admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-06T10:01:02.688999+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-06 10:03:57 +00:00
parent b35dcdb986
commit ff9675c49d
3 changed files with 68 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-56xx/CVE-2024-5616.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-5616",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-07-06T09:15:02.050",
"lastModified": "2024-07-06T09:15:02.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in mudler/LocalAI versions up to and including 2.15.0, which allows attackers to trick victims into deleting installed models. By crafting a malicious HTML page, an attacker can cause the deletion of a model, such as 'gpt-4-vision-preview', without the victim's consent. The vulnerability is due to insufficient CSRF protection mechanisms on the model deletion functionality."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/mudler/localai/commit/4e1463fec291612a59a16db60b3fd12d4c49d64b",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/fd753fb6-ba04-4dd8-abef-918fb97120af",
"source": "security@huntr.dev"
}
]
}

11
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-07-06T06:00:28.222474+00:00
2024-07-06T10:01:02.688999+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-07-06T05:15:09.990000+00:00
2024-07-06T09:15:02.050000+00:00
```
### Last Data Feed Release
@ -33,21 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
255953
255954
```
### CVEs added in the last Commit
Recently added CVEs: `1`
- [CVE-2024-40594](CVE-2024/CVE-2024-405xx/CVE-2024-40594.json) (`2024-07-06T05:15:09.670`)
- [CVE-2024-5616](CVE-2024/CVE-2024-56xx/CVE-2024-5616.json) (`2024-07-06T09:15:02.050`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2024-6387](CVE-2024/CVE-2024-63xx/CVE-2024-6387.json) (`2024-07-06T05:15:09.990`)
## Download and Usage

5
_state.csv
View File

@ -254291,7 +254291,7 @@ CVE-2024-4056,0,0,8d2872a63b61af99b314442fa34c585e616ec707e8d3b58da8a6d93a2f4a48
CVE-2024-4057,0,0,26b46aa52b04f4ef8890033772544e5e99ad730f84e9e0e97b479cd36cf89ace,2024-07-03T02:07:02.197000
CVE-2024-4058,0,0,c4c95455d6e76cbbdb3e2ad2bd6d39a0a74b9da8ef4ac622e44ffc5e8b4fb2cc,2024-06-07T15:40:49.707000
CVE-2024-4059,0,0,f7356d83fe5fccf2c54f421bb90f2c15bd9bf33edb756392f4236a5836d7af45,2024-05-03T03:16:29.430000
CVE-2024-40594,1,1,597f8dc65950340ecc007d3a49a39dace07c61b6a108a7836ee9c56ff74539a8,2024-07-06T05:15:09.670000
CVE-2024-40594,0,0,597f8dc65950340ecc007d3a49a39dace07c61b6a108a7836ee9c56ff74539a8,2024-07-06T05:15:09.670000
CVE-2024-4060,0,0,c4df35b4ba03f25ce9e66ccd2a0f6342dcbc5f1e886657ca582640ee8747c7ed,2024-07-03T02:07:02.533000
CVE-2024-4061,0,0,731822e6f24cd811e7f06812f39ade81c9a66c6b1046f4d45903066a1f181f99,2024-05-21T12:37:59.687000
CVE-2024-4062,0,0,7fcbe6e50148b9b5e05d3025a893191a4aca3bb309243ec182c3df8f6e2a0587,2024-06-04T19:20:29.007000
@ -255521,6 +255521,7 @@ CVE-2024-5611,0,0,7f38716b1ccbe035f7f86ea6c7617ab6f4cac8651e00e7906bbdbf77091ab5
CVE-2024-5612,0,0,24bfbb6efa391db3014703335fcf10e8f670f2b2b154031d8b7a312f92d36720,2024-06-07T14:56:05.647000
CVE-2024-5613,0,0,7e758f60ff4a249ae3d985d91b4f3417dc42ff70d8507f5e072b9cf0ad6144fd,2024-06-10T02:52:08.267000
CVE-2024-5615,0,0,d715351de069ee256cfd127ce22346136f76094dbd1f6f173b336f3c2cdc9c0f,2024-06-11T17:55:16.103000
CVE-2024-5616,1,1,dc636e3941ecbef30c76d8756c4e51d3b0104af0c561655eb861ad296b553f3c,2024-07-06T09:15:02.050000
CVE-2024-5629,0,0,20478b62dd0cd666624f11f2e5a11c22a9915feb481805651583fe7db0518c7b,2024-06-18T18:31:05.663000
CVE-2024-5635,0,0,2463dd00def60296c968660a2ba7a3c25845ea097c4cd305a7e3f2bd55658946,2024-06-11T16:47:04.413000
CVE-2024-5636,0,0,82666e4630526d7fc8211dab0f89e7e17d4e982c91e038f44b209ae67bb471f3,2024-06-11T17:23:29.670000
@ -255913,7 +255914,7 @@ CVE-2024-6376,0,0,2eceea6553f0e47a0e34ab01650b7781a20682f6799be39f9cd1e64f3f1985
CVE-2024-6381,0,0,2822fb12d769fe1cca32125b45cae52ba3e5807419213b6087c6db8de8d2b326,2024-07-03T12:53:24.977000
CVE-2024-6382,0,0,9f140af24f460b4413fa844f95383cc153754360a136939b8743c2d8327ebf99,2024-07-03T12:53:24.977000
CVE-2024-6383,0,0,4622f4fc90fbde51d6570a14e2ee494e3e71659c68201475e4e4eb659c036ac0,2024-07-05T12:55:51.367000
CVE-2024-6387,0,1,3447d13f8df32b8374fa56f0c906f9985f1608358fe2a683513ec1381568f5f5,2024-07-06T05:15:09.990000
CVE-2024-6387,0,0,3447d13f8df32b8374fa56f0c906f9985f1608358fe2a683513ec1381568f5f5,2024-07-06T05:15:09.990000
CVE-2024-6388,0,0,e641c9d869769d4291da87145b48d15b4f200c046d6b100142bc686375a84738,2024-06-27T17:11:52.390000
CVE-2024-6402,0,0,795485c4534407e246daec51c1daaa33b95f6651688fed743a8fb9054cdaedba,2024-07-01T12:37:24.220000
CVE-2024-6403,0,0,e44b9cfa8d9ae367e624a8cdf179ef52ea1e98c2115d7a956299d17747a6a56b,2024-07-01T12:37:24.220000

Can't render this file because it is too large.