admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-19T16:00:17.498386+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-19 16:03:17 +00:00
parent 5ee90fac4b
commit ecc1754bb4
5 changed files with 437 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2024/CVE-2024-101xx/CVE-2024-10139.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10139",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-19T14:15:02.223",
"lastModified": "2024-10-19T14:15:02.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add_new_supplier.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://gist.github.com/higordiego/155be99b5314d97b276a7b30b9e6dec0",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.280927",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.280927",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.425285",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-101xx/CVE-2024-10140.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10140",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-19T15:15:14.603",
"lastModified": "2024-10-19T15:15:14.603",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. Affected by this issue is some unknown functionality of the file /manage_supplier.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://gist.github.com/higordiego/b03bc3a330374a0581e51891d6105ed2",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.280928",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.280928",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.425348",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-101xx/CVE-2024-10141.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10141",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-19T15:15:14.973",
"lastModified": "2024-10-19T15:15:14.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1. This affects an unknown part of the component Session Handler. The manipulation of the argument SECRET_KEY leads to predictable from observable state. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6
},
"baseSeverity": "LOW",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-341"
}
]
}
],
"references": [
{
"url": "https://github.com/jsbroks/coco-annotator/issues/626",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/jsbroks/coco-annotator/issues/626#issue-2582440109",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.280929",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.280929",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.422713",
"source": "cna@vuldb.com"
}
]
}

15
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-19T14:00:16.655517+00:00
2024-10-19T16:00:17.498386+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-19T13:15:12.277000+00:00
2024-10-19T15:15:14.973000+00:00
```
### Last Data Feed Release
@ -33,17 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
266160
266163
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `3`
- [CVE-2024-10135](CVE-2024/CVE-2024-101xx/CVE-2024-10135.json) (`2024-10-19T12:15:13.247`)
- [CVE-2024-10136](CVE-2024/CVE-2024-101xx/CVE-2024-10136.json) (`2024-10-19T12:15:14.110`)
- [CVE-2024-10137](CVE-2024/CVE-2024-101xx/CVE-2024-10137.json) (`2024-10-19T13:15:11.553`)
- [CVE-2024-10138](CVE-2024/CVE-2024-101xx/CVE-2024-10138.json) (`2024-10-19T13:15:12.277`)
- [CVE-2024-10139](CVE-2024/CVE-2024-101xx/CVE-2024-10139.json) (`2024-10-19T14:15:02.223`)
- [CVE-2024-10140](CVE-2024/CVE-2024-101xx/CVE-2024-10140.json) (`2024-10-19T15:15:14.603`)
- [CVE-2024-10141](CVE-2024/CVE-2024-101xx/CVE-2024-10141.json) (`2024-10-19T15:15:14.973`)
### CVEs modified in the last Commit

11
_state.csv
View File

@ -242276,11 +242276,14 @@ CVE-2024-10130,0,0,005b5772134ad7ab3ff093e3d1f3c1dcefb8a6bac854c40ff82f3832025c5
CVE-2024-10131,0,0,ec7f7d7eafabbce2d329a6df322b2a0ff4b203d8976eb09a804b94ea08a31f0c,2024-10-19T04:15:05.300000
CVE-2024-10133,0,0,1403af45d2d75980e8b273ee70d6599abebda1b60a49d652dd75f4a6f64bf012,2024-10-19T09:15:11.090000
CVE-2024-10134,0,0,461682cbdde81a87fe2c1d2aa03d035dc5e4253714bf534aa9aadd2b9f613670,2024-10-19T10:15:02.663000
CVE-2024-10135,1,1,e8914e55b781bff716eafa940f25de30efb583513684251275ba2a3ba698eef6,2024-10-19T12:15:13.247000
CVE-2024-10136,1,1,e0375517a90e229f8575b14da9742f014680eb77442b5a89ce25ef37d4825053,2024-10-19T12:15:14.110000
CVE-2024-10137,1,1,33a47f69af14970bc437ebeaf02e36f1b2c715225745b0dc593980e1d4a08c0c,2024-10-19T13:15:11.553000
CVE-2024-10138,1,1,1b4e7d561938531d13618919ae381cfdda69729bdad56337db9636f70aef3445,2024-10-19T13:15:12.277000
CVE-2024-10135,0,0,e8914e55b781bff716eafa940f25de30efb583513684251275ba2a3ba698eef6,2024-10-19T12:15:13.247000
CVE-2024-10136,0,0,e0375517a90e229f8575b14da9742f014680eb77442b5a89ce25ef37d4825053,2024-10-19T12:15:14.110000
CVE-2024-10137,0,0,33a47f69af14970bc437ebeaf02e36f1b2c715225745b0dc593980e1d4a08c0c,2024-10-19T13:15:11.553000
CVE-2024-10138,0,0,1b4e7d561938531d13618919ae381cfdda69729bdad56337db9636f70aef3445,2024-10-19T13:15:12.277000
CVE-2024-10139,1,1,0ed3826709bf9e931ea547c65bfab2710bfb80e53b842917d28eaf89d2532e46,2024-10-19T14:15:02.223000
CVE-2024-1014,0,0,8e546db835ee0e62e0f6ed5b95e90d5586231fc78746cbbfef7db3d61b3c5f3d,2024-02-02T02:05:39.277000
CVE-2024-10140,1,1,aec311209a02b8c14f754431c8bb87bae3f3320865efe32c0e3bd857d5ceadf9,2024-10-19T15:15:14.603000
CVE-2024-10141,1,1,09fa08cc46cecf31331ef8b05b7e25cdba3a32b1fba57ba9bc41b0aac71ce99c,2024-10-19T15:15:14.973000
CVE-2024-1015,0,0,5516b1d1af5a9d3814b8a6e102d3692fcdb9c463b2e2645787afdcb157946f20,2024-02-02T02:04:13.267000
CVE-2024-1016,0,0,71cf76ab1a6b276906d8ecf764cf0be1d15a9c7c60543569d9e172588701616f,2024-05-17T02:35:10.520000
CVE-2024-1017,0,0,50b68641acb97d381e6a65107328f0dab0fccf027bea27ef0f379cc058119760,2024-05-17T02:35:10.627000

Can't render this file because it is too large.