admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 02:00:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-25T02:00:19.458910+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-25 02:03:21 +00:00
parent f86895e8a2
commit fa075f9c21
8 changed files with 607 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2024/CVE-2024-103xx/CVE-2024-10351.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10351",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T00:15:02.533",
"lastModified": "2024-10-25T00:15:02.533",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/setMacFilterCfg.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281699",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281699",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427706",
"source": "cna@vuldb.com"
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-103xx/CVE-2024-10353.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10353",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T00:15:02.800",
"lastModified": "2024-10-25T00:15:02.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /admin-dashboard. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This affects a different product and is a different issue than CVE-2024-40480."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1hEXfbOOkWdYzaSI6ORQvPGBtn09R12Ui/view?usp=drive_link",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281700",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281700",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.427957",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-103xx/CVE-2024-10354.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10354",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T01:15:13.213",
"lastModified": "2024-10-25T01:15:13.213",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/K1nako0/tmp_vuln3/blob/main/README.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281701",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281701",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.430074",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-103xx/CVE-2024-10355.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10355",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-25T01:15:13.497",
"lastModified": "2024-10-25T01:15:13.497",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/K1nako0/tmp_vuln4/blob/main/README.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.281702",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.281702",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.430077",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

10
CVE-2024/CVE-2024-204xx/CVE-2024-20481.json
View File

@ -2,13 +2,21 @@
"id": "CVE-2024-20481",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-10-23T18:15:11.737",
"lastModified": "2024-10-23T18:15:11.737",
"lastModified": "2024-10-25T01:00:01.450",
"vulnStatus": "Received",
"cveTags": [],
"cisaExploitAdd": "2024-10-24",
