Auto-Update: 2024-12-23T03:00:21.371894+00:00

CVE-2024/CVE-2024-128xx/CVE-2024-12898.json

@@ -0,0 +1,145 @@
+{
+  "id": "CVE-2024-12898",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-12-23T01:15:06.840",
+  "lastModified": "2024-12-23T01:15:06.840",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/faculty_action.php. The manipulation of the argument faculty_course_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "baseScore": 6.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://1000projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/onupset/CVE/issues/1",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.289168",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.289168",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.467424",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-128xx/CVE-2024-12899.json

@@ -0,0 +1,145 @@
+{
+  "id": "CVE-2024-12899",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-12-23T01:15:07.020",
+  "lastModified": "2024-12-23T01:15:07.020",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/course_action.php. The manipulation of the argument course_code leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://1000projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/Murrayzed/CVE/issues/1",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.289169",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.289169",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.467628",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-129xx/CVE-2024-12900.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-12900",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-12-23T02:15:05.630",
+  "lastModified": "2024-12-23T02:15:05.630",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "baseScore": 6.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://note.zhaoj.in/share/iDCwOv9vfDTI",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.289170",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.289170",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.467658",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-129xx/CVE-2024-12901.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-12901",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-12-23T02:15:06.613",
+  "lastModified": "2024-12-23T02:15:06.613",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint. The manipulation of the argument password leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+          "baseScore": 5.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 10.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-266"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-285"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://note.zhaoj.in/share/8l4RPA2zcxRr",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.289171",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.289171",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.467703",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-457xx/CVE-2024-45721.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45721",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-12-23T01:15:07.200",
+  "lastModified": "2024-12-23T01:15:07.200",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the root privilege by an administrative user."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "vultures@jpcert.or.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "vultures@jpcert.or.jp",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN61635834/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://k-tai.sharp.co.jp/support/info/info083.html",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-468xx/CVE-2024-46873.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-46873",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-12-23T01:15:07.403",
