Auto-Update: 2024-04-01T12:00:38.083251+00:00

2025-05-08 19:47:09 +00:00 · 2024-04-01 12:03:26 +00:00 · 2024-04-01 12:03:26 +00:00 · be841c2fb2
commit be841c2fb2
parent 0b3a301abd
4 changed files with 121 additions and 10 deletions
--- a/CVE-2023/CVE-2023-61xx/CVE-2023-6154.json
+++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6154.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-6154",
+  "sourceIdentifier": "cve-requests@bitdefender.com",
+  "published": "2024-04-01T11:15:52.437",
+  "lastModified": "2024-04-01T11:15:52.437",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-requests@bitdefender.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-requests@bitdefender.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-15"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://bitdefender.com/support/security-advisories/local-privilege-escalation-in-bitdefender-total-security-va-11168/",
+      "source": "cve-requests@bitdefender.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-31xx/CVE-2024-3130.json
+++ b/CVE-2024/CVE-2024-31xx/CVE-2024-3130.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-3130",
+  "sourceIdentifier": "68870bb1-d075-4169-957d-e580b18692b9",
+  "published": "2024-04-01T10:15:07.607",
+  "lastModified": "2024-04-01T10:15:07.607",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Hard-coded Credentials\u00a0in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to\u00a0unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "68870bb1-d075-4169-957d-e580b18692b9",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.5,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "68870bb1-d075-4169-957d-e580b18692b9",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-798"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://ewelink.cc/security-advisories-and-notices/",
+      "source": "68870bb1-d075-4169-957d-e580b18692b9"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-04-01T10:00:37.398324+00:00
+2024-04-01T12:00:38.083251+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-04-01T09:15:51.063000+00:00
+2024-04-01T11:15:52.437000+00:00
 ```

 ### Last Data Feed Release
@ -33,16 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-243536
+243538
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `2`

- [CVE-2024-25080](CVE-2024/CVE-2024-250xx/CVE-2024-25080.json) (`2024-04-01T09:15:50.930`)
- [CVE-2024-26653](CVE-2024/CVE-2024-266xx/CVE-2024-26653.json) (`2024-04-01T09:15:51.010`)
- [CVE-2024-26654](CVE-2024/CVE-2024-266xx/CVE-2024-26654.json) (`2024-04-01T09:15:51.063`)
+- [CVE-2023-6154](CVE-2023/CVE-2023-61xx/CVE-2023-6154.json) (`2024-04-01T11:15:52.437`)
+- [CVE-2024-3130](CVE-2024/CVE-2024-31xx/CVE-2024-3130.json) (`2024-04-01T10:15:07.607`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -237114,6 +237114,7 @@ CVE-2023-6150,0,0,1ea907d678f48f22ce30b6bad5c8da7daf76b35ef23c59476e04071a5892fe
 CVE-2023-6151,0,0,7559e2f33b50293cab689a38634ef34d917b527790c29a35f6155f6feef60ac3,2023-12-05T07:15:11.207000
 CVE-2023-6152,0,0,650857fc8203f2c7b3ce096d7962f1ec279cbc9f5ea52dff75397db33e06f18d,2024-02-14T13:59:35.580000
 CVE-2023-6153,0,0,5029d75c8c42e6df7abb880dd03acef9a43af5e3dd820aafdebb873d4b25b2d7,2024-03-27T15:49:51.300000
