Auto-Update: 2024-06-24T12:00:18.238602+00:00

2025-07-09 16:05:11 +00:00 · 2024-06-24 12:03:11 +00:00 · 2024-06-24 12:03:11 +00:00 · 923d2a531c
commit 923d2a531c
parent 3483c6be07
4 changed files with 91 additions and 18 deletions
--- a/CVE-2024/CVE-2024-298xx/CVE-2024-29868.json
+++ b/CVE-2024/CVE-2024-298xx/CVE-2024-29868.json
@ -0,0 +1,32 @@
+{
+  "id": "CVE-2024-29868",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2024-06-24T10:15:09.387",
+  "lastModified": "2024-06-24T10:15:09.387",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache StreamPipes\u00a0user self-registration and password recovery mechanism.\nThis allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account.\nThis issue affects Apache StreamPipes: from 0.69.0 through 0.93.0.\n\nUsers are recommended to upgrade to version 0.95.0, which fixes the issue.\n\n"
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-338"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://lists.apache.org/thread/g7t7zctvq2fysrw1x17flnc12592nhx7",
+      "source": "security@apache.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-61xx/CVE-2024-6160.json
+++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6160.json
@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-6160",
+  "sourceIdentifier": "cvd@cert.pl",
+  "published": "2024-06-24T10:15:10.277",
+  "lastModified": "2024-06-24T10:15:10.277",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL Injection vulnerability in MegaBIP software allows attacker to disclose the contents of the database, obtain session cookies or modify the content of pages.\u00a0This issue affects MegaBIP software versions through 5.12.1."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "cvd@cert.pl",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cert.pl/en/posts/2024/06/CVE-2024-6160/",
+      "source": "cvd@cert.pl"
+    },
+    {
+      "url": "https://cert.pl/posts/2024/06/CVE-2024-6160/",
+      "source": "cvd@cert.pl"
+    },
+    {
+      "url": "https://megabip.pl/",
+      "source": "cvd@cert.pl"
+    },
+    {
+      "url": "https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznej",
+      "source": "cvd@cert.pl"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-06-24T10:00:19.191339+00:00
+2024-06-24T12:00:18.238602+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-06-24T09:15:10.347000+00:00
+2024-06-24T10:15:10.277000+00:00
 ```

 ### Last Data Feed Release
@ -33,20 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-254985
+254987
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `7`
+Recently added CVEs: `2`

- [CVE-2024-24554](CVE-2024/CVE-2024-245xx/CVE-2024-24554.json) (`2024-06-24T08:15:09.130`)
