Auto-Update: 2024-07-12T23:55:17.793137+00:00

2025-05-30 10:10:41 +00:00 · 2024-07-12 23:58:11 +00:00 · 2024-07-12 23:58:11 +00:00 · 266af29ee3
commit 266af29ee3
parent 9630c79c98
5 changed files with 111 additions and 9 deletions
--- a/CVE-2024/CVE-2024-302xx/CVE-2024-30213.json
+++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30213.json
@ -0,0 +1,25 @@
+{
+  "id": "CVE-2024-30213",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-12T23:15:09.927",
+  "lastModified": "2024-07-12T23:15:09.927",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to achieve Command Injection via a Ping URL, leading to remote code execution."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://stonefly.com/security-advisories/cve-2024-30213/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.stonefly.com/services",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-319xx/CVE-2024-31947.json
+++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31947.json
@ -0,0 +1,25 @@
+{
+  "id": "CVE-2024-31947",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-12T23:15:10.000",
+  "lastModified": "2024-07-12T23:15:10.000",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows Directory Traversal by authenticated users. Using a crafted path parameter with the Online Help facility can expose sensitive system information."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://stonefly.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://stonefly.com/security-advisories/cve-2024-31947/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-59xx/CVE-2024-5902.json
+++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5902.json
@ -0,0 +1,48 @@
+{
+  "id": "CVE-2024-5902",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-07-12T22:15:02.437",
+  "lastModified": "2024-07-12T22:15:02.437",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The User Feedback \u2013 Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name parameter in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in feedback form responses that will execute whenever a high-privileged user tries to view them."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/userfeedback-lite/tags/1.0.15/includes/frontend/class-userfeedback-frontend.php#L257",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bce9ba42-f574-47c1-9ea5-1e56f9da8e71?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-07-12T22:00:19.104834+00:00
+2024-07-12T23:55:17.793137+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-07-12T21:15:10.797000+00:00
+2024-07-12T23:15:10+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-256924
+256927
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `3`

- [CVE-2023-41093](CVE-2023/CVE-2023-410xx/CVE-2023-41093.json) (`2024-07-12T20:15:02.380`)
+- [CVE-2024-30213](CVE-2024/CVE-2024-302xx/CVE-2024-30213.json) (`2024-07-12T23:15:09.927`)
+- [CVE-2024-31947](CVE-2024/CVE-2024-319xx/CVE-2024-31947.json) (`2024-07-12T23:15:10.000`)
+- [CVE-2024-5902](CVE-2024/CVE-2024-59xx/CVE-2024-5902.json) (`2024-07-12T22:15:02.437`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

