admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-05T20:00:38.291477+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-05 20:03:27 +00:00
parent 9db7292959
commit 95ce186fe7
16 changed files with 891 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-310xx/CVE-2023-31028.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31028",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-04-05T18:15:08.250",
"lastModified": "2024-04-05T18:15:08.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5517",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2024/CVE-2024-00xx/CVE-2024-0072.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-0072",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-04-05T18:15:08.477",
"lastModified": "2024-04-05T18:15:08.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5517",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2024/CVE-2024-00xx/CVE-2024-0076.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-0076",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-04-05T18:15:08.680",
"lastModified": "2024-04-05T18:15:08.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5517",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2024/CVE-2024-00xx/CVE-2024-0080.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-0080",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-04-05T18:15:08.890",
"lastModified": "2024-04-05T18:15:08.890",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5517",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2024/CVE-2024-00xx/CVE-2024-0081.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-0081",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2024-04-05T19:15:07.033",
"lastModified": "2024-04-05T19:15:07.033",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/NVIDIA/NeMo/security/advisories/GHSA-x392-p65g-4rxx",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2024/CVE-2024-220xx/CVE-2024-22004.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22004",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-04-05T18:15:09.100",
"lastModified": "2024-04-05T18:15:09.100",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure\u00a0memory from the Trusted Application\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "dsap-vuln-management@google.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "dsap-vuln-management@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14580222?hl=en&ref_topic=12974021&sjid=10751611047462550096-NA",
"source": "dsap-vuln-management@google.com"
}
]
}

24
CVE-2024/CVE-2024-280xx/CVE-2024-28065.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-28065",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-05T18:15:09.307",
"lastModified": "2024-04-05T18:15:09.307",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash."
}
],
"metrics": {},
"references": [
{
"url": "https://syss.de",
"source": "cve@mitre.org"
},
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-007.txt",
"source": "cve@mitre.org"
}
]
}

55
CVE-2024/CVE-2024-318xx/CVE-2024-31848.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-31848",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-04-05T18:15:09.360",
