diff --git a/CVE-2023/CVE-2023-524xx/CVE-2023-52496.json b/CVE-2023/CVE-2023-524xx/CVE-2023-52496.json new file mode 100644 index 00000000000..7b8cd361c10 --- /dev/null +++ b/CVE-2023/CVE-2023-524xx/CVE-2023-52496.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2023-52496", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-03-08T11:15:06.913", + "lastModified": "2024-03-08T11:15:06.913", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2316.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2316.json new file mode 100644 index 00000000000..fe7ec4f09b7 --- /dev/null +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2316.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-2316", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-03-08T12:15:50.053", + "lastModified": "2024-03-08T12:15:50.053", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This vulnerability affects unknown code of the file /billing/bill/edit/ of the component Update Bill Page. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://drive.google.com/file/d/1v_Ee2FWlbpLgHYIl88COPp05EHSxUWI0/view?usp=sharing", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.256270", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.256270", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2317.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2317.json new file mode 100644 index 00000000000..69a733ece20 --- /dev/null +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2317.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-2317", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-03-08T12:15:50.473", + "lastModified": "2024-03-08T12:15:50.473", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This issue affects some unknown processing of the file /prescription/prescription/delete/ of the component Prescription Page. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256271. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 3.8, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 2.5 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 4.7 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 4.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://drive.google.com/file/d/13-Fxw8fw3VP1PvL0fYvDBVlpTDQHyCkc/view?usp=sharing", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.256271", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.256271", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 0aa535a5016..fba50bc264b 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-08T11:00:38.654960+00:00 +2024-03-08T13:00:37.707778+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-08T10:15:45.650000+00:00 +2024-03-08T12:15:50.473000+00:00 ``` ### Last Data Feed Release @@ -29,20 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -240898 +240901 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `3` +* [CVE-2023-52496](CVE-2023/CVE-2023-524xx/CVE-2023-52496.json) (`2024-03-08T11:15:06.913`) +* [CVE-2024-2316](CVE-2024/CVE-2024-23xx/CVE-2024-2316.json) (`2024-03-08T12:15:50.053`) +* [CVE-2024-2317](CVE-2024/CVE-2024-23xx/CVE-2024-2317.json) (`2024-03-08T12:15:50.473`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -* [CVE-2021-46946](CVE-2021/CVE-2021-469xx/CVE-2021-46946.json) (`2024-03-08T10:15:45.650`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 5090c7dd09c..8b354f32d4c 100644 --- a/_state.csv +++ b/_state.csv @@ -186644,7 +186644,7 @@ CVE-2021-46942,0,0,8373f52b7a7712e6d53b6ce89bd8d6c650901ce20a55aa22819475074dd2b CVE-2021-46943,0,0,4367949ad59122baf37577ab771f661960f882c9ffda3fa652b1fc8acf5f5ead,2024-02-28T14:06:45.783000 CVE-2021-46944,0,0,2e0771427d4c6c8a118919e50fede87429f47b4eb89c2f8fa112e70bda4c38bb,2024-02-28T14:06:45.783000 CVE-2021-46945,0,0,53308dea563b2c2054372d093394c707d636a68cacb285100380a12f17fbd1d1,2024-02-28T14:06:45.783000 -CVE-2021-46946,0,1,0a7824c78fda312e2a69c092b1751fd0538157938572285a8b1a980223fde408,2024-03-08T10:15:45.650000 +CVE-2021-46946,0,0,0a7824c78fda312e2a69c092b1751fd0538157938572285a8b1a980223fde408,2024-03-08T10:15:45.650000 CVE-2021-46947,0,0,6220ae1ef0c0836f165cbf1a4a847090c0f87ed038ea97e182954eadb2c0367c,2024-02-28T14:06:45.783000 CVE-2021-46948,0,0,1a0a50a57dfe3c1da48ea00db19425fa0a182fa93e562afbd75332750b755d50,2024-02-28T14:06:45.783000 CVE-2021-46949,0,0,46957949c83688342a5b40f653240ed3b83071fb96a93dd9595c4559dae070b3,2024-02-28T14:06:45.783000 @@ -235812,6 +235812,7 @@ CVE-2023-52483,0,0,2a4ebb0c9b1f8206c0612e11bb23dd9226ede2d27e2d0d82dac525d0a27fb CVE-2023-52484,0,0,d5ee2bf5164023741424c58784b9debb4274eef9f1dfe6d2acf7ec42fe245e94,2024-02-29T13:49:29.390000 CVE-2023-52485,0,0,ae3dd674dee8a38cfbc69456682c1f7bd46ba3e6d68ca90e6c460ee76310aa9e,2024-02-29T18:06:42.010000 CVE-2023-5249,0,0,c9a9a73292b795eaae901259118258ec7b799bf56b78d4d6d33ce623b44e08f3,2024-02-13T00:37:35.327000 +CVE-2023-52496,1,1,6411677fed7ada25ff10068f244bd8aa86c2d95284a00baca2abac4b8980ac07,2024-03-08T11:15:06.913000 CVE-2023-52497,0,0,d28fd3926c478e680ff44081e6bd3760f5583d68da3e361284fa001d65ca8f2f,2024-03-01T15:23:36.177000 CVE-2023-52499,0,0,07030abfd5b506eab489f023dd77f8aa7198bca2ea28ee40b86a1fca0cb00fb1,2024-03-04T13:58:23.447000 CVE-2023-5250,0,0,48043cf3cbd3fbd96b9a651598feb1069aa97381890f81165811ba98d5069b0c,2023-11-08T02:30:14.437000 @@ -239611,6 +239612,8 @@ CVE-2024-23134,0,0,8c87b9f13e5331ad9105cf100e48f62306aac0984ca800d13d86642f32ec1 CVE-2024-23135,0,0,1899c8f0c1d8642c750e911c0898ed5ceb8d3b1434d7ffbff7f2e492a3a85f12,2024-02-22T19:07:27.197000 CVE-2024-23136,0,0,ab915e71d122757ba5fa038608ae79d68657a98e58ce05d72be20ace5c1227eb,2024-02-22T19:07:27.197000 CVE-2024-23137,0,0,4ba15cf4f99f594b1f2d7ff782316059daca5611628c6938f85461ed323dfb34,2024-02-22T19:07:27.197000 +CVE-2024-2316,1,1,9a4b7b123d845b500cac536df027c9149104f113748b2c4937c657bb0471b7d7,2024-03-08T12:15:50.053000 +CVE-2024-2317,1,1,12b0a895a43e4b373bfe1dfad4bfa4ad74e32ee5a15787d35ffd81dd89a45c60,2024-03-08T12:15:50.473000 CVE-2024-23170,0,0,13146081a2acee1dfc9938d9131a35ea909e72090f99ea62e52485862035b1b1,2024-02-22T03:15:08.297000 CVE-2024-23171,0,0,3980ea300b8f44a78d6e0990530c496df02d639e6679d01f16b694b80617528f,2024-01-18T20:23:45.707000 CVE-2024-23172,0,0,320f3f4514bf8ce7dab795b3ca7c6e695b3f522a6c7c5bf40ee54e73ff5a33aa,2024-01-18T20:23:36.063000