+  "lastModified": "2024-12-23T01:15:07.403",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "vultures@jpcert.or.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "vultures@jpcert.or.jp",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-489"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN61635834/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://k-tai.sharp.co.jp/support/info/info083.html",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-478xx/CVE-2024-47864.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-47864",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-12-23T01:15:07.553",
+  "lastModified": "2024-12-23T01:15:07.553",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "vultures@jpcert.or.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "vultures@jpcert.or.jp",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-120"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN61635834/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://k-tai.sharp.co.jp/support/info/info083.html",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-523xx/CVE-2024-52321.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-52321",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-12-23T01:15:07.700",
+  "lastModified": "2024-12-23T01:15:07.700",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "vultures@jpcert.or.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "vultures@jpcert.or.jp",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-497"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN61635834/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://k-tai.sharp.co.jp/support/info/info083.html",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-540xx/CVE-2024-54082.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-54082",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-12-23T01:15:07.840",
+  "lastModified": "2024-12-23T01:15:07.840",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an administrative user."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "vultures@jpcert.or.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "vultures@jpcert.or.jp",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN61635834/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://k-tai.sharp.co.jp/support/info/info083.html",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-23T00:55:20.453102+00:00
+2024-12-23T03:00:21.371894+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-23T00:15:05.133000+00:00
+2024-12-23T02:15:06.613000+00:00
 ```
 
 ### Last Data Feed Release
@@ -27,23 +27,28 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
 
 ```plain
-2024-12-22T01:00:04.375550+00:00
+2024-12-23T01:00:04.362087+00:00
 ```
 
 ### Total Number of included CVEs
 
 ```plain
-274557
+274566
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `4`
+Recently added CVEs: `9`
 
-- [CVE-2024-12896](CVE-2024/CVE-2024-128xx/CVE-2024-12896.json) (`2024-12-22T23:15:05.677`)
+- [CVE-2024-12898](CVE-2024/CVE-2024-128xx/CVE-2024-12898.json) (`2024-12-23T01:15:06.840`)
-- [CVE-2024-12897](CVE-2024/CVE-2024-128xx/CVE-2024-12897.json) (`2024-12-23T00:15:04.940`)
+- [CVE-2024-12899](CVE-2024/CVE-2024-128xx/CVE-2024-12899.json) (`2024-12-23T01:15:07.020`)
-- [CVE-2024-56375](CVE-2024/CVE-2024-563xx/CVE-2024-56375.json) (`2024-12-22T23:15:06.613`)
+- [CVE-2024-12900](CVE-2024/CVE-2024-129xx/CVE-2024-12900.json) (`2024-12-23T02:15:05.630`)
-- [CVE-2024-56378](CVE-2024/CVE-2024-563xx/CVE-2024-56378.json) (`2024-12-23T00:15:05.133`)
+- [CVE-2024-12901](CVE-2024/CVE-2024-129xx/CVE-2024-12901.json) (`2024-12-23T02:15:06.613`)
+- [CVE-2024-45721](CVE-2024/CVE-2024-457xx/CVE-2024-45721.json) (`2024-12-23T01:15:07.200`)
+- [CVE-2024-46873](CVE-2024/CVE-2024-468xx/CVE-2024-46873.json) (`2024-12-23T01:15:07.403`)
+- [CVE-2024-47864](CVE-2024/CVE-2024-478xx/CVE-2024-47864.json) (`2024-12-23T01:15:07.553`)
