From b9f38cb9d3321a6c2131d7f533dde0f1b6d79a03 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Fri, 1 Mar 2024 07:00:29 +0000
Subject: [PATCH] Auto-Update: 2024-03-01T07:00:25.595145+00:00

---
 CVE-2023/CVE-2023-448xx/CVE-2023-44821.json | 10 ++++++++-
 CVE-2023/CVE-2023-460xx/CVE-2023-46009.json | 12 +++++++++--
 CVE-2024/CVE-2024-04xx/CVE-2024-0446.json   |  8 +++++--
 CVE-2024/CVE-2024-228xx/CVE-2024-22891.json | 20 +++++++++++++++++
 CVE-2024/CVE-2024-252xx/CVE-2024-25293.json | 20 +++++++++++++++++
 CVE-2024/CVE-2024-253xx/CVE-2024-25386.json | 24 +++++++++++++++++++++
 README.md                                   | 19 ++++++++--------
 7 files changed, 99 insertions(+), 14 deletions(-)
 create mode 100644 CVE-2024/CVE-2024-228xx/CVE-2024-22891.json
 create mode 100644 CVE-2024/CVE-2024-252xx/CVE-2024-25293.json
 create mode 100644 CVE-2024/CVE-2024-253xx/CVE-2024-25386.json

diff --git a/CVE-2023/CVE-2023-448xx/CVE-2023-44821.json b/CVE-2023/CVE-2023-448xx/CVE-2023-44821.json
index 92bd039f21d..ff71b093430 100644
--- a/CVE-2023/CVE-2023-448xx/CVE-2023-44821.json
+++ b/CVE-2023/CVE-2023-448xx/CVE-2023-44821.json
@@ -2,7 +2,7 @@
   "id": "CVE-2023-44821",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-10-09T20:15:10.583",
-  "lastModified": "2023-11-07T04:21:40.703",
+  "lastModified": "2024-03-01T06:15:48.007",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -85,6 +85,14 @@
         "Exploit",
         "Issue Tracking"
       ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3I6Z7VAHUYX3Q4DULJ76NFD2CIFZJYH5/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WLTXJS6AIKPGVOAJ7EYC4HL3NEG6CGF/",
+      "source": "cve@mitre.org"
     }
   ]
 }
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46009.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46009.json
index ea1869c2a91..019c1b80c12 100644
--- a/CVE-2023/CVE-2023-460xx/CVE-2023-46009.json
+++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46009.json
@@ -2,8 +2,8 @@
   "id": "CVE-2023-46009",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-10-18T16:15:08.900",
-  "lastModified": "2023-10-25T01:25:00.963",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-03-01T06:15:48.187",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -77,6 +77,14 @@
         "Patch",
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3I6Z7VAHUYX3Q4DULJ76NFD2CIFZJYH5/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WLTXJS6AIKPGVOAJ7EYC4HL3NEG6CGF/",
+      "source": "cve@mitre.org"
     }
   ]
 }
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0446.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0446.json
index 916c25c0c94..06f9804004b 100644
--- a/CVE-2024/CVE-2024-04xx/CVE-2024-0446.json
+++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0446.json
@@ -2,12 +2,12 @@
   "id": "CVE-2024-0446",
   "sourceIdentifier": "psirt@autodesk.com",
   "published": "2024-02-22T00:15:51.903",
-  "lastModified": "2024-02-22T19:07:27.197",
+  "lastModified": "2024-03-01T05:15:08.440",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "A maliciously crafted STP, CATPART or MODEL file when parsed in ASMKERN228A.dll through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u00a0\n"
+      "value": "A maliciously crafted STP, CATPART or MODEL file in ASMKERN228A.dll when\nparsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious\nactor can leverage this vulnerability to cause a crash, write sensitive data,\nor execute arbitrary code in the context of the current process.\n\n\n\n"
     },
     {
       "lang": "es",
@@ -31,6 +31,10 @@
     {
       "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002",
       "source": "psirt@autodesk.com"
