admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-24T09:00:38.176409+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-24 09:03:26 +00:00
parent 76e20a19cf
commit cc9a8e081c
3 changed files with 98 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
CVE-2024/CVE-2024-28xx/CVE-2024-2856.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-2856",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-24T07:15:08.140",
"lastModified": "2024-03-24T07:15:08.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257780. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10/V16.03.10.13/fromSetSysTime.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.257780",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.257780",
"source": "cna@vuldb.com"
}
]
}

13
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-03-24T07:00:38.407535+00:00 2024-03-24T09:00:38.176409+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-03-24T06:15:11.860000+00:00 2024-03-24T07:15:08.140000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,17 +29,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
242504 242505
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `4` Recently added CVEs: `1`
* [CVE-2024-2852](CVE-2024/CVE-2024-28xx/CVE-2024-2852.json) (`2024-03-24T05:15:09.160`) * [CVE-2024-2856](CVE-2024/CVE-2024-28xx/CVE-2024-2856.json) (`2024-03-24T07:15:08.140`)
* [CVE-2024-2853](CVE-2024/CVE-2024-28xx/CVE-2024-2853.json) (`2024-03-24T05:15:10.517`)
* [CVE-2024-2854](CVE-2024/CVE-2024-28xx/CVE-2024-2854.json) (`2024-03-24T06:15:08.633`)
* [CVE-2024-2855](CVE-2024/CVE-2024-28xx/CVE-2024-2855.json) (`2024-03-24T06:15:11.860`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit

9
_state.csv
View File

@ -242302,17 +242302,18 @@ CVE-2024-28447,0,0,729795bf39bd106c71b5b798b10fa8f526cc5d6a6eb2785b0edfa8459a535
CVE-2024-2849,0,0,e255554df31d5a2be5f1c68b740cace49b575f03af154cb1af4922f66122e90f,2024-03-23T18:15:07.770000 CVE-2024-2849,0,0,e255554df31d5a2be5f1c68b740cace49b575f03af154cb1af4922f66122e90f,2024-03-23T18:15:07.770000
CVE-2024-2850,0,0,4cd3be288e79bf59ffaa181573a0e5480a6cd00aa673c85dc83831b442015b08,2024-03-24T02:15:07.517000 CVE-2024-2850,0,0,4cd3be288e79bf59ffaa181573a0e5480a6cd00aa673c85dc83831b442015b08,2024-03-24T02:15:07.517000
CVE-2024-2851,0,0,d34e2e3647fa65cf3dd6820b40a940187c5449577d5122f74010dc45e0fb545c,2024-03-24T03:15:09.177000 CVE-2024-2851,0,0,d34e2e3647fa65cf3dd6820b40a940187c5449577d5122f74010dc45e0fb545c,2024-03-24T03:15:09.177000
CVE-2024-2852,1,1,a2fd2d6bcf9acd86b3a856901b4314c4a6b4ded19f0c394921168a3620466870,2024-03-24T05:15:09.160000 CVE-2024-2852,0,0,a2fd2d6bcf9acd86b3a856901b4314c4a6b4ded19f0c394921168a3620466870,2024-03-24T05:15:09.160000
CVE-2024-28521,0,0,8ab5b6bd1cc025dda03cab07eeddd7e1f81756c34e55025f1870bf6a0feb8a5b,2024-03-22T12:45:36.130000 CVE-2024-28521,0,0,8ab5b6bd1cc025dda03cab07eeddd7e1f81756c34e55025f1870bf6a0feb8a5b,2024-03-22T12:45:36.130000
CVE-2024-2853,1,1,209548ae772857c426e415979a34bfe530867d834d8eab298ebde9ba9cef6b6a,2024-03-24T05:15:10.517000 CVE-2024-2853,0,0,209548ae772857c426e415979a34bfe530867d834d8eab298ebde9ba9cef6b6a,2024-03-24T05:15:10.517000
CVE-2024-28535,0,0,174c70ce71a26af929a40c7b6a103a5242ac3321f34f35a982d598e918b67152,2024-03-21T20:58:46.217000 CVE-2024-28535,0,0,174c70ce71a26af929a40c7b6a103a5242ac3321f34f35a982d598e918b67152,2024-03-21T20:58:46.217000
CVE-2024-28537,0,0,ff6bf2a37289dca28bccb57e311acb6479e1a577841d298af6b3b484403dfc2c,2024-03-18T19:40:00.173000 CVE-2024-28537,0,0,ff6bf2a37289dca28bccb57e311acb6479e1a577841d298af6b3b484403dfc2c,2024-03-18T19:40:00.173000
CVE-2024-2854,1,1,569e4fa03b03fffc6e63cd6b0751993d8e2bb20aa3a8c72ba9b45e76a0e64585,2024-03-24T06:15:08.633000 CVE-2024-2854,0,0,569e4fa03b03fffc6e63cd6b0751993d8e2bb20aa3a8c72ba9b45e76a0e64585,2024-03-24T06:15:08.633000
CVE-2024-28547,0,0,a2de8a258b087cbf7c5442c921d96afce5895db417e9c628fe7656334d2bb7cc,2024-03-18T19:40:00.173000 CVE-2024-28547,0,0,a2de8a258b087cbf7c5442c921d96afce5895db417e9c628fe7656334d2bb7cc,2024-03-18T19:40:00.173000
CVE-2024-2855,1,1,b5e203d28165ea1ab596ac548db93f74ba22ae294eece4f41f8475f60ad83b87,2024-03-24T06:15:11.860000 CVE-2024-2855,0,0,b5e203d28165ea1ab596ac548db93f74ba22ae294eece4f41f8475f60ad83b87,2024-03-24T06:15:11.860000
CVE-2024-28550,0,0,55b413fc03c0e6dbaa5c4b6ccf0c8e244ea995bce860e043c8086ce78f470aae,2024-03-18T19:40:00.173000 CVE-2024-28550,0,0,55b413fc03c0e6dbaa5c4b6ccf0c8e244ea995bce860e043c8086ce78f470aae,2024-03-18T19:40:00.173000
CVE-2024-28553,0,0,f74a5d2edd657e610cfc2b884ed1530d128afd106cc0a285c1f4868830f65cd2,2024-03-21T20:58:52.357000 CVE-2024-28553,0,0,f74a5d2edd657e610cfc2b884ed1530d128afd106cc0a285c1f4868830f65cd2,2024-03-21T20:58:52.357000
CVE-2024-28559,0,0,0614f972b1018fef175a5be020062e1808da1307fa27e18c6ccd6df48da36c98,2024-03-22T12:45:36.130000 CVE-2024-28559,0,0,0614f972b1018fef175a5be020062e1808da1307fa27e18c6ccd6df48da36c98,2024-03-22T12:45:36.130000
CVE-2024-2856,1,1,496019dc5da10cf34c9931986d65655b9f90c6e1eaeec21ae011e4c36dc9c4b1,2024-03-24T07:15:08.140000
CVE-2024-28560,0,0,71f09d4b510ed852efc3bf9ad75f579a4bfcb9f31e97c96f2bbf400031737ddc,2024-03-22T12:45:36.130000 CVE-2024-28560,0,0,71f09d4b510ed852efc3bf9ad75f579a4bfcb9f31e97c96f2bbf400031737ddc,2024-03-22T12:45:36.130000
CVE-2024-28562,0,0,91433a4c4f462713402770533ad7f25e56b67cc00fab70587df3692124b0273d,2024-03-20T13:00:16.367000 CVE-2024-28562,0,0,91433a4c4f462713402770533ad7f25e56b67cc00fab70587df3692124b0273d,2024-03-20T13:00:16.367000
CVE-2024-28563,0,0,a656ef0aa8710291541ea7c711ec135274e970f2c247f821eefbeaee78f8b4d1,2024-03-20T13:00:16.367000 CVE-2024-28563,0,0,a656ef0aa8710291541ea7c711ec135274e970f2c247f821eefbeaee78f8b4d1,2024-03-20T13:00:16.367000

Can't render this file because it is too large.