Auto-Update: 2024-12-11T03:01:00.136972+00:00

fkie-cad · Dec 11, 2024 · 2abf070 · 2abf070
1 parent 2392b72
commit 2abf070
Show file tree

Hide file tree

Showing 5 changed files with 217 additions and 78 deletions.
diff --git a/CVE-2024/CVE-2024-351xx/CVE-2024-35117.json b/CVE-2024/CVE-2024-351xx/CVE-2024-35117.json
@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-35117",
+  "sourceIdentifier": "[email protected]",
+  "published": "2024-12-11T02:15:05.140",
+  "lastModified": "2024-12-11T02:15:05.140",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "[email protected]",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
+          "baseScore": 4.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 0.7,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "[email protected]",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-312"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.ibm.com/support/pages/node/7165392",
+      "source": "[email protected]"
+    }
+  ]
+}
diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38861.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38861.json
@@ -2,8 +2,8 @@
   "id": "CVE-2024-38861",
   "sourceIdentifier": "[email protected]",
   "published": "2024-09-27T09:15:02.873",
-  "lastModified": "2024-09-30T12:46:20.237",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2024-12-11T02:59:59.170",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -59,6 +59,28 @@
           "providerUrgency": "NOT_DEFINED"
         }
       }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "[email protected]",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
+          "baseScore": 7.4,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 5.2
+      }
     ]
   },
   "weaknesses": [
@@ -71,12 +93,44 @@
           "value": "CWE-295"
         }
       ]
+    },
+    {
+      "source": "[email protected]",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-295"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:tomtretbar:mikrotik:*:*:*:*:*:checkmk:*:*",
+              "versionStartIncluding": "2.0.0",
+              "versionEndIncluding": "2.5.5",
+              "matchCriteriaId": "2D5CB426-4414-4CCD-8E0F-A4ADE860A8D9"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [
     {
       "url": "https://exchange.checkmk.com/p/mikrotik",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }
diff --git a/CVE-2024/CVE-2024-441xx/CVE-2024-44193.json b/CVE-2024/CVE-2024-441xx/CVE-2024-44193.json
@@ -2,8 +2,8 @@
   "id": "CVE-2024-44193",
   "sourceIdentifier": "[email protected]",
   "published": "2024-10-02T15:15:14.920",
-  "lastModified": "2024-10-04T13:50:43.727",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2024-12-11T02:53:58.413",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -17,6 +17,26 @@
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "[email protected]",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.9
+      },
       {
         "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         "type": "Secondary",
@@ -39,10 +59,43 @@
       }
     ]
   },
+  "weaknesses": [
+    {
+      "source": "[email protected]",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*",
+              "versionEndExcluding": "12.13.3",
+              "matchCriteriaId": "412B31BD-4C6E-49D3-800B-D1FC41A72E67"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://support.apple.com/en-us/121328",
-      "source": "[email protected]"
+      "source": "[email protected]",
+      "tags": [
+        "Vendor Advisory"
+      ]
     }
   ]
 }
diff --git a/README.md b/README.md
@@ -13,67 +13,42 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-11T00:55:46.185644+00:00
+2024-12-11T03:01:00.136972+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-10T23:37:06.613000+00:00
+2024-12-11T02:59:59.170000+00:00
 ```
 
 ### Last Data Feed Release
 
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
 
 ```plain
-2024-12-10T01:00:10.095640+00:00
+2024-12-11T01:00:04.368695+00:00
 ```
 
 ### Total Number of included CVEs
 
 ```plain
-273154
+273155
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `1`
 
