admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-03T07:00:23.914418+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-03 07:00:27 +00:00
parent e53c87caa3
commit 1b029767ad
5 changed files with 197 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2023/CVE-2023-375xx/CVE-2023-37528.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-37528",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-02-03T06:15:46.850",
"lastModified": "2024-02-03T06:15:46.850",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report. \n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 4.7
}
]
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209",
"source": "psirt@hcl.com"
}
]
}

51
CVE-2024/CVE-2024-08xx/CVE-2024-0895.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0895",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-03T06:15:47.777",
"lastModified": "2024-02-03T06:15:47.777",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The PDF Flipbook, 3D Flipbook \u2013 DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to, and including, 2.2.26 due to insufficient input sanitization and output escaping on user supplied data. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/3d-flipbook-dflip-lite/trunk/inc/metaboxes.php#L483",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030441%403d-flipbook-dflip-lite&new=3030441%403d-flipbook-dflip-lite&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/92e37b28-1a17-417a-b40f-cb4bbe6ec759?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-09xx/CVE-2024-0909.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0909",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-03T06:15:48.057",
"lastModified": "2024-02-03T06:15:48.057",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. This is due to insufficient restrictions through the REST API on the posts/pages that protections are being place on. This makes it possible for unauthenticated attackers to access protected content."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030199%40anonymous-restricted-content&new=3030199%40anonymous-restricted-content&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030608%40anonymous-restricted-content&new=3030608%40anonymous-restricted-content&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f478ff7c-7193-4c59-a84f-c7cafff9b6c0?source=cve",
"source": "security@wordfence.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23550.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23550",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-02-03T06:15:48.290",
"lastModified": "2024-02-03T06:15:48.290",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110334",
"source": "psirt@hcl.com"
}
]
}

19
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-03T05:00:24.166119+00:00
2024-02-03T07:00:23.914418+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-03T03:17:41.110000+00:00
2024-02-03T06:15:48.290000+00:00
```
### Last Data Feed Release
@ -29,24 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237497
237501
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `4`
* [CVE-2023-37528](CVE-2023/CVE-2023-375xx/CVE-2023-37528.json) (`2024-02-03T06:15:46.850`)
* [CVE-2024-0895](CVE-2024/CVE-2024-08xx/CVE-2024-0895.json) (`2024-02-03T06:15:47.777`)
* [CVE-2024-0909](CVE-2024/CVE-2024-09xx/CVE-2024-0909.json) (`2024-02-03T06:15:48.057`)
* [CVE-2024-23550](CVE-2024/CVE-2024-235xx/CVE-2024-23550.json) (`2024-02-03T06:15:48.290`)
### CVEs modified in the last Commit
Recently modified CVEs: `5`
Recently modified CVEs: `0`
* [CVE-2021-33630](CVE-2021/CVE-2021-336xx/CVE-2021-33630.json) (`2024-02-03T03:15:07.753`)
* [CVE-2021-33631](CVE-2021/CVE-2021-336xx/CVE-2021-33631.json) (`2024-02-03T03:15:08.760`)
* [CVE-2021-41645](CVE-2021/CVE-2021-416xx/CVE-2021-41645.json) (`2024-02-03T03:17:41.110`)
* [CVE-2021-40247](CVE-2021/CVE-2021-402xx/CVE-2021-40247.json) (`2024-02-03T03:17:41.110`)
* [CVE-2023-2772](CVE-2023/CVE-2023-27xx/CVE-2023-2772.json) (`2024-02-03T03:17:41.110`)
## Download and Usage