admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-17T17:00:38.003515+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-17 17:03:25 +00:00
parent 4ceb69dd67
commit 0b121e0380
6 changed files with 299 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2024/CVE-2024-248xx/CVE-2024-24867.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24867",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-17T16:15:08.157",
"lastModified": "2024-03-17T16:15:08.157",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-259xx/CVE-2024-25933.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-25933",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-03-17T16:15:08.390",
"lastModified": "2024-03-17T16:15:08.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/pepro-ultimate-invoice/wordpress-peprodev-ultimate-invoice-plugin-1-9-7-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

88
CVE-2024/CVE-2024-25xx/CVE-2024-2565.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-2565",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-17T15:15:07.187",
"lastModified": "2024-03-17T15:15:07.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257064."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/PandaXGO/PandaX/issues/5",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.257064",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.257064",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-25xx/CVE-2024-2566.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-2566",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-17T15:15:07.420",
"lastModified": "2024-03-17T15:15:07.420",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/get_extension_yl.php. The manipulation of the argument imei leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257065 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://h0e4a0r1t.github.io/2024/vulns/Fujian%20Kelixin%20Communication%20Co.,%20Ltd.%20Command%20and%20Dispatch%20Platform%20SQL%20Injection%20Vulnerability-get_extension_yl.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.257065",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.257065",
"source": "cna@vuldb.com"
}
]
}

13
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-03-17T15:00:38.042037+00:00
2024-03-17T17:00:38.003515+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-03-17T14:15:06.973000+00:00
2024-03-17T16:15:08.390000+00:00
```
### Last Data Feed Release
@ -29,14 +29,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
241731
241735
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `4`
* [CVE-2024-2564](CVE-2024/CVE-2024-25xx/CVE-2024-2564.json) (`2024-03-17T14:15:06.973`)
* [CVE-2024-24867](CVE-2024/CVE-2024-248xx/CVE-2024-24867.json) (`2024-03-17T16:15:08.157`)
* [CVE-2024-2565](CVE-2024/CVE-2024-25xx/CVE-2024-2565.json) (`2024-03-17T15:15:07.187`)
* [CVE-2024-2566](CVE-2024/CVE-2024-25xx/CVE-2024-2566.json) (`2024-03-17T15:15:07.420`)
* [CVE-2024-25933](CVE-2024/CVE-2024-259xx/CVE-2024-25933.json) (`2024-03-17T16:15:08.390`)
### CVEs modified in the last Commit

6
_state.csv
View File

@ -240780,6 +240780,7 @@ CVE-2024-24861,0,0,6b40afdcfeaef4379ad19505bbc3196ca9bd79cff347b2f5b0473b639a002
CVE-2024-24864,0,0,cb2feb3346fb11cc5b4be9ff84c56cdf4de4a5045cdc4255bc9349b2b8259736,2024-02-10T04:05:22.843000
CVE-2024-24865,0,0,69d1d9e6b7dcdc1a41fcca26c5c38135753d56b8f5d02ca0d16d1408ab64d3a6,2024-02-07T23:30:50.313000
CVE-2024-24866,0,0,7234eb10c2179098475da368126463933a93e4c44ee1e87fac56ce5cbea64b85,2024-02-13T19:48:45.207000
CVE-2024-24867,1,1,d02bce7c277904138b788c066bcad1d13e3a0e013e95636c243e6971e42b21a1,2024-03-17T16:15:08.157000
