Auto-Update: 2024-03-12T09:01:00.452317+00:00

CVE-2023/CVE-2023-390xx/CVE-2023-39018.json

@@ -2,12 +2,12 @@
   "id": "CVE-2023-39018",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-07-28T15:15:13.227",
-  "lastModified": "2023-09-25T02:30:25.407",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-03-12T07:15:07.597",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
-      "value": "FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument."
+      "value": "FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no realistic use cases in which FFmpeg.java uses untrusted input for the path of the executable file."
     },
     {
       "lang": "es",
@@ -69,6 +69,10 @@
     }
   ],
   "references": [
+    {
+      "url": "https://github.com/bramp/ffmpeg-cli-wrapper/blob/master/src/main/java/net/bramp/ffmpeg/FFmpeg.java",
+      "source": "cve@mitre.org"
+    },
     {
       "url": "https://github.com/bramp/ffmpeg-cli-wrapper/issues/291",
       "source": "cve@mitre.org",

CVE-2023/CVE-2023-494xx/CVE-2023-49453.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49453",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-12T08:15:45.127",
+  "lastModified": "2024-03-12T08:15:45.127",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Reflected cross-site scripting (XSS) vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://nitipoom-jar.github.io/CVE-2023-49453/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-215xx/CVE-2024-21584.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-21584",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-03-12T08:15:45.217",
+  "lastModified": "2024-03-12T08:15:45.217",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks the user to access the product with a specially crafted URL and perform a specific operation, an arbitrary script may be executed on the web browser of the user.\r\n"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN51135247/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://pleasanter.org/archives/vulnerability-update-202401",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-218xx/CVE-2024-21805.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-21805",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-03-12T08:15:45.277",
+  "lastModified": "2024-03-12T08:15:45.277",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary file may be placed in the specific folder by a user who can log in to the PC where the product's Windows client is installed. In case the file is a specially crafted DLL file, arbitrary code may be executed with SYSTEM privilege."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN54451757/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.skyseaclientview.net/news/240307_01/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-249xx/CVE-2024-24964.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-24964",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-03-12T08:15:45.327",
