admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-31 18:51:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-30T15:00:50.337218+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-30 15:04:01 +00:00
parent 7183c0bee6
commit cd46bd61e2
5 changed files with 309 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
CVE-2024/CVE-2024-120xx/CVE-2024-12001.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2024-12001",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-30T13:15:04.140",
"lastModified": "2024-11-30T13:15:04.140",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/jaychou8023/cve/blob/main/xss4.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.286416",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.286416",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.453721",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2024/CVE-2024-120xx/CVE-2024-12002.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2024-12002",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-30T13:15:04.610",
"lastModified": "2024-11-30T13:15:04.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-404"
},
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://github.com/Kalvin2077/tenda-fh-cve",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.286417",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.286417",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.453974",
"source": "cna@vuldb.com"
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
}
]
}

6
CVE-2024/CVE-2024-489xx/CVE-2024-48991.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48991",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-11-19T18:15:21.710",
"lastModified": "2024-11-26T21:15:07.330",
"lastModified": "2024-11-30T13:15:05.133",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -55,6 +55,10 @@
{
"url": "https://www.qualys.com/2024/11/19/needrestart/needrestart.txt",
"source": "security@ubuntu.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/30/4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

16
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-11-30T13:00:25.532545+00:00
2024-11-30T15:00:50.337218+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-11-30T12:15:18.030000+00:00
2024-11-30T13:15:05.133000+00:00
```
### Last Data Feed Release
@ -33,22 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
271716
271718
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
- [CVE-2024-12000](CVE-2024/CVE-2024-120xx/CVE-2024-12000.json) (`2024-11-30T12:15:17.200`)
- [CVE-2024-12001](CVE-2024/CVE-2024-120xx/CVE-2024-12001.json) (`2024-11-30T13:15:04.140`)
- [CVE-2024-12002](CVE-2024/CVE-2024-120xx/CVE-2024-12002.json) (`2024-11-30T13:15:04.610`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `1`
- [CVE-2024-43700](CVE-2024/CVE-2024-437xx/CVE-2024-43700.json) (`2024-11-30T12:15:17.720`)
- [CVE-2024-45751](CVE-2024/CVE-2024-457xx/CVE-2024-45751.json) (`2024-11-30T12:15:18.030`)
- [CVE-2024-48991](CVE-2024/CVE-2024-489xx/CVE-2024-48991.json) (`2024-11-30T13:15:05.133`)
## Download and Usage

10
_state.csv
View File

@ -243894,7 +243894,9 @@ CVE-2024-11996,0,0,d80b8507fc172b9a86f6ab141fb0a9044d43c80de0d910c996155f10dde99
CVE-2024-11997,0,0,95224e93a9082cc1de0a1beded60b60246bebbe18db37af5480d5a7cc7cf8119,2024-11-30T08:15:05.223000
CVE-2024-11998,0,0,f0265b44321a393a9a2577dcf38bfa269cf779efa8c3d964a6a6f01f1ceb81ee,2024-11-30T10:15:04.340000
CVE-2024-1200,0,0,cbf824dd51d7a3b837d210f60d3bc2fcd8c0de7dc55b64bf2469e6bd3fafa8cd,2024-05-17T02:35:18.673000
CVE-2024-12000,1,1,b554fb7516e14db1feaba750220ae1f899d45d1ef9cfed719bdd93039699e21a,2024-11-30T12:15:17.200000
