Auto-Update: 2024-12-17T05:00:31.582484+00:00

This commit is contained in:
cad-safe-bot 2024-12-17 05:03:54 +00:00
parent 4f3dee045e
commit 080c4b3ea1
7 changed files with 302 additions and 11 deletions

View File

@ -0,0 +1,56 @@
{
"id": "CVE-2020-12484",
"sourceIdentifier": "security@vivo.com",
"published": "2024-12-17T03:15:05.613",
"lastModified": "2024-12-17T03:15:05.613",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vivo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@vivo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=3",
"source": "security@vivo.com"
}
]
}

View File

@ -0,0 +1,56 @@
{
"id": "CVE-2020-12487",
"sourceIdentifier": "security@vivo.com",
"published": "2024-12-17T03:15:06.453",
"lastModified": "2024-12-17T03:15:06.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vivo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.7,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security@vivo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=4",
"source": "security@vivo.com"
}
]
}

View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-26278",
"sourceIdentifier": "security@vivo.com",
"published": "2024-12-17T03:15:06.573",
"lastModified": "2024-12-17T03:15:06.573",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wifi module exposes the interface and has improper permission control, leaking sensitive information about the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vivo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@vivo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=7",
"source": "security@vivo.com"
}
]
}

View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-26279",
"sourceIdentifier": "security@vivo.com",
"published": "2024-12-17T04:15:05.333",
"lastModified": "2024-12-17T04:15:05.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some parameters of the weather module are improperly stored, leaking some sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vivo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@vivo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=10",
"source": "security@vivo.com"
}
]
}

