Auto-Update: 2024-10-06T10:00:17.207470+00:00

2025-05-08 03:27:17 +00:00 · 2024-10-06 10:03:16 +00:00 · 2024-10-06 10:03:16 +00:00 · ca77686e3e
commit ca77686e3e
parent 5c4ae854e5
4 changed files with 206 additions and 6 deletions
--- a/CVE-2024/CVE-2024-452xx/CVE-2024-45245.json
+++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45245.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-45245",
+  "sourceIdentifier": "cna@cyber.gov.il",
+  "published": "2024-10-06T08:15:02.543",
+  "lastModified": "2024-10-06T08:15:02.543",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Diebold Nixdorf \u2013 CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@cyber.gov.il",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@cyber.gov.il",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
+      "source": "cna@cyber.gov.il"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-95xx/CVE-2024-9550.json
+++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9550.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-9550",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-10-06T09:15:02.507",
+  "lastModified": "2024-10-06T09:15:02.507",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. Affected is the function formLogDnsquery of the file /goform/formLogDnsquery. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "HIGH",
+          "vulnerableSystemIntegrity": "HIGH",
+          "vulnerableSystemAvailability": "HIGH",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 8.7,
+          "baseSeverity": "HIGH"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "COMPLETE",
+          "integrityImpact": "COMPLETE",
+          "availabilityImpact": "COMPLETE",
+          "baseScore": 9.0
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 8.0,
+        "impactScore": 10.0,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-120"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-605L/formLogDnsquery.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.279348",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.279348",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.413888",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://www.dlink.com/",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-10-06T06:00:17.600795+00:00
+2024-10-06T10:00:17.207470+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-10-06T04:15:10.533000+00:00
+2024-10-06T09:15:02.507000+00:00
 ```

 ### Last Data Feed Release
@ -33,14 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-264608
+264610
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

- [CVE-2024-9549](CVE-2024/CVE-2024-95xx/CVE-2024-9549.json) (`2024-10-06T04:15:10.533`)
+- [CVE-2024-45245](CVE-2024/CVE-2024-452xx/CVE-2024-45245.json) (`2024-10-06T08:15:02.543`)
+- [CVE-2024-9550](CVE-2024/CVE-2024-95xx/CVE-2024-9550.json) (`2024-10-06T09:15:02.507`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -260121,6 +260121,7 @@ CVE-2024-4524,0,0,8e732eea1a281702bf1b965cf73e8243f70f2376e5e0521757bce661838200
 CVE-2024-45240,0,0,71d060de9ce29049494d6966979673903641ebddefc965fc9df5c7a08f6ba1cb,2024-08-26T12:47:20.187000
 CVE-2024-45241,0,0,db0315abb9e90395d374e44a8c98955e324445d54e9a189001fc6da18a250f14,2024-08-26T16:35:14.650000
 CVE-2024-45244,0,0,a9f691efb65025129369bbba49bc88f6c172529b68c55b8214f47c2d49100aff,2024-09-12T16:07:49.530000
+CVE-2024-45245,1,1,4585b5f5ac4d0cfdde54e2cb49bc2a2ab54f0d4c73c6ecb4c1a44ed46686c4c7,2024-10-06T08:15:02.543000
 CVE-2024-4525,0,0,dfe2a87106534aea559d2a64c000518f6d0b8952ad5d7b752f8fc10ec2414d43,2024-06-04T19:20:41.620000
 CVE-2024-45256,0,0,1ad6eb17928348883dd9cb354722f92894049d9e7bbed38aa0c5260ca73ab2c4,2024-08-26T13:35:02.937000
 CVE-2024-45258,0,0,20ee97d2eb3a83f8d2a7be46b53936d32dfd424c455ff5dc5358a331a56dedc1,2024-08-26T14:35:08.627000
@ -264606,4 +264607,5 @@ CVE-2024-9533,0,0,92ee4765b2d90cf5f1a6ce89292c6b4c27fa3f87e3a336020fea2ec851224d
 CVE-2024-9534,0,0,e0028561dc8a28caa97a6955e80d3048108de5fc09db3c3f70aed0c4d0833221,2024-10-05T14:15:04.387000
 CVE-2024-9535,0,0,e3d998100764633e3e528289a3381e79a3f3de24d11aeb04ed75e82053c9e7eb,2024-10-05T14:15:04.630000
 CVE-2024-9536,0,0,dcba05ea5c6c090dc8b1e81d5c10cd239c9b2b2a7f8182b0be6d72c3de7ea67d,2024-10-05T16:15:04.600000
-CVE-2024-9549,1,1,b5af2f3beca974d88fe6c9e1de223b018eb5a2f319ac9930bc18abf23d59a8af,2024-10-06T04:15:10.533000
+CVE-2024-9549,0,0,b5af2f3beca974d88fe6c9e1de223b018eb5a2f319ac9930bc18abf23d59a8af,2024-10-06T04:15:10.533000
+CVE-2024-9550,1,1,cb65878957b7c058d066f3e09375f15593de905f96246f4bc2d1d0983033fdb8,2024-10-06T09:15:02.507000