Auto-Update: 2024-02-01T09:00:29.295005+00:00

2025-05-08 11:37:26 +00:00 · 2024-02-01 09:00:33 +00:00 · 2024-02-01 09:00:33 +00:00 · f3f4669631
commit f3f4669631
parent 71da052925
5 changed files with 80 additions and 13 deletions
--- a/CVE-2023/CVE-2023-470xx/CVE-2023-47024.json
+++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47024.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-47024",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-01-20T02:15:07.600",
-  "lastModified": "2024-01-26T17:43:03.223",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-02-01T07:15:07.593",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
-      "value": "Cross Site Request Forgery vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to obtain sensitive information and escalate privileges via a crafted script to the UserSelfService component."
+      "value": "Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in the WSDL that has weak security controls and can accept custom content types."
    },
    {
      "lang": "es",
--- a/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json
+++ b/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-51939",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-02-01T07:15:08.450",
+  "lastModified": "2024-02-01T07:15:08.450",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://gist.github.com/liang-junkai/1b59487c0f7002fa5da98035b53e409f",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/liang-junkai/Relic-bbs-fault-injection",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/relic-toolkit/relic/issues/284",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json
+++ b/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-22859",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-02-01T07:15:08.793",
+  "lastModified": "2024-02-01T07:15:08.793",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in livewire before v3.0.4, allows remote attackers to execute arbitrary code getCsrfToken function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/livewire/livewire/commit/5d887316f2aaf83c0e380ac5e72766f19700fa3b",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json
+++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-24548",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-02-01T07:15:09.040",
+  "lastModified": "2024-02-01T07:15:09.040",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Payment EX Ver1.1.5b and earlier allows a remote unauthenticated attacker to obtain the information of the user who purchases merchandise using Payment EX."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN41129639/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-02-01T07:00:24.818512+00:00
+2024-02-01T09:00:29.295005+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-02-01T06:15:53.530000+00:00
+2024-02-01T07:15:09.040000+00:00
 ```

 ### Last Data Feed Release
@ -29,24 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-237259
+237262
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `3`

+* [CVE-2023-51939](CVE-2023/CVE-2023-519xx/CVE-2023-51939.json) (`2024-02-01T07:15:08.450`)
+* [CVE-2024-22859](CVE-2024/CVE-2024-228xx/CVE-2024-22859.json) (`2024-02-01T07:15:08.793`)
+* [CVE-2024-24548](CVE-2024/CVE-2024-245xx/CVE-2024-24548.json) (`2024-02-01T07:15:09.040`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `5`
+Recently modified CVEs: `1`

-* [CVE-2019-5736](CVE-2019/CVE-2019-57xx/CVE-2019-5736.json) (`2024-02-01T06:15:52.717`)
-* [CVE-2023-6246](CVE-2023/CVE-2023-62xx/CVE-2023-6246.json) (`2024-02-01T06:15:53.180`)
-* [CVE-2023-6779](CVE-2023/CVE-2023-67xx/CVE-2023-6779.json) (`2024-02-01T06:15:53.350`)
-* [CVE-2023-6780](CVE-2023/CVE-2023-67xx/CVE-2023-6780.json) (`2024-02-01T06:15:53.443`)
-* [CVE-2024-21626](CVE-2024/CVE-2024-216xx/CVE-2024-21626.json) (`2024-02-01T06:15:53.530`)
+* [CVE-2023-47024](CVE-2023/CVE-2023-470xx/CVE-2023-47024.json) (`2024-02-01T07:15:07.593`)


 ## Download and Usage