From c37785cfa335c5e29fdb862960bda2a9c1cfaba9 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 16 Dec 2024 05:03:41 +0000 Subject: [PATCH] Auto-Update: 2024-12-16T05:00:19.264627+00:00 --- CVE-2024/CVE-2024-533xx/CVE-2024-53376.json | 29 ++++++++++++++++++ CVE-2024/CVE-2024-560xx/CVE-2024-56083.json | 33 +++++++++++++++++++++ README.md | 13 ++++---- _state.csv | 4 ++- 4 files changed, 72 insertions(+), 7 deletions(-) create mode 100644 CVE-2024/CVE-2024-533xx/CVE-2024-53376.json create mode 100644 CVE-2024/CVE-2024-560xx/CVE-2024-56083.json diff --git a/CVE-2024/CVE-2024-533xx/CVE-2024-53376.json b/CVE-2024/CVE-2024-533xx/CVE-2024-53376.json new file mode 100644 index 00000000000..4fcf8cb70b2 --- /dev/null +++ b/CVE-2024/CVE-2024-533xx/CVE-2024-53376.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53376", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-16T04:15:05.263", + "lastModified": "2024-12-16T04:15:05.263", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the phpSelection field to the websites/submitWebsiteCreation URI." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ThottySploity/CVE-2024-53376", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/ThottySploity/CVE-2024-53376/blob/aa306187323bd1127d56803cb34cac8820b61484/cyberpanel.py#L70", + "source": "cve@mitre.org" + }, + { + "url": "https://thottysploity.github.io/posts/cve-2024-53376", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56083.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56083.json new file mode 100644 index 00000000000..7489332c2a0 --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56083.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-56083", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-16T03:15:04.650", + "lastModified": "2024-12-16T03:15:04.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomly_generated_string.devinapps.com URL (aka the VSCode live share URL) for a specific \"Use Devin's Machine\" session. For example, this URL may be discovered if a customer posts a screenshot of a Devin session to social media, or publicly streams their Devin session." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://news.ycombinator.com/item?id=42420423", + "source": "cve@mitre.org" + }, + { + "url": "https://trust.cognition.ai", + "source": "cve@mitre.org" + }, + { + "url": "https://www.youtube.com/watch?v=927W6zzvV-c", + "source": "cve@mitre.org" + }, + { + "url": "https://x.com/cognition_labs/status/1867351521035530698", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 59713fae7b6..9923f9ecfb3 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-16T03:00:21.604543+00:00 +2024-12-16T05:00:19.264627+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-16T01:15:05.320000+00:00 +2024-12-16T04:15:05.263000+00:00 ``` ### Last Data Feed Release @@ -33,20 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -273887 +273889 