Auto-Update: 2024-04-07T16:00:37.918712+00:00

CVE-2024/CVE-2024-32xx/CVE-2024-3273.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-3273",
   "sourceIdentifier": "cna@vuldb.com",
   "published": "2024-04-04T01:15:50.387",
-  "lastModified": "2024-04-05T05:15:07.747",
+  "lastModified": "2024-04-07T14:15:07.753",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -80,6 +80,10 @@
       "url": "https://github.com/netsecfish/dlink",
       "source": "cna@vuldb.com"
     },
+    {
+      "url": "https://news.ycombinator.com/item?id=39960107",
+      "source": "cna@vuldb.com"
+    },
     {
       "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383",
       "source": "cna@vuldb.com"

CVE-2024/CVE-2024-34xx/CVE-2024-3422.json

@@ -0,0 +1,92 @@
+{
+  "id": "CVE-2024-3422",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-04-07T14:15:07.867",
+  "lastModified": "2024-04-07T14:15:07.867",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in SourceCodester Online Courseware 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/activatestud.php. The manipulation of the argument selector leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259594 is the identifier assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/thisissuperann/Vul/blob/Online-Courseware/Online-Courseware-07.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.259594",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.259594",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.311600",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-34xx/CVE-2024-3423.json

@@ -0,0 +1,92 @@
+{
+  "id": "CVE-2024-3423",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-04-07T15:15:07.253",
+  "lastModified": "2024-04-07T15:15:07.253",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in SourceCodester Online Courseware 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin/activateteach.php. The manipulation of the argument selector leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259595."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/thisissuperann/Vul/blob/Online-Courseware/Online-Courseware-08.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.259595",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.259595",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.311601",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-04-07T14:00:37.803670+00:00
+2024-04-07T16:00:37.918712+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-04-07T13:15:09.227000+00:00
+2024-04-07T15:15:07.253000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,22 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-244318
+244320
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `2`
 
-- [CVE-2024-3421](CVE-2024/CVE-2024-34xx/CVE-2024-3421.json) (`2024-04-07T13:15:09.227`)
+- [CVE-2024-3422](CVE-2024/CVE-2024-34xx/CVE-2024-3422.json) (`2024-04-07T14:15:07.867`)
+- [CVE-2024-3423](CVE-2024/CVE-2024-34xx/CVE-2024-3423.json) (`2024-04-07T15:15:07.253`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `2`
+Recently modified CVEs: `1`
 
-- [CVE-2021-37600](CVE-2021/CVE-2021-376xx/CVE-2021-37600.json) (`2024-04-07T12:15:08.723`)
-- [CVE-2024-28085](CVE-2024/CVE-2024-280xx/CVE-2024-28085.json) (`2024-04-07T12:15:08.903`)
+- [CVE-2024-3273](CVE-2024/CVE-2024-32xx/CVE-2024-3273.json) (`2024-04-07T14:15:07.753`)
 