"lastModified": "2024-04-05T18:15:09.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2024-09",
"source": "vulnreport@tenable.com"
}
]
}

55
CVE-2024/CVE-2024-318xx/CVE-2024-31849.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-31849",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-04-05T18:15:09.563",
"lastModified": "2024-04-05T18:15:09.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the Java version of CData Connect < 23.4.8846 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2024-09",
"source": "vulnreport@tenable.com"
}
]
}

55
CVE-2024/CVE-2024-318xx/CVE-2024-31850.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-31850",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-04-05T18:15:09.753",
"lastModified": "2024-04-05T18:15:09.753",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the Java version of CData Arc < 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2024-09",
"source": "vulnreport@tenable.com"
}
]
}

55
CVE-2024/CVE-2024-318xx/CVE-2024-31851.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-31851",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-04-05T18:15:09.953",
"lastModified": "2024-04-05T18:15:09.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the Java version of CData Sync < 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2024-09",
"source": "vulnreport@tenable.com"
}
]
}

92
CVE-2024/CVE-2024-33xx/CVE-2024-3350.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-3350",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-05T18:15:10.143",
"lastModified": "2024-04-05T18:15:10.143",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. Affected by this issue is some unknown functionality of the file admin/mod_room/index.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259454 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-03",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.259454",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.259454",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.310218",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-33xx/CVE-2024-3351.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-3351",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-05T18:15:10.397",
"lastModified": "2024-04-05T18:15:10.397",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0. This affects an unknown part of the file admin/mod_roomtype/index.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259455."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-04",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.259455",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.259455",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.310219",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-33xx/CVE-2024-3352.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-3352",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-05T19:15:07.267",
