diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47024.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47024.json index fe3b0a92f4f..3289130d85c 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47024.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47024.json @@ -2,12 +2,12 @@ "id": "CVE-2023-47024", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-20T02:15:07.600", - "lastModified": "2024-01-26T17:43:03.223", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-01T07:15:07.593", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Cross Site Request Forgery vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to obtain sensitive information and escalate privileges via a crafted script to the UserSelfService component." + "value": "Cross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in the WSDL that has weak security controls and can accept custom content types." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json b/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json new file mode 100644 index 00000000000..74e88a0f30f --- /dev/null +++ b/CVE-2023/CVE-2023-519xx/CVE-2023-51939.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-51939", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-01T07:15:08.450", + "lastModified": "2024-02-01T07:15:08.450", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/liang-junkai/1b59487c0f7002fa5da98035b53e409f", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/liang-junkai/Relic-bbs-fault-injection", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/relic-toolkit/relic/issues/284", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json b/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json new file mode 100644 index 00000000000..c738e2ac2bc --- /dev/null +++ b/CVE-2024/CVE-2024-228xx/CVE-2024-22859.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-22859", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-01T07:15:08.793", + "lastModified": "2024-02-01T07:15:08.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in livewire before v3.0.4, allows remote attackers to execute arbitrary code getCsrfToken function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/livewire/livewire/commit/5d887316f2aaf83c0e380ac5e72766f19700fa3b", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json new file mode 100644 index 00000000000..41da70d3cb3 --- /dev/null +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24548.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-24548", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-02-01T07:15:09.040", + "lastModified": "2024-02-01T07:15:09.040", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Payment EX Ver1.1.5b and earlier allows a remote unauthenticated attacker to obtain the information of the user who purchases merchandise using Payment EX." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN41129639/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 4b2ed3874c9..523c78fdd4a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-02-01T07:00:24.818512+00:00 +2024-02-01T09:00:29.295005+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-02-01T06:15:53.530000+00:00 +2024-02-01T07:15:09.040000+00:00 ``` ### Last Data Feed Release @@ -29,24 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -237259 +237262 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `3` +* [CVE-2023-51939](CVE-2023/CVE-2023-519xx/CVE-2023-51939.json) (`2024-02-01T07:15:08.450`) +* [CVE-2024-22859](CVE-2024/CVE-2024-228xx/CVE-2024-22859.json) (`2024-02-01T07:15:08.793`) +* [CVE-2024-24548](CVE-2024/CVE-2024-245xx/CVE-2024-24548.json) (`2024-02-01T07:15:09.040`) ### CVEs modified in the last Commit -Recently modified CVEs: `5` +Recently modified CVEs: `1` -* [CVE-2019-5736](CVE-2019/CVE-2019-57xx/CVE-2019-5736.json) (`2024-02-01T06:15:52.717`) -* [CVE-2023-6246](CVE-2023/CVE-2023-62xx/CVE-2023-6246.json) (`2024-02-01T06:15:53.180`) -* [CVE-2023-6779](CVE-2023/CVE-2023-67xx/CVE-2023-6779.json) (`2024-02-01T06:15:53.350`) -* [CVE-2023-6780](CVE-2023/CVE-2023-67xx/CVE-2023-6780.json) (`2024-02-01T06:15:53.443`) -* [CVE-2024-21626](CVE-2024/CVE-2024-216xx/CVE-2024-21626.json) (`2024-02-01T06:15:53.530`) +* [CVE-2023-47024](CVE-2023/CVE-2023-470xx/CVE-2023-47024.json) (`2024-02-01T07:15:07.593`) ## Download and Usage