diff --git a/CVE-2024/CVE-2024-370xx/CVE-2024-37085.json b/CVE-2024/CVE-2024-370xx/CVE-2024-37085.json index 42999bcda69..f28c9f4e35c 100644 --- a/CVE-2024/CVE-2024-370xx/CVE-2024-37085.json +++ b/CVE-2024/CVE-2024-370xx/CVE-2024-37085.json @@ -2,9 +2,13 @@ "id": "CVE-2024-37085", "sourceIdentifier": "security@vmware.com", "published": "2024-06-25T15:15:12.377", - "lastModified": "2024-06-25T18:50:42.040", + "lastModified": "2024-07-31T01:00:01.317", "vulnStatus": "Awaiting Analysis", "cveTags": [], + "cisaExploitAdd": "2024-07-30", + "cisaActionDue": "2024-08-20", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "VMware ESXi Authentication Bypass Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6255.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6255.json new file mode 100644 index 00000000000..aca82f8a263 --- /dev/null +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6255.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6255", + "sourceIdentifier": "security@huntr.dev", + "published": "2024-07-31T01:15:09.847", + "lastModified": "2024-07-31T01:15:09.847", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as `config.json` and `ds_config_chatbot.json`. This issue arises due to improper validation of file paths, enabling directory traversal attacks. An attacker can exploit this vulnerability to disrupt the functioning of the system, manipulate settings, or potentially cause data loss or corruption." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/48f3e370-6dcd-4f38-9350-d0419b3a7f82", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7277.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7277.json new file mode 100644 index 00000000000..d894f2ddeb0 --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7277.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7277", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T00:15:01.730", + "lastModified": "2024-07-31T00:15:01.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in itsourcecode Alton Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/menu.php of the component Add a Menu. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273146 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE8-5.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273146", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273146", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.381095", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7278.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7278.json new file mode 100644 index 00000000000..f347d3afce2 --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7278.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7278", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T01:15:10.130", + "lastModified": "2024-07-31T01:15:10.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in itsourcecode Alton Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/team_save.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273147." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE8-6.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273147", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273147", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.381096", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7279.