"lastModified": "2024-04-05T19:15:07.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/mod_comments/index.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259456."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/qqqyc/vlun1/blob/main/Aplaya-Beach-Resort-Online-Reservation-System-05",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.259456",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.259456",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.310220",
"source": "cna@vuldb.com"
}
]
}

32
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-04-05T18:00:38.803356+00:00
2024-04-05T20:00:38.291477+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-04-05T17:15:07.983000+00:00
2024-04-05T19:15:07.267000+00:00
```
### Last Data Feed Release
@ -33,27 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
244203
244217
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `14`
- [CVE-2023-48426](CVE-2023/CVE-2023-484xx/CVE-2023-48426.json) (`2024-04-05T16:15:07.580`)
- [CVE-2024-3346](CVE-2024/CVE-2024-33xx/CVE-2024-3346.json) (`2024-04-05T16:15:07.810`)
- [CVE-2024-3347](CVE-2024/CVE-2024-33xx/CVE-2024-3347.json) (`2024-04-05T16:15:08.203`)
- [CVE-2024-3348](CVE-2024/CVE-2024-33xx/CVE-2024-3348.json) (`2024-04-05T17:15:07.743`)
- [CVE-2024-3349](CVE-2024/CVE-2024-33xx/CVE-2024-3349.json) (`2024-04-05T17:15:07.983`)
- [CVE-2023-31028](CVE-2023/CVE-2023-310xx/CVE-2023-31028.json) (`2024-04-05T18:15:08.250`)
- [CVE-2024-0072](CVE-2024/CVE-2024-00xx/CVE-2024-0072.json) (`2024-04-05T18:15:08.477`)
- [CVE-2024-0076](CVE-2024/CVE-2024-00xx/CVE-2024-0076.json) (`2024-04-05T18:15:08.680`)
- [CVE-2024-0080](CVE-2024/CVE-2024-00xx/CVE-2024-0080.json) (`2024-04-05T18:15:08.890`)
- [CVE-2024-0081](CVE-2024/CVE-2024-00xx/CVE-2024-0081.json) (`2024-04-05T19:15:07.033`)
- [CVE-2024-22004](CVE-2024/CVE-2024-220xx/CVE-2024-22004.json) (`2024-04-05T18:15:09.100`)
- [CVE-2024-28065](CVE-2024/CVE-2024-280xx/CVE-2024-28065.json) (`2024-04-05T18:15:09.307`)
- [CVE-2024-31848](CVE-2024/CVE-2024-318xx/CVE-2024-31848.json) (`2024-04-05T18:15:09.360`)
- [CVE-2024-31849](CVE-2024/CVE-2024-318xx/CVE-2024-31849.json) (`2024-04-05T18:15:09.563`)
- [CVE-2024-31850](CVE-2024/CVE-2024-318xx/CVE-2024-31850.json) (`2024-04-05T18:15:09.753`)
- [CVE-2024-31851](CVE-2024/CVE-2024-318xx/CVE-2024-31851.json) (`2024-04-05T18:15:09.953`)
- [CVE-2024-3350](CVE-2024/CVE-2024-33xx/CVE-2024-3350.json) (`2024-04-05T18:15:10.143`)
- [CVE-2024-3351](CVE-2024/CVE-2024-33xx/CVE-2024-3351.json) (`2024-04-05T18:15:10.397`)
- [CVE-2024-3352](CVE-2024/CVE-2024-33xx/CVE-2024-3352.json) (`2024-04-05T19:15:07.267`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `0`
- [CVE-2023-49231](CVE-2023/CVE-2023-492xx/CVE-2023-49231.json) (`2024-04-05T17:15:07.567`)
- [CVE-2023-49232](CVE-2023/CVE-2023-492xx/CVE-2023-49232.json) (`2024-04-05T17:15:07.643`)
- [CVE-2023-49234](CVE-2023/CVE-2023-492xx/CVE-2023-49234.json) (`2024-04-05T17:15:07.690`)
## Download and Usage

30
_state.csv
View File

@ -222170,6 +222170,7 @@ CVE-2023-31024,0,0,4c70d5cc63eef05b3a366d77fb563b368bdfadd04c0926839846a82fcce9a
CVE-2023-31025,0,0,0e4aa85ecd2ee651d4a45d9866dd1f24f182e80d38864542ea7d1cbb97a9ec67,2024-01-18T20:48:14.777000
CVE-2023-31026,0,0,737def1b37587e41a8de0ad813079c7897dff748850e0628f84397ef07142498,2023-11-13T18:43:03.447000