+  "lastModified": "2024-03-12T08:15:45.327",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN54451757/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.skyseaclientview.net/news/240307_01/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-253xx/CVE-2024-25325.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-25325",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-12T08:15:45.370",
+  "lastModified": "2024-03-12T08:15:45.370",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL injection vulnerability in Employee Management System v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to the txtemail parameter in the login.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://cxsecurity.com/issue/WLB-2024020062",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-271xx/CVE-2024-27121.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2024-27121",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-03-12T08:15:45.413",
+  "lastModified": "2024-03-12T08:15:45.413",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Path traversal vulnerability exists in Machine Automation Controller NJ Series and Machine Automation Controller NX Series. An arbitrary file in the affected product may be accessed or arbitrary code may be executed by processing a specially crafted request sent from a remote attacker with an administrative privilege. As for the details of the affected product names/versions, see the information provided by the vendor under [References] section."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/vu/JVNVU95852116/index.html",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2024-001_en.pdf",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2024-001_ja.pdf",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-03-12T07:00:39.028804+00:00
+2024-03-12T09:01:00.452317+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-03-12T06:15:07.970000+00:00
+2024-03-12T08:15:45.413000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,23 +29,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-241077
+241083
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `2`
+Recently added CVEs: `6`
 
-* [CVE-2024-25331](CVE-2024/CVE-2024-253xx/CVE-2024-25331.json) (`2024-03-12T06:15:07.970`)
-* [CVE-2024-26521](CVE-2024/CVE-2024-265xx/CVE-2024-26521.json) (`2024-03-12T05:15:47.653`)
+* [CVE-2023-49453](CVE-2023/CVE-2023-494xx/CVE-2023-49453.json) (`2024-03-12T08:15:45.127`)
+* [CVE-2024-21584](CVE-2024/CVE-2024-215xx/CVE-2024-21584.json) (`2024-03-12T08:15:45.217`)
+* [CVE-2024-21805](CVE-2024/CVE-2024-218xx/CVE-2024-21805.json) (`2024-03-12T08:15:45.277`)
+* [CVE-2024-24964](CVE-2024/CVE-2024-249xx/CVE-2024-24964.json) (`2024-03-12T08:15:45.327`)
+* [CVE-2024-25325](CVE-2024/CVE-2024-253xx/CVE-2024-25325.json) (`2024-03-12T08:15:45.370`)
+* [CVE-2024-27121](CVE-2024/CVE-2024-271xx/CVE-2024-27121.json) (`2024-03-12T08:15:45.413`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `2`
+Recently modified CVEs: `1`
 
-* [CVE-2024-26481](CVE-2024/CVE-2024-264xx/CVE-2024-26481.json) (`2024-03-12T05:15:47.500`)