View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12239",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-17T03:15:06.710",
"lastModified": "2024-12-17T03:15:06.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the navigate parameter in all versions up to, and including, 1.3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrative user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/powerpack-addon-for-beaver-builder/trunk/includes/admin-settings-templates.php#L62",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5138ed4c-3e9c-45da-917e-e8d8396a62f1?source=cve",
"source": "security@wordfence.com"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-17T03:00:29.987705+00:00
2024-12-17T05:00:31.582484+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-17T02:15:04.670000+00:00
2024-12-17T04:15:05.333000+00:00
```
### Last Data Feed Release
@ -33,22 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
274096
274101
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `5`
- [CVE-2024-10205](CVE-2024/CVE-2024-102xx/CVE-2024-10205.json) (`2024-12-17T02:15:04.670`)
- [CVE-2020-12484](CVE-2020/CVE-2020-124xx/CVE-2020-12484.json) (`2024-12-17T03:15:05.613`)
- [CVE-2020-12487](CVE-2020/CVE-2020-124xx/CVE-2020-12487.json) (`2024-12-17T03:15:06.453`)
- [CVE-2021-26278](CVE-2021/CVE-2021-262xx/CVE-2021-26278.json) (`2024-12-17T03:15:06.573`)
- [CVE-2021-26279](CVE-2021/CVE-2021-262xx/CVE-2021-26279.json) (`2024-12-17T04:15:05.333`)
- [CVE-2024-12239](CVE-2024/CVE-2024-122xx/CVE-2024-12239.json) (`2024-12-17T03:15:06.710`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `0`
- [CVE-2024-20767](CVE-2024/CVE-2024-207xx/CVE-2024-20767.json) (`2024-12-17T02:00:02.077`)
- [CVE-2024-35250](CVE-2024/CVE-2024-352xx/CVE-2024-35250.json) (`2024-12-17T02:00:02.077`)
## Download and Usage

View File

@ -147523,7 +147523,9 @@ CVE-2020-12479,0,0,ec17c17b09e976e1a152c643e3819d31c36aa7665a5a00e913db3e872553d
CVE-2020-1248,0,0,13846caf4ce8e83ae09b68ddfc0a09f0e2c8b82eb7c11fce8ac89777e4b28958,2024-11-21T05:10:04.680000
CVE-2020-12480,0,0,0eb005b3147816e6714e49902149bb9b5f1f1e4f7114cad3e2c62d80cd30989b,2024-11-21T04:59:47.240000
CVE-2020-12483,0,0,077f89965a271291848319a5ac990a75c110e11b7bca84d208ce8c4f40ff051f,2024-11-21T04:59:47.377000
CVE-2020-12484,1,1,cabcdf4c18d0aeced1f122124c5e71c0ee429091bf81927dc9e3b8f3c7396d45,2024-12-17T03:15:05.613000
CVE-2020-12485,0,0,34d81bb19b71d2eb23361fb1f271047b4813b2499e1cb998e4798b107710317c,2024-11-21T04:59:47.523000
CVE-2020-12487,1,1,c82fc8bbd8e4396cdabebc006a1dbee8bd281d5be94f199f90a1f512290eb4cb,2024-12-17T03:15:06.453000
CVE-2020-12488,0,0,aa5f4d3af768dd7a35ad93f0603aebf70b7c10f6792c470bb94ed94e60611a16,2024-11-21T04:59:47.660000
CVE-2020-1249,0,0,ee0dd0717eadfbf0e10875ab0544a1bfd1f22d694690d411785027304662d187,2024-11-21T05:10:04.813000
CVE-2020-12491,0,0,f0ca1d801193be292260dc60337caae3590167cf6284edefb2b1d11a8df2c5e3,2024-11-25T10:15:04.983000
@ -171951,6 +171953,8 @@ CVE-2021-26274,0,0,197895f44e1ae2d83cc6d85c4c4212de83f3ab926cbedcc348730f67e6324
CVE-2021-26275,0,0,c67a46870365f376d673abcd812dcccefaea6dc5f29b65664d2310b910034002,2024-11-21T05:56:01.397000
CVE-2021-26276,0,0,fe12842147a3d9597cc53ff3b852150c687cc9cccbec63feeda8fb67ff2b9400,2024-11-21T05:56:01.557000
CVE-2021-26277,0,0,0a521d9773294b67632bbd79404a9f6d2a97acd1eb8e9f9a8038e5d2b475c2ca,2024-11-21T05:56:01.737000
CVE-2021-26278,1,1,55407bd13a095819f1504458cc6585abdb858e5fd2879472762489a613345e4f,2024-12-17T03:15:06.573000
CVE-2021-26279,1,1,9dd09a10896aa30f87886cca9f28cc67fa690cc104e533c9343e07e9982338fb,2024-12-17T04:15:05.333000
CVE-2021-26291,0,0,a04873286f43d02ade91ec647e4cbb9371cd14cf2599798866ce37ea0cdaa411,2024-11-21T05:56:01.890000
CVE-2021-26293,0,0,c750cb4d2f6ab1250e05b92eab3115686dad6da9115e076093b7972b18076f46,2024-11-21T05:56:02.120000
CVE-2021-26294,0,0,c601a19fe6c9ddea2dedc80c3da8fb3ff5a80b9d3af720fefe2ace690f633037,2024-11-21T05:56:02.270000