CVE-2023-31027,0,0,8ff82489352cce25dc4352ff2d33db807ef115fc642174d9e503e43f59674260,2023-11-13T19:20:51.220000
CVE-2023-31028,1,1,14ff90a0151c643c9b22d6a8fea347f26699f725f3ca6b92becf432a0fd40f67,2024-04-05T18:15:08.250000
CVE-2023-31029,0,0,c42ef0bcacfd6c953325b5f2f106d96c7a62f2c02eb1edafc052641664e71d2d,2024-01-18T20:50:53.507000
CVE-2023-3103,0,0,c745e45a6f770ad21bf28632452dade4771e22e741237aa8ba70f21edc608054,2024-03-21T02:48:24.477000
CVE-2023-31030,0,0,87204db072798651d0e1480ef8ba7d4c1b45df9188d565ea7fc9a3b00ced8522,2024-01-18T20:53:22.643000
@ -233822,7 +233823,7 @@ CVE-2023-48422,0,0,2265830fef50ee17d0cdb88ad1b0f725c4b672e431a26714116d00e7fa259
CVE-2023-48423,0,0,2592e57664f5009fd3555c0d2a8829a7ac77fb5cd27d61c148279d4e4418e21d,2024-03-12T21:15:57.393000
CVE-2023-48424,0,0,d752209f4f9677c584126eabd07ea41d6bb8ff8455f63189bdf51949cb39720a,2023-12-13T21:16:23.030000
CVE-2023-48425,0,0,10d95bc597f5358cb6e581ae2a0843df083fdc479dc30e50327f5f3a3887f611,2023-12-13T21:16:31.457000
CVE-2023-48426,1,1,57850132c3f207d0c1122663cc2e1330dc947081c00d5384ea2d82e948899c30,2024-04-05T16:15:07.580000
CVE-2023-48426,0,0,57850132c3f207d0c1122663cc2e1330dc947081c00d5384ea2d82e948899c30,2024-04-05T16:15:07.580000
CVE-2023-48427,0,0,adee4e0ef84fd45ed140951044cc3843719374b6b3ccca3202590ca4c66a74c7,2023-12-14T20:07:17.240000
CVE-2023-48428,0,0,21033d149f7ccc0485af45cc6c20d134e7fe2c0ff1f6de67a88b98d3647e5e9e,2023-12-14T19:38:27.703000
CVE-2023-48429,0,0,dea42d51f63ec8bf320d383b23f5d9fa88f951b12b95ad5523192b70326cdc5f,2023-12-14T19:37:51.017000
@ -234440,9 +234441,9 @@ CVE-2023-49228,0,0,b37aa175fce7fe3dc61886d1f496eca0de99535cf0452ee346d5f2bbad00b
CVE-2023-49229,0,0,bb1866aa24e2d1a20615746206ae1942639cb4a8ad603bc5ef0b94689578db2a,2024-01-04T21:44:26.423000
CVE-2023-4923,0,0,75f87edd9de7af6ee42af89f5f244b28bd043af221b3ee401a3c20b06c15d25f,2023-11-07T04:23:10.377000
CVE-2023-49230,0,0,357014e73a9a99aad657ae55c8ec21ac1c2f81f4e5d4117d9e7e47213f568041,2024-01-04T17:17:22.257000
CVE-2023-49231,0,1,7d7f33df3926f2ffd33a3dc98a01892b11869106766bd397df86b8e9581ede23,2024-04-05T17:15:07.567000
CVE-2023-49232,0,1,3e3211bd8fd19d54f665b23ec34d7ce3614043b4510c7a85e7732dddc62c7ecb,2024-04-05T17:15:07.643000
CVE-2023-49234,0,1,f74d56ae0c48e0db22ab97ca0a07b416bcb0510635b125990b21efc352998f4b,2024-04-05T17:15:07.690000
CVE-2023-49231,0,0,7d7f33df3926f2ffd33a3dc98a01892b11869106766bd397df86b8e9581ede23,2024-04-05T17:15:07.567000
CVE-2023-49232,0,0,3e3211bd8fd19d54f665b23ec34d7ce3614043b4510c7a85e7732dddc62c7ecb,2024-04-05T17:15:07.643000
CVE-2023-49234,0,0,f74d56ae0c48e0db22ab97ca0a07b416bcb0510635b125990b21efc352998f4b,2024-04-05T17:15:07.690000
CVE-2023-49235,0,0,ee5e656cd1d6d85ee31b9c26acce5c57fedbd5ff9b8200312871d4a535a5afb1,2024-01-12T19:51:24.593000
CVE-2023-49236,0,0,82b13e1438f851b0ec58aafde0aacd475aefb7deebbf26d763eca5aa4abff25e,2024-01-12T20:39:27.197000
CVE-2023-49237,0,0,ed67399c8010e08d1d65db6c17ab153fb7b629221e8aa721d8ae571eebaafec9,2024-01-16T14:51:27.687000
@ -238076,12 +238077,16 @@ CVE-2024-0068,0,0,29054351872f671ffd0afada76da136d48518b88acaefb639ccc6c169ead07
CVE-2024-0069,0,0,fcda9c827a68481a563f617244a09b1d788f56c62c31734c572fbfe1a75ea718,2023-11-28T00:15:07.140000