+CVE-2023-6154,1,1,db5c4684a777d5e7c5d605dc5d65589087c66316a12f6384c2fe88148a5e85bc,2024-04-01T11:15:52.437000
 CVE-2023-6155,0,0,3ade3aecef51d941d8061f8d0b14aa2df7731495ef3e1609ad30477044f4d6ff,2024-01-02T20:16:59.773000
 CVE-2023-6156,0,0,d7561fff0656f62c31cf7fed3e16d348c47083d2199659e3634f7ff4096281e1,2023-11-30T21:08:21.483000
 CVE-2023-6157,0,0,19feaf86781e5b84fd59f4c0155ffcd6eb44ba3b8740d1cd952fe7d4823f3848,2023-11-30T21:00:23.003000
@ -241502,7 +241503,7 @@ CVE-2024-25062,0,0,9596ed5cf07a8bc8469d4afc28fc727a431af7cff3b6b8e84435c301d9955
 CVE-2024-25063,0,0,8296c4ac18003d6d927b0c45a19a753add4384ce34fc59926d1f36a726ce4dbf,2024-03-04T22:45:02.117000
 CVE-2024-25064,0,0,e90e896eb449d7ccff000c59a6c6d8569d7a679ad8db09883eafe6b89f6c07ea,2024-03-04T22:43:15.337000
 CVE-2024-25065,0,0,8789f3e0c0f1a18215b02ec07e51d2392ffb2b6e5c0102b29d290a5bd7708b34,2024-02-29T13:49:29.390000
-CVE-2024-25080,1,1,310e7c0ecfc4864770112770daf885c4158d9562abb7aa8b35fd6e6f57180369,2024-04-01T09:15:50.930000
+CVE-2024-25080,0,0,310e7c0ecfc4864770112770daf885c4158d9562abb7aa8b35fd6e6f57180369,2024-04-01T09:15:50.930000
 CVE-2024-25081,0,0,c28ed534590feb1739659669df4a7c74247df29d1ac0d5daa9ed512959af803c,2024-03-23T03:15:11.330000
 CVE-2024-25082,0,0,0376e5832e39b19bc504b78433ebb158054a5715ce980118648e2b6c7f603eff,2024-03-23T03:15:11.393000
 CVE-2024-25083,0,0,0f4fc4d8ac3f523b7fe1019fa405e820bc046011ad52c3c323b831f9b2e08f24,2024-02-16T21:39:50.223000
@ -242279,8 +242280,8 @@ CVE-2024-26649,0,0,86aeb2fae965a4a5332ed6f99e853d97c707f8eddf2b6cb0afb03f1458efa
 CVE-2024-26650,0,0,a6462e36b1dd6f69ddd876eed038a048534eb12e06d7671796e4cb5890514076,2024-03-27T12:29:41.530000
 CVE-2024-26651,0,0,a2e5e1171fae5cd37adc9c273beac8339c77df92cf6c9b2119d65e36bb3ce0f0,2024-03-27T15:49:41.437000
 CVE-2024-26652,0,0,ccc590b218f45c6bb9fa7fed88041733bb926c9879d519c1ffc1f038a0a8e977,2024-03-27T15:49:41.437000
-CVE-2024-26653,1,1,e5d955108aa6606d5f423b1eee098fe0abe9581467daa9581ba06493cd5c249a,2024-04-01T09:15:51.010000
-CVE-2024-26654,1,1,00ce544232f99029ac0a688ab0a43f455e72f4bb3887d4faca16286f8f075c69,2024-04-01T09:15:51.063000
+CVE-2024-26653,0,0,e5d955108aa6606d5f423b1eee098fe0abe9581467daa9581ba06493cd5c249a,2024-04-01T09:15:51.010000
+CVE-2024-26654,0,0,00ce544232f99029ac0a688ab0a43f455e72f4bb3887d4faca16286f8f075c69,2024-04-01T09:15:51.063000
 CVE-2024-2668,0,0,d8e22e7bb795e8f8d48dc1ea67b8b3706e737c441fdb6e3cdf26dd6015682f9f,2024-03-21T02:52:41.070000
 CVE-2024-2669,0,0,4f5a2d5969b59448109cf022193bd2b7c88dc7ffa7ca03caa723fb0f374642a3,2024-03-21T02:52:41.157000
 CVE-2024-2670,0,0,51102bd696ec0a80433e00190a81242d0892d06afe5affb13dd51bd0c370ce65,2024-03-21T02:52:41.253000
@ -243535,3 +243536,4 @@ CVE-2024-31139,0,0,cf8c25425780f1d36f604f7c3d037b16544eea3ab0908ce694956183986a8
 CVE-2024-31140,0,0,a7e2204480cd3644823842970dd746ee5c020bc95b54375f7cfa679b79796cd1,2024-03-28T16:07:30.893000
 CVE-2024-3117,0,0,9bd117fea3c63f07ed82e470b2eca603fd448e641c337d9eb39d17dc58aec826,2024-04-01T01:12:59.077000
 CVE-2024-3118,0,0,b5b75746c75ca563aa0406a7ceae7d271849851379d0c504abb280cf34775b67,2024-04-01T01:12:59.077000
+CVE-2024-3130,1,1,4b90ec1d4aac77b057008e7851f087764f6fc7805fb978a2d7d40acd1a8eb6ed,2024-04-01T10:15:07.607000