Auto-Update: 2024-09-28T20:00:17.588846+00:00

CVE-2023/CVE-2023-328xx/CVE-2023-32824.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32824",
   "sourceIdentifier": "security@mediatek.com",
   "published": "2023-10-02T03:15:10.003",
-  "lastModified": "2023-10-03T01:35:09.277",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-09-28T18:35:00.510",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -36,6 +36,26 @@
         },
         "exploitabilityScore": 0.8,
         "impactScore": 5.9
+      },
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.8,
+        "impactScore": 5.9
       }
     ]
   },
@@ -49,6 +69,16 @@
           "value": "CWE-415"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-415"
+        }
+      ]
     }
   ],
   "configurations": [

CVE-2024/CVE-2024-420xx/CVE-2024-42025.json

@@ -2,8 +2,8 @@
   "id": "CVE-2024-42025",
   "sourceIdentifier": "support@hackerone.com",
   "published": "2024-09-13T16:15:04.073",
-  "lastModified": "2024-09-20T14:40:40.357",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-09-28T18:35:02.277",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -71,6 +71,16 @@
           "value": "CWE-77"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-77"
+        }
+      ]
     }
   ],
   "configurations": [

CVE-2024/CVE-2024-93xx/CVE-2024-9315.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-9315",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-09-28T19:15:12.353",
+  "lastModified": "2024-09-28T19:15:12.353",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_department.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/zonesec0/findcve/issues/3",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.278819",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.278819",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.412524",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://www.sourcecodester.com/",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-09-28T16:00:16.954908+00:00
+2024-09-28T20:00:17.588846+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-09-28T15:15:14.263000+00:00
+2024-09-28T19:15:12.353000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,22 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-264095
+264096
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `1`
 
-- [CVE-2024-9298](CVE-2024/CVE-2024-92xx/CVE-2024-9298.json) (`2024-09-28T14:15:02.020`)
-- [CVE-2024-9299](CVE-2024/CVE-2024-92xx/CVE-2024-9299.json) (`2024-09-28T14:15:02.540`)
-- [CVE-2024-9300](CVE-2024/CVE-2024-93xx/CVE-2024-9300.json) (`2024-09-28T15:15:14.263`)
+- [CVE-2024-9315](CVE-2024/CVE-2024-93xx/CVE-2024-9315.json) (`2024-09-28T19:15:12.353`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `2`
 
+- [CVE-2023-32824](CVE-2023/CVE-2023-328xx/CVE-2023-32824.json) (`2024-09-28T18:35:00.510`)
+- [CVE-2024-42025](CVE-2024/CVE-2024-420xx/CVE-2024-42025.json) (`2024-09-28T18:35:02.277`)
 