- [CVE-2024-27136](CVE-2024/CVE-2024-271xx/CVE-2024-27136.json) (`2024-06-24T08:15:09.297`)
- [CVE-2024-36495](CVE-2024/CVE-2024-364xx/CVE-2024-36495.json) (`2024-06-24T09:15:09.730`)
- [CVE-2024-36496](CVE-2024/CVE-2024-364xx/CVE-2024-36496.json) (`2024-06-24T09:15:09.860`)
- [CVE-2024-36497](CVE-2024/CVE-2024-364xx/CVE-2024-36497.json) (`2024-06-24T09:15:09.973`)
- [CVE-2024-4754](CVE-2024/CVE-2024-47xx/CVE-2024-4754.json) (`2024-06-24T09:15:10.083`)
- [CVE-2024-5683](CVE-2024/CVE-2024-56xx/CVE-2024-5683.json) (`2024-06-24T09:15:10.347`)
+- [CVE-2024-29868](CVE-2024/CVE-2024-298xx/CVE-2024-29868.json) (`2024-06-24T10:15:09.387`)
+- [CVE-2024-6160](CVE-2024/CVE-2024-61xx/CVE-2024-6160.json) (`2024-06-24T10:15:10.277`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -244968,7 +244968,7 @@ CVE-2024-24550,0,0,91ed89072f346ece3378c3b8cc26e70db4dac38421f3f5215f3d25a61fe9e
 CVE-2024-24551,0,0,2b898e8e8b496b4e3e19967665dd0e050a5aaa08f0403143650c93ddecb810c3,2024-06-24T07:15:14.760000
 CVE-2024-24552,0,0,2ca568287ff7a4646bbdcecd6ec42745f8c73fcda46c19750af4c579ffbcbc5d,2024-06-24T07:15:14.903000
 CVE-2024-24553,0,0,bea459affabde308db7a87d6a1bd3fb504d4d4f3eafcb8f0a0083fee19b95ab9,2024-06-24T07:15:15.063000
-CVE-2024-24554,1,1,8a71f884ece483692fc8315e1bda1ef879a5a27b3892cd9444f8ec53bc820e6d,2024-06-24T08:15:09.130000
+CVE-2024-24554,0,0,8a71f884ece483692fc8315e1bda1ef879a5a27b3892cd9444f8ec53bc820e6d,2024-06-24T08:15:09.130000
 CVE-2024-24556,0,0,5eadc80f5e2b4d40f2247a29eb7c2aa8b2d9f2f191f8cfe4f491f2d184a6cbe7,2024-02-06T19:24:46.810000
 CVE-2024-24557,0,0,803986686a1d77830cb33582e01547bf1b4ed013f71e8dbf2a84322efe6db933,2024-02-09T20:21:32.970000
 CVE-2024-24558,0,0,26ffac7b2f9dc8041f02bc6fb374f1f9b0b06e69d8b3e191802aa68af28d0bbc,2024-04-23T19:52:49.107000
@ -246881,7 +246881,7 @@ CVE-2024-27130,0,0,387d6d6bd78861e8f479c2855dcd6ca0a6b290bc9bab5fadd88ddb47cbcf6
 CVE-2024-27132,0,0,0d4a858300081e7b1734f10a34971409f661ea8e5d10f439041910c3efb6a17b,2024-02-26T13:42:22.567000
 CVE-2024-27133,0,0,1ea41b494ad0a5106ea020fe3275dce436a1bf62da11c275e95a71856ace701b,2024-02-26T13:42:22.567000
 CVE-2024-27135,0,0,c0b7364866f5910220db1f3515d91e63f085beb1f854242bc27d0a872c26bbb9,2024-05-01T17:15:30.087000
-CVE-2024-27136,1,1,ba5122bff8d11f89f413f3a3c07e0fd16f5fda04ad923cfc74647c43821a4f5c,2024-06-24T08:15:09.297000
+CVE-2024-27136,0,0,ba5122bff8d11f89f413f3a3c07e0fd16f5fda04ad923cfc74647c43821a4f5c,2024-06-24T08:15:09.297000
 CVE-2024-27138,0,0,b099a37bd6bd06771ccd0d4a605b41ff72cf31165d4c7c0ea37d0b28b310e949,2024-05-17T02:37:25.107000
 CVE-2024-27139,0,0,5e7888e89d482e3e5f40cfdc640fb4169d86933380e96bafbb3178e764d3924e,2024-05-17T02:37:25.190000
