diff --git a/CVE-2024/CVE-2024-118xx/CVE-2024-11858.json b/CVE-2024/CVE-2024-118xx/CVE-2024-11858.json new file mode 100644 index 00000000000..529335060d0 --- /dev/null +++ b/CVE-2024/CVE-2024-118xx/CVE-2024-11858.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-11858", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2024-12-15T14:15:22.320", + "lastModified": "2024-12-15T14:15:22.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing\u200b" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329102", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2690eefebfd..6075926f60f 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-15T13:00:20.043223+00:00 +2024-12-15T15:00:20.086003+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-15T11:15:05.387000+00:00 +2024-12-15T14:15:22.320000+00:00 ``` ### Last Data Feed Release @@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -273885 +273886 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -- [CVE-2024-7701](CVE-2024/CVE-2024-77xx/CVE-2024-7701.json) (`2024-12-15T11:15:05.387`) +- [CVE-2024-11858](CVE-2024/CVE-2024-118xx/CVE-2024-11858.json) (`2024-12-15T14:15:22.320`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 5c0dbaf26ec..a590dd654c4 100644 --- a/_state.csv +++ b/_state.csv @@ -244465,6 +244465,7 @@ CVE-2024-11853,0,0,34e99eba0841fa956ba4d7c4a308f8505540f1a8e5d486ec7f2fdd3d46494 CVE-2024-11854,0,0,999afde0352966c3848f9613a3046f97c5bfc972302cd671fa92812a3b6bafdc,2024-12-04T12:15:19.250000 CVE-2024-11855,0,0,5d35cef65c50f384026d982a234c48ed6d96ccf2f5e255613fa577203521e596,2024-12-14T05:15:07.960000 CVE-2024-11856,0,0,d5dc91ea132c91646f44dabd18a1a6c06e1b122275ee7e71ea02b3d69779ae26,2024-12-02T03:15:13.713000 +CVE-2024-11858,1,1,098cf140784f79c85eebc0ee7aaaa4eeb8ddb9ca53b5760400d9a6e6d22dc3bc,2024-12-15T14:15:22.320000 CVE-2024-1186,0,0,2e273a7149091b295fd44850226681809150a1697d95b70cddb9945c7f5d2c46,2024-11-21T08:49:59.387000 CVE-2024-11860,0,0,3a70209f793392595a3a51a4d60b0579da591107f99f2af8b8ca46fce7a60e47,2024-12-04T21:08:39.133000 CVE-2024-11862,0,0,7712aab25e9f815f730578195e7a4831741702c7ef40dfbc871d5c94d52129b1,2024-11-27T15:15:25.393000 @@ -272046,7 +272047,7 @@ CVE-2024-7697,0,0,122b8f72aeda3c5b2d61460f1dce24bd382a6f877b1c3f9efb3e322459b58e CVE-2024-7698,0,0,28382cbcfd0fa7ea6a7d15c9ccdd01abba2e948df9ed5ab95948fe232327814d,2024-09-27T19:39:43.350000 CVE-2024-7699,0,0,69660c01a9078b1bb8b8ba16d42135a8912e2caf5b6ecd54d7bddf6785b1e596,2024-09-27T18:59:31.277000 CVE-2024-7700,0,0,b57636a6ff7952071612c6f1892a1333ca0104c06c954b5d5e21b60cfc424ebb,2024-09-16T14:20:21.087000 -CVE-2024-7701,1,1,c21e98ebb5a36700320113e8cc5b090af992f4d8c6eea98accd19a173ea9a44d,2024-12-15T11:15:05.387000 +CVE-2024-7701,0,0,c21e98ebb5a36700320113e8cc5b090af992f4d8c6eea98accd19a173ea9a44d,2024-12-15T11:15:05.387000 CVE-2024-7702,0,0,1098975bd71f66b03b30c93d5413d8a5ef0d8cda516b0c70a1252211ba8e5726,2024-08-26T18:15:46.870000 CVE-2024-7703,0,0,7f76e29a5ed460fd6ac72a2955499c5bf4953d8afc86b29ced015fa447c06880,2024-08-19T12:59:59.177000 CVE-2024-7704,0,0,bd3f518e669136b0eab54f268d3d0c8d3f377c12c71cbb007eb510f9a54f561d,2024-08-13T12:58:25.437000