CVE-2024-24868,0,0,e7f14abb86f06eb8a849fd232ff7f12dc608d17b75bfc6f64f2c0bbfd51ed1c7,2024-02-28T14:06:45.783000
CVE-2024-2487,0,0,4ca5472da55e03928f48be008f61a5daee2051808522c475d1ce22687edd2999,2024-03-15T12:53:06.423000
CVE-2024-24870,0,0,b39acdcce0711487a9081cc9665d4882378e31aa9603afc2ce7a407d6eacb9c6,2024-02-13T19:48:35.953000
@ -241100,17 +241101,19 @@ CVE-2024-25631,0,0,c8bdaced4c0d5563bd57b345057b4e4f59369a45b7c12f5563c1a08a0da6b
CVE-2024-25634,0,0,c1510e3ab0b733f2989d621c241e546f656e3e790b7a0232e637470ddb569500,2024-02-20T19:50:53.960000
CVE-2024-25635,0,0,02f92a5a9bdf152263c68c7161477865d30fa40fbd763157286667e134fdd120,2024-02-20T19:50:53.960000
CVE-2024-25636,0,0,25ca08d2d7942010a89cee168f33ec13089ab5d688be0f620a303dd1bdaf78e7,2024-02-20T19:50:53.960000
CVE-2024-2564,1,1,20c5f4f1c2679e3f384ad4559d078395b49d5e5aee769ccefe30e3301a8d3204,2024-03-17T14:15:06.973000
CVE-2024-2564,0,0,20c5f4f1c2679e3f384ad4559d078395b49d5e5aee769ccefe30e3301a8d3204,2024-03-17T14:15:06.973000
CVE-2024-25640,0,0,e7a5a66e06481c463ef3267e2ad9b6391b00223315aeb71281eb8d63b041ce79,2024-02-20T19:50:53.960000
CVE-2024-25642,0,0,bf91eeb1502dedca60fe6c035b93d7dfc5a440bc6932322c6ae4d128b4c7c145,2024-02-13T14:01:40.577000
CVE-2024-25643,0,0,08f3e6c0d454841d4e4dc84aae81812246ffbd96bb71cc2e9e4566cd4077e910,2024-02-13T14:01:07.747000
CVE-2024-25644,0,0,cad748db94c87605f745ac8efbb54ef36e9bf866e1bcdbdf96bff9a05dfcf738,2024-03-12T12:40:13.500000
CVE-2024-25645,0,0,611af6391fb4617a6b65e5d2ff91bac5a4003873b65f133d0cd2495d911bd094,2024-03-12T12:40:13.500000
CVE-2024-25649,0,0,ff4005c5bc448d78f7be592b75e982f7bf99b3c972c3f93072e448020f36c7cd,2024-03-14T12:52:09.877000
CVE-2024-2565,1,1,bd3c624874ffd2ed7cfdce46a424723ffe46928b98908fbb1c72f6299559aeec,2024-03-17T15:15:07.187000
CVE-2024-25650,0,0,86db7f9cd2961887ed39c6b63b2949a71fabae22076ac99000118f6e3ecf601e,2024-03-14T12:52:16.723000
CVE-2024-25651,0,0,4935c44deda83694ae7a33c550d78c8ec02d262dfb7e7f44dbd503c93d5109ae,2024-03-14T12:52:09.877000
CVE-2024-25652,0,0,1684edbbe6a032e904cd3d9da8c2e3b5d162c7d94708a30170c5b1a8fdc4de06,2024-03-14T12:52:09.877000
CVE-2024-25653,0,0,cf0ab93d3f68bfc65ae7a6e2836e0f599b295638c5107d23ca26fba04d235e4d,2024-03-14T12:52:09.877000
CVE-2024-2566,1,1,445585f1cd08efde7542890fc279dbf8691de9ca80bbe4da90217abd121415cc,2024-03-17T15:15:07.420000
CVE-2024-25674,0,0,880844ace2ad9fa6a214f1eff7f46e3beaded8f86ef202dfc09585e1e07ca21c,2024-02-12T14:30:40.343000
CVE-2024-25675,0,0,7eb120f8543ce89181641a0a8c791e82666c8e07d23577075c360f9dbf73d233,2024-02-12T14:30:28.640000
CVE-2024-25677,0,0,1d7f4f51208daa48b27418602ba1484337c537523201080701287445cfed0006,2024-02-15T19:43:24.983000
@ -241201,6 +241204,7 @@ CVE-2024-25928,0,0,a6060327df403c3c616b275f710271564f7f2534d45ed96b3571c5b2e5121
CVE-2024-25930,0,0,0ab8711195d4ca59bae23faf5b938c4832c53808527b8c4f0842867494c69bd3,2024-02-29T13:49:29.390000
CVE-2024-25931,0,0,cced732a62b8661206eb106d5ae979a2d16189f2911f7eaa9ca025496e8df531,2024-02-29T13:49:29.390000
CVE-2024-25932,0,0,b47ba5ecf2a19427a2d0c7404d84cf9b82c7d738bc913534568255e83139261d,2024-02-29T13:49:29.390000
CVE-2024-25933,1,1,9a19a70e8ccf2de812b06af79bef2fea24d149ddfc7ffcadd406cea0f3ab65f3,2024-03-17T16:15:08.390000
CVE-2024-25934,0,0,abf29b2c8bd2941b97b5a50ee19174b7389e9c0ccc1df25f4fdb8e591190b306,2024-03-15T16:26:49.320000
CVE-2024-25936,0,0,8effd82663b8db2d960ef33e023d14a22fda9a759a9ee34ebfd84341bfced171,2024-03-15T16:26:49.320000
CVE-2024-25940,0,0,81faf8084be28ad3443bfad1349de788b40c215e318cb61e901b3079aac1c24e,2024-02-15T06:23:39.303000

Can't render this file because it is too large.