced15b647da44016411c790ed,2024-04-26T15:32:22.523000
CVE-2024-42340,1,1,9ca332630bfc51f7c0e6be2bc1bb935ca544861351b51e7eb13a40e4f63659ec,2024-08-25T08:15:03.290000
CVE-2024-42347,0,0,9d56c3d6f460e2251d08d50a3e874b7efeb364cadb050367418d1be0b31e15cb,2024-08-12T18:52:08.163000
CVE-2024-42348,0,0,9049ba06c12fadbe924de4e1d7650091813be7f3a3306b9434f7ebd8620eed32,2024-08-05T12:41:45.957000
CVE-2024-42349,0,0,7c83a1a3a31095b7c061367c56e1e2185d3951ede9de2f7c2b93de97074131bc,2024-08-05T12:41:45.957000
@ -261108,4 +261109,6 @@ CVE-2024-8140,0,0,60bdcb31e72dc8d58ebff5f24a11864be8d911ad4f98a34c83d4ad581bf2f5
CVE-2024-8141,0,0,5b89c55608dc7c94dcc3a41a381072a0d3a68ce11de5be1e80b6665e2959a8b1,2024-08-25T02:15:04.687000
CVE-2024-8142,0,0,fcb738cd7c7aaf1f9f023d59895853a768ef11a919deeb1ffc545380a5d50560,2024-08-25T03:15:03.673000
CVE-2024-8144,0,0,88fed21edfd93fa7bca725ad2225251a9d109041c2e48809ee1ed796915b95a8,2024-08-25T04:15:03.867000
CVE-2024-8145,1,1,78b78143837f5c0df569416f880d975eb45acf9e0ac0d1c0640b30f4b266e1ba,2024-08-25T06:15:03.910000
CVE-2024-8145,0,0,78b78143837f5c0df569416f880d975eb45acf9e0ac0d1c0640b30f4b266e1ba,2024-08-25T06:15:03.910000
CVE-2024-8146,1,1,1a014ee97b984953eab99f79670e8f6f85a815565363ce01758e7ec2838e752e,2024-08-25T08:15:03.597000
CVE-2024-8147,1,1,1943d5219ce6820bb91164b12575bc9bc6449d1368374a8bac82f600f631e34c,2024-08-25T09:15:04.243000

Can't render this file because it is too large.