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7279.json new file mode 100644 index 00000000000..f563cf49790 --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7279.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7279", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T01:15:10.410", + "lastModified": "2024-07-31T01:15:10.410", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273148." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/topsky979/8eb5a3711f4802b2b05ae3702addb61e", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273148", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273148", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.381195", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7280.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7280.json new file mode 100644 index 00000000000..708836e815b --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7280.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7280", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T01:15:10.687", + "lastModified": "2024-07-31T01:15:10.687", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/view_reserved.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273149 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/topsky979/c4e972f03739833ad2d111493f44138b", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273149", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273149", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.381196", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ed6301aa450..7cc9f474cd8 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-30T23:55:17.218432+00:00 +2024-07-31T02:00:16.956473+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-30T23:15:03.573000+00:00 +2024-07-31T01:15:10.687000+00:00 ``` ### Last Data Feed Release @@ -27,31 +27,31 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-07-30T00:00:08.658817+00:00 +2024-07-31T00:00:08.661060+00:00 ``` ### Total Number of included CVEs ```plain -258583 +258588 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `5` -- [CVE-2024-37281](CVE-2024/CVE-2024-372xx/CVE-2024-37281.json) (`2024-07-30T22:15:01.923`) -- [CVE-2024-7274](CVE-2024/CVE-2024-72xx/CVE-2024-7274.json) (`2024-07-30T22:15:02.500`) -- [CVE-2024-7275](CVE-2024/CVE-2024-72xx/CVE-2024-7275.json) (`2024-07-30T23:15:03.280`) -- [CVE-2024-7276](CVE-2024/CVE-2024-72xx/CVE-2024-7276.json) (`2024-07-30T23:15:03.573`) +- [CVE-2024-6255](CVE-2024/CVE-2024-62xx/CVE-2024-6255.json) (`2024-07-31T01:15:09.847`) +- [CVE-2024-7277](CVE-2024/CVE-2024-72xx/CVE-2024-7277.json) (`2024-07-31T00:15:01.730`) +- [CVE-2024-7278](CVE-2024/CVE-2024-72xx/CVE-2024-7278.json) (`2024-07-31T01:15:10.130`) +- [CVE-2024-7279](CVE-2024/CVE-2024-72xx/CVE-2024-7279.json) (`2024-07-31T01:15:10.410`) +- [CVE-2024-7280](CVE-2024/CVE-2024-72xx/CVE-2024-7280.json) (`2024-07-31T01:15:10.687`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `1` -- [CVE-2024-39552](CVE-2024/CVE-2024-395xx/CVE-2024-39552.json) (`2024-07-30T22:15:02.230`) -- [CVE-2024-40576](CVE-2024/CVE-2024-405xx/CVE-2024-40576.json) (`2024-07-30T22:15:02.417`) +- [CVE-2024-37085](CVE-2024/CVE-2024-370xx/CVE-2024-37085.json) (`2024-07-31T01:00:01.317`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 