"cisaActionDue": "2024-11-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Cisco ASA and FTD Denial-of-Service Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service.\r\n\r This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected.\r\n\r Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servicio de VPN de acceso remoto (RAVPN) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) del servicio RAVPN. Esta vulnerabilidad se debe al agotamiento de los recursos. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una gran cantidad de solicitudes de autenticaci\u00f3n de VPN a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante agote los recursos, lo que resultar\u00eda en una denegaci\u00f3n de servicio del servicio RAVPN en el dispositivo afectado. Seg\u00fan el impacto del ataque, puede ser necesario recargar el dispositivo para restaurar el servicio RAVPN. Los servicios que no est\u00e1n relacionados con VPN no se ven afectados. Cisco Talos analiz\u00f3 estos ataques en la publicaci\u00f3n del blog Actividad de fuerza bruta a gran escala dirigida a VPN y servicios SSH con credenciales de inicio de sesi\u00f3n de uso com\u00fan."
}
],
"metrics": {

6
CVE-2024/CVE-2024-373xx/CVE-2024-37383.json
View File

@ -2,9 +2,13 @@
"id": "CVE-2024-37383",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-07T04:15:30.463",
"lastModified": "2024-07-03T02:04:16.250",
"lastModified": "2024-10-25T01:00:01.450",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cisaExploitAdd": "2024-10-24",
"cisaActionDue": "2024-11-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability",
"descriptions": [
{
"lang": "en",

29
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-24T23:55:19.474086+00:00
2024-10-25T02:00:19.458910+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-24T23:15:13.250000+00:00
2024-10-25T01:15:13.497000+00:00
```
### Last Data Feed Release
@ -27,36 +27,31 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2024-10-24T00:00:08.675913+00:00
2024-10-25T00:00:08.651236+00:00
```
### Total Number of included CVEs
```plain
266991
266995
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `4`
- [CVE-2024-10348](CVE-2024/CVE-2024-103xx/CVE-2024-10348.json) (`2024-10-24T22:15:03.040`)
- [CVE-2024-10349](CVE-2024/CVE-2024-103xx/CVE-2024-10349.json) (`2024-10-24T22:15:03.410`)
- [CVE-2024-10350](CVE-2024/CVE-2024-103xx/CVE-2024-10350.json) (`2024-10-24T23:15:13.250`)
- [CVE-2024-41617](CVE-2024/CVE-2024-416xx/CVE-2024-41617.json) (`2024-10-24T22:15:03.687`)
- [CVE-2024-41618](CVE-2024/CVE-2024-416xx/CVE-2024-41618.json) (`2024-10-24T22:15:03.787`)
- [CVE-2024-49357](CVE-2024/CVE-2024-493xx/CVE-2024-49357.json) (`2024-10-24T22:15:03.880`)
- [CVE-2024-49358](CVE-2024/CVE-2024-493xx/CVE-2024-49358.json) (`2024-10-24T22:15:04.083`)
- [CVE-2024-49359](CVE-2024/CVE-2024-493xx/CVE-2024-49359.json) (`2024-10-24T22:15:04.287`)
- [CVE-2024-49750](CVE-2024/CVE-2024-497xx/CVE-2024-49750.json) (`2024-10-24T22:15:04.490`)
- [CVE-2024-49760](CVE-2024/CVE-2024-497xx/CVE-2024-49760.json) (`2024-10-24T22:15:04.703`)
- [CVE-2024-49762](CVE-2024/CVE-2024-497xx/CVE-2024-49762.json) (`2024-10-24T22:15:04.897`)