-* [CVE-2024-26483](CVE-2024/CVE-2024-264xx/CVE-2024-26483.json) (`2024-03-12T05:15:47.610`)
+* [CVE-2023-39018](CVE-2023/CVE-2023-390xx/CVE-2023-39018.json) (`2024-03-12T07:15:07.597`)
 
 
 ## Download and Usage

_state.csv

@@ -227601,7 +227601,7 @@ CVE-2023-39013,0,0,c0f1ca27d8322a1db57ef419ed44f585899af88fc5fa1d4aa50ccc49ca3a3
 CVE-2023-39015,0,0,49f57ea615b9184e24d060f45da134fc935c3c0527e1bf8bbea8347f4ed5b717,2023-08-03T18:09:48.280000
 CVE-2023-39016,0,0,611a1cd567e87e6ed4710873166ab0719e3d996290ffb621132f85fe43c83e5b,2023-08-03T18:07:14.903000
 CVE-2023-39017,0,0,7cc845b6d2278e45c5a9ee8e477fe18ebb011b61b3b79c4e4c2c458179442f45,2023-11-07T04:17:26.327000
-CVE-2023-39018,0,0,64f3e328ab3d21a76af6b2aa39127e54ef39026b1c63828b77a8fa829092c155,2023-09-25T02:30:25.407000
+CVE-2023-39018,0,1,0834c4c723dbf1b3690edce654865b6cc8165ce1a9f624d9096f2c6fba0e1891,2024-03-12T07:15:07.597000
 CVE-2023-39020,0,0,593a8aaa79caf4f90647c656528c7c100c46c06c62dda0e49b0bf348dd77b773,2023-08-03T18:01:31.200000
 CVE-2023-39021,0,0,1ee74bec6d12f8117ea5b940dfee5c70c0f02e154ce1b89fa2d37fc0c6d744a4,2023-08-03T18:00:28.377000
 CVE-2023-39022,0,0,09ca6ff95f34d53586ee3a773ecde7d003f5c5f0762e7fb5ddc7cae4af749194,2023-08-03T17:59:21.500000
@@ -234263,6 +234263,7 @@ CVE-2023-49446,0,0,11843ebbc31e413a4ec3f5f94310ca176eaed7d3903c42780d35fa06bec4a
 CVE-2023-49447,0,0,5ea4d43de6e4701175280f6f21c9529954a9e2adb93596851a9ee1a0ebe8f98c,2023-12-09T04:50:34.917000
 CVE-2023-49448,0,0,07f8497c6c2b008fc0b6d31e52d6d2016bd53c1ce95f72b7d58f675f93812537,2023-12-09T04:49:37.330000
 CVE-2023-4945,0,0,b9429dba7eaa9601f91264961ee9b51f3d0c27ccb092b1aa220032b9c992e792,2023-11-07T04:23:12.540000
+CVE-2023-49453,1,1,287e5006bb05e06245ebdc978911bf5764481505bd48de58a5727c04396b682e,2024-03-12T08:15:45.127000
 CVE-2023-49460,0,0,edbb479ef3c2815138b33e61c9a07a4c271e62f427909cc384eed0e5627d8c9e,2023-12-11T17:32:51.353000
 CVE-2023-49462,0,0,83e586a92b00ca311bbc712a9a4cc0dc8c56554ced5f0c95acdc250d2b448bb7,2023-12-11T17:32:38.270000
 CVE-2023-49463,0,0,a2250332b7852fac91f2dcff411af9bf57a339f150ce629175df44fb74fa8de2,2023-12-11T17:32:07.403000
@@ -239121,6 +239122,7 @@ CVE-2024-2153,0,0,fb8a655e3fba8ce0afef143bbe07f9318fe9ac9ad4a4312149ae082896b810
 CVE-2024-2154,0,0,808acb175da714eb181f3edc983920034648532c4334633288ceede8140c354e,2024-03-04T13:58:23.447000
 CVE-2024-2155,0,0,610f98195537c8aa683b353dce52c7f4e6a74c4aedf8c756421dcdcf7d245b1c,2024-03-04T13:58:23.447000
 CVE-2024-2156,0,0,cfe49fe5536dd3661bd385af4a390b3b7f647d19369d0e3ef3bf726e49368ca7,2024-03-04T13:58:23.447000
+CVE-2024-21584,1,1,b481178af382a3868689177cff58de3b501a6e9a306647390054436f83bd5431,2024-03-12T08:15:45.217000
 CVE-2024-21585,0,0,6e8206f1fdf94b37b9dcf7444e5790dcbe04c3a87e39f8bb6c4b0625dfa3058a,2024-01-31T00:15:45.920000
 CVE-2024-21587,0,0,00caf8e0dd355879f913af1e174cfaccf48910da74261d4402cf2eff2334cffc,2024-01-19T17:44:35.830000
 CVE-2024-21589,0,0,68b0ee433e5dc2a6e0c5986e659a2299beb8087cc670f80d46b90c5ac3b4a35f,2024-01-19T17:41:50.160000
