Auto-Update: 2024-08-27T08:00:17.576129+00:00

2025-05-08 19:47:09 +00:00 · 2024-08-27 08:03:16 +00:00 · 2024-08-27 08:03:16 +00:00 · 151cb4b107
commit 151cb4b107
parent 2dd0da7f96
5 changed files with 157 additions and 15 deletions
--- a/CVE-2024/CVE-2024-33xx/CVE-2024-3375.json
+++ b/CVE-2024/CVE-2024-33xx/CVE-2024-3375.json
@ -2,13 +2,13 @@
  "id": "CVE-2024-3375",
  "sourceIdentifier": "iletisim@usom.gov.tr",
  "published": "2024-04-29T09:15:09.017",
-  "lastModified": "2024-04-29T12:42:03.667",
+  "lastModified": "2024-08-27T07:15:03.533",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
-      "value": "Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84.\n\n"
+      "value": "Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84."
    },
    {
      "lang": "es",
@ -46,7 +46,7 @@
      "description": [
        {
          "lang": "en",
-          "value": "CWE-732"
+          "value": "CWE-276"
        }
      ]
    }
--- a/CVE-2024/CVE-2024-68xx/CVE-2024-6804.json
+++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6804.json
@ -0,0 +1,68 @@
+{
+  "id": "CVE-2024-6804",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-08-27T07:15:03.797",
+  "lastModified": "2024-08-27T07:15:03.797",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/jeg-elementor-kit/tags/2.6.7/lib/jeg-framework/customizer/class-customizer.php#L595",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3139386/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/jeg-elementor-kit/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5491ff65-9060-4b0b-a31d-7b95ea581310?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-73xx/CVE-2024-7304.json
+++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7304.json
@ -0,0 +1,72 @@
+{
+  "id": "CVE-2024-7304",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-08-27T07:15:04.057",
+  "lastModified": "2024-08-27T07:15:04.057",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Ninja Tables \u2013 Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/ninja-tables/tags/5.0.12/app/Hooks/filters.php#L28",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3140370/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3140370/#file408",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/ninja-tables/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b1eb6896-2de3-4d4d-9b5f-253aaffd193b?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-08-27T06:00:16.737611+00:00
+2024-08-27T08:00:17.576129+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-08-27T05:15:13.307000+00:00
+2024-08-27T07:15:04.057000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-261272
+261274
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `2`

- [CVE-2024-45321](CVE-2024/CVE-2024-453xx/CVE-2024-45321.json) (`2024-08-27T04:15:09.010`)
- [CVE-2024-6688](CVE-2024/CVE-2024-66xx/CVE-2024-6688.json) (`2024-08-27T05:15:12.993`)
- [CVE-2024-7125](CVE-2024/CVE-2024-71xx/CVE-2024-7125.json) (`2024-08-27T05:15:13.307`)
+- [CVE-2024-6804](CVE-2024/CVE-2024-68xx/CVE-2024-6804.json) (`2024-08-27T07:15:03.797`)