- [CVE-2024-10351](CVE-2024/CVE-2024-103xx/CVE-2024-10351.json) (`2024-10-25T00:15:02.533`)
- [CVE-2024-10353](CVE-2024/CVE-2024-103xx/CVE-2024-10353.json) (`2024-10-25T00:15:02.800`)
- [CVE-2024-10354](CVE-2024/CVE-2024-103xx/CVE-2024-10354.json) (`2024-10-25T01:15:13.213`)
- [CVE-2024-10355](CVE-2024/CVE-2024-103xx/CVE-2024-10355.json) (`2024-10-25T01:15:13.497`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `2`
- [CVE-2024-20481](CVE-2024/CVE-2024-204xx/CVE-2024-20481.json) (`2024-10-25T01:00:01.450`)
- [CVE-2024-37383](CVE-2024/CVE-2024-373xx/CVE-2024-37383.json) (`2024-10-25T01:00:01.450`)
## Download and Usage

30
_state.csv
View File

@ -242475,10 +242475,14 @@ CVE-2024-10336,0,0,33e82271c1bad361b028f2e98191e887a62f8fe553b83c9e8d440090c3c1f
CVE-2024-10337,0,0,a69476b83db6c1f12d365a088fb8bc4d825727f073e5a237b1dd6d1ef8718249,2024-10-24T18:15:06.170000
CVE-2024-10338,0,0,834519410f43f4f4c77b02126281b19245f19896884e0511305f98f5f48cd646,2024-10-24T18:15:06.437000
CVE-2024-1034,0,0,454f09f0f5fc636699352f4449a6882a204ccb564a121fe5e40109839ef595a1,2024-05-17T02:35:12.150000
CVE-2024-10348,1,1,09e7ac6c7f23e28b101424e19c6879bb1ed02292425631c454442f71ca7441e6,2024-10-24T22:15:03.040000
CVE-2024-10349,1,1,a719391f7b0eea4a6bd2d53350e234389799bfebd21fc15817c74578ad143977,2024-10-24T22:15:03.410000
CVE-2024-10348,0,0,09e7ac6c7f23e28b101424e19c6879bb1ed02292425631c454442f71ca7441e6,2024-10-24T22:15:03.040000
CVE-2024-10349,0,0,a719391f7b0eea4a6bd2d53350e234389799bfebd21fc15817c74578ad143977,2024-10-24T22:15:03.410000
CVE-2024-1035,0,0,792864ab2b0f8151b262ffe209c5f075ae9ac530a32ee5bddc4609b3d7d6306a,2024-05-17T02:35:12.253000
CVE-2024-10350,1,1,b02c6d6083b1888ddb576001c7f38c31d8e46f9909df182e566b0ad8fc4df602,2024-10-24T23:15:13.250000
CVE-2024-10350,0,0,b02c6d6083b1888ddb576001c7f38c31d8e46f9909df182e566b0ad8fc4df602,2024-10-24T23:15:13.250000
CVE-2024-10351,1,1,c39792d21f49eed67f4bda4c5afd160e8ee085dabc52edc63d4f817817ff1af5,2024-10-25T00:15:02.533000
CVE-2024-10353,1,1,5945289901747cba024d9871ebb250fce9da3a1889f7189af1e65c36be50d9ca,2024-10-25T00:15:02.800000
CVE-2024-10354,1,1,da3994e6ed4e17537396c9565780252ca63ce9c56110c93869666f8b21ee55bb,2024-10-25T01:15:13.213000
CVE-2024-10355,1,1,1f326fd15c163f57e1c2f91daa5a0923ed57b5499ecf99bc0b51d4e8ad9bc561,2024-10-25T01:15:13.497000
CVE-2024-1036,0,0,aa65a53beadc56e4dda3efe9acb5802f242935c19973e66e0ff7f62d01b276fd,2024-05-17T02:35:12.357000
CVE-2024-1037,0,0,dc80ea945a1c7339fa73e61584161c3f0eb5c7e682984c3146b230e695ed7de9,2024-02-14T19:09:45.253000
CVE-2024-1038,0,0,c7b47d6608546def6f3304631405edc76ac6151bae95644217fe0b19e7498b5e,2024-03-13T18:16:18.563000
@ -243738,7 +243742,7 @@ CVE-2024-20478,0,0,7159d6f0353997233b844f180b9acaa4a22410a663dfe8445f14235dd4611
CVE-2024-20479,0,0,ced5b461eb6ab05478119ddf8b399bbc19a6ff248adc19d6fde8eab586c6db76,2024-08-23T15:14:45.913000
CVE-2024-2048,0,0,3fe9d949673d5eedf190595df45c4c7d30c6a66a4722ea0631f740f815dd3cc0,2024-06-10T17:16:25.067000