+    },
+    {
+      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004",
+      "source": "psirt@autodesk.com"
     }
   ]
 }
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-228xx/CVE-2024-22891.json b/CVE-2024/CVE-2024-228xx/CVE-2024-22891.json
new file mode 100644
index 00000000000..7c1b80eddb7
--- /dev/null
+++ b/CVE-2024/CVE-2024-228xx/CVE-2024-22891.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-22891",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-01T06:15:48.280",
+  "lastModified": "2024-03-01T06:15:48.280",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/EQSTLab/PoC/tree/main/2024/RCE/CVE-2024-22891",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-252xx/CVE-2024-25293.json b/CVE-2024/CVE-2024-252xx/CVE-2024-25293.json
new file mode 100644
index 00000000000..b0670a6766e
--- /dev/null
+++ b/CVE-2024/CVE-2024-252xx/CVE-2024-25293.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-25293",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-01T06:15:48.347",
+  "lastModified": "2024-03-01T06:15:48.347",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-25293",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-253xx/CVE-2024-25386.json b/CVE-2024/CVE-2024-253xx/CVE-2024-25386.json
new file mode 100644
index 00000000000..1c35e5a6a99
--- /dev/null
+++ b/CVE-2024/CVE-2024-253xx/CVE-2024-25386.json
@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-25386",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-01T06:15:48.390",
+  "lastModified": "2024-03-01T06:15:48.390",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Directory Traversal vulnerability in DICOM\u00ae Connectivity Framework by laurelbridge before v.2.7.6b allows a remote attacker to execute arbitrary code via the format_logfile.pl file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://gist.github.com/Shulelk/15c9ba8d6b54dd4256a50a24ac7dd0a2",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://sec.1i6w31fen9.top/2024/02/02/dcf-operations-window-remote-command-execute/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 5607f39d883..c057ec23b3a 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-03-01T05:00:24.680840+00:00
+2024-03-01T07:00:25.595145+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-03-01T04:15:06.080000+00:00
+2024-03-01T06:15:48.390000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,24 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-240168
+240171
 ```
 
 ### CVEs added in the last Commit
 
 Recently added CVEs: `3`
 
-* [CVE-2023-38366](CVE-2023/CVE-2023-383xx/CVE-2023-38366.json) (`2024-03-01T03:15:06.077`)
-* [CVE-2023-47716](CVE-2023/CVE-2023-477xx/CVE-2023-47716.json) (`2024-03-01T03:15:06.280`)
-* [CVE-2023-50312](CVE-2023/CVE-2023-503xx/CVE-2023-50312.json) (`2024-03-01T03:15:06.620`)
+* [CVE-2024-22891](CVE-2024/CVE-2024-228xx/CVE-2024-22891.json) (`2024-03-01T06:15:48.280`)
+* [CVE-2024-25293](CVE-2024/CVE-2024-252xx/CVE-2024-25293.json) (`2024-03-01T06:15:48.347`)
+* [CVE-2024-25386](CVE-2024/CVE-2024-253xx/CVE-2024-25386.json) (`2024-03-01T06:15:48.390`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `2`
+Recently modified CVEs: `3`
 
-* [CVE-2023-4886](CVE-2023/CVE-2023-48xx/CVE-2023-4886.json) (`2024-03-01T03:15:06.487`)
-* [CVE-2024-21338](CVE-2024/CVE-2024-213xx/CVE-2024-21338.json) (`2024-03-01T04:15:06.080`)
+* [CVE-2023-44821](CVE-2023/CVE-2023-448xx/CVE-2023-44821.json) (`2024-03-01T06:15:48.007`)
+* [CVE-2023-46009](CVE-2023/CVE-2023-460xx/CVE-2023-46009.json) (`2024-03-01T06:15:48.187`)
+* [CVE-2024-0446](CVE-2024/CVE-2024-04xx/CVE-2024-0446.json) (`2024-03-01T05:15:08.440`)
 
 
 ## Download and Usage