CVE-2024-12000,0,0,b554fb7516e14db1feaba750220ae1f899d45d1ef9cfed719bdd93039699e21a,2024-11-30T12:15:17.200000
CVE-2024-12001,1,1,d124c0f10f30b54eb4f74d57e35bd484e6cb76bb299b65c3d619c3385b273728,2024-11-30T13:15:04.140000
CVE-2024-12002,1,1,2d664898f022b9ee65d7e21df2d171082c6696d82f0f74082488bdac27e9a6cc,2024-11-30T13:15:04.610000
CVE-2024-1201,0,0,f9834193bbb62b403f23d3357a53cc3ad9bb6173e269e5c9bf81a47c0a1a0786,2024-02-09T19:27:29.517000
CVE-2024-1202,0,0,6132da5e9762048f130f38f4ec670738f94221153725a0b95c9666bf5c59cb16,2024-08-01T19:15:32.277000
CVE-2024-1203,0,0,b776394b4b874eaeeae3e5b604198862b49ad905e4e26e755c608f17ba381dab,2024-03-13T18:16:18.563000
@ -262167,7 +262169,7 @@ CVE-2024-43697,0,0,aafe4540255caf8b19befcf934243317e12360bb6a3de5ba411c529a93412
CVE-2024-43698,0,0,9e6aaeefdd041f9881f7e87adb25bf5508d197b685354237269da3292e62e8bb,2024-10-23T15:12:34.673000
CVE-2024-43699,0,0,78534d33d290678062dddcdfe24e803feecb99e21dbcb3ac97f746608e5c52e4,2024-10-08T15:44:29.183000
CVE-2024-4370,0,0,3c1f5b342c087fc6587c8bc9012541b58d80e50fdee9d14eea44daecdec82901,2024-05-15T16:40:19.330000
CVE-2024-43700,0,1,9af24154d87c62c89db7b8ec0c730177a2ad4fbcee653b9099d7ab0097d91088,2024-11-30T12:15:17.720000
CVE-2024-43700,0,0,9af24154d87c62c89db7b8ec0c730177a2ad4fbcee653b9099d7ab0097d91088,2024-11-30T12:15:17.720000
CVE-2024-43701,0,0,806d05bc9a9c57505164825be7dbf8680f4cf63f26e698ce90f59cb6324208a0,2024-10-15T15:35:16.050000
CVE-2024-43702,0,0,8a2638259ef7d0c0bd5ed169f1bc8777f60d13fe6bd61e7083d6d48b42f35850,2024-11-30T03:15:13.903000
CVE-2024-43703,0,0,9541812b1f1e1f53c274c0839d61438b11d7c3f5eb2e292d5cebbf841568c53c,2024-11-30T03:15:14.030000
@ -263464,7 +263466,7 @@ CVE-2024-45745,0,0,095415295fb9e908dbd1bbbd24ecc8e41cf81936c17bbb0aa6290e6785ab2
CVE-2024-45746,0,0,7abeeb28473d4d90b0f40fa029a9f40cc62f9f19130bf135cc7a0a985dde62f8,2024-10-11T21:36:34.350000
CVE-2024-4575,0,0,9d22d248e877183fb374174504fab6bfc500414f16c234b88b687abe10cd48be,2024-05-24T01:15:30.977000
CVE-2024-45750,0,0,f86fce6cd4045728a00882dd42402a213a9d23f5fcb44064e442c5967c556b92,2024-09-26T19:35:17.850000
CVE-2024-45751,0,1,c113307e7e909e4cf70f9b4ddd341f71fe3fe4857c3b9883d860c17d4c9a21ae,2024-11-30T12:15:18.030000
CVE-2024-45751,0,0,c113307e7e909e4cf70f9b4ddd341f71fe3fe4857c3b9883d860c17d4c9a21ae,2024-11-30T12:15:18.030000
CVE-2024-45752,0,0,c56d2e99daff13fa264a8e02ee453ba88231a536487b9dd847b13fefb0df4a91,2024-09-25T16:54:27.520000
CVE-2024-45754,0,0,27881b9f8c3e60f9d5e35efd217ea03a3a53beb79b5679c0a5048b58d7f60f46,2024-10-15T16:35:07.827000
CVE-2024-45755,0,0,3380a03454f7c2bac1206898ca4fa4184680be886daa8fa0e017d976f6eee31b,2024-11-26T16:15:15.597000
@ -265311,7 +265313,7 @@ CVE-2024-48987,0,0,bb1285db59c3075341f96aec62f9b4ce4709041d90082c7f3534792a4d32f
CVE-2024-48989,0,0,9073e18090b9ae4eb5079758fa48cb03e03a3dcd9dfe9e38f4453d35dfeb5c4c,2024-11-13T17:01:16.850000
CVE-2024-4899,0,0,7d0ca1543842829897b22c32fd7c3ea389ea1c85b28761d045bc30da0b354462,2024-07-03T02:08:16.280000
CVE-2024-48990,0,0,01ad64d993b1a34125730a579a223ab965b2b42884353072e3771c0929c4035c,2024-11-19T21:56:45.533000
CVE-2024-48991,0,0,6f75849d879aa70a06c5980be61bce26016ea355a36322ccaf36b00c1fba8279,2024-11-26T21:15:07.330000
CVE-2024-48991,0,1,cad0aae4b890b506cacb3fef0d5af018cb8eebf417c48af68da7f4d95e131e01,2024-11-30T13:15:05.133000
CVE-2024-48992,0,0,7d51388c1721a8523b9ede74fe782bca890c6f1c274f5cf7a619b3f6ce5cedd5,2024-11-19T21:56:45.533000
CVE-2024-48993,0,0,196b3895a17ef7dfbcbfdd466d8bb48d5a37a44b82a7d059ceac4c05136016cf,2024-11-19T19:06:50.177000
CVE-2024-48994,0,0,f318b3abe51a65c36b34811cd6779d9025e28bb0518b94d3d7c79c7579b1e1e4,2024-11-15T15:40:38.250000

Can't render this file because it is too large.