72d536a2d42..a0c9100d25b 100644 --- a/_state.csv +++ b/_state.csv @@ -254067,7 +254067,7 @@ CVE-2024-37080,0,0,f0a9bd7effb46ac30e1d20f1d1aa7a7b386c0ee7e62089b4e1cc310e9f341 CVE-2024-37081,0,0,1657c2c6215fa861c8bf708a3b65df9501dd8a14588c6f7d5718007f5ce77c8d,2024-07-03T02:04:05.970000 CVE-2024-37082,0,0,cdf7ab7ec235a04ab3547ac9302ea8fb37a25e6b12903e2e739c3b31068e7382,2024-07-12T17:15:10.220000 CVE-2024-37084,0,0,e9cc68d2ce3ebc0a933179ff99eae650b65ccc7062c7a060f7c4643d495d9122,2024-07-25T12:36:39.947000 -CVE-2024-37085,0,0,4b965e98ee84a1f21a1cc50472486b78f46c71d7d7f35fdfea4d6b86e3425175,2024-06-25T18:50:42.040000 +CVE-2024-37085,0,1,d6a01ae358c50a28f42d1d87a54ffb369ed66c74807adefc1a091c3215b05b70,2024-07-31T01:00:01.317000 CVE-2024-37086,0,0,9068529bdb3d555265b7f816c31a19ade60e24d8cc46d6bccf0934fca43600dd,2024-06-25T18:50:42.040000 CVE-2024-37087,0,0,cd5f38dea6878f55617a1348143830ab9f44bbdb4a44091efb0c0832c07fcba2,2024-06-25T18:50:42.040000 CVE-2024-37089,0,0,9e292fe1dd11fba75d82973b2e1db6879968f554c93ecd19be42fbc3a656ef4b,2024-06-24T12:57:36.513000 @@ -254210,7 +254210,7 @@ CVE-2024-37278,0,0,f099ad6e686108b7aa0982a8f779de2fbae21e6d456841af0260dad64229b CVE-2024-37279,0,0,31cbe3e974fd27b1c5c854af28b34c2989a9118ebf3b3e54bb5c16795495edb9,2024-06-13T18:35:19.777000 CVE-2024-3728,0,0,49e6a5f26d01c7fceec7c4bf5478901bb5f23d6a3c9a4cf291a1c58fdb13c184,2024-05-02T18:00:37.360000 CVE-2024-37280,0,0,4bf0b68a6d051ee4d807c8e0d879d350a787ee8342452cb57dcf78535379f45a,2024-06-13T18:35:19.777000 -CVE-2024-37281,1,1,23a3eda4cc73dd416aa728f60ef41cfdecaaf29fc22cb52dcf04e1ea0f751b96,2024-07-30T22:15:01.923000 +CVE-2024-37281,0,0,23a3eda4cc73dd416aa728f60ef41cfdecaaf29fc22cb52dcf04e1ea0f751b96,2024-07-30T22:15:01.923000 CVE-2024-37282,0,0,9e75dd72782fd47fb8dcc1bf3ef22e08f7f64df6cb16c7858ce8e53d3eddfcf3,2024-06-28T10:27:00.920000 CVE-2024-37289,0,0,2976747a57097020fbcd1f162347209565208622cbfbb8b77b0b7237b06e86b8,2024-07-03T02:04:12.080000 CVE-2024-3729,0,0,3415ccd7b93278c163a46fc8f742b8dd4fa5f770790b8aa49be2a2c1ba3b0c85,2024-05-02T18:00:37.360000 @@ -255412,7 +255412,7 @@ CVE-2024-39549,0,0,83b6facd1e2147b716054939f8174b72223d922c2afe4d889562b9eddf228 CVE-2024-3955,0,0,1980afc805b9b5d168ea6a08c34d1a9d581fd505fecdd9c097016e585c054b35,2024-07-03T02:06:56.087000 CVE-2024-39550,0,0,5bb40c1c6118db31096ceb73a5335d2e11deae5cbb65f13e233b49f728e16419,2024-07-11T19:15:12.157000 CVE-2024-39551,0,0,36bf61155e3a3db50c94319d239c2bdb1bd13565a0d3a2d4d881f71cf975abe6,2024-07-11T19:15:12.260000 -CVE-2024-39552,0,1,8d36fb25727c769913ae1cca9e2dac8b68876dddf0635e7194c405683396689e,2024-07-30T22:15:02.230000 +CVE-2024-39552,0,0,8d36fb25727c769913ae1cca9e2dac8b68876dddf0635e7194c405683396689e,2024-07-30T22:15:02.230000 CVE-2024-39553,0,0,32655e284a2ef96df1b17d7ddaf9aa2f2aef9797264d4c157eca9ea0ee3cd2a6,2024-07-11T18:09:58.777000 CVE-2024-39554,0,0,607b6e2d09565242cea8dabcf216d7050a2b93324b4645878cad8b169c28c359,2024-07-11T13:05:54.930000 CVE-2024-39555,0,0,2f4320b551c6e22d863307bba36cd5d725d7060ed4b026ce642dd6f86bb7e040,2024-07-11T13:05:54.930000 @@ -255720,7 +255720,7 @@ CVE-2024-4056,0,0,b8d993c32e0d1df4fc3c3b0df01e5b9a4366d92d1a2ad184a020d404aa4458 CVE-2024-40560,0,0,885c8c46bcc9d242b11ff00568640d31e8526b7b94eab8b6f84ddb49fcdedf5c,2024-07-16T13:43:58.773000 