CVE-2024-20480,0,0,1929c3dc705e1e48392e67050891180fdb659aa9ab6d1d255c10d5b0e58c773c,2024-10-03T20:07:33.900000
CVE-2024-20481,0,0,b62955fb190ed786dd124dfc5a9bb8b8ac45c1667eb04c2d4b7906348f68d84d,2024-10-23T18:15:11.737000
CVE-2024-20481,0,1,2889b59fdc27bd5cae6d09257d09309773424506bd2b9b953cbe6cff00c686e1,2024-10-25T01:00:01.450000
CVE-2024-20482,0,0,4e9e2d047418217629e6536e3facec9d517fc08e2d0091ccd73aa8ec445bca2a,2024-10-23T18:15:12.063000
CVE-2024-20483,0,0,7bbf4d5b1e3697b5bad7f81531333e630361007007985921b04d8f51e2bedc77,2024-10-03T01:44:17.827000
CVE-2024-20485,0,0,e20fbea5c2873101d5a1ba041773570d1e3a6ca1eeb59eb55f296172b87929d1,2024-10-23T18:15:12.273000
@ -256069,7 +256073,7 @@ CVE-2024-3738,0,0,cebdf6c67207ccd8240919e9596b8485c51e6607a12a8dcdfff13f6ddbdbfe
CVE-2024-37380,0,0,4ce1330fb679655262ab3b818cd133f9eef1b7c4341268f445fa1434d34f9951,2024-07-24T12:55:13.223000
CVE-2024-37381,0,0,9fe6fde53d8260503255e878e5a3cad14d0e0ad42f178326952eb9a7c509519f,2024-08-01T13:53:31.757000
CVE-2024-37382,0,0,a8a740545d65ebc631499231db822baee95a9596af82e521bd493b8948bb2169,2024-08-29T14:29:32.920000
CVE-2024-37383,0,0,3a9597c771ab199850aaeee94068cbc0182ff2bfcefd23d631ce0d7808f3745f,2024-07-03T02:04:16.250000
CVE-2024-37383,0,1,edbe17e29bca7d90f8561c9c596d6d56040d180114e091eac12ac57c89a427ec,2024-10-25T01:00:01.450000
CVE-2024-37384,0,0,4ede7c4b4e1e1de259445d49ca3b43a6d0a75b7dcaf1ea245b8f6306c1e67bb9,2024-07-03T02:04:17.060000
CVE-2024-37385,0,0,5f654dacc6b54aa57eac57d975e30bca933785ac3cff88e1e1d552468bd97c34,2024-08-01T13:53:32.450000
CVE-2024-37386,0,0,e26fe4180478658f5d7116e982a44893b27c0547f48ec9e4efebd50f599527d1,2024-08-01T13:53:36.410000
@ -258749,8 +258753,8 @@ CVE-2024-41611,0,0,8ae08bbc5635b26df3869144a2b3bde07b8fa7e9c586a9249f8dfa55a99d4
CVE-2024-41613,0,0,775a6c9724ba70bc56dce8939e74722c2b403153bd1f36f976e189d003a6a574,2024-08-14T18:13:25.017000
CVE-2024-41614,0,0,97dd4cb6722c16dd67b90bd84237880c8504a680bb995ffa9e8927a86d821a05,2024-08-14T18:14:16.073000
CVE-2024-41616,0,0,a87f80cfe19fdc1adad71691ba6015b314ae0892eefb4d086c289749db2f63df,2024-08-07T20:54:20.793000
CVE-2024-41617,1,1,d191d451b87d53cee32937324dea4639f8ebc4d5b58676a2d25b59b444282a35,2024-10-24T22:15:03.687000
CVE-2024-41618,1,1,b92cea617b56f46ce82298ee2f27b8ac8f29ae8228c03e2daee31c70a473c044,2024-10-24T22:15:03.787000
CVE-2024-41617,0,0,d191d451b87d53cee32937324dea4639f8ebc4d5b58676a2d25b59b444282a35,2024-10-24T22:15:03.687000
CVE-2024-41618,0,0,b92cea617b56f46ce82298ee2f27b8ac8f29ae8228c03e2daee31c70a473c044,2024-10-24T22:15:03.787000
CVE-2024-4162,0,0,1a4f39929c1df6d420ff35b2d8de51a57c5e5378a57b6e7a1a35abc1b5a3dc57,2024-05-08T13:15:00.690000
CVE-2024-41622,0,0,44ca2934b754519243a779c6615220559421c07f2d4e7de3fb58db6e584b3b36,2024-08-30T14:55:54.423000
CVE-2024-41623,0,0,c5ad0592f1bc8234d1c1b4349fa5edc0884d162d738c86d78b923fc809fc8e63,2024-08-23T15:35:07.653000
@ -262951,9 +262955,9 @@ CVE-2024-49334,0,0,bcc2db18f40dffe6c4f8472b0ef26870ffad9612f58222d9017252998c694
CVE-2024-49335,0,0,64cc1bcb12301e7e8f03bc857d01393c7ba079fd3a08962dcf26c673c0054a8c,2024-10-24T14:50:16.557000
