diff --git a/CVE-2023/CVE-2023-489xx/CVE-2023-48906.json b/CVE-2023/CVE-2023-489xx/CVE-2023-48906.json new file mode 100644 index 00000000000..d3744d76d4a --- /dev/null +++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48906.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48906", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-01T20:15:07.750", + "lastModified": "2024-04-01T20:15:07.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers to cause a denial of service via crafted input to the char_for_nibble function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.cnblogs.com/focu5/p/18070469", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28734.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28734.json index 66866b1996e..adcdf7cfeac 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28734.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28734.json @@ -2,24 +2,20 @@ "id": "CVE-2024-28734", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-19T14:15:07.687", - "lastModified": "2024-03-19T14:31:27.883", + "lastModified": "2024-04-01T21:15:33.200", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "Cross Site Scripting vulnerability in Unit4 Financials by Coda v.2024Q1 allows a remote attacker to escalate privileges via a crafted script to the cols parameter." + "value": "Cross Site Scripting vulnerability in Unit4 Financials by Coda prior to 2023Q4 allows a remote attacker to run arbitrary code via a crafted GET request using the cols parameter." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross Site Scripting en Unit4 Financials de Coda v.2024Q1 permite a un atacante remoto escalar privilegios mediante una script manipulada al par\u00e1metro cols." } ], "metrics": {}, "references": [ - { - "url": "http://financials.com", - "source": "cve@mitre.org" - }, - { - "url": "http://unit4.com", - "source": "cve@mitre.org" - }, { "url": "https://packetstormsecurity.com/files/177619/Financials-By-Coda-Cross-Site-Scripting.html", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-287xx/CVE-2024-28735.json b/CVE-2024/CVE-2024-287xx/CVE-2024-28735.json index 8f064e00516..9b83c01105d 100644 --- a/CVE-2024/CVE-2024-287xx/CVE-2024-28735.json +++ b/CVE-2024/CVE-2024-287xx/CVE-2024-28735.json @@ -2,13 +2,12 @@ "id": "CVE-2024-28735", "sourceIdentifier": "cve@mitre.org", "published": "2024-03-20T15:15:07.920", - "lastModified": "2024-03-20T17:18:21.343", + "lastModified": "2024-04-01T21:15:37.360", "vulnStatus": "Awaiting Analysis", - "cveTags": [], "descriptions": [ { "lang": "en", - "value": "An incorrect access control issue in Unit4 Financials by Coda v.2023Q4 allows a remote attacker to escalate privileges via a crafted script to the change password function." + "value": "Unit4 Financials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability which allows an authenticated user to modify the password of any user of the application via a crafted request." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-294xx/CVE-2024-29433.json b/CVE-2024/CVE-2024-294xx/CVE-2024-29433.json new file mode 100644 index 00000000000..41f30fc158a --- /dev/null +++ b/CVE-2024/CVE-2024-294xx/CVE-2024-29433.