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `2` +- [CVE-2024-53376](CVE-2024/CVE-2024-533xx/CVE-2024-53376.json) (`2024-12-16T04:15:05.263`) +- [CVE-2024-56083](CVE-2024/CVE-2024-560xx/CVE-2024-56083.json) (`2024-12-16T03:15:04.650`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -- [CVE-2024-37310](CVE-2024/CVE-2024-373xx/CVE-2024-37310.json) (`2024-12-16T01:15:05.320`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 769925fd009..99abc3ce6bb 100644 --- a/_state.csv +++ b/_state.csv @@ -258571,7 +258571,7 @@ CVE-2024-37307,0,0,6252b112ea2fbb3db2d24a0bd411522bef21caf28ce503013771883c73a75 CVE-2024-37308,0,0,87901e5dece65b55bc0478cbd7b3500ac458fa8af24bdf0b127494e96ab19183,2024-11-21T09:23:34.740000 CVE-2024-37309,0,0,652dd2bd4841d83ef4fb1bd11f09f90c6e3c31e57e961190e557cd8d6dd5b073,2024-11-21T09:23:34.867000 CVE-2024-3731,0,0,c74c44caf30a144ce293ae27c8035fb439c7004b319f3315399b568ddf64642f,2024-11-21T09:30:16.003000 -CVE-2024-37310,0,1,eb05b8516f2120bfcbc5418e421e5e76f45e2691c23c545deefa2d1e75b762e2,2024-12-16T01:15:05.320000 +CVE-2024-37310,0,0,eb05b8516f2120bfcbc5418e421e5e76f45e2691c23c545deefa2d1e75b762e2,2024-12-16T01:15:05.320000 CVE-2024-37311,0,0,0d1d0eb8eb6052894a6f942ad1944d3a1c6de27713fd1218f1350a42fc4895ef,2024-08-23T16:18:28.547000 CVE-2024-37312,0,0,44ac521b45545a3aa8eb130132326f96cb9f75714a3ac532467145fc7d800f07,2024-11-21T09:23:35.253000 CVE-2024-37313,0,0,8a57408f4ab5b6b449ac8ca7eab436097af87b3140ef8c9c08b9b88d5038a682,2024-11-21T09:23:35.390000 @@ -269355,6 +269355,7 @@ CVE-2024-53364,0,0,924e143b4294f3ffb491904ae2396d08e4637aeb46539cceee83f2ecfb2d4 CVE-2024-53365,0,0,a93e9b8a9b0b556658347d02609f6ad1ef6238df632d2e5010e1700b801de550,2024-11-26T20:15:33.650000 CVE-2024-5337,0,0,833c775533ef7ae5a7edcd24b7882543f8822839060a2f050988cae0593a7c5b,2024-11-21T09:47:26.857000 CVE-2024-53375,0,0,a96158a88ef789b51594e1e6227bfd21c53a5e3374562f83781172631c34018e,2024-12-03T20:15:15.820000 +CVE-2024-53376,1,1,6f2e1cd152948522ed08adda8bddcfe4e01b7c3032de3deba69b2f27d9097e9f,2024-12-16T04:15:05.263000 CVE-2024-5338,0,0,abd3cd0960193de57487be3582f664d37ab06a1518c59aace36e92f8c263b67a,2024-11-21T09:47:26.997000 CVE-2024-5339,0,0,710abf6b65aa86d6904f8abe1101ad889bace87733c06f79ec2fe20822e1db4d,2024-11-21T09:47:27.133000 CVE-2024-5340,0,0,2c2fba286498156a3309f1d9db161c67194b50596b7c53b6a9c7d8df9b89917d,2024-11-21T09:47:27.263000 @@ -270194,6 +270195,7 @@ CVE-2024-56073,0,0,01824a247f09195beb347683faab76db49c5c6281fc26b7356c5505b6ae50 CVE-2024-56074,0,0,0642cc60954135db9d21e04c2f8a3494d7d5e43e5456627fcfb7a5451c970b77,2024-12-15T04:15:05.360000 CVE-2024-5608,0,0,ced92374bfec9f9526a30572e667eb2d7d2eee08d2b8c010b292f0924bebbe2c,2024-11-26T01:42:21.587000 CVE-2024-56082,0,0,57d547b5a105acb2d3e1ac52bd9fee3095823a449148e9ae5f97a8b20acffe15,2024-12-15T05:15:05.803000 +CVE-2024-56083,1,1,d5ae267ba83e28c541445d0350006e64b5fe517cb65a3dc2c39e4da3ee6ab5c3,2024-12-16T03:15:04.650000 CVE-2024-5609,0,0,4c03a855f07c8ea18d8e7a70e1e2d3467f32254daea5abf62f130fb919fa93d1,2024-06-06T19:16:09.920000 CVE-2024-5611,0,0,52c51c7a288f3c0ab122ffc809ef2624c3045fff37cac024f8608d70739aac41,2024-11-21T09:48:00.920000 CVE-2024-5612,0,0,fa9f2c267dc0651754a7af098fdc2eb62147cefb9c269a544f85a4928011ea0a,2024-11-21T09:48:01.037000