diff --git a/CVE-2024/CVE-2024-101xx/CVE-2024-10142.json b/CVE-2024/CVE-2024-101xx/CVE-2024-10142.json new file mode 100644 index 00000000000..201d546dd55 --- /dev/null +++ b/CVE-2024/CVE-2024-101xx/CVE-2024-10142.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10142", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-19T17:15:10.657", + "lastModified": "2024-10-19T17:15:10.657", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /viewrequest.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/WrongDish/CVE/blob/main/xss6.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.280930", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.280930", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.425362", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c1b8b7dc97e..f33b532a644 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-19T16:00:17.498386+00:00 +2024-10-19T18:00:17.347195+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-19T15:15:14.973000+00:00 +2024-10-19T17:15:10.657000+00:00 ``` ### Last Data Feed Release @@ -33,16 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -266163 +266164 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `1` -- [CVE-2024-10139](CVE-2024/CVE-2024-101xx/CVE-2024-10139.json) (`2024-10-19T14:15:02.223`) -- [CVE-2024-10140](CVE-2024/CVE-2024-101xx/CVE-2024-10140.json) (`2024-10-19T15:15:14.603`) -- [CVE-2024-10141](CVE-2024/CVE-2024-101xx/CVE-2024-10141.json) (`2024-10-19T15:15:14.973`) +- [CVE-2024-10142](CVE-2024/CVE-2024-101xx/CVE-2024-10142.json) (`2024-10-19T17:15:10.657`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index c1dc8924e7f..0a68cb3ec7c 100644 --- a/_state.csv +++ b/_state.csv @@ -242280,10 +242280,11 @@ CVE-2024-10135,0,0,e8914e55b781bff716eafa940f25de30efb583513684251275ba2a3ba698e CVE-2024-10136,0,0,e0375517a90e229f8575b14da9742f014680eb77442b5a89ce25ef37d4825053,2024-10-19T12:15:14.110000 CVE-2024-10137,0,0,33a47f69af14970bc437ebeaf02e36f1b2c715225745b0dc593980e1d4a08c0c,2024-10-19T13:15:11.553000 CVE-2024-10138,0,0,1b4e7d561938531d13618919ae381cfdda69729bdad56337db9636f70aef3445,2024-10-19T13:15:12.277000 -CVE-2024-10139,1,1,0ed3826709bf9e931ea547c65bfab2710bfb80e53b842917d28eaf89d2532e46,2024-10-19T14:15:02.223000 +CVE-2024-10139,0,0,0ed3826709bf9e931ea547c65bfab2710bfb80e53b842917d28eaf89d2532e46,2024-10-19T14:15:02.223000 CVE-2024-1014,0,0,8e546db835ee0e62e0f6ed5b95e90d5586231fc78746cbbfef7db3d61b3c5f3d,2024-02-02T02:05:39.277000 -CVE-2024-10140,1,1,aec311209a02b8c14f754431c8bb87bae3f3320865efe32c0e3bd857d5ceadf9,2024-10-19T15:15:14.603000 -CVE-2024-10141,1,1,09fa08cc46cecf31331ef8b05b7e25cdba3a32b1fba57ba9bc41b0aac71ce99c,2024-10-19T15:15:14.973000 +CVE-2024-10140,0,0,aec311209a02b8c14f754431c8bb87bae3f3320865efe32c0e3bd857d5ceadf9,2024-10-19T15:15:14.603000 +CVE-2024-10141,0,0,09fa08cc46cecf31331ef8b05b7e25cdba3a32b1fba57ba9bc41b0aac71ce99c,2024-10-19T15:15:14.973000 +CVE-2024-10142,1,1,8f40432a96404db59ba7840a4b90da81e1beb2e19d77a9cec5d89b9a339af23c,2024-10-19T17:15:10.657000 CVE-2024-1015,0,0,5516b1d1af5a9d3814b8a6e102d3692fcdb9c463b2e2645787afdcb157946f20,2024-02-02T02:04:13.267000 CVE-2024-1016,0,0,71cf76ab1a6b276906d8ecf764cf0be1d15a9c7c60543569d9e172588701616f,2024-05-17T02:35:10.520000 CVE-2024-1017,0,0,50b68641acb97d381e6a65107328f0dab0fccf027bea27ef0f379cc058119760,2024-05-17T02:35:10.627000