CVE-2024-0070,0,0,f5edfa828dbd64ca40da0463d8d67355f807a2f6d8ea2e049578dd15434f1821,2023-11-28T00:15:07.183000
CVE-2024-0071,0,0,704d1f6cb18cc47944843911c815f4098469857e3754cd1f411a2eed163344eb,2024-03-28T02:01:13.303000
CVE-2024-0072,1,1,ced01d498a1c155cc128624b03dece7d5d0df8ec9f84c753a8b25dfdcb346a99,2024-04-05T18:15:08.477000
CVE-2024-0073,0,0,176f7449424756846db419300a5389c73905a3871ade74f979d054ede4a4abf3,2024-03-28T02:01:13.303000
CVE-2024-0074,0,0,98eb255e160e7fd5beb14045c6567fea8fb46cf3bd51e2fde409175194ef6f56,2024-03-28T02:01:13.303000
CVE-2024-0075,0,0,ca1e6c0fdd67ee0dc69f9ce1fc86a720c8737b83b96e94939769a54c0a489d67,2024-03-28T02:01:13.303000
CVE-2024-0076,1,1,f198baa2c3a5defb59008c4ee9c70b29e941cee00cca054f8dc7225d73ba0c06,2024-04-05T18:15:08.680000
CVE-2024-0077,0,0,db4dba4f9462dc63edab63d2d916b645f56aeb1e3e4a4a247dac9899f4510f50,2024-03-28T02:01:13.303000
CVE-2024-0078,0,0,65ef1b62c09f229e677e8506d114a0ad3f4b855306a2baa770a721ed0ba97b17,2024-03-28T02:01:13.303000
CVE-2024-0079,0,0,a48198aa8d1b8e21233ccb1563194a0dce57e3cb1ac8f4c28d49144e25d1a534,2024-03-28T02:01:13.303000
CVE-2024-0080,1,1,14676a90fe9c3c46fc6e8f25fa883940c938ed9943e229fef559ca749a74acbf,2024-04-05T18:15:08.890000
CVE-2024-0081,1,1,f9dda3f39d21dce4ed138e5eaf31e5ba8c521c35969b9a97b88cde6e50b3f747,2024-04-05T19:15:07.033000
CVE-2024-0154,0,0,fee6d0edd38400fe9a2f331d67a355be9bc81701717352554939ef10dafbbf73,2024-03-13T18:15:58.530000
CVE-2024-0155,0,0,56d3003aea28bbff1e776f33de697fc847d720d7a8270931f6c22f264f5611eb,2024-03-04T13:58:23.447000
CVE-2024-0156,0,0,47a5ee4f12284e0f109441891942aa0eb589b2387e172b6366b6741bcabc51b4,2024-03-04T13:58:23.447000
@ -240254,6 +240259,7 @@ CVE-2024-21983,0,0,ded146d4808fc5f83424e373b65cdad37794b676d9611f5162836ce6d86d8
CVE-2024-21984,0,0,c4d05388605f2fb7e341aa0197be1de56d0ddb669904fcfa6f2ad451633ba0ba,2024-02-20T19:51:05.510000
CVE-2024-21985,0,0,853a82d200092c0582c4290723b53256d943e3aa0955024d181a6e0dc05dbcae,2024-02-05T18:32:52.040000
CVE-2024-21987,0,0,a312d19cf1876839a82cf4ab8a29efb39c100512ae446943b26071c9bd69f220,2024-02-16T21:39:50.223000
CVE-2024-22004,1,1,39b50e3d304b75133a881ab201d85a8afd781e191f0cefa753b9dae08496ded0,2024-04-05T18:15:09.100000
CVE-2024-22005,0,0,313b9bc6d7138eced2900a2388d6d58fcc17e9d91231c0517d2cb0e3e82b9d0d,2024-03-15T20:15:07.527000
CVE-2024-22006,0,0,4c7c420bbb6e62588c7a1f4eb632b3e6efe7a61ff08393b9055a3796f498bb2e,2024-03-15T20:15:07.573000
CVE-2024-22007,0,0,f3721164b170a5b70f98ee09d80eb5a4c23e7d5319c9436b464d0aee9f606b8d,2024-03-12T12:40:13.500000
@ -243022,6 +243028,7 @@ CVE-2024-2805,0,0,fa896267355e8bee60ef45369bdd61a50def95efdfa5e824724b711a08ae74
CVE-2024-28053,0,0,c90f3b62964e2e2422d9b5798f17f1825dc5ae41ec90f71b2b9fe7b9e8ea4a14,2024-03-15T12:53:06.423000
CVE-2024-28054,0,0,b289eaa8f221cef12d20f4d7c4d850be722c706b733d8c81d770795eac46dd81,2024-03-23T03:15:11.510000
CVE-2024-2806,0,0,31a1a52b37b2e720eae0233b1b19dee00c5a6dd1df73e31128b38dde57d091e7,2024-03-26T03:11:41.880000
CVE-2024-28065,1,1,860e1bfe6126cf5c07cb1eddc7c9671f368193a1540ce3473fdd211437faae95,2024-04-05T18:15:09.307000
CVE-2024-28069,0,0,99a57a9955c5ed5463e7c560b95e0a17dfa2789ec3c024f2825003d476d4b80d,2024-03-17T22:38:29.433000