+- [CVE-2024-52321](CVE-2024/CVE-2024-523xx/CVE-2024-52321.json) (`2024-12-23T01:15:07.700`)
+- [CVE-2024-54082](CVE-2024/CVE-2024-540xx/CVE-2024-54082.json) (`2024-12-23T01:15:07.840`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -245068,9 +245068,13 @@ CVE-2024-12892,0,0,78fb726b8df2a16fb6eb0917a0a0e88fecc9c6f1f88ab8ca30a5dd210b4e6
 CVE-2024-12893,0,0,0cecbca340b22ce3e457e2f182e11f58f94f145b2638c6f827bb0ed4008214df,2024-12-22T08:15:06.083000
 CVE-2024-12894,0,0,38ca8339bb6400ff08caeebde70032264a7662949504841ad5ff150add3fcd6e,2024-12-22T12:15:16.203000
 CVE-2024-12895,0,0,2693178457c1a41a6444992ddd10869064ffff2889e27b11cf327858c567765e,2024-12-22T14:15:04.923000
-CVE-2024-12896,1,1,b46bab1f05703ff0008332eb402a62ef781a767148efb6c7c7134cb4f610f1e9,2024-12-22T23:15:05.677000
+CVE-2024-12896,0,0,b46bab1f05703ff0008332eb402a62ef781a767148efb6c7c7134cb4f610f1e9,2024-12-22T23:15:05.677000
-CVE-2024-12897,1,1,e84417159b1fa979d786feb5c9c9428d1f89aad1baca53371c1b473a818b22fd,2024-12-23T00:15:04.940000
+CVE-2024-12897,0,0,e84417159b1fa979d786feb5c9c9428d1f89aad1baca53371c1b473a818b22fd,2024-12-23T00:15:04.940000
+CVE-2024-12898,1,1,01cf06e013b17879e3ad11f28cc90b4f8ab9d8accfe80d6b33f345df309c44cc,2024-12-23T01:15:06.840000
+CVE-2024-12899,1,1,a8156719562171ad632b82cbae15ec7c223a7a48bfe33b1a670936619c6c2e7c,2024-12-23T01:15:07.020000
 CVE-2024-1290,0,0,7c95f47c5c3e77faa57d4558ce65f60c9fa0ea7551f118126af89c59b8448f97,2024-11-21T08:50:14.680000
+CVE-2024-12900,1,1,1012b3733f239b410a68b2041572702d5a7f787259c3b8be862ffc1a0d536863,2024-12-23T02:15:05.630000
+CVE-2024-12901,1,1,7438bb24c69768569f04db263b25be4e855460433a924b6dad82e02e6b0c486b,2024-12-23T02:15:06.613000
 CVE-2024-1291,0,0,52c4840726a3cf584db63abe3d1006ff575604ba403c25fca89470816948ce5e,2024-11-21T08:50:14.863000
 CVE-2024-1292,0,0,38d9bc6a557167174bf37c6662c68d5de6a783380fb5a30941c923054e3f2f16,2024-11-21T08:50:14.983000
 CVE-2024-1293,0,0,a122e9ddbaac35fa4b5b33d2b10cf37b4d4e3a3677cea83da66723805eec222b,2024-11-21T08:50:15.167000
@@ -264830,6 +264834,7 @@ CVE-2024-45717,0,0,d0042290bedfde686afafcdb66609ec6e09f7a07ad76868bcb14ec916e681
 CVE-2024-45719,0,0,6ca7636d4f46abcbe25b85f74f485dd396329e29ed902891ee416ba7b0049fcb,2024-11-22T21:15:18.130000
 CVE-2024-4572,0,0,6754f54e88e479a744a4367c8d1d2577fd697a90d0783dabcb9fc508df61090e,2024-05-14T15:44:06.153000
 CVE-2024-45720,0,0,ab26e4a66e708abfafd5a0e7f8395b5431ac8a5c3efe1cec42e73393318df61a,2024-11-21T09:38:01.030000
+CVE-2024-45721,1,1,9efa8d5c7cbf93ab4f729d2bd7b22842337d0ab8beb27bf5bd04ae2864f2d64d,2024-12-23T01:15:07.200000
 CVE-2024-45722,0,0,a6cbff3e6d145027776ad45ff696f8999c1abb5b5325df679b4335e1344e5fc1,2024-12-10T19:49:53.693000
 CVE-2024-45723,0,0,e4b82db032d3a4ca868b794df461af99089e3cf6b69e82693349f9c5b4326629,2024-10-17T17:15:12.110000
 CVE-2024-45731,0,0,9e6b9f6efc83855233c254d65e09470d9fc869b8f01875e0d9ffb17f0327775d,2024-10-17T13:09:33.017000
@@ -265470,6 +265475,7 @@ CVE-2024-4687,0,0,691fbe5c860edbdf18385945123ec35fc420e5337163168b9949809bc18727
 CVE-2024-46870,0,0,1fd806f0972b8da340a2a96a775ca19e71689c6390ef179657882172ad5e53cb,2024-10-23T14:26:28.690000
 CVE-2024-46871,0,0,8a75195bb742a7d09e2157f53cf4a29ae8646360a0fbe4ce86872d4d639a0ed3,2024-12-14T21:15:25.810000
 CVE-2024-46872,0,0,b89329ee39c24a048dc575ac8e49e59d1a714d7b0226ecee7aec778895c50c1d,2024-11-08T15:00:42.473000
+CVE-2024-46873,1,1,c89ea423c2376bd6f6b72fea3f01f250004a52088b70335286b91ceb3bced266,2024-12-23T01:15:07.403000
 CVE-2024-46874,0,0,26c14938d3bd992112157bea5c4166c0fd1799831df9907b641db7157a63de40,2024-12-10T19:49:18.773000
 CVE-2024-4688,0,0,0da5a2cc4532b2a20302b23569ddc0737195b6ffa097a6ed8db87ef0127f00f2,2024-11-21T09:43:23.167000
 CVE-2024-46886,0,0,9a63353229e01fb1edd6f3ab48979b30c42407a9917c12b34caece3fb7192dd7,2024-10-10T12:56:30.817000
