From e1f0a831a05840cd53ada61671cd5c95431a5c0c Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 24 Apr 2024 02:03:22 +0000 Subject: [PATCH] Auto-Update: 2024-04-24T02:00:29.419573+00:00 --- CVE-2022/CVE-2022-380xx/CVE-2022-38028.json | 6 +- CVE-2024/CVE-2024-40xx/CVE-2024-4093.json | 92 +++++++++++++++++++++ README.md | 27 ++---- _state.csv | 33 ++++---- 4 files changed, 121 insertions(+), 37 deletions(-) create mode 100644 CVE-2024/CVE-2024-40xx/CVE-2024-4093.json diff --git a/CVE-2022/CVE-2022-380xx/CVE-2022-38028.json b/CVE-2022/CVE-2022-380xx/CVE-2022-38028.json index 3710a965c8f..9c33b502fcf 100644 --- a/CVE-2022/CVE-2022-380xx/CVE-2022-38028.json +++ b/CVE-2022/CVE-2022-380xx/CVE-2022-38028.json @@ -2,8 +2,12 @@ "id": "CVE-2022-38028", "sourceIdentifier": "secure@microsoft.com", "published": "2022-10-11T19:15:15.067", - "lastModified": "2023-12-20T20:15:15.410", + "lastModified": "2024-04-24T01:00:01.230", "vulnStatus": "Modified", + "cisaExploitAdd": "2024-04-23", + "cisaActionDue": "2024-05-14", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft Windows Print Spooler Privilege Escalation Vulnerability ", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-40xx/CVE-2024-4093.json b/CVE-2024/CVE-2024-40xx/CVE-2024-4093.json new file mode 100644 index 00000000000..d62e1cc11dc --- /dev/null +++ b/CVE-2024/CVE-2024-40xx/CVE-2024-4093.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-4093", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-24T01:15:49.010", + "lastModified": "2024-04-24T01:15:49.010", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file view_application.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261822 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/4wchen/Cve/blob/main/Simple%20Subscription%20Website%20with%20Admin%20System%20view_application.php%20has%20Sqlinjection.pdf", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.261822", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.261822", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.321505", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8f948b9174d..fad3b237de3 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-23T23:55:30.441223+00:00 +2024-04-24T02:00:29.419573+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-23T23:15:49.717000+00:00 +2024-04-24T01:15:49.010000+00:00 ``` ### Last Data Feed Release @@ -27,40 +27,27 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-04-23T00:00:20.254242+00:00 +2024-04-24T00:00:20.265932+00:00 ``` ### Total Number of included CVEs ```plain -246587 +246588 ``` ### CVEs added in the last Commit -Recently added CVEs: `14` +Recently added CVEs: `1` -- [CVE-2023-47357](CVE-2023/CVE-2023-473xx/CVE-2023-47357.json) (`2024-04-23T22:15:06.720`) -- [CVE-2023-48938](CVE-2023/CVE-2023-489xx/CVE-2023-48938.json) (`2024-04-23T22:15:06.927`) -- [CVE-2023-48939](CVE-2023/CVE-2023-489xx/CVE-2023-48939.json) (`2024-04-23T22:15:06.983`) -- [CVE-2024-27536](CVE-2024/CVE-2024-275xx/CVE-2024-27536.json) (`2024-04-23T22:15:07.037`) -- [CVE-2024-27537](CVE-2024/CVE-2024-275xx/CVE-2024-27537.json) (`2024-04-23T22:15:07.087`) -- [CVE-2024-30886](CVE-2024/CVE-2024-308xx/CVE-2024-30886.json) (`2024-04-23T22:15:07.140`) -- [CVE-2024-31616](CVE-2024/CVE-2024-316xx/CVE-2024-31616.json) (`2024-04-23T22:15:07.200`) -- [CVE-2024-4069](CVE-2024/CVE-2024-40xx/CVE-2024-4069.json) (`2024-04-23T22:15:07.257`) -- [CVE-2024-4070](CVE-2024/CVE-2024-40xx/CVE-2024-4070.json) (`2024-04-23T22:15:07.480`) -- [CVE-2024-4071](CVE-2024/CVE-2024-40xx/CVE-2024-4071.json) (`2024-04-23T22:15:07.703`) -- [CVE-2024-4072](CVE-2024/CVE-2024-40xx/CVE-2024-4072.json) (`2024-04-23T23:15:49.050`) -- [CVE-2024-4073](CVE-2024/CVE-2024-40xx/CVE-2024-4073.json) (`2024-04-23T23:15:49.267`) -- [CVE-2024-4074](CVE-2024/CVE-2024-40xx/CVE-2024-4074.json) (`2024-04-23T23:15:49.500`) -- [CVE-2024-4075](CVE-2024/CVE-2024-40xx/CVE-2024-4075.json) (`2024-04-23T23:15:49.717`) +- [CVE-2024-4093](CVE-2024/CVE-2024-40xx/CVE-2024-4093.json) (`2024-04-24T01:15:49.010`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2024-4040](CVE-2024/CVE-2024-40xx/CVE-2024-4040.json) (`2024-04-23T23:15:48.790`) +- [CVE-2022-38028](CVE-2022/CVE-2022-380xx/CVE-2022-38028.json) (`2024-04-24T01:00:01.230`) ## Download and Usage diff --git a/_state.csv b/_state.csv index f5efa58f6a6..618bf6eb73a 100644 --- a/_state.csv +++ b/_state.csv @@ -203859,7 +203859,7 @@ CVE-2022-38023,0,0,d1b1af13ff00e02d8ac91a41c9bd9512bdd8e3daa20611e96517b340519d5 CVE-2022-38025,0,0,8ac83fa3dba3d8f02dc15c4bafe0b1a7339911b2dec7d5d8a0029de532cf5330,2023-12-20T20:15:15.140000 CVE-2022-38026,0,0,810eec0532c5fd84ff515731f2c1f5350c0bedb83314df17ab6fa629f7f62f59,2023-12-20T20:15:15.233000 CVE-2022-38027,0,0,a2885991fd02cb09a31c30059d77c3c1969beb255f85157490833d706096da80,2023-12-20T20:15:15.317000 -CVE-2022-38028,0,0,d5a4d51012e4e813f7844832bc421fcd0ee07d012c12e8db8acc397ee20bf7cd,2023-12-20T20:15:15.410000 +CVE-2022-38028,0,1,740a533abbfe536f998dcc1fc724505dad0f206e46c9015844b3d7c6ceae711f,2024-04-24T01:00:01.230000 CVE-2022-38029,0,0,225ae76b883cf6c69017cb1ebdf2872cded9c51434379e9878e6c54a2db1f08f,2023-12-20T20:15:15.500000 CVE-2022-3803,0,0,3e78f739055885f05c00687832bb87d6a6276b0391e7285d9da7711bfaf77fdd,2023-11-07T03:51:49.163000 CVE-2022-38030,0,0,f33a382430e8871477c4c4fa984f1dd0d7ff4b387260c88751884115ba3667a6,2023-12-20T20:15:15.607000 @@ -233313,7 +233313,7 @@ CVE-2023-47352,0,0,ded8e68010beba10d42e5586dbbc81a3658bdbc766b1b6f2c518df31344ef