@@ -239234,6 +239236,7 @@ CVE-2024-21796,0,0,ad6ea83e4ba68ed8909637d1ef7b65d12f04c56232c1b05d9173891b89591
 CVE-2024-21798,0,0,f6b1c3b51bfe93bdfac8ebe499d7027ef38a497aacd0c971587b98e3900bec13,2024-02-29T13:49:47.277000
 CVE-2024-21802,0,0,2a0324ca9760c4b3be107883f84a1ed806e6bad72b3badb393d00982ae57c159,2024-02-26T18:15:07.290000
 CVE-2024-21803,0,0,412e1fe487e1aa8e1b208c7f0baf850a3bb5b2cd1ac7cabb6ce669e7a4281bbb,2024-02-08T01:57:53.770000
+CVE-2024-21805,1,1,290b5498ea2bfa7e444e4cdf281eac4be11c10302d87b154df5e5e67f2ecc160,2024-03-12T08:15:45.277000
 CVE-2024-21812,0,0,e8811106b26eef69a6b44b9c940e0d21e06bed50f525e5b4df36936c24830bd9,2024-02-20T19:50:53.960000
 CVE-2024-21815,0,0,77643bc01852fedba42660856307ea92e48bb3e3a61f220c84686194810010fe,2024-03-05T13:41:01.900000
 CVE-2024-21816,0,0,1c59ad824873b45e692308f55039674fb26186a48eef31c5167e14b30ad2d48e,2024-03-04T13:58:23.447000
@@ -240406,6 +240409,7 @@ CVE-2024-24941,0,0,3ce7539cc2c00ca21eaf8843bb8dfa494f8daac6c677d25fe85a072b680ae
 CVE-2024-24942,0,0,98967e5f253d2f0e2d6c9adde01d5feb324664bac3fce3b7b875de585c5550eb,2024-02-09T01:03:13.453000
 CVE-2024-24943,0,0,cecde2b734965816be739f7278af2a22cd088f91f77e60d1e6c087126d44acbd,2024-02-09T01:03:03.970000
 CVE-2024-24945,0,0,c6e7443a15ad58b887b66a1afc517e5c6d2b064a4aecae431013860646a47dfe,2024-02-07T17:14:48.630000
+CVE-2024-24964,1,1,468b04e302b58c75b8bd9cc0f81cb3668ca463aa56d1cf0103ee209bd8942c22,2024-03-12T08:15:45.327000
 CVE-2024-24966,0,0,b8b1142fa7a04127bebdbfe2d935a3fd815c1f2bb5c99e70bfcbb30576800e5e,2024-02-14T18:04:45.380000
 CVE-2024-24988,0,0,5be9c22e9d6c42885be25053a8e3f832fee202eb91ce1cb05a36918eae761d1a,2024-02-29T13:49:29.390000
 CVE-2024-24989,0,0,39be90963d0952b8475635420a2f64ca0893f9b2941aa846029d2a39bd57b9e9,2024-02-14T18:04:45.380000
@@ -240532,8 +240536,9 @@ CVE-2024-25315,0,0,136f14dd76f8699fd29eef34984e013f6cdb8770a204b6452b0d939ebb290
 CVE-2024-25316,0,0,dccaf090a474bca51fc0821682da4c5c2112d945aeae3ef07f57e1e971411620,2024-02-12T14:23:16.537000
 CVE-2024-25318,0,0,e87647abcdb6f28062346e5c03e3ffb63c878809c19788b614db3d2291a96d12,2024-02-12T21:37:44.753000
 CVE-2024-25320,0,0,56ee093beb049b07518afee56858a8d8ace3b9803f6562a14fef92d8b7d67178,2024-02-16T19:26:55.393000
+CVE-2024-25325,1,1,589a30593cea607ea01a98707850df5d9c9f4004e38d8d92e960c8b3d3482717,2024-03-12T08:15:45.370000
 CVE-2024-25327,0,0,ed53fcf930246e366b75ca3dbc41603185b262291cf82ff3e550f2ed4e97b776,2024-03-08T14:02:57.420000
-CVE-2024-25331,1,1,1b67ab35390171edc6f83c2effd868aa2be9b14c34be6dc15894eaf947892a71,2024-03-12T06:15:07.970000
+CVE-2024-25331,0,0,1b67ab35390171edc6f83c2effd868aa2be9b14c34be6dc15894eaf947892a71,2024-03-12T06:15:07.970000
 CVE-2024-25344,0,0,5140bac0aef452b65d54f79c6217b05ec44dd1a460f10a2ceaa1e65877e2e6fa,2024-02-26T16:32:25.577000
 CVE-2024-25350,0,0,3b5e1a464fb4fcd28f6d7166045a369486403df18ae61c0e2fab4e4e5871d428,2024-02-29T13:49:47.277000
 CVE-2024-25351,0,0,28c4ca40865cd756499ab4d2ad9d55bb73b890cae2259528816b47b2a536dca5,2024-02-29T13:49:47.277000