+- [CVE-2024-7304](CVE-2024/CVE-2024-73xx/CVE-2024-7304.json) (`2024-08-27T07:15:04.057`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2024-3375](CVE-2024/CVE-2024-33xx/CVE-2024-3375.json) (`2024-08-27T07:15:03.533`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -252384,7 +252384,7 @@ CVE-2024-3372,0,0,a196d1e45ccce196e4deb1ea2387c2fe4f6bf89b27a8a7cd4be5ebcd31c9a0
 CVE-2024-3374,0,0,3ebd1bd07a69ff470e060c4c065f62c59313c2dfc13f260402ece495f026b11b,2024-05-14T19:17:55.627000
 CVE-2024-33748,0,0,066f13e7dc76dff0529f136e64473f4bf178cc6b6f4c44f335cc233ab954b6f1,2024-07-03T01:58:38.810000
 CVE-2024-33749,0,0,f9dfa03193fccdb082b9724eae52d9e0afc932b6dd471bafd143ead723900e53,2024-08-14T19:35:22.807000
-CVE-2024-3375,0,0,83b89c13468b0889643597294e3ebb495e90bb130d57a5993db693041841d1ae,2024-04-29T12:42:03.667000
+CVE-2024-3375,0,1,bee56d54888cf8850979d5e00c5568afea58a42bb4d90ad898545daa7f82274b,2024-08-27T07:15:03.533000
 CVE-2024-33752,0,0,1bc9f08a0011e44b90280ee1144c3d3bf7022be746c68e8063dce2331b55fc9a,2024-07-03T01:58:39.567000
 CVE-2024-33753,0,0,2fc447b40b2f762f051408e9969732ce9ebcb69b836d167fb124d965f0f02f03,2024-07-03T01:58:40.327000
 CVE-2024-3376,0,0,f41e6a696431d8ce91e92d27b1a32b6851753dbcad734a1a57ff4b20fa11b9b2,2024-05-17T02:39:53.447000
@ -258644,7 +258644,7 @@ CVE-2024-4529,0,0,5fbb4c14219ef7d51954458b7780a68dbee769876e9489db6e9ba34bd68834
 CVE-2024-4530,0,0,6b78f15ba2a60e96a20ff176cd49d228ee37f0e30a4b3e696092a717f8a23e27,2024-05-28T12:39:28.377000
 CVE-2024-4531,0,0,5dc1dd0922f3418ce95c33a9fc334c76453bfc98ac8636a0eebb27c9c952bb3f,2024-07-03T02:07:42.610000
 CVE-2024-4532,0,0,4fd2f02f0358f1c611846b77f1b0e80bcb1985e07f23fa6a21a71cc25593500a,2024-05-28T12:39:28.377000
-CVE-2024-45321,1,1,854f9779fab77fcd514dde87764ccd978a14401b8fba445b54dcb7dede6a23f9,2024-08-27T04:15:09.010000
+CVE-2024-45321,0,0,854f9779fab77fcd514dde87764ccd978a14401b8fba445b54dcb7dede6a23f9,2024-08-27T04:15:09.010000
 CVE-2024-4533,0,0,aca3a412ead1ce1343d6f498450801be5e059db6302d74881039b5fe75fb6c09,2024-05-28T12:39:28.377000
 CVE-2024-4534,0,0,527a3127a7586bdf18d80cd2b5b17fe74ac5ed6a2aa4ee562148173cc1d9d3e9,2024-08-09T19:35:09.923000
 CVE-2024-4535,0,0,87b4b5e0787ea182ddd9c6fa8e26c59b6c616e4e57e592ee0d6f169678ff9b64,2024-05-28T12:39:28.377000
@ -260403,7 +260403,7 @@ CVE-2024-6680,0,0,131299d0989a76f846afb0c8ae15f4692f1a0fdd9931fad30c165660cd1232
 CVE-2024-6681,0,0,fd87484dafd740c0f788720b14149eb40f6b6d8ce371416d0e039ce9acf82071,2024-07-11T18:09:58.777000
 CVE-2024-6684,0,0,5077927f346cf8d394fd9a76287141cc3d9bbdc383e5155cbda2006a142ade04,2024-08-13T21:15:16.377000
 CVE-2024-6687,0,0,ff47b1397711b8cc3d93cfe454be390cc9012eec28a4b5d25b3eacdb0bcb37ed,2024-08-01T12:42:36.933000
-CVE-2024-6688,1,1,311de695eb3b5b23040fc1bd91717901f4d99820e3af047aa18980d8b9170905,2024-08-27T05:15:12.993000
+CVE-2024-6688,0,0,311de695eb3b5b23040fc1bd91717901f4d99820e3af047aa18980d8b9170905,2024-08-27T05:15:12.993000
 CVE-2024-6689,0,0,d40d4a6e022419e83ed34bb3a74eb0d24556e6d76f7b0a592f90775a9d52873c,2024-07-16T13:43:58.773000