CVE-2024-2807,0,0,47b8a7021ebbb15acc350203dd3081726f7b96c650b8d998414fd135c1027f2f,2024-03-26T03:12:50.837000
CVE-2024-28070,0,0,c8eeec88fa6e3b91036a4eadc63dd921f090ad52309176e7af22a570b911aeac,2024-03-17T22:38:29.433000
@ -244156,6 +244163,10 @@ CVE-2024-3178,0,0,e1b2edc538f836ffb506a17d476e0f961db2588242ddd1b2358ad3487cd818
CVE-2024-3179,0,0,5abb24f6a5051585dee8d043e9230e5c2a9202caf7e3c5044373b856d11a8a98,2024-04-04T12:48:41.700000
CVE-2024-3180,0,0,9228ee57f9267d6ec4565f77da6e32f8aedba868cc578e14d8f50b94e65bca34,2024-04-04T12:48:41.700000
CVE-2024-3181,0,0,19462f0bae052150ee3deea6a2833d73153169ade51a21a9a0ee903c88e94c7c,2024-04-04T12:48:41.700000
CVE-2024-31848,1,1,6965f04cc86efd819ec97fa65a940af868313d4b9414d4c137bc5206ad729602,2024-04-05T18:15:09.360000
CVE-2024-31849,1,1,ba19687c183971580d9b8978873bbf6d8219ba5de3f65dc5058b582de0f38692,2024-04-05T18:15:09.563000
CVE-2024-31850,1,1,4982070fceb832e31d5e30fb03a84954ccaa75a897ce5879a6b4f81a150e310c,2024-04-05T18:15:09.753000
CVE-2024-31851,1,1,ab4658af068ad1058f367d60d6c046977f3ab3864a10d3fc49f99432a80d6938,2024-04-05T18:15:09.953000
CVE-2024-31852,0,0,0ee0023d5b34c1dac5fa2039f744500c40b254d8784a31e411708a273dd8e7b9,2024-04-05T15:15:08.270000
CVE-2024-3202,0,0,c740eb561a7c1440cb5a8dd5eb2f94f0cce226529c05056c2f841e5a9fe9ca73,2024-04-03T12:38:04.840000
CVE-2024-3203,0,0,697bde31fba6d3c5a0e2d11da403a2e3b16828faac086b66cd78b0527d17b9c5,2024-04-03T12:38:04.840000
@ -244198,7 +244209,10 @@ CVE-2024-3315,0,0,0420f58b267bbc99aea4d213036324de5dcedffd2eceb50b924a336f387693
CVE-2024-3316,0,0,1444bd7ef3d37273f79650663feec303d5173a142d9c7212c8d3d49e93eb50e1,2024-04-05T12:40:52.763000
CVE-2024-3320,0,0,95054a6af32d4d5be645ff1a865e77fad3dc94a1c0e3c1eb556113e9b46031a4,2024-04-05T12:40:52.763000
CVE-2024-3321,0,0,749354b1bf7d6ff99646046beb4c99e5e46cc0546c732c8138afab8d9cdc9733,2024-04-05T12:40:52.763000
CVE-2024-3346,1,1,e733bb268a198adf409c7154c320339626faf14f0ab7cbb2e1a6fe41aa30dc95,2024-04-05T16:15:07.810000
CVE-2024-3347,1,1,3f3371ab8a7023688ea09ce35cacd066084e70ff611e61e0e93ccb906eb0776b,2024-04-05T16:15:08.203000
CVE-2024-3348,1,1,ee0797eecf851d4736420692f400d34e1db5fa62c0fc42b1cf997f4ff1c45678,2024-04-05T17:15:07.743000
CVE-2024-3349,1,1,9c956c66a349da9acf3b4b885f45dc030fdb4622c5431408cddee04d792878f4,2024-04-05T17:15:07.983000
CVE-2024-3346,0,0,e733bb268a198adf409c7154c320339626faf14f0ab7cbb2e1a6fe41aa30dc95,2024-04-05T16:15:07.810000
CVE-2024-3347,0,0,3f3371ab8a7023688ea09ce35cacd066084e70ff611e61e0e93ccb906eb0776b,2024-04-05T16:15:08.203000
CVE-2024-3348,0,0,ee0797eecf851d4736420692f400d34e1db5fa62c0fc42b1cf997f4ff1c45678,2024-04-05T17:15:07.743000
CVE-2024-3349,0,0,9c956c66a349da9acf3b4b885f45dc030fdb4622c5431408cddee04d792878f4,2024-04-05T17:15:07.983000
CVE-2024-3350,1,1,1245c18fa2606c835df9e5f7ef90bf8cbb70eb388db2793142ebd787d4487c95,2024-04-05T18:15:10.143000
CVE-2024-3351,1,1,546bddb83a148a28dca9db8b4add8343ebd293928450a664cd061216a5e23106,2024-04-05T18:15:10.397000
CVE-2024-3352,1,1,4dd7c36b0d461d1a96127863060425c62796418ace25937f0dc89f3f629c483d,2024-04-05T19:15:07.267000

Can't render this file because it is too large.