CVE-2023-47353,0,0,f4e3114559e22b51f82b3d253587d8cff7ee3d22ac43b50cea9f50dd0c7511df,2024-02-13T18:16:03.837000 CVE-2023-47354,0,0,1f2c958db3831f6390e5e50fa6867847eaed6813747abbec0fd20ba00e24563d,2024-02-13T18:37:10.907000 CVE-2023-47355,0,0,41bc27224873ef8db29c3793a7b941a911a5b0d02bca9ac7e7f7483f04f78ddd,2024-02-13T16:43:37.553000 -CVE-2023-47357,1,1,fda474199a2cf48ecd29e01ea17cfd54f8706f61d4796570a5d37a4291daa236,2024-04-23T22:15:06.720000 +CVE-2023-47357,0,0,fda474199a2cf48ecd29e01ea17cfd54f8706f61d4796570a5d37a4291daa236,2024-04-23T22:15:06.720000 CVE-2023-47359,0,0,c946608ba7f1a213287704fedc434e49baf9ac499b59f17788c6987a1b732f76,2023-12-01T02:15:07.413000 CVE-2023-4736,0,0,0d3c28be1f2e720982eba16540dc42a9ceb8991d4cbf90837ce08667ac1cd40d,2023-12-22T18:09:33.707000 CVE-2023-47360,0,0,f00cc56a64ebe390854e8760b14c4974b462d845db7657db5ac763b8027a1171,2023-12-01T02:15:07.477000 @@ -234409,8 +234409,8 @@ CVE-2023-48928,0,0,d053a9bb74a0a28046cea0cfa716eb23c89020123e0d3b13c311d47025a3a CVE-2023-48929,0,0,eca5979522b37fa2b25551ee919d32e3acb4230f18daa9b5589f2791200eebd9,2023-12-12T17:12:58.153000 CVE-2023-4893,0,0,6652b9ae373294b185b2ee3ed8b2de9c01b11daa728acfc20632cfe5b1b582da,2023-11-07T04:23:08.643000 CVE-2023-48930,0,0,f31085f53c466869ccf011f15e2fe3f4b16ae4cf64422085ec675e6fc2a19238,2023-12-11T19:46:32.477000 -CVE-2023-48938,1,1,1b98caf96d661ffbf8063f036b612cad8f4145c41ab5490a92b21c4fa7dd7945,2024-04-23T22:15:06.927000 -CVE-2023-48939,1,1,83c4ab2ed80bc932370b7b4da0c6f2eef2c0603ed96ae88ea0f78773ce67c8e6,2024-04-23T22:15:06.983000 +CVE-2023-48938,0,0,1b98caf96d661ffbf8063f036b612cad8f4145c41ab5490a92b21c4fa7dd7945,2024-04-23T22:15:06.927000 +CVE-2023-48939,0,0,83c4ab2ed80bc932370b7b4da0c6f2eef2c0603ed96ae88ea0f78773ce67c8e6,2024-04-23T22:15:06.983000 CVE-2023-48940,0,0,9b1824c4ade97b34f65effcfadddd83bb76a19d64bf7fdcb6ee4a6b44e99f4a0,2023-12-11T19:43:51.563000 CVE-2023-48945,0,0,74cfee3b0238a4942ad055b8445533d4a6213a02bf13eb58cb4a67858f95eade,2023-12-05T18:33:48.857000 CVE-2023-48946,0,0,dea47a34595c930377baebbe273a173346c9c234948fb2db1f56bb2bcb46b28b,2023-11-30T22:10:42.030000 @@ -243892,8 +243892,8 @@ CVE-2024-27516,0,0,bc77d943dca3237cfc969969b912fe04cfc9a7bb141bbb351e6e03a84319d CVE-2024-27517,0,0,eaf81e12deb64dd8d1b2d24380f4196dfb242fbf2c45d957e1074397f4677a35,2024-02-29T13:49:29.390000 CVE-2024-27521,0,0,f5039108c28b59bf0b0a7fe798c8a809f06b9887222e13bb1b219a0b778b31fd,2024-03-27T12:29:30.307000 CVE-2024-2753,0,0,c94343bc26ecedb8097ab8d0a8a522720991033015dc323edc77ac571718fc09,2024-04-04T12:48:41.700000 -CVE-2024-27536,1,1,5d741356b2dd6ccf12d8aa38fc7b26f5fdffcd2e8b3f29ae555c59bfad78f86d,2024-04-23T22:15:07.037000 -CVE-2024-27537,1,1,19c23a8ace2b9fa0f5b0c7f5ae887d2217327b1705c43697ebd005f0fa005dec,2024-04-23T22:15:07.087000 +CVE-2024-27536,0,0,5d741356b2dd6ccf12d8aa38fc7b26f5fdffcd2e8b3f29ae555c59bfad78f86d,2024-04-23T22:15:07.037000 +CVE-2024-27537,0,0,19c23a8ace2b9fa0f5b0c7f5ae887d2217327b1705c43697ebd005f0fa005dec,2024-04-23T22:15:07.087000 CVE-2024-2754,0,0,1fcd4415dd3a76ae4bfdcbebc23b2eb9c440a110a989dd99eeab14538d1df9f4,2024-04-11T01:25:35.173000 CVE-2024-27558,0,0,7153680518d63c7932305620ccfbd7ee5fef9d259b5e0f563f6375bef36d085e,2024-03-01T22:22:25.913000 CVE-2024-27559,0,0,df9ea8940256beed3a439c54dc14f3a2ff3269b9257ecf55b0d7cb1c085a0238,2024-03-01T22:22:25.913000 @@ -245499,7 +245499,7 @@ CVE-2024-30880,0,0,89a9464fb2b59a11c3e5cf00085fed02609b7cfff66de2ef8b60b0e85535f CVE-2024-30883,0,0,39bac2b059deaf000971e1bfbce5ce5c6c34180366ea55e22f11dd860abb76a5,2024-04-11T12:47:44.137000 CVE-2024-30884,0,0,f3a012fdbee7dcdfbc54fb994726741009310b51eecb5e393a9f37c21fbc6c9c,2024-04-11T12:47:44.137000 CVE-2024-30885,0,0,053b43f723add848d769270cc9eabce98f2bef07551ec399121d9cd8c29459b9,2024-04-11T12:47:44.137000 -CVE-2024-30886,1,1,1fe340f2b7fd7f1c17c113f25e0651b4e9c467c20dbb0b39f60c75cc52815e24,2024-04-23T22:15:07.140000 +CVE-2024-30886,0,0,1fe340f2b7fd7f1c17c113f25e0651b4e9c467c20dbb0b39f60c75cc52815e24,2024-04-23T22:15:07.140000 CVE-2024-3089,0,0,3fabfa41353ef448324a78880efdc147758ef8ec187a9149e265df8463410caf,2024-04-11T01:25:53.493000 CVE-2024-30891,0,0,eaa8b86280359f3d73f2f1d8a4256591b68799e019aa5c9624f2214d6f01088e,2024-04-05T12:40:52.763000 CVE-2024-3090,0,0,1ed40e7cb1e30a4ce92e2079672b0e468d7f34e176dec853f1d60bd19ebc8837,2024-04-11T01:25:53.580000 @@ -245816,7 +245816,7 @@ CVE-2024-31585,0,0,ca870b59b85ac9b6cfa4a8fee4976da074575d82dd3c02566198bbf835617 CVE-2024-31587,0,0,6aaa189139b27b06a683c1dac5c91d5124a2971d077e3d9157f284239b68e61a,2024-04-19T16:19:49.043000 CVE-2024-3159,0,0,372cd652e2632717ba4bd0c7aadd6df6465a25a12553b2fe9846988ffe1987d3,2024-04-19T23:15:11.687000 CVE-2024-3160,0,0,f58561faca7869291dbd40f98b5207b12f048bddf4323b50e2fa0b0605fe77f4,2024-04-11T01:25:55.513000 -CVE-2024-31616,1,1,97752a5e63253b4ba9b08004d0e76ff1c9ed4a3b1302072a8a1b69ef6ebc3278,2024-04-23T22:15:07.200000 +CVE-2024-31616,0,0,97752a5e63253b4ba9b08004d0e76ff1c9ed4a3b1302072a8a1b69ef6ebc3278,2024-04-23T22:15:07.200000 CVE-2024-3162,0,0,7209bf9b1b4a4f41543ae01bfd19e9aec1dd355164cd1434a8cb5548ea161c65,2024-04-03T12:38:04.840000 CVE-2024-31634,0,0,4aa9be86cd809cace2c7d458fd82ce0e6e4c21e7757f642f911286874e9406fe,2024-04-16T13:24:07.103000 CVE-2024-3164,0,0,7f780c294c8831979bff32bef1a48b2e6fa61521035bd6f029f476ca7c0385b5,2024-04-11T01:25:55.603000 @@ -246573,16 +246573,17 @@ CVE-2024-4021,0,0,21ca31bf18d88881f7a6cc1002b89ea9bbd51b89715a0adf7c08b2eb5ac210 