@@ -240820,15 +240825,15 @@ CVE-2024-26471,0,0,7fddf92026a168a390ea36b87da697eab84d57af1da83b920de1166301dbe
 CVE-2024-26472,0,0,263b6313f3d222b9b664ca4acf33761066c4df1f4a964e3dd263c3bac4f021db,2024-03-08T21:15:07.193000
 CVE-2024-26473,0,0,23f27fa8ebd3984f506b7ad69a08bae2d515e7dd11e301086d0681feec0a45c1,2024-02-29T13:49:29.390000
 CVE-2024-26476,0,0,fc0454504f51fc907b2a35a893877c52153f273304642bf8a5c147e2904eba6f,2024-02-29T13:49:47.277000
-CVE-2024-26481,0,1,16c3c7f90cb16f8e754a4977b45d85fc37dcddc5f55bf7f8d07332bb65831b88,2024-03-12T05:15:47.500000
+CVE-2024-26481,0,0,16c3c7f90cb16f8e754a4977b45d85fc37dcddc5f55bf7f8d07332bb65831b88,2024-03-12T05:15:47.500000
 CVE-2024-26482,0,0,f9dca5e4d25904fab509e3ffdf08b74804d7cf4024d86bc77571cf17db2648b9,2024-02-26T19:15:07.357000
-CVE-2024-26483,0,1,ad0f3f304f4ad49dbf31bcd5ff504f39225fb0e3bde58b0adee9232448bfbbb4,2024-03-12T05:15:47.610000
+CVE-2024-26483,0,0,ad0f3f304f4ad49dbf31bcd5ff504f39225fb0e3bde58b0adee9232448bfbbb4,2024-03-12T05:15:47.610000
 CVE-2024-26484,0,0,6b114ec9a46044f4be3a7bc8c9b7a9223fa0fd6eecfdafe8a610920e041a8cb6,2024-02-27T07:15:10.810000
 CVE-2024-26489,0,0,de79f1495737dd1b8577e3e02ec381880aa1980ded294214617e55a244fa4ac0,2024-02-22T19:07:27.197000
 CVE-2024-26490,0,0,b6f6bbce17cb8b3e0d7ffc74af2883f439e6d11d15d184e2f1a2e43e85a99a1d,2024-02-22T19:07:27.197000
 CVE-2024-26491,0,0,73ef4da115c90ed06a18a1a334653b2533761b4f911c3db9814bd0d18285bcac,2024-02-22T19:07:27.197000
 CVE-2024-26492,0,0,223ddadc0c7efe7b0886f487630808be0927541c8864c0a1df96647191c41c4f,2024-03-08T14:02:57.420000
-CVE-2024-26521,1,1,1ecd18ce0cb70a44ef6c4249276a932e49951ac4f689dc4bbb96b1c6d07658ac,2024-03-12T05:15:47.653000
+CVE-2024-26521,0,0,1ecd18ce0cb70a44ef6c4249276a932e49951ac4f689dc4bbb96b1c6d07658ac,2024-03-12T05:15:47.653000
 CVE-2024-26542,0,0,84bcc676050237f7706e936cd8d9d490aa0a127cdccddbe7afe739c073267e25,2024-02-28T14:06:45.783000
 CVE-2024-26548,0,0,7b31129407d10e539a4174451b23a0f83a48cdb246d6dd13af61036fdc95df1c,2024-03-01T14:04:26.010000
 CVE-2024-26559,0,0,3b7b5127dd0e422a83fadfb79310bdd57e4fb71532d47a597a5aa1449637c0ce,2024-02-29T13:49:47.277000
@@ -240894,6 +240899,7 @@ CVE-2024-27093,0,0,2adc536c19af535e2a03a5b98ba4818457cc5a617ec41b1d012943c718349
 CVE-2024-27099,0,0,175d10b027dcaefa30f4f3d08f108961158696c2e68858dfb01ba6e05070217d,2024-02-28T14:06:45.783000
 CVE-2024-27101,0,0,5e1cdb7fd021f767632e89261ae8cd71ddf2db43a5c2430745ab100b28a7d944,2024-03-01T22:22:25.913000
 CVE-2024-27103,0,0,ba41469ea697f39b66b49d222d300153b0a74c2fb1fbae161829f573b3ab98cc,2024-02-29T13:49:47.277000
+CVE-2024-27121,1,1,75f49cfe4a229f6546130b0064f10aa566c5ff6169cc2093dd3f8b9bc60b00c8,2024-03-12T08:15:45.413000
 CVE-2024-27132,0,0,3211e33e39363e184b8550fc16d833a0f590c8e4cd3ef270e1d091501b93f80e,2024-02-26T13:42:22.567000
 CVE-2024-27133,0,0,1abfe171f722b9df6ead5b24935068c395a52a06c146ec300701d2b7e86523ce,2024-02-26T13:42:22.567000
 CVE-2024-27138,0,0,1ec0ded3b41c12b07651e921188be783731716c54fb55c30f65f5b3e8197e8cc,2024-03-01T22:22:25.913000