@ -243179,7 +243183,7 @@ CVE-2024-10201,0,0,d28f8397fef58d8ebbc3ab5219a78ce309df9376e42404e5bb217ebab8ee8
CVE-2024-10202,0,0,e24b6f6c53e1e294cbc144ab84950b92d8732523af1d88b225f6757a45ec2cd3,2024-10-24T13:55:46.110000
CVE-2024-10203,0,0,c44f09c095e5f43bcaf05ddbccb708d70c961ded60a3f26c0a4aedf8833eb1d7,2024-11-08T19:01:03.880000
CVE-2024-10204,0,0,c1aef3d759e33911bc7bc0be9dac4b362c17b81fcf2e1e72015f81b94fc1ab9d,2024-11-19T21:57:32.967000
CVE-2024-10205,1,1,b66f885e8cef7783311250f8a7eeaff136b6049ef5ec7ec57aa1b3b7bf63badd,2024-12-17T02:15:04.670000
CVE-2024-10205,0,0,b66f885e8cef7783311250f8a7eeaff136b6049ef5ec7ec57aa1b3b7bf63badd,2024-12-17T02:15:04.670000
CVE-2024-1021,0,0,56f2f9eee79bdc92dbb448a3c95eee6b8f89b4e054d4b7192e1d1c62db78aeca,2024-11-21T08:49:37.003000
CVE-2024-10214,0,0,467db0fceb73548b6a7ebc4075348a74b9e7e348b74ad43d9d19dc1d995ea230,2024-11-05T17:03:22.953000
CVE-2024-10216,0,0,3b33d4ace8102c37cd94e685981da92ecdd510dbca3a990bc771780d9758061a,2024-11-23T04:15:07.523000
@ -244658,6 +244662,7 @@ CVE-2024-12233,0,0,d89c9263a4f22f201b1dce8be51578aec307181a11a72f57d5d6a093a5589
CVE-2024-12234,0,0,25d3aa7d45ccf0539b66121de3bcd155bbef1f8925f8aad4f69521eed8a998f2,2024-12-10T23:25:36.387000
CVE-2024-12235,0,0,92689efaa37165c78224efb1efe409523be7fb3f3558d4576511504eb96aac91,2024-12-05T18:15:21.660000
CVE-2024-12236,0,0,390d11985338138a2913d618c1818ae388b2b2c32249174c40691687eabfe343,2024-12-10T15:15:07.147000
CVE-2024-12239,1,1,7e14d3325d4b147176649ece8dc2b0064f40f6c3be58ca9c730b210c8ac8ed58,2024-12-17T03:15:06.710000
CVE-2024-1224,0,0,cbfbaa5b4f0e1c410530412d727d5bf58dfe126bd3d740f330bf5c6e93a0658e,2024-11-21T08:50:05.487000
CVE-2024-12247,0,0,ad117a7da5529073984608210b9ebf0c8357341e47d0f7a47c01f4275cf4ac25,2024-12-05T16:15:25.243000
CVE-2024-1225,0,0,1335eabc5dc5752fbd7f31a11bdeda2f1be9be2c21abaca809140eabb8940f2a,2024-11-21T08:50:05.673000
@ -246105,7 +246110,7 @@ CVE-2024-20763,0,0,85e3d365bd8f70bb83e697510efbc0c1af98cc029e70ebe9045e9cb8471b8
CVE-2024-20764,0,0,a080d634ce17b8cdbb85357fca6cda5d794fe7d9539aa4c5f46ce35e5c1cac27,2024-12-04T15:15:25.463000
CVE-2024-20765,0,0,40964bb8beca999330ba180c774b93466f325f8731cc914b7b9cd58d9c2d050c,2024-11-21T08:53:06.653000
CVE-2024-20766,0,0,95ac04a20504881d574a50944d27c002096349013c0a37ca7842a8653794b342,2024-12-05T15:18:04.873000
CVE-2024-20767,0,1,ae66121e62e6acd691604b5a21c1e50b45baacd384bdb97fe32d5d6340bf6c84,2024-12-17T02:00:02.077000
CVE-2024-20767,0,0,ae66121e62e6acd691604b5a21c1e50b45baacd384bdb97fe32d5d6340bf6c84,2024-12-17T02:00:02.077000
CVE-2024-20768,0,0,5cfbec6f58ac0ddaff40efa6f7a3cd9811b930452273e0862a7b84351ebbd04e,2024-12-03T21:46:08.623000
CVE-2024-20769,0,0,6f13dc6481e3cb8cd025c6fbd6c6e0274141093e081dce88926d28d6a572c19b,2024-11-21T08:53:07.133000
CVE-2024-2077,0,0,d186f54d9f8a90379d391459b9a5cb9d8307f4f1713a18aa8bf99e9d56318c5c,2024-12-09T22:39:42.837000
@ -257004,7 +257009,7 @@ CVE-2024-35247,0,0,dda0cd3411fcd13059f9606bedd08c571900aa945b233a955dbeca9ed9ce9
CVE-2024-35248,0,0,7c3ed5cb016eeae24ebeb7d52be404adf38788725c5e83b5d27391e0dc1d9bf7,2024-11-21T09:20:00.980000
CVE-2024-35249,0,0,302b7c8906e51cdc971703773787e3153a88d65789ad0641a56c6ae0bd42570d,2024-11-21T09:20:01.130000
CVE-2024-3525,0,0,8b2c6a8c265bd120a4ae62349e50b9dc4f071348306abdc8eba422a9675a5ff1,2024-11-21T09:29:46.930000
CVE-2024-35250,0,1,ce6a53f3c0a8dfa3764b939943deaf8e7659c0859ad9a03dafbf3ef57b7b7d43,2024-12-17T02:00:02.077000
CVE-2024-35250,0,0,ce6a53f3c0a8dfa3764b939943deaf8e7659c0859ad9a03dafbf3ef57b7b7d43,2024-12-17T02:00:02.077000
CVE-2024-35252,0,0,0f8cf4ca91d191378f3442941d01f34b6bf05c200f0024f0bb3474e02f2e50d7,2024-11-21T09:20:01.453000
CVE-2024-35253,0,0,bee685c773d8375872a8fd41de235ce0377b714b15d51115236139dd0a8b700c,2024-11-21T09:20:01.607000
CVE-2024-35254,0,0,0973352a78955e1008d161d71b8515ce181d81658087521aabcddd672b8cbfcc,2024-11-21T09:20:01.750000

Can't render this file because it is too large.