 CVE-2024-2714,0,0,14f40cd4bfa53feeb5e4acf18b5d2b179b0ad5429d8ebda8d963bedfd21bc4c2,2024-05-17T02:38:26.850000
@ -248501,6 +248501,7 @@ CVE-2024-29863,0,0,5ec71e17f35f1b20d68a8fb4a9c7a1d55d3d29cfb9efd5769e3093565fc81
 CVE-2024-29864,0,0,a6ff60d6eca0eec860cad03d4ebcf6ddb2a8ce1d06f7fbda3179547925ea7c1b,2024-03-21T12:58:51.093000
 CVE-2024-29865,0,0,c71ea820e322882cfd10f1c29db59e00803f8a609d75b87f5e2466dff384d5b6,2024-03-22T15:34:43.663000
 CVE-2024-29866,0,0,2169c0f3fed16be1069cbb5502128dfabe18fe6fbc7db4f274cc3c93caea8ddd,2024-03-21T15:24:35.093000
+CVE-2024-29868,1,1,fcd8de6d09688eaf5b0c8e2fa6636f13f4605cc2bc22f7b4f9b1cfc9b60cd8cf,2024-06-24T10:15:09.387000
 CVE-2024-2987,0,0,8e4472435dae1bc704d5dce95b8b76dabb2648c6f5bada5b41186e08bd4d1ecf,2024-05-17T02:38:40.867000
 CVE-2024-29870,0,0,e30dc3832a6e40f96f36d6a14e8c8edd290056d5cc189e329ff7d917f01a8001,2024-03-21T15:24:35.093000
 CVE-2024-29871,0,0,26669ba5bfad06e749b4da0897856b8ae6b3b31b4382f6713c54983091b3efd3,2024-03-21T15:24:35.093000
@ -252706,9 +252707,9 @@ CVE-2024-36481,0,0,289e7e75bda9b051d0f16493c3f7ea721a35d329796879f3ae868bd0ce7af
 CVE-2024-36484,0,0,d8980b6175f97dcbe3120732bdd3f5c4554f0bf6402d98cdd4a7efe1e2dc7659,2024-06-21T11:22:01.687000
 CVE-2024-36489,0,0,706602251538409bdd6d4f26c7d5b5f5da3d2d56202958896118ef2720f4e680,2024-06-21T11:22:01.687000
 CVE-2024-3649,0,0,969867829e20da4acc88ade671a27808c021dddbe3e27e051d2004e683670e61,2024-05-02T18:00:37.360000
-CVE-2024-36495,1,1,6ed534b3914581c2d718a5af5dab95525c5ee99a2e37b7b16e42963dac7da249,2024-06-24T09:15:09.730000
-CVE-2024-36496,1,1,5d4f653e98532d8e3c120ed293c6b23c3e6c972681112b087748cf948d242561,2024-06-24T09:15:09.860000
-CVE-2024-36497,1,1,5127841a489d1ab5caa3b0be5e2e28ad3a89ddbad5090d1bb055835bd029c09b,2024-06-24T09:15:09.973000
+CVE-2024-36495,0,0,6ed534b3914581c2d718a5af5dab95525c5ee99a2e37b7b16e42963dac7da249,2024-06-24T09:15:09.730000
+CVE-2024-36496,0,0,5d4f653e98532d8e3c120ed293c6b23c3e6c972681112b087748cf948d242561,2024-06-24T09:15:09.860000
+CVE-2024-36497,0,0,5127841a489d1ab5caa3b0be5e2e28ad3a89ddbad5090d1bb055835bd029c09b,2024-06-24T09:15:09.973000
 CVE-2024-36499,0,0,077c5caf8d301ff2d1947e18a01670bc02e5c0dd9fda48352816e5be2251d0eb,2024-06-17T12:42:04.623000
 CVE-2024-3650,0,0,e078ac649d7d0d133fe9598e10336739bc9d365236ed72d408805e3868c3d439,2024-05-02T18:00:37.360000
 CVE-2024-36500,0,0,257fd399a14a7141c50c9e2046f94aaac781c0de172f7af5b46d8dab39ba2a83,2024-06-17T12:42:04.623000
@ -254143,7 +254144,7 @@ CVE-2024-4747,0,0,99152f6494a1192f3bae59b436abcc51d11f811ed1e0a72c2e65c8381fda60
 CVE-2024-4749,0,0,676e331864bc41907c4c80c44886e7dac480ef6dea2c29bc22838d992753d4da,2024-06-04T16:57:41.053000