CVE-2024-4934,0,0,fd5d4b9709dde517f56a9aae7369c165c45ceba9bcf88bee680213c2fc56b62f,2024-08-01T13:59:37.220000
CVE-2024-49340,0,0,37285f025630fd9eb79c4269f84ef859e190bfac2e34728b5f3d3dbad2273eb0,2024-10-16T16:38:14.557000
CVE-2024-49357,1,1,e99f31b9919e9f5855ccfccebabc249da85203327b4fcfc7272337e6e2aac35b,2024-10-24T22:15:03.880000
CVE-2024-49358,1,1,67db74fa38609c547ae8f1ad32e6eaafe7175ade9f7b332886a7f83ef98c1905,2024-10-24T22:15:04.083000
CVE-2024-49359,1,1,7d62723997da4fcf2e85bf290899f69addd14b806ad1dea746b37ccf4be3ef68,2024-10-24T22:15:04.287000
CVE-2024-49357,0,0,e99f31b9919e9f5855ccfccebabc249da85203327b4fcfc7272337e6e2aac35b,2024-10-24T22:15:03.880000
CVE-2024-49358,0,0,67db74fa38609c547ae8f1ad32e6eaafe7175ade9f7b332886a7f83ef98c1905,2024-10-24T22:15:04.083000
CVE-2024-49359,0,0,7d62723997da4fcf2e85bf290899f69addd14b806ad1dea746b37ccf4be3ef68,2024-10-24T22:15:04.287000
CVE-2024-4936,0,0,51b2c41822c3ce01e84bd55c02328ac3499013d52d632d2af56d406c35d5a658,2024-08-06T18:29:27.013000
CVE-2024-49361,0,0,f551e9abf09d421b2a081416ae11d1d19a91d21656c86d2519f1c7f0e281007d,2024-10-21T17:10:22.857000
CVE-2024-49366,0,0,aa37188721af357c851b7fc33379d0188a960b9f96974610014dea2671948c2a,2024-10-23T15:13:58.783000
@ -263060,12 +263064,12 @@ CVE-2024-4972,0,0,aca3b401df5f0f8efa87796dd64789aa2cecbea8af4c356f93adc161f1e5b5
CVE-2024-4973,0,0,c8cb9b832f42f8b36963a1241c53cb5d648196ebedc5ede632c88d17792d2e61,2024-06-04T19:20:56.140000
CVE-2024-4974,0,0,29381f582adec4042105cf6b841ea7b6d4575f99995b9ea6ba695d777207b6ba,2024-06-04T19:20:56.237000
CVE-2024-4975,0,0,d684ecfff12b84901405d8ee54394b9595e6fb8a06328936509cd0d9c152070c,2024-06-04T19:20:56.337000
CVE-2024-49750,1,1,dc3ef653534a873b461f690a2cacd47db25483948e596d82fd20d4226dfc88eb,2024-10-24T22:15:04.490000
CVE-2024-49750,0,0,dc3ef653534a873b461f690a2cacd47db25483948e596d82fd20d4226dfc88eb,2024-10-24T22:15:04.490000
CVE-2024-49751,0,0,f0da03eaf0fa0fe5013cf4c58e8a204e1366d4d59799530ff958dfe564a83247,2024-10-23T16:15:10.310000
CVE-2024-49756,0,0,b5655066b00149d769468b534f1e69f5727939d90ec20aa7133e99682c961f40,2024-10-23T17:15:19.250000
CVE-2024-4976,0,0,fc4df77a0f9a74699614d42497ce42eb6f6db7897f4ce74b0071ab4cbdb2d9cf,2024-05-16T13:03:05.353000
CVE-2024-49760,1,1,631679c7a9f2cc397938eb2b0c0b0a43e3fa24cc94bf8bc863b445a6a6bd1183,2024-10-24T22:15:04.703000
CVE-2024-49762,1,1,99c71a6c0e749888d8fc128f95c81271d31dd05724db7e381f21d147994b0645,2024-10-24T22:15:04.897000
CVE-2024-49760,0,0,631679c7a9f2cc397938eb2b0c0b0a43e3fa24cc94bf8bc863b445a6a6bd1183,2024-10-24T22:15:04.703000
CVE-2024-49762,0,0,99c71a6c0e749888d8fc128f95c81271d31dd05724db7e381f21d147994b0645,2024-10-24T22:15:04.897000
CVE-2024-4977,0,0,f1472b15d6219c627718fd70559881283845ced10173940d62dfa6e1d38696a9,2024-08-01T13:59:37.487000
CVE-2024-4978,0,0,5928c3b846f5437fa931d5f8f8094b6c99b5e796eec27a2a5602f4b07774db40,2024-05-31T16:03:52.247000
CVE-2024-4980,0,0,1d2b61808b4cae121d6a29c34adc83b7ce102dcc100d7578fef807794b8506ae,2024-05-22T12:46:53.887000

Can't render this file because it is too large.