From d4d247623c5fb194c0a4e05a7a2df2f78648da76 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 17 Jun 2024 04:03:11 +0000 Subject: [PATCH] Auto-Update: 2024-06-17T04:00:18.806858+00:00 --- CVE-2024/CVE-2024-51xx/CVE-2024-5163.json | 24 +++++++++ CVE-2024/CVE-2024-60xx/CVE-2024-6044.json | 63 +++++++++++++++++++++++ README.md | 10 ++-- _state.csv | 6 ++- 4 files changed, 96 insertions(+), 7 deletions(-) create mode 100644 CVE-2024/CVE-2024-51xx/CVE-2024-5163.json create mode 100644 CVE-2024/CVE-2024-60xx/CVE-2024-6044.json diff --git a/CVE-2024/CVE-2024-51xx/CVE-2024-5163.json b/CVE-2024/CVE-2024-51xx/CVE-2024-5163.json new file mode 100644 index 00000000000..0c8dbb0b32f --- /dev/null +++ b/CVE-2024/CVE-2024-51xx/CVE-2024-5163.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-5163", + "sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", + "published": "2024-06-17T03:15:09.057", + "lastModified": "2024-06-17T03:15:09.057", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.tecno.com/SRC/blogdetail/267?lang=en_US", + "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea" + }, + { + "url": "https://security.tecno.com/SRC/securityUpdates", + "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-60xx/CVE-2024-6044.json b/CVE-2024/CVE-2024-60xx/CVE-2024-6044.json new file mode 100644 index 00000000000..c2c05951e4b --- /dev/null +++ b/CVE-2024/CVE-2024-60xx/CVE-2024-6044.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-6044", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-06-17T03:15:09.163", + "lastModified": "2024-06-17T03:15:09.163", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the URL." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/en/cp-139-7878-7c3d9-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-7877-b4674-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 5e15e1c449a..87fbfd18bf2 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-06-17T02:00:18.520690+00:00 +2024-06-17T04:00:18.806858+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-06-17T01:15:49.627000+00:00 +2024-06-17T03:15:09.163000+00:00 ``` ### Last Data Feed Release @@ -33,15 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -254247 +254249 ``` ### CVEs added in the last Commit Recently added CVEs: `2` -- [CVE-2024-6042](CVE-2024/CVE-2024-60xx/CVE-2024-6042.json) (`2024-06-17T00:15:09.323`) -- [CVE-2024-6043](CVE-2024/CVE-2024-60xx/CVE-2024-6043.json) (`2024-06-17T01:15:49.627`) +- [CVE-2024-5163](CVE-2024/CVE-2024-51xx/CVE-2024-5163.json) (`2024-06-17T03:15:09.057`) +- [CVE-2024-6044](CVE-2024/CVE-2024-60xx/CVE-2024-6044.json) (`2024-06-17T03:15:09.163`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 5d2c2b7acd6..8ae287a7e10 100644 --- a/_state.csv +++ b/_state.csv @@ -253837,6 +253837,7 @@ CVE-2024-5159,0,0,21e48f9c116346beacd1ff1b36dcd3eeb5d22159bc679bcf4bc32552636921 CVE-2024-5160,0,0,9e4b1e18860b5527c7c851e358a84bf2abb3a6bec986d19da5dba6c58ecb7cb1,2024-06-10T18:15:38.067000 CVE-2024-5161,0,0,e7ee50e132209c9af2d04e0f78f70daa2f8e4d8e66a5c74b97f79aeb602e94ca,2024-06-06T14:17:35.017000 CVE-2024-5162,0,0,d15fa704d37693972ec8048da97de07e102beeb78dcaeaa088ebcc9b6b634ff1,2024-06-06T14:17:35.017000 +CVE-2024-5163,1,1,2ce742c5cc505b352d65a71b4d02546722a9c212066a9d82bd96320aa13c3a9a,2024-06-17T03:15:09.057000 CVE-2024-5165,0,0,1249b447729c1b58db4dd874ebf3238410613919325ce73c31963c57eb2e607f,2024-05-24T01:15:30.977000 CVE-2024-5166,0,0,acd04bdcb3927ae2fc6875213ce44649287d9e14ecc961e10fc982fe1f8beeeb,2024-05-22T18:59:20.240000 CVE-2024-5168,0,0,306ce12eec3dfa604048647f5d45c62ae3c9962c8122be3c41030f354ed300c2,2024-05-24T01:15:30.977000 @@ -254244,5 +254245,6 @@ CVE-2024-6015,0,0,ce17981a2f5c1abb173d15e7815cded0a62d2475c1da467d89f43737bdc158 CVE-2024-6016,0,0,ca762f4b4cad5059b56c7cba83da0542825d18a3a76ea0906d6c1e6b2a00f540,2024-06-15T19:15:48.443000 CVE-2024-6039,0,0,b95cc2c25372a777e07390d97534935dbe452a5a533742bda3ef4325dc878c01,2024-06-16T22:15:09.360000 CVE-2024-6041,0,0,e6d63ca11ea2ff9ed09ea53c6094128fe340ff7325fdab7606f076aa9a2a1946,2024-06-16T23:15:49.417000 -CVE-2024-6042,1,1,ed54c5636265103325c04d8d2622ce50f3889c9971c74cd395d52c55b95a2414,2024-06-17T00:15:09.323000 -CVE-2024-6043,1,1,ed62535c42832e37b4fd65db6511e39d988a0b0325ab18bd1d36764965ef2443,2024-06-17T01:15:49.627000 +CVE-2024-6042,0,0,ed54c5636265103325c04d8d2622ce50f3889c9971c74cd395d52c55b95a2414,2024-06-17T00:15:09.323000 +CVE-2024-6043,0,0,ed62535c42832e37b4fd65db6511e39d988a0b0325ab18bd1d36764965ef2443,2024-06-17T01:15:49.627000 +CVE-2024-6044,1,1,e7b2e64c18c97b6be6b2136ab4aca56f14648e5731c5f26d1f52a5c372063f27,2024-06-17T03:15:09.163000