admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-08T11:00:28.546989+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-08 11:00:32 +00:00
parent 70f3cf72cd
commit c8de4992f8
13 changed files with 760 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
CVE-2023/CVE-2023-290xx/CVE-2023-29048.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-29048",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:19.893",
"lastModified": "2024-01-08T09:15:19.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-290xx/CVE-2023-29049.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-29049",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.120",
"lastModified": "2024-01-08T09:15:20.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The \"upsell\" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a compromised account, or gain temporary access to a legitimate account, could inject script code to gain persistent code execution capabilities under a trusted domain. User input for this widget is now sanitized to avoid malicious content the be processed. No publicly available exploits are known.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-290xx/CVE-2023-29050.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-29050",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.300",
"lastModified": "2024-01-08T09:15:20.300",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The optional \"LDAP contacts provider\" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Unauthorized users could break confidentiality of information in the directory and potentially cause high load on the directory server, leading to denial of service. Encoding has been added for user-provided fragments that are used when constructing the LDAP query. No publicly available exploits are known.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-90"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-290xx/CVE-2023-29051.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-29051",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.480",
"lastModified": "2024-01-08T09:15:20.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users and contexts. We now make sure that the switch to disable user-generated templates by default works as intended and will remove the feature in future generations of the product. No publicly available exploits are known.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6251_7.10.6_2023-09-25.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-290xx/CVE-2023-29052.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-29052",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.680",
"lastModified": "2024-01-08T09:15:20.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added sanitization for this content. No publicly available exploits are known.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6251_7.10.6_2023-09-25.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-417xx/CVE-2023-41710.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41710",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.883",
"lastModified": "2024-01-08T09:15:20.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "User-defined script code could be stored for a upsell related shop URL. This code was not correctly sanitized when adding it to DOM. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added sanitization for this content. No publicly available exploits are known.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6251_7.10.6_2023-09-25.pdf",
"source": "security@open-xchange.com"
}
]
}

32
CVE-2023/CVE-2023-50xx/CVE-2023-5091.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-5091",
"sourceIdentifier": "arm-security@arm.com",
"published": "2024-01-08T10:15:11.233",
"lastModified": "2024-01-08T10:15:11.233",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a\u00a0local non-privileged user to make improper GPU processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r37p0 through r40p0.\n\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "arm-security@arm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"source": "arm-security@arm.com"
}
]
}

6
CVE-2023/CVE-2023-58xx/CVE-2023-5824.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5824",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-03T08:15:08.270",
"lastModified": "2023-12-13T08:15:51.617",
"lastModified": "2024-01-08T09:15:21.070",
"vulnStatus": "Modified",
"descriptions": [
{
@ -137,6 +137,10 @@
"url": "https://access.redhat.com/errata/RHSA-2023:7668",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0072",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5824",
"source": "secalert@redhat.com",

88
CVE-2024/CVE-2024-03xx/CVE-2024-0305.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0305",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-08T09:15:21.240",
"lastModified": "2024-01-08T09:15:21.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Guangzhou Yingke Electronic Technology Ncast up to 2017 and classified as problematic. Affected by this issue is some unknown functionality of the file /manage/IPSetup.php of the component Guest Login. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249872."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/2267787739/cve/blob/main/logic.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249872",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249872",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-03xx/CVE-2024-0306.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0306",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-08T09:15:21.497",
"lastModified": "2024-01-08T09:15:21.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin_login_process.php. The manipulation of the argument admin_password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249873 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Dynamic%20Lab%20Management%20System%20-%20vuln%201.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249873",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249873",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-03xx/CVE-2024-0307.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0307",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-08T10:15:11.343",
"lastModified": "2024-01-08T10:15:11.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login_process.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249874 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/VistaAX/vulnerablility/blob/main/Dynamic%20Lab%20Management%20System%20-%20vuln%202.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249874",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249874",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-03xx/CVE-2024-0308.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0308",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-08T10:15:11.560",
"lastModified": "2024-01-08T10:15:11.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Inis up to 2.0.1. It has been rated as critical. This issue affects some unknown processing of the file app/api/controller/default/Proxy.php. The manipulation of the argument p_url leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249875."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/2E2JG2PClHGF",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.249875",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249875",
"source": "cna@vuldb.com"
}
]
}

27
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-08T09:00:25.856711+00:00
2024-01-08T11:00:28.546989+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-08T08:15:36.737000+00:00
2024-01-08T10:15:11.560000+00:00
```
### Last Data Feed Release
@ -29,24 +29,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
235024
235035
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `11`
* [CVE-2024-0301](CVE-2024/CVE-2024-03xx/CVE-2024-0301.json) (`2024-01-08T07:15:08.767`)
* [CVE-2024-0302](CVE-2024/CVE-2024-03xx/CVE-2024-0302.json) (`2024-01-08T07:15:10.597`)
* [CVE-2024-22216](CVE-2024/CVE-2024-222xx/CVE-2024-22216.json) (`2024-01-08T07:15:11.547`)
* [CVE-2024-0303](CVE-2024/CVE-2024-03xx/CVE-2024-0303.json) (`2024-01-08T08:15:36.400`)
* [CVE-2024-0304](CVE-2024/CVE-2024-03xx/CVE-2024-0304.json) (`2024-01-08T08:15:36.737`)
* [CVE-2023-29048](CVE-2023/CVE-2023-290xx/CVE-2023-29048.json) (`2024-01-08T09:15:19.893`)
* [CVE-2023-29049](CVE-2023/CVE-2023-290xx/CVE-2023-29049.json) (`2024-01-08T09:15:20.120`)
* [CVE-2023-29050](CVE-2023/CVE-2023-290xx/CVE-2023-29050.json) (`2024-01-08T09:15:20.300`)
* [CVE-2023-29051](CVE-2023/CVE-2023-290xx/CVE-2023-29051.json) (`2024-01-08T09:15:20.480`)
* [CVE-2023-29052](CVE-2023/CVE-2023-290xx/CVE-2023-29052.json) (`2024-01-08T09:15:20.680`)
* [CVE-2023-41710](CVE-2023/CVE-2023-417xx/CVE-2023-41710.json) (`2024-01-08T09:15:20.883`)
* [CVE-2023-5091](CVE-2023/CVE-2023-50xx/CVE-2023-5091.json) (`2024-01-08T10:15:11.233`)
* [CVE-2024-0305](CVE-2024/CVE-2024-03xx/CVE-2024-0305.json) (`2024-01-08T09:15:21.240`)
* [CVE-2024-0306](CVE-2024/CVE-2024-03xx/CVE-2024-0306.json) (`2024-01-08T09:15:21.497`)
* [CVE-2024-0307](CVE-2024/CVE-2024-03xx/CVE-2024-0307.json) (`2024-01-08T10:15:11.343`)
* [CVE-2024-0308](CVE-2024/CVE-2024-03xx/CVE-2024-0308.json) (`2024-01-08T10:15:11.560`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
* [CVE-2023-5824](CVE-2023/CVE-2023-58xx/CVE-2023-5824.json) (`2024-01-08T09:15:21.070`)
## Download and Usage