 CVE-2024-6691,0,0,6f4b5fdff9d8a72f980f94d56213c288fa4b5b617985852e29dbbcc9099ac853,2024-08-12T13:41:36.517000
 CVE-2024-6692,0,0,e73c083ff98791fbf8d27289c6bf10e57a3b04cffd44cadb1a6c218a8e23e9aa,2024-08-12T13:41:36.517000
@ -260485,6 +260485,7 @@ CVE-2024-6800,0,0,a15298e35d6052e73a8ba7e320d06f1ae120c932f1a3656ad087f1be4be328
 CVE-2024-6801,0,0,6cf94e1980aea6fcc25b038d583cb2250e04ba4c9461d4d907e1f9ce16b1e09a,2024-07-19T14:55:25.753000
 CVE-2024-6802,0,0,41c45597ef2d2991d0ff5de1c94d34d596167540846175036f3a8eca13168f84,2024-08-26T05:15:05.980000
 CVE-2024-6803,0,0,e77960f60e5c3ea5b22b60c53aac93b8bf6ffc93dd5f015dabaabc8b5a77736e,2024-07-19T15:01:50.250000
+CVE-2024-6804,1,1,a8296bfe8ff95da1ae5e34ea42fc84fd47053bd2b06aa2a683a85f6c950878c8,2024-08-27T07:15:03.797000
 CVE-2024-6805,0,0,df9c24152184824aaec79a13a2bf3e8af4b412b0a659321142aa5850936d9704,2024-07-24T12:55:13.223000
 CVE-2024-6806,0,0,ee5c95118c41ce11e7d4b52c5bbead77dffa73ecabb9abea55db46ee557c211f,2024-07-24T12:55:13.223000
 CVE-2024-6807,0,0,07688665534f45cd2e7da0c34e23ec72f349fed7ba2bc33cacddabe8a931b934,2024-08-26T05:15:06.140000
@ -260657,7 +260658,7 @@ CVE-2024-7119,0,0,6b773d2ee0198b8c2555adc9c1a3fd196ed4373805abfd3c2f3d4a0da9be44
 CVE-2024-7120,0,0,dd88c4d4f5099fe6bbb2fa59d0942931f85db230d235608307fdbb069312e6ec,2024-08-13T14:06:57.033000
 CVE-2024-7121,0,0,fdae6687b65374b6aec5500198958517002acfa86b757e82c1fe85c4c568e879,2024-08-08T17:15:19.820000
 CVE-2024-7123,0,0,9cd56c5d21be01850838f11a2df252558cd6c9b176bc2485ad2b1b549f072ade,2024-08-08T17:15:19.970000
-CVE-2024-7125,1,1,09f3cbec55eaf5c0db23f08b5983abf140bd91a7b79e517cae14ca7d6267bac3,2024-08-27T05:15:13.307000
+CVE-2024-7125,0,0,09f3cbec55eaf5c0db23f08b5983abf140bd91a7b79e517cae14ca7d6267bac3,2024-08-27T05:15:13.307000
 CVE-2024-7127,0,0,2842be40cd41bba2687b1d2d238a3a521369bfe05553f868496bd1f3f7f4951f,2024-08-23T14:00:59.740000
 CVE-2024-7128,0,0,22b40e3236f05da8de2b73f629340b5796a3b45429dedc50864bf862ccb583f9,2024-07-29T14:12:08.783000
 CVE-2024-7134,0,0,c5170ada8be1ea583d3dc92d1c0c20ff0ddcfa0f860d82c947cda0aff2380786,2024-08-21T12:30:33.697000
@ -260784,6 +260785,7 @@ CVE-2024-7300,0,0,ec5bc420e71b7c17438e33b04329f442535c8be80d5b4025cfe5a0c36aea8b
 CVE-2024-7301,0,0,6b622cf82f175e4420a14e0711b01cd703c5db56ffca3c66c2a47c7fdd329e04,2024-08-19T13:00:23.117000
 CVE-2024-7302,0,0,3e3978a555cf8f7617492d06d41673a59c5323c552cb9b37b079247ec7c0af88,2024-08-01T12:42:36.933000
 CVE-2024-7303,0,0,9520f852975600abd145b384cdd7bd5ee8f54af62f4a78fc6dcf9ca25a845304,2024-08-12T16:47:04.740000
+CVE-2024-7304,1,1,22b65b5a5b592f29f5a2b13466ab8ea1fd261fb4d0d1bfa026fdd139abf1bfa0,2024-08-27T07:15:04.057000
 CVE-2024-7305,0,0,bc4f7fc15f7537b59107986ff5b86d7153bfc4c1a03b077c94709217d9e52136,2024-08-20T15:44:20.567000
 CVE-2024-7306,0,0,3c865c91ac7fc6c8c32a68429064dd89f6391277f467a5bdc571f15092dbadd4,2024-08-12T16:33:51.090000
 CVE-2024-7307,0,0,480862c25d62bf3086f9355b511b9f3605564a857f38684f6972ff45c488e191,2024-08-13T14:55:05.840000