CVE-2024-4022,0,0,ebd323c8f90bdf29bd6ff35ea1eff449874a3d962dc85b687039f47f7b416e73,2024-04-22T13:28:43.747000 CVE-2024-4026,0,0,65bff2dba626fde0f88488c1e6df610a37e761e2e041855587a3bbcb3e849c23,2024-04-22T13:28:34.007000 CVE-2024-4031,0,0,4baeaad68cf3411bf45d41e53c64aca0aa19dc8cf620cd2c5028b0d61a50ba2c,2024-04-23T12:52:09.397000 -CVE-2024-4040,0,1,a8c13c2ea93261639ce0bb9b0a36d4120d837055b81d6b1ea3d5d9f015206ec9,2024-04-23T23:15:48.790000 +CVE-2024-4040,0,0,a8c13c2ea93261639ce0bb9b0a36d4120d837055b81d6b1ea3d5d9f015206ec9,2024-04-23T23:15:48.790000 CVE-2024-4062,0,0,fd0989c37011fb6cb5794fb7df968df0263f3f31c3aef5d67b3f6a349ba1e358,2024-04-23T19:15:46.553000 CVE-2024-4063,0,0,2008c390464bacff63172644a55a59e96a94988eb99fab2491b3e8e538a775f3,2024-04-23T19:15:46.870000 CVE-2024-4064,0,0,09ee7a85b82de580b2a486361eb0eaa08998727fa590a9268296692079168787,2024-04-23T20:15:07.997000 CVE-2024-4065,0,0,a5da92576f462db4d931c9ed36d295da893b4e991ec9663049a58cac021ab267,2024-04-23T20:15:08.223000 CVE-2024-4066,0,0,56a8ad546d4df99104a2f9d47e1c66543e4a309385ab664f82bdeb489fbff99f,2024-04-23T21:15:49.040000 -CVE-2024-4069,1,1,2bc51cf52c593ce348fea47cf5c152148f65f10fa3b96d8851da8c6d2c887759,2024-04-23T22:15:07.257000 -CVE-2024-4070,1,1,d08f6435cb18af6f5b5aa986543dfabbbc698f07d3da95ad0b9a9a9c10fe6ebc,2024-04-23T22:15:07.480000 -CVE-2024-4071,1,1,cf64c121ef73768b8dc0014adf333a214c3cfe5d11901ef1260b1a0230c251f7,2024-04-23T22:15:07.703000 -CVE-2024-4072,1,1,14444fa255baf1be4493786250e54716f9470e5a941e593c24b7da4ac1adb3f9,2024-04-23T23:15:49.050000 -CVE-2024-4073,1,1,03a1e5f7e4a15b7c97c8fd2f7d6d1b016b9830a966b0aa3f7e511a672ae6eb18,2024-04-23T23:15:49.267000 -CVE-2024-4074,1,1,473e07c97ab6569ff15462fbe321f45f94e51010e83853af21fe8396b10e663a,2024-04-23T23:15:49.500000 -CVE-2024-4075,1,1,cee5106524a24df766c9348305c31e2cd8f6749be20d7b51799359201a91e560,2024-04-23T23:15:49.717000 +CVE-2024-4069,0,0,2bc51cf52c593ce348fea47cf5c152148f65f10fa3b96d8851da8c6d2c887759,2024-04-23T22:15:07.257000 +CVE-2024-4070,0,0,d08f6435cb18af6f5b5aa986543dfabbbc698f07d3da95ad0b9a9a9c10fe6ebc,2024-04-23T22:15:07.480000 +CVE-2024-4071,0,0,cf64c121ef73768b8dc0014adf333a214c3cfe5d11901ef1260b1a0230c251f7,2024-04-23T22:15:07.703000 +CVE-2024-4072,0,0,14444fa255baf1be4493786250e54716f9470e5a941e593c24b7da4ac1adb3f9,2024-04-23T23:15:49.050000 +CVE-2024-4073,0,0,03a1e5f7e4a15b7c97c8fd2f7d6d1b016b9830a966b0aa3f7e511a672ae6eb18,2024-04-23T23:15:49.267000 +CVE-2024-4074,0,0,473e07c97ab6569ff15462fbe321f45f94e51010e83853af21fe8396b10e663a,2024-04-23T23:15:49.500000 +CVE-2024-4075,0,0,cee5106524a24df766c9348305c31e2cd8f6749be20d7b51799359201a91e560,2024-04-23T23:15:49.717000 +CVE-2024-4093,1,1,a7f42ffbcdf09ee696da0bcebfeb369eb71ef18249a79e601589f4c86adb985b,2024-04-24T01:15:49.010000