Auto-Update: 2024-01-30T05:00:24.380202+00:00

CVE-2023/CVE-2023-38xx/CVE-2023-3812.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-3812",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2023-07-24T16:15:13.337",
-  "lastModified": "2024-01-25T20:15:36.750",
+  "lastModified": "2024-01-30T04:15:07.453",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -252,6 +252,10 @@
       "url": "https://access.redhat.com/errata/RHSA-2024:0461",
       "source": "secalert@redhat.com"
     },
+    {
+      "url": "https://access.redhat.com/errata/RHSA-2024:0554",
+      "source": "secalert@redhat.com"
+    },
     {
       "url": "https://access.redhat.com/security/cve/CVE-2023-3812",
       "source": "secalert@redhat.com",

CVE-2023/CVE-2023-51xx/CVE-2023-5178.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-5178",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2023-11-01T17:15:11.920",
-  "lastModified": "2024-01-25T18:15:08.087",
+  "lastModified": "2024-01-30T04:15:07.633",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -265,6 +265,10 @@
       "url": "https://access.redhat.com/errata/RHSA-2024:0461",
       "source": "secalert@redhat.com"
     },
+    {
+      "url": "https://access.redhat.com/errata/RHSA-2024:0554",
+      "source": "secalert@redhat.com"
+    },
     {
       "url": "https://access.redhat.com/security/cve/CVE-2023-5178",
       "source": "secalert@redhat.com",

CVE-2024/CVE-2024-10xx/CVE-2024-1027.json

@@ -0,0 +1,84 @@
+{
+  "id": "CVE-2024-1027",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-01-30T03:15:07.617",
+  "lastModified": "2024-01-30T03:15:07.617",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-252300."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://vuldb.com/?ctiid.252300",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.252300",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-218xx/CVE-2024-21840.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-21840",
+  "sourceIdentifier": "hirt@hitachi.co.jp",
+  "published": "2024-01-30T03:15:07.867",
+  "lastModified": "2024-01-30T03:15:07.867",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows\u00a0local users to read and write specific files.\n\nThis issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "hirt@hitachi.co.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.9,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.0,
+        "impactScore": 5.3
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "hirt@hitachi.co.jp",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-276"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-108/index.html",
+      "source": "hirt@hitachi.co.jp"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-01-30T03:00:24.411044+00:00
+2024-01-30T05:00:24.380202+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-01-30T02:04:25.450000+00:00
+2024-01-30T04:15:07.633000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,32 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-237088
+237090
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `10`
+Recently added CVEs: `2`
 
-* [CVE-2023-37571](CVE-2023/CVE-2023-375xx/CVE-2023-37571.json) (`2024-01-30T01:15:58.803`)
-* [CVE-2023-51813](CVE-2023/CVE-2023-518xx/CVE-2023-51813.json) (`2024-01-30T01:15:58.873`)
-* [CVE-2023-51837](CVE-2023/CVE-2023-518xx/CVE-2023-51837.json) (`2024-01-30T01:15:58.920`)
-* [CVE-2023-51843](CVE-2023/CVE-2023-518xx/CVE-2023-51843.json) (`2024-01-30T01:15:58.967`)
-* [CVE-2023-51982](CVE-2023/CVE-2023-519xx/CVE-2023-51982.json) (`2024-01-30T01:15:59.013`)
-* [CVE-2023-5372](CVE-2023/CVE-2023-53xx/CVE-2023-5372.json) (`2024-01-30T01:15:59.063`)
-* [CVE-2024-1024](CVE-2024/CVE-2024-10xx/CVE-2024-1024.json) (`2024-01-30T01:15:59.380`)
-* [CVE-2024-1026](CVE-2024/CVE-2024-10xx/CVE-2024-1026.json) (`2024-01-30T01:15:59.693`)
-* [CVE-2024-22682](CVE-2024/CVE-2024-226xx/CVE-2024-22682.json) (`2024-01-30T01:16:00.020`)
-* [CVE-2024-22938](CVE-2024/CVE-2024-229xx/CVE-2024-22938.json) (`2024-01-30T01:16:00.077`)
+* [CVE-2024-1027](CVE-2024/CVE-2024-10xx/CVE-2024-1027.json) (`2024-01-30T03:15:07.617`)
+* [CVE-2024-21840](CVE-2024/CVE-2024-218xx/CVE-2024-21840.json) (`2024-01-30T03:15:07.867`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `3`
+Recently modified CVEs: `2`
 
-* [CVE-2023-39197](CVE-2023/CVE-2023-391xx/CVE-2023-39197.json) (`2024-01-30T02:04:00.813`)
-* [CVE-2024-0587](CVE-2024/CVE-2024-05xx/CVE-2024-0587.json) (`2024-01-30T02:04:15.073`)
-* [CVE-2024-23848](CVE-2024/CVE-2024-238xx/CVE-2024-23848.json) (`2024-01-30T02:04:25.450`)
+* [CVE-2023-3812](CVE-2023/CVE-2023-38xx/CVE-2023-3812.json) (`2024-01-30T04:15:07.453`)
+* [CVE-2023-5178](CVE-2023/CVE-2023-51xx/CVE-2023-5178.json) (`2024-01-30T04:15:07.633`)
 
 
 ## Download and Usage