 CVE-2024-4750,0,0,423585a3e250903ac62d761ecb0e0e6dc6b4649ccd4411b90275a4e6d2f87495,2024-06-04T16:57:41.053000
 CVE-2024-4751,0,0,980cee331660133759599aaa98eeae384de48fe7bcc98af4a2333b20d054b0b6,2024-06-17T12:42:04.623000
-CVE-2024-4754,1,1,cfd9e5babf41a7c2c5cd02f9b538bb66bc8b2969c9bce4d32f39c788fb710059,2024-06-24T09:15:10.083000
+CVE-2024-4754,0,0,cfd9e5babf41a7c2c5cd02f9b538bb66bc8b2969c9bce4d32f39c788fb710059,2024-06-24T09:15:10.083000
 CVE-2024-4755,0,0,60cecdfed0bd43adc43dc2d247a1ee989fd3070ddc34fbd20a182a68e206cadc,2024-06-21T11:22:01.687000
 CVE-2024-4756,0,0,b303493fc627eee25a3b39c986ea25472e7aab1866612b83c9a7c14522d2c360,2024-06-07T14:56:05.647000
 CVE-2024-4760,0,0,8b9593f0d88cbd24a061db082c8cd5c20f19b8a61431542d1ce576639ef3bdc0,2024-05-16T15:44:44.683000
@ -254748,7 +254749,7 @@ CVE-2024-5673,0,0,f6db27a8b7c99bb0a58922425d96edcb461eeb527f78adfd8d9aed9c993301
 CVE-2024-5674,0,0,69b0f5cdcc6414c1b3093ac76e322fc42e17eb869b8f1b328084f458395232cf,2024-06-13T18:36:09.010000
 CVE-2024-5675,0,0,c04fc1bf8ef6e3f232c30ddf0bd6a524958c9eab63fe205331e1fedef14ccf13,2024-06-11T18:14:02.017000
 CVE-2024-5676,0,0,7110ec4f1d7a030c3f52d0d64b45a1f2c788bd0c12290f7487a0ece147b33240,2024-06-24T05:15:09.600000
-CVE-2024-5683,1,1,776b3afe6ce973fb91d46fd6db99fba176ff636e37c3bc0bd205640173c41437,2024-06-24T09:15:10.347000
+CVE-2024-5683,0,0,776b3afe6ce973fb91d46fd6db99fba176ff636e37c3bc0bd205640173c41437,2024-06-24T09:15:10.347000
 CVE-2024-5684,0,0,e183f6f3c944efddc1281bf86b4d20b3677f4c3ab127fc0c8f4bc522f6d9ba19,2024-06-11T18:13:30.163000
 CVE-2024-5685,0,0,e8364a4460a12edf9e3cf94a37b74977806b751958607c5dfe543a64e3c22871,2024-06-19T09:15:12.173000
 CVE-2024-5686,0,0,5baef36d265e76c8a185391151bfaa15c3d3a21cf5116dcf4f0b4cb376e1e9d1,2024-06-20T12:43:25.663000
@ -254937,6 +254938,7 @@ CVE-2024-6146,0,0,835232b778d7e80b1c73cad2f19f1275692bff270d5e664fd4c7fc64973110
 CVE-2024-6147,0,0,4a4919271ad23db4250af2d646dfd99f64704c8a0c63e163a55ff156915fc472,2024-06-21T11:22:01.687000
 CVE-2024-6153,0,0,a3cbabebaa196b7fc704a5b9ef76e592e68ec6c4195aa6f7531f701a27a837d5,2024-06-21T11:22:01.687000
 CVE-2024-6154,0,0,14c261dad2c658f3f85287831ecf663ba772d4a017166d6d5d3cda8ce8388677,2024-06-21T11:22:01.687000
+CVE-2024-6160,1,1,ea5b8c23f2f1a390fbb4f3fd30516f8d928c266505891d1767e5480e415f3257,2024-06-24T10:15:10.277000
 CVE-2024-6162,0,0,bd502c2e3c0167c78ca1c8188e0261103b8f8aa5eaa8e4a394c72d49dddda11b,2024-06-20T16:07:50.417000
 CVE-2024-6176,0,0,855875508d6019a3b7cc5455db83c0ed155c5813092b253896702a30576b2ecb,2024-06-20T12:43:25.663000
 CVE-2024-6177,0,0,a0175799dd5324c2ac4fd3e8bb126589ce94cff0760703c070fdf39975a6cb07,2024-06-20T15:17:06.493000