@@ -266282,6 +266288,7 @@ CVE-2024-47854,0,0,a9f09de7f0b5818799d7735e32fab0528117f290764772f98a3e102c722b0
 CVE-2024-47855,0,0,2488ce52c534b254c4fe75f30de0e6a94b0d61e1b79ce7021bafc48eccaf27dc,2024-11-07T20:35:11.733000
 CVE-2024-4786,0,0,5dd0f73d93c1de75f19479b5cea5e29a1ae9a8934feaf695496bbc3c8ecfd1b2,2024-11-21T09:43:36.490000
 CVE-2024-47863,0,0,e6340b76eef305e4f9a2a18e9b3431d1240e5a81cf4fe7cadb463db9ca192b6e,2024-11-25T18:15:13.063000
+CVE-2024-47864,1,1,7b10b8eb7e9b4aad4b5e06fbda58fa3c7474d35f3257df4264031ed55cbc2620,2024-12-23T01:15:07.553000
 CVE-2024-47865,0,0,856fbee2d0c29a916be674bec6df8b3f8c62e1515bf27cff8f7842b39f9edbc2,2024-11-21T13:57:24.187000
 CVE-2024-47867,0,0,e092a653d911d624ac72fe0241f3aa280e95881b91b7bf36e469f143c2618cbf,2024-11-15T16:44:54.783000
 CVE-2024-47868,0,0,f48e57a4ad7d358802e08c6ee8997c1410f483adbdf2de7ffeb891dd0fb1dab5,2024-10-17T17:04:35.547000
@@ -269097,6 +269104,7 @@ CVE-2024-52317,0,0,ce73efcf7b1c232dccd668d6afadee9ebc191724bbb215d2a3cde41432512
 CVE-2024-52318,0,0,9990c8ea56e7da2a0fb5af64141a1eeb644a507e2c6f41d3a96bd75739255ee9,2024-11-21T09:46:16.813000
 CVE-2024-5232,0,0,9c659ab55a0398d626d6da1c09e82340b1fec2662d16e1eca07d5817bed41493,2024-11-21T09:47:14.200000
 CVE-2024-52320,0,0,fbfaa1883239695b0007c9764a43ac2cebac69eb763863afcec1548f7df5c2dd,2024-12-06T18:15:25.737000
+CVE-2024-52321,1,1,810125fed33d3a81fef555e63f8bd28a1a60114151ab12dec90595d5f02ee13e,2024-12-23T01:15:07.700000
 CVE-2024-52323,0,0,57617b6f1b94228bad139ee211c36bd4ec7e4706388ebf89e10500861eceb01c,2024-11-27T15:15:26.377000
 CVE-2024-52324,0,0,1b82757393c4b121efeb2aca56c501ac2b568f66f0e838324b89dea8626b5590,2024-12-10T19:42:56.737000
 CVE-2024-5233,0,0,f7aceb9f589abd3e3127e7bdc682ef20b7c3a1e0d748898af38a399a8a8c2229,2024-11-21T09:47:14.357000
@@ -270077,6 +270085,7 @@ CVE-2024-54051,0,0,3a9b3ab110d43a5a43f2119d4ad99971d223dd6716849a13bc9d084152928
 CVE-2024-5406,0,0,5db0f501f7c712d4bcce798425460b3472165eeef82fd225689429d234120e5b,2024-11-21T09:47:35.457000
 CVE-2024-5407,0,0,e082637321598f3dc8c3c9e1760b81a1e1197c4d13cd58fed3245c37f0bb71c9,2024-11-21T09:47:35.567000
 CVE-2024-5408,0,0,0b23a712a85d13fef48f02294d854672174790bd624dfee1416450ccef66434a,2024-11-21T09:47:35.690000
+CVE-2024-54082,1,1,9ebb2a96cc2d7205dc499652563889da625adbc9e224107999418bf2d0739828,2024-12-23T01:15:07.840000
 CVE-2024-54083,0,0,5fd9cfa9d541ec1d140263f1195469b624b1e1b6173ea5643199f37a0fe69372,2024-12-16T08:15:05.317000
 CVE-2024-5409,0,0,f7df79bf8c405f523130badde3800a80499e2a2f05cefac143617aad785ef5de,2024-11-21T09:47:35.810000
 CVE-2024-54091,0,0,dc5c73da9eed4ea1b769bbbff881c5fabd4f746f0337a6f741715e6c55e58677,2024-12-12T14:15:22.953000
@@ -270861,8 +270870,8 @@ CVE-2024-56358,0,0,a5242b1488bc185e31d245df23f8cd112af7bc1ad520eb610922e4932f3aa
 CVE-2024-56359,0,0,57fb0eb3210037d0725af8cb3d5a41f7619e854b3139ae13f78a6461042373b7,2024-12-20T21:15:10.880000
 CVE-2024-5636,0,0,be674ee7db367fbb27ae45f825fa3b6cac855c767643bde3f8b1378da8ddb51a,2024-11-21T09:48:03.883000
 CVE-2024-5637,0,0,a5e32b0dfdcc3b00fa1c534a6efa8caef39b80f083f1c956c246ad8a83c6df00,2024-11-21T09:48:04.030000
-CVE-2024-56375,1,1,2a34ccceff495c37ae84092fe8c0ad283727cd545575a5f30821495b0c5dc2ed,2024-12-22T23:15:06.613000
+CVE-2024-56375,0,0,2a34ccceff495c37ae84092fe8c0ad283727cd545575a5f30821495b0c5dc2ed,2024-12-22T23:15:06.613000
-CVE-2024-56378,1,1,6719f8ca56230694a59bc1f5e75e3ab9feb822f8501e080a6c8cff7081436ef7,2024-12-23T00:15:05.133000
+CVE-2024-56378,0,0,6719f8ca56230694a59bc1f5e75e3ab9feb822f8501e080a6c8cff7081436ef7,2024-12-23T00:15:05.133000
 CVE-2024-5638,0,0,4a64496852c4ee147220588b5d1940917ce749a1b3dd56d16a77a8cf3ed54b84,2024-11-21T09:48:04.153000
 CVE-2024-5639,0,0,78123d59d6ff1062d5cdcc1456c84b89eb240e57bd822aee818d4edc5bb804e5,2024-11-21T09:48:04.290000
 CVE-2024-5640,0,0,01c62801966d56f9308a985efd017779bd36dfe950ad675d920936fb65a56c1f,2024-11-21T09:48:04.440000