-- [CVE-2024-54133](CVE-2024/CVE-2024-541xx/CVE-2024-54133.json) (`2024-12-10T23:15:06.240`)
-- [CVE-2024-55653](CVE-2024/CVE-2024-556xx/CVE-2024-55653.json) (`2024-12-10T23:15:06.410`)
-- [CVE-2024-55655](CVE-2024/CVE-2024-556xx/CVE-2024-55655.json) (`2024-12-10T23:15:06.570`)
+- [CVE-2024-35117](CVE-2024/CVE-2024-351xx/CVE-2024-35117.json) (`2024-12-11T02:15:05.140`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `32`
-
-- [CVE-2024-11658](CVE-2024/CVE-2024-116xx/CVE-2024-11658.json) (`2024-12-10T23:15:02.890`)
-- [CVE-2024-11659](CVE-2024/CVE-2024-116xx/CVE-2024-11659.json) (`2024-12-10T23:15:14.893`)
-- [CVE-2024-12000](CVE-2024/CVE-2024-120xx/CVE-2024-12000.json) (`2024-12-10T23:16:02.667`)
-- [CVE-2024-12001](CVE-2024/CVE-2024-120xx/CVE-2024-12001.json) (`2024-12-10T23:16:24.893`)
-- [CVE-2024-12002](CVE-2024/CVE-2024-120xx/CVE-2024-12002.json) (`2024-12-10T23:21:19.827`)
-- [CVE-2024-12188](CVE-2024/CVE-2024-121xx/CVE-2024-12188.json) (`2024-12-10T23:18:39.680`)
-- [CVE-2024-12228](CVE-2024/CVE-2024-122xx/CVE-2024-12228.json) (`2024-12-10T23:19:04.773`)
-- [CVE-2024-12229](CVE-2024/CVE-2024-122xx/CVE-2024-12229.json) (`2024-12-10T23:19:31.487`)
-- [CVE-2024-12230](CVE-2024/CVE-2024-122xx/CVE-2024-12230.json) (`2024-12-10T23:19:46.887`)
-- [CVE-2024-12233](CVE-2024/CVE-2024-122xx/CVE-2024-12233.json) (`2024-12-10T23:24:57.237`)
-- [CVE-2024-12234](CVE-2024/CVE-2024-122xx/CVE-2024-12234.json) (`2024-12-10T23:25:36.387`)
-- [CVE-2024-12343](CVE-2024/CVE-2024-123xx/CVE-2024-12343.json) (`2024-12-10T23:26:52.047`)
-- [CVE-2024-12344](CVE-2024/CVE-2024-123xx/CVE-2024-12344.json) (`2024-12-10T23:28:05.760`)
-- [CVE-2024-12352](CVE-2024/CVE-2024-123xx/CVE-2024-12352.json) (`2024-12-10T23:31:47.427`)
-- [CVE-2024-12353](CVE-2024/CVE-2024-123xx/CVE-2024-12353.json) (`2024-12-10T23:37:06.613`)
-- [CVE-2024-12354](CVE-2024/CVE-2024-123xx/CVE-2024-12354.json) (`2024-12-10T23:36:25.740`)
-- [CVE-2024-12355](CVE-2024/CVE-2024-123xx/CVE-2024-12355.json) (`2024-12-10T23:36:03.883`)
-- [CVE-2024-12357](CVE-2024/CVE-2024-123xx/CVE-2024-12357.json) (`2024-12-10T23:35:15.660`)
-- [CVE-2024-12358](CVE-2024/CVE-2024-123xx/CVE-2024-12358.json) (`2024-12-10T23:34:20.467`)
-- [CVE-2024-12359](CVE-2024/CVE-2024-123xx/CVE-2024-12359.json) (`2024-12-10T23:34:02.110`)
-- [CVE-2024-12360](CVE-2024/CVE-2024-123xx/CVE-2024-12360.json) (`2024-12-10T23:33:47.773`)
-- [CVE-2024-2058](CVE-2024/CVE-2024-20xx/CVE-2024-2058.json) (`2024-12-10T23:23:40.153`)
-- [CVE-2024-2059](CVE-2024/CVE-2024-20xx/CVE-2024-2059.json) (`2024-12-10T23:24:34.477`)
-- [CVE-2024-25149](CVE-2024/CVE-2024-251xx/CVE-2024-25149.json) (`2024-12-10T23:03:54.853`)
-- [CVE-2024-25150](CVE-2024/CVE-2024-251xx/CVE-2024-25150.json) (`2024-12-10T23:01:58.647`)
+Recently modified CVEs: `2`
+
+- [CVE-2024-38861](CVE-2024/CVE-2024-388xx/CVE-2024-38861.json) (`2024-12-11T02:59:59.170`)
+- [CVE-2024-44193](CVE-2024/CVE-2024-441xx/CVE-2024-44193.json) (`2024-12-11T02:53:58.413`)
 
 
 ## Download and Usage