Skip to content

Commit

Permalink
Auto-Update: 2024-10-16T20:00:19.288182+00:00
Browse files Browse the repository at this point in the history
  • Loading branch information
@cad-safe-bot
cad-safe-bot committed Oct 16, 2024
1 parent 90585ca commit dcb24f1
Show file tree
Hide file tree
Showing 52 changed files with 20,354 additions and 589 deletions.
39 changes: 37 additions & 2 deletions CVE-2023/CVE-2023-314xx/CVE-2023-31493.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"id": "CVE-2023-31493",
"sourceIdentifier": "[email protected]",
"published": "2024-10-15T15:15:12.393",
"lastModified": "2024-10-16T16:38:43.170",
"lastModified": "2024-10-16T19:35:04.040",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
Expand All @@ -15,7 +15,42 @@
"value": "RCE (Remote Code Execution) existe en ZoneMinder hasta la versi\u00f3n 1.36.33, ya que un atacante puede crear un nuevo archivo de registro .php en la carpeta de idioma, mientras ejecuta un payload manipulado y escalar privilegios que permitan la ejecuci\u00f3n de cualquier comando en el sistema remoto."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "http://zoneminder.com",
Expand Down
88 changes: 85 additions & 3 deletions CVE-2023/CVE-2023-456xx/CVE-2023-45698.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
"id": "CVE-2023-45698",
"sourceIdentifier": "[email protected]",
"published": "2024-02-10T04:15:07.280",
"lastModified": "2024-02-11T22:29:15.837",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-10-16T19:58:41.543",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
Expand All @@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "[email protected]",
"type": "Secondary",
Expand All @@ -39,10 +59,72 @@
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:sametime_chat_and_meetings:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "07933AF5-4BA3-46B0-B53F-D77C859B6BDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:sametime_chat_and_meetings:11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FF14F0-8D44-40B7-8F4F-1852BE5B1C6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:sametime_chat_and_meetings:11.6:if1:*:*:*:*:*:*",
"matchCriteriaId": "64E0F6DC-6AE4-4DFC-A28D-875612CB7C3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:sametime_chat_and_meetings:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56D463AB-C94D-44EF-8663-749F2687CD56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:sametime_chat_and_meetings:12.0:fp1:*:*:*:*:*:*",
"matchCriteriaId": "C362AEE6-7F7A-4E71-8C6E-064AB6016F89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:sametime_chat_and_meetings:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D62DFD9-0B97-43F7-B7D1-97E5D68C5562"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:sametime_chat_and_meetings:12.0.1:fp1:*:*:*:*:*:*",
"matchCriteriaId": "66E4C551-C527-4B5F-A4F7-F72A3CA6BF3C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082",
"source": "[email protected]"
"source": "[email protected]",
"tags": [
"Vendor Advisory"
]
}
]
}
27 changes: 25 additions & 2 deletions CVE-2024/CVE-2024-100xx/CVE-2024-10018.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"id": "CVE-2024-10018",
"sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"published": "2024-10-16T03:15:02.620",
"lastModified": "2024-10-16T16:38:14.557",
"lastModified": "2024-10-16T18:35:03.460",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
Expand All @@ -15,7 +15,30 @@
"value": "Un control de permisos inadecuado en la aplicaci\u00f3n m\u00f3vil (com.transsion.aivoiceassistant) puede provocar el lanzamiento de cualquier componente no exportado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
Expand Down
Loading

0 comments on commit dcb24f1

Please sign in to comment.