CVE-2024-4057,0,0,26b46aa52b04f4ef8890033772544e5e99ad730f84e9e0e97b479cd36cf89ace,2024-07-03T02:07:02.197000 CVE-2024-40575,0,0,267280fd6d1dce9620611aeb1f0d6276db3825fa55e9f5e7fc538f4804a7f026,2024-07-25T17:35:28.913000 -CVE-2024-40576,0,1,f14faefbfbb62dfc67aebb8ee257ac2569928093461cd89df284779e44ef3d22,2024-07-30T22:15:02.417000 +CVE-2024-40576,0,0,f14faefbfbb62dfc67aebb8ee257ac2569928093461cd89df284779e44ef3d22,2024-07-30T22:15:02.417000 CVE-2024-4058,0,0,e20d454336ea887bbb54d47433e5560889db558189699560ce98773941e9b99e,2024-06-07T15:40:49.707000 CVE-2024-4059,0,0,c49986e07be30ca2c850f4613369c1702dff21e7018832f61c83284c95e0cc00,2024-05-03T03:16:29.430000 CVE-2024-40594,0,0,5f8b4e7b3001e206c4db42bfb10b66a5767bd1e5041c1bca9998a882526a992d,2024-07-08T15:49:22.437000 @@ -258086,6 +258086,7 @@ CVE-2024-6250,0,0,65144edeea3f44f34a4643fe614f57e1f379d6c9ac265963a9d3e1dd464fb7 CVE-2024-6251,0,0,4ff3c6977b6838552fca6fd96450148c0a810a0b49d59064a41fd5d7df8c3900,2024-06-24T12:57:36.513000 CVE-2024-6252,0,0,f925951499780a86ba894fc39baf0f6088fcb6c4e2787ea242a732a2e35ea460,2024-06-26T19:15:14.383000 CVE-2024-6253,0,0,d70df9ffdc81f7d3511638a8a32373070f208c5646ec9496ca814b85bf15f7ca,2024-06-25T18:15:12 +CVE-2024-6255,1,1,66e3639a8744fdd1747c3294ef2abe2ac29295761cb83419d620a900dc316287,2024-07-31T01:15:09.847000 CVE-2024-6256,0,0,cd0156365b21d4bea53ae3ad70dcec4b1c8c7fe2a610d4e79db68145fb523cc9,2024-07-12T16:53:35.083000 CVE-2024-6257,0,0,9068db2cec3557427b4184684513a4bf48773ad544b747d98a6b6caebef9018b,2024-06-25T18:50:42.040000 CVE-2024-6262,0,0,295b38dc67b71cbe5bd8be303a870636c7b9e2de2092da87a091242e8bc3623e,2024-06-27T12:47:19.847000 @@ -258578,7 +258579,11 @@ CVE-2024-7250,0,0,2ad6dc357ed437eabcd60fe2775245fd2e54c1167d56f0a56470e33155a5fc CVE-2024-7251,0,0,56e37f41fcf38f76a5deb1629f8d7e708899009a1e9f2b615de298d4a45a835f,2024-07-30T13:32:45.943000 CVE-2024-7252,0,0,b11855d09d58123416b1c452f42a306230094dfbea0e43cbf3d1a4ad2d82d89e,2024-07-30T13:32:45.943000 CVE-2024-7273,0,0,96ac7cdc7b0d4132cb85ff0c2e5f52cf75d02b34301d6b8ef1b0ed79592b5528,2024-07-30T21:15:10.110000 -CVE-2024-7274,1,1,b57c3d31acd72479d0c9665e0d6fbb54fdae7dd490df9913f174ea98d2a960bb,2024-07-30T22:15:02.500000 -CVE-2024-7275,1,1,50392863a3634838385afedbdca878dc149a56a1a7dd190b11bbf5e3ee0f96f3,2024-07-30T23:15:03.280000 -CVE-2024-7276,1,1,58b729e08ac9a12abf307551260c352749e95db2a9434aabd26d6c173a30a356,2024-07-30T23:15:03.573000 +CVE-2024-7274,0,0,b57c3d31acd72479d0c9665e0d6fbb54fdae7dd490df9913f174ea98d2a960bb,2024-07-30T22:15:02.500000 +CVE-2024-7275,0,0,50392863a3634838385afedbdca878dc149a56a1a7dd190b11bbf5e3ee0f96f3,2024-07-30T23:15:03.280000 +CVE-2024-7276,0,0,58b729e08ac9a12abf307551260c352749e95db2a9434aabd26d6c173a30a356,2024-07-30T23:15:03.573000 +CVE-2024-7277,1,1,dd5e78925b0432f3fa9974008b180d3159816e3782dedfe32294047709892040,2024-07-31T00:15:01.730000 +CVE-2024-7278,1,1,9e1eba0c0b327bb0720a779fc47a6df5ee74b0e9badf4be01d9e7abe931c59c2,2024-07-31T01:15:10.130000 +CVE-2024-7279,1,1,8e2400bdfeb1f65672845aeab22f088f8e4f5740208271c999fa84d3d950e0ba,2024-07-31T01:15:10.410000 +CVE-2024-7280,1,1,b4dcc14bd00739ff68aae282898c8420bc58249f8fc0681ee34a616839197f32,2024-07-31T01:15:10.687000 CVE-2024-7297,0,0,2e874bfba57ad5ec5745065eab38f5876ea9fcd7307b48661cf2daf7f9f6b574,2024-07-30T17:15:14.513000