 
 ## Download and Usage

_state.csv

@@ -224852,7 +224852,7 @@ CVE-2023-32820,0,0,c5b1a9492bae196afe19ae41b308e37d000eda1ca8589b7aaeb0da7b947ce
 CVE-2023-32821,0,0,d176157872121eed2781e61209c337e329a2c1fa5d013d18550ee5b088b97e72,2023-10-03T01:10:44.100000
 CVE-2023-32822,0,0,5eccf998d870e20487d82fbae50692e0f2b834c9094bb8239ca96608937b0a41,2024-09-23T16:35:06.840000
 CVE-2023-32823,0,0,c79648285cd024da0167d35d31f954a812139b3a880cd127a35a6b9daa0e4605,2024-09-23T16:35:07.743000
-CVE-2023-32824,0,0,b7cad1ba52f105ff630479666c65d5edcee094510df5e15b0915a16af2131535,2023-10-03T01:35:09.277000
+CVE-2023-32824,0,1,6915ede2fa5bbcae480ab3f17c56d059e5ed4808bf71135dbcfc79451d8e3b0e,2024-09-28T18:35:00.510000
 CVE-2023-32825,0,0,4d951244a3034e7e148d958c4fde86bb8e3198d5c4adad847f95bad235aed891,2023-11-13T18:51:48.043000
 CVE-2023-32826,0,0,16c6cd1f14a315c0a20ae139a1ad19f2ce5feaa9b72eb7e640c67ad6da2f2ed6,2024-09-21T16:35:03.330000
 CVE-2023-32827,0,0,ef41d0f2c1c5cfc16ed9ec7554b5e76f64c7725bdc1ef4e38829af2a10e7b4ea,2024-09-21T16:35:04.183000
@@ -258252,7 +258252,7 @@ CVE-2024-42021,0,0,92fcf0a329a30077e7207f0242d35213efc1d1dd2f8104ea65b7c53bf17c0
 CVE-2024-42022,0,0,9cf24962f372bb813f8c933991a85f958eb86110c2be996c8eb09086ce39756e,2024-09-09T15:35:09.917000
 CVE-2024-42023,0,0,53353d8a90b9dac8026225178af7324a7ea88240793050bf3d93683b0cc8146b,2024-09-09T14:35:05.330000
 CVE-2024-42024,0,0,eea273d7d39998984ace805bb73fbe19d77f000a62e0385bbb38378893265667,2024-09-09T14:35:06.053000
-CVE-2024-42025,0,0,797d4d2888a8abf3f78bb9ff3f614e75b602960d2c6dfbe951424f945176c5eb,2024-09-20T14:40:40.357000
+CVE-2024-42025,0,1,8c1d228ed90571100df9823974eb0ba9e627f86789cc232c3042885df4b8d2fe,2024-09-28T18:35:02.277000
 CVE-2024-42029,0,0,b7c83a25bc8a9601f6f3c6ebb603ce94146556b10d1f548176b0b38619ce3b21,2024-08-01T13:59:17.407000
 CVE-2024-4203,0,0,52cf8a9be62388459acdc9c8c655685172127a00eca72ac9344c4d8920cfc78f,2024-05-02T18:00:37.360000
 CVE-2024-42030,0,0,59fa56f47f76e92b6c6c6a3fdcb37d68b092a6ac90822c136b288bb49e8250df,2024-08-20T16:55:16.100000
@@ -264090,7 +264090,8 @@ CVE-2024-9294,0,0,ecc4d06c597aa37fc99c049d1c5765db52fd8734fa53dc2d290464be84fc48
 CVE-2024-9295,0,0,2059e80eecdba7e0e8296ba30a6d99f30eadea57334392b722bd6631f9d60107,2024-09-28T07:15:04.123000
 CVE-2024-9296,0,0,dded0f6e9e44e64bc57cf92e6d2ef3c1cf85d250453ac5cec64d525a4c889bac,2024-09-28T09:15:02.600000
 CVE-2024-9297,0,0,87c9d7f7ce642704ac841598cb2cfac6b587f0ff0236f8b054d46575b3d1ffd3,2024-09-28T12:15:10.780000
-CVE-2024-9298,1,1,2f4e6c82eec176574620d4340a003c33a2c20e43e1eb64c4140e5caefaeeb556,2024-09-28T14:15:02.020000
-CVE-2024-9299,1,1,799e3f49439baf2432b26834e94671a2c07ca8bcc110298b74e6fbc73a1e5279,2024-09-28T14:15:02.540000
-CVE-2024-9300,1,1,4aee81e48dbe8631e425ca1253bf1fefcd0e37e8736692eb326116d6964fe2c0,2024-09-28T15:15:14.263000
+CVE-2024-9298,0,0,2f4e6c82eec176574620d4340a003c33a2c20e43e1eb64c4140e5caefaeeb556,2024-09-28T14:15:02.020000
+CVE-2024-9299,0,0,799e3f49439baf2432b26834e94671a2c07ca8bcc110298b74e6fbc73a1e5279,2024-09-28T14:15:02.540000
+CVE-2024-9300,0,0,4aee81e48dbe8631e425ca1253bf1fefcd0e37e8736692eb326116d6964fe2c0,2024-09-28T15:15:14.263000
 CVE-2024-9301,0,0,f7d62ae99cd0d6877c5db63fcb4f2c0f8f043fbb8339f25415912b7f29acecf1,2024-09-27T18:15:06.163000
+CVE-2024-9315,1,1,1aaf0b25bc5db159a5983cc16616c1ec4eda1359782a55e5468dbd7b3fd618c0,2024-09-28T19:15:12.353000