 
 ## Download and Usage

_state.csv

@@ -179822,7 +179822,7 @@ CVE-2021-37597,0,0,0c99cf7042c2746969503698cfec7a70a253008296b4de8dc4eca658ae9d1
 CVE-2021-37598,0,0,a0859b39da979c115a94757f111f4dc833695893057844e9c1cac2587b42b35b,2021-08-24T18:18:04.410000
 CVE-2021-37599,0,0,0f6efc50722d3f1847bcb4b43aa62e98c1b11945910a53ab5587d71fb33ce086,2021-08-23T15:34:04.457000
 CVE-2021-3760,0,0,e96ff252cc29f3451ff6e72fe709a95c7e2942743c9bace4a062a9c02b7914e5,2023-11-09T14:44:33.733000
-CVE-2021-37600,0,1,4f8ed2ca5583d0ba985dd2aea1a6642e776e767872b8d20fd631d90e67f2e76f,2024-04-07T12:15:08.723000
+CVE-2021-37600,0,0,4f8ed2ca5583d0ba985dd2aea1a6642e776e767872b8d20fd631d90e67f2e76f,2024-04-07T12:15:08.723000
 CVE-2021-37601,0,0,ae1481d81c14273b712b09095d3c8648082fa34eb740600026b8a18b8cb360c5,2023-11-07T03:36:58.467000
 CVE-2021-37604,0,0,013c945ea224b86c517b4f4c44b6fee7dcf2118d9287258608ceeb2810068e33,2022-07-12T17:42:04.277000
 CVE-2021-37605,0,0,73327ad6f81809a4b9b7a3ede6c0ae0ef9a8b3b888f4a5dafdc0841c1301c75e,2022-07-12T17:42:04.277000
@@ -243071,7 +243071,7 @@ CVE-2024-2807,0,0,47b8a7021ebbb15acc350203dd3081726f7b96c650b8d998414fd135c1027f
 CVE-2024-28070,0,0,c8eeec88fa6e3b91036a4eadc63dd921f090ad52309176e7af22a570b911aeac,2024-03-17T22:38:29.433000
 CVE-2024-2808,0,0,a0621aec3e17f906967cd04e2f75551ea2d13f29c3ece6e8f56dccb94d17afe1,2024-03-26T03:13:36.183000
 CVE-2024-28084,0,0,e855eaf3201adbee7f29bca688e63324787cf32844050753a9cd1965f8c4b542,2024-03-23T03:15:11.583000
-CVE-2024-28085,0,1,50b7c8ccc5599b7ab0a3fb9fa52479a655595623006a86c4fef2d0664fd54633,2024-04-07T12:15:08.903000
+CVE-2024-28085,0,0,50b7c8ccc5599b7ab0a3fb9fa52479a655595623006a86c4fef2d0664fd54633,2024-04-07T12:15:08.903000
 CVE-2024-28088,0,0,d2f20b1069b24ba10d21e8bf3b61c2c6a1c6b345ff59786676752b80abbde7a4,2024-03-13T21:16:00.380000
 CVE-2024-28089,0,0,ebb0921cb9fb93aeb61f55f441ccf2f84797f1edc4a13bbbf59b2589f6308e97,2024-03-11T01:32:29.610000
 CVE-2024-2809,0,0,16a24c41619de5ba8d47e944f4573d2f7981695d1c5bec0e5f48dbb2fc9c9b69,2024-03-26T03:13:47.830000
@@ -244272,7 +244272,7 @@ CVE-2024-3259,0,0,76b0d3ff6f440875a58ff25c453c04b700f826053cbdad29ccaa7a70fa580a
 CVE-2024-3262,0,0,758c253f08a1135a2d383be61db9b8d36970b2087c7788f9321bc534b0b4222c,2024-04-04T12:48:22.650000
 CVE-2024-3270,0,0,15606b780f6a1935299d985641ac5849df983ebbda9046db7033eceae15f45cf,2024-04-04T12:48:41.700000
 CVE-2024-3272,0,0,32d3ad93a54dc7dcb0170715c810c40dd0605ff3f1d2f7f8a6ff591782374412,2024-04-05T05:15:07.580000
-CVE-2024-3273,0,0,1ae2eaf61f98318aed8ff92c4b5febb2d8229962f8b7b2bc67bc40cbaea73f73,2024-04-05T05:15:07.747000
+CVE-2024-3273,0,1,ccbb6a5c5c4c4b06e891e32f07239c6503baf5145f7bfada1cdbd5f43ea6ab91,2024-04-07T14:15:07.753000
 CVE-2024-3274,0,0,64bfe86321ec1e05b957bdddb515317b23c7b94e70b2d69aa950c222026c2d4b,2024-04-05T05:15:07.843000
 CVE-2024-3296,0,0,bcc39314c1e9f6d53aa0ccc8e7e7cac7c279f7f6ee5a27f19287b128ea2ed6c7,2024-04-05T12:15:37.777000
 CVE-2024-3298,0,0,35145d829af4d19541380a93e6723503e514b69e11aa4b007b05099610c37f21,2024-04-04T16:33:06.610000
@@ -244316,4 +244316,6 @@ CVE-2024-3417,0,0,b709776032706fffe344a55daccb44666332d7c2f5bd28c6517d5f92d2dba6
 CVE-2024-3418,0,0,58452af824663d867f22d2231a92345cae144d5b87497bd1cef73383984d7a46,2024-04-07T10:15:08.720000
 CVE-2024-3419,0,0,c3be583fe2a083d82b6d232b1c28356c1287391e685ec4be89f4a52f403b9cbb,2024-04-07T10:15:09.120000
 CVE-2024-3420,0,0,720c3fd5382253ca08ad331b18079caf490b53b497de7eb7a933efa064837590,2024-04-07T11:15:07.587000
-CVE-2024-3421,1,1,a560b26aaea924bd323615f86acd3e3dc05cff9023c442c8367172e85c4ab4f1,2024-04-07T13:15:09.227000
+CVE-2024-3421,0,0,a560b26aaea924bd323615f86acd3e3dc05cff9023c442c8367172e85c4ab4f1,2024-04-07T13:15:09.227000
+CVE-2024-3422,1,1,f7098e0ea33e88216934e31cdd454d33a88a63a7202d06837972e1794c274c95,2024-04-07T14:15:07.867000
+CVE-2024-3423,1,1,47d613e97d135ead157c8346f9e1010cd1b8dfede5f54337cc44b38aa442db01,2024-04-07T15:15:07.253000