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-29433", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-01T20:15:14.117", + "lastModified": "2024-04-01T20:15:14.117", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to execute arbitrary commands via supplying crafted data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/Raybye/496a871c66715a531750d58651d2b5c4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-294xx/CVE-2024-29435.json b/CVE-2024/CVE-2024-294xx/CVE-2024-29435.json new file mode 100644 index 00000000000..74beb115951 --- /dev/null +++ b/CVE-2024/CVE-2024-294xx/CVE-2024-29435.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-29435", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-01T20:15:20.710", + "lastModified": "2024-04-01T20:15:20.710", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary commands via the processId parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/Raybye/ea3a46adc5ea51e659c42218f05153fa", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8c274d1ca0e..384cd8ac3f8 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-01T20:00:38.476040+00:00 +2024-04-01T22:00:37.824104+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-01T19:15:46.257000+00:00 +2024-04-01T21:15:37.360000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -243579 +243582 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `3` -- [CVE-2024-3135](CVE-2024/CVE-2024-31xx/CVE-2024-3135.json) (`2024-04-01T19:15:46.257`) +- [CVE-2023-48906](CVE-2023/CVE-2023-489xx/CVE-2023-48906.json) (`2024-04-01T20:15:07.750`) +- [CVE-2024-29433](CVE-2024/CVE-2024-294xx/CVE-2024-29433.json) (`2024-04-01T20:15:14.117`) +- [CVE-2024-29435](CVE-2024/CVE-2024-294xx/CVE-2024-29435.json) (`2024-04-01T20:15:20.710`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `2` -- [CVE-2024-3094](CVE-2024/CVE-2024-30xx/CVE-2024-3094.json) (`2024-04-01T18:15:08.130`) +- [CVE-2024-28734](CVE-2024/CVE-2024-287xx/CVE-2024-28734.json) (`2024-04-01T21:15:33.200`) +- [CVE-2024-28735](CVE-2024/CVE-2024-287xx/CVE-2024-28735.json) (`2024-04-01T21:15:37.360`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 661aaf831a7..f5286726607 100644 --- a/_state.csv +++ b/_state.csv @@ -234221,6 +234221,7 @@ CVE-2023-4890,0,0,eb2dc2ce98c453ac601fe50983ca46471e68e1127ec83f9b4a8e310d8b49d8 CVE-2023-48901,0,0,f446c92df2db4de5c13ee1f341836963e1038bdc6dccd7674bc84892c3fc7277,2024-03-21T12:58:51.093000 CVE-2023-48902,0,0,e7baaf30305f21ff2e35d33a7943067082763a78ecdcb49520e0cbc99bbc44a5,2024-03-21T12:58:51.093000 CVE-2023-48903,0,0,0e8dfe11061b4bd630c2eaabe9f3e9f7db7dd223d901bed09f4037e0835e473d,2024-03-21T12:58:51.093000 +CVE-2023-48906,1,1,a0876432476f4624946f3778dffad7e9d011ac8bd03ff7ecf77b71e2a5943f7d,2024-04-01T20:15:07.750000 CVE-2023-48909,0,0,3e8e89114d21d750682bc99dc49eefbef7a7f8a9d7e81ae2ff795ea6d5358bdd,2024-01-22T16:33:28.663000 CVE-2023-4891,0,0,5af63557ded9a502489a61ec0faabf7c8df79ec616cf65a10034c6e6474fca38,2023-11-16T18:01:59.767000 CVE-2023-48910,0,0,e620722d33cd1da28062f51f4566aad3f1ded2e1dadf9cdffa8a5009e7d091cf,2023-12-07T21:02:12.637000 @@ -242893,8 +242894,8 @@ CVE-2024-28713,0,0,e08dea2bd6ea41c86adfd6db0e66602ac0ddbc5b76865cfa0864771acc365 CVE-2024-28714,0,0,6f4831903bd7a2fd8e5ecdde87a1fca916cacb82c2dc00093fe15f409a0029ee,2024-03-29T12:45:02.937000 CVE-2024-28715,0,0,af77246106a78842a7b294f3e28f52ff784cab47ce869925f80951f17109d52a,2024-03-20T13:00:16.367000 CVE-2024-2873,0,0,38b44d61d3230fcaba1c551f8073fe8dda4eadd0cd50d8705b668e3c4529f628,2024-03-26T12:55:05.010000 -CVE-2024-28734,0,0,bb594e0a4ca8bb02d549585c26850af992a8eb906f708b8c0205bd91934fdfb1,2024-03-19T14:31:27.883000 -CVE-2024-28735,0,0,1cca5b70579efcd40e1ae7e4fc16465418b0dd44575c9ca86cd2af6b21987bc2,2024-03-20T17:18:21.343000 +CVE-2024-28734,0,1,f4687488b267ac163f3e0d4b9d3eb38f6f5a041c19b985a560624c627a7f4e16,2024-04-01T21:15:33.200000 +CVE-2024-28735,0,1,8f92a77739da7a1ad54d0d429f2c770bfe994fab12ee8201b6dd80188dadc434,2024-04-01T21:15:37.360000 CVE-2024-28745,0,0,15394cfaddabd1c5537f1c3a0b8bc4d088d58358d421e9d9475a38fad6a5e44f,2024-03-18T12:38:25.490000 CVE-2024-28746,0,0,4e08f19b517756fb15fbaf966494c1aeec3b9803b4e2b615b4d5a557eb48c84a,2024-03-14T12:52:09.877000 CVE-2024-28752,0,0,b6856abb589c0fed02798f341901c4f3025e287fced11706e9fa0c89b392cd6a,2024-03-15T12:53:06.423000 @@ -243097,6 +243098,8 @@ CVE-2024-2941,0,0,ce11630a400956dcbfeeac55ad32861fc5176b2eeccb4990e4aaf30900f5cb CVE-2024-29419,0,0,1f113c646466febbefbd1317ecc5036f9bdf6e219db156971cfdda70e05f32f0,2024-03-20T17:18:21.343000 CVE-2024-2942,0,0,3fa2fdee1f7a471c21b1ac1386874f056fa7e82fdcd541072fb7ea8f5bfccb08,2024-03-27T12:29:30.307000 CVE-2024-2943,0,0,b5b95bbcb0b53766ee2bd76974e535abb9029181348d10726e03c7804fb75e95,2024-03-27T12:29:30.307000 +CVE-2024-29433,1,1,21adc3c8a95a26c86b2b74b557f4e20bcf8905128e93c58ff4ba1fd286dde4e0,2024-04-01T20:15:14.117000 +CVE-2024-29435,1,1,0ab2f10ca872ebd6961fe8a7b35451c1492475f17c5cda887a4b0fb9b2673ddf,2024-04-01T20:15:20.710000 CVE-2024-2944,0,0,edbe06654b669678b299b573aae74f1e6525956b78541d7e0f3aff7e4dd8cf16,2024-03-27T12:29:30.307000 CVE-2024-29440,0,0,b41dbba691936eb263a6e48ee2f4c3b0c65bf928cbb922caedd1e0f5f03baacf,2024-03-26T12:55:05.010000 CVE-2024-29442,0,0,7905121fe561461f75c739d09685b7ffc46a6e6f08464603a503f7d567bf4eab,2024-03-26T12:55:05.010000 @@ -243524,7 +243527,7 @@ CVE-2024-3088,0,0,17096f2cfa8fda09a8bb2b7c525c1938c5c418c0e3bd885f1d08a8c3953fe5 CVE-2024-3089,0,0,b4f31458bb9b11408f751c36503b5a78d4493afb2b414607628068f199bdcb01,2024-04-01T01:12:59.077000 CVE-2024-3090,0,0,e521b31492c960816f2b9672e6c814449ea6ce77dbc34054aeb4b3c679ad2119,2024-04-01T01:12:59.077000 CVE-2024-3091,0,0,e5161a5a2d0196ce39626dff7591f836486bee878683ee478a2b6a285b1e55df,2024-04-01T01:12:59.077000 -CVE-2024-3094,0,1,90dd4a4fc9f3a1805900d0aa3c586a11abe50efccc342603e40885595ed200f2,2024-04-01T18:15:08.130000 +CVE-2024-3094,0,0,90dd4a4fc9f3a1805900d0aa3c586a11abe50efccc342603e40885595ed200f2,2024-04-01T18:15:08.130000 CVE-2024-31032,0,0,c23457a1b61188b806e7f7013717ab2174a595288e28b36b486645ce08e16035,2024-04-01T01:12:59.077000 CVE-2024-31033,0,0,b68c0579ca8a1928aaa2c04420bd909e78d3dea0bf9cb7601dc000d4dad4d6ac,2024-04-01T12:49:09.583000 CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000 @@ -243577,4 +243580,4 @@ CVE-2024-3128,0,0,056938c6a8b6ab390e58cb8172b91bb74a5a0631c1c821668ba50e075d1b96 CVE-2024-3129,0,0,d56dc65048f8b5510a9b06891117a0b948b323d309c6396cedd8172433a25afd,2024-04-01T16:15:59.810000 CVE-2024-3130,0,0,ef2284dd9e84592c7cee32f0cffdd9950f2526390b774b97299e332f225b7f58,2024-04-01T12:49:00.877000 CVE-2024-3131,0,0,7dfaa24c8b195badc25edb04d978f1a937b34743cf98489290336cba65db3832,2024-04-01T17:16:19.970000 -CVE-2024-3135,1,1,9fd41b50098c6d32295984c9d56fe9e173835dcf05ebbef747e5073b9780d1d3,2024-04-01T19:15:46.257000 +CVE-2024-3135,0,0,9fd41b50098c6d32295984c9d56fe9e173835dcf05ebbef747e5073b9780d1d3,2024-04-01T19:15:46.257000