- [CVE-2024-26621](CVE-2024/CVE-2024-266xx/CVE-2024-26621.json) (`2024-07-12T21:15:10.797`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -230693,7 +230693,7 @@ CVE-2023-4109,0,0,46f1e8ea3c2115f61226cf8152a0fd62d477c4ffa52a0749519f555c012adb
 CVE-2023-41090,0,0,24844a5fc6d3add7c790cfa183ab253578b06fdfdd68d41d9755101a304d95c5,2024-02-14T15:01:46.050000
 CVE-2023-41091,0,0,10f971c62425e028a2c87433de76fec64e6f37c33dd6a161f250494d3d0fb7ce,2024-02-14T15:01:46.050000
 CVE-2023-41092,0,0,73ad744243a8cef92af3bedba0076b13b71c2f1b60462e60ad8d831f8d740746,2024-05-17T18:36:05.263000
-CVE-2023-41093,1,1,6650a34af2e1a97e30fa22381d74ecebae39146d0247e58dcc185c62904af144,2024-07-12T20:15:02.380000
+CVE-2023-41093,0,0,6650a34af2e1a97e30fa22381d74ecebae39146d0247e58dcc185c62904af144,2024-07-12T20:15:02.380000
 CVE-2023-41094,0,0,559c005fb118634ec86ad750f79baa9e04c4805ea9bfe1d4aa569e2dd66cb499,2023-10-10T19:40:06.293000
 CVE-2023-41095,0,0,6d2691b4434afb3c3f4cc17aae26cb3438a877a41c6c6675d27923ab8be4571a,2023-11-07T20:35:26.983000
 CVE-2023-41096,0,0,f3dac9324639086cbe6e622c754b01cba9689e29415619c628365622f0ca8c37,2023-11-08T01:48:37.717000
@ -246657,7 +246657,7 @@ CVE-2024-26618,0,0,b4ee02e43411773445d9502213c0c8ee13dbb28e9adadb6062e2443b8f287
 CVE-2024-26619,0,0,4bc519bd153c025ad692ee69af117d5945ba0b94f5c3e5862c457953e2f5d4bd,2024-03-12T12:40:13.500000
 CVE-2024-2662,0,0,f67fa5f3bbbaf2e8acff0e892a68fc06e4217f99a75dec53361b235392202bd4,2024-05-14T16:13:02.773000
 CVE-2024-26620,0,0,d9644d90006553a6ef7df3ce5b7de0b26190c676351738b9b2539bec3ef4ee61,2024-03-12T12:40:13.500000
-CVE-2024-26621,0,1,3288a46e79bce01823ea6932b487f2ccb57e38c34401d9f7daaaa0bb58ef207c,2024-07-12T21:15:10.797000
+CVE-2024-26621,0,0,3288a46e79bce01823ea6932b487f2ccb57e38c34401d9f7daaaa0bb58ef207c,2024-07-12T21:15:10.797000
 CVE-2024-26622,0,0,429b8c79ac7bc8a6f352b05f3ec787ee7dce1baf63c22803c7866fe6ab98869f,2024-06-25T22:15:19.240000
 CVE-2024-26623,0,0,5692b1c30d07fd10d73a2d8d099143935e519ebf33db10f9328fbf12228012a8,2024-03-06T15:18:08.093000
 CVE-2024-26624,0,0,9575e38401ed951dd513d0e1852942215c7c9e9bc3c5371fd0da3ac3a0eac967,2024-03-27T14:15:10.163000
@ -249203,6 +249203,7 @@ CVE-2024-30209,0,0,4756c4e57377802361066418deb975b54dc52716ddfddaf8f29ce066b860d
 CVE-2024-3021,0,0,ee728d2cd3c4363c89a6326419f49fe670e2b2d2fd29f81e9f6f9517de6af74a,2024-05-02T18:00:37.360000
 CVE-2024-30210,0,0,a10bd2f1b80d4ceae5c55ba545178d694a936a7f0be8c7017c0ad5dccf76eae4,2024-04-15T13:15:51.577000
 CVE-2024-30212,0,0,e9079b07361a597f048b353469c94a42f6331925279f9fff95a0b420b9ff506a,2024-06-11T12:15:14.847000
+CVE-2024-30213,1,1,de50a20ff41c5d61cca60452df6a21fd2abda9a92b13429fe41a85308335bbad,2024-07-12T23:15:09.927000
 CVE-2024-30214,0,0,7c4820c684a267b228fa4a4665b794d39804e491dff54bd3f2105fbbb658d34b,2024-04-09T12:48:04.090000
 CVE-2024-30215,0,0,ab2bb7d1fb5a1429f982c34c6c343c5bdb990b01f1c65a84e0f966e88ca26da6,2024-04-09T12:48:04.090000
 CVE-2024-30216,0,0,b2a60633096c48481bfba33a475cbb1ec9bd028014eb767b662e1172ca558cda,2024-04-09T12:48:04.090000
@ -250376,6 +250377,7 @@ CVE-2024-31941,0,0,b8dc065fda42126e32d28a44ef547549a83996a827e764074359d3e3ec8c1
 CVE-2024-31942,0,0,ceae4b513a0b6e905236b05cb5dd98d07a79c0420729857e9c51c87c35b65b17,2024-04-15T13:15:31.997000
 CVE-2024-31943,0,0,d050ed16bd2fd56e0b74cc5712c1eb7ef94538d6cfa9c00022a6cfa048bd2dcc,2024-04-10T19:49:51.183000
 CVE-2024-31944,0,0,d1cf01bee95ac2d1b4f198f30f665ce7f3dae041b6378dd5d37f86b95341e18f,2024-04-10T19:49:51.183000
+CVE-2024-31947,1,1,05771a2814e3261ec41be75ecd2a8a9092041d6aeaf653b2bd4c89663fbd7c50,2024-07-12T23:15:10
 CVE-2024-31948,0,0,2545f6a13668ac7d71382ed97228591f14df9b7003f52f431839a3cf2cbd6d68,2024-07-03T01:55:34.387000
 CVE-2024-31949,0,0,d55253e38f8bc425df8f875d525d4d6b96cb3180b7d665ec7de9778e227e2105,2024-04-28T07:15:08.917000
 CVE-2024-3195,0,0,787f988864320d109487d10ab48e68d202e20bb992c996c1eb76e50864248bcc,2024-06-04T19:20:17.337000
@ -256530,6 +256532,7 @@ CVE-2024-5896,0,0,74561a30f59034551bf30203dd9d488264eda62db1d6fb3f9fe44d921fc698
 CVE-2024-5897,0,0,ae4d2a8aeafd445ed5a0eb6a013a1f5f8d0cd09f1eb619f9e05beaa5efdbf2f0,2024-06-13T18:36:09.010000
 CVE-2024-5898,0,0,2556a153e2769b2848dc3169e1f22718fe5b8f425c00f464c0cc68408399ec6a,2024-06-13T18:36:09.010000
 CVE-2024-5899,0,0,cc9e433fee08f0a2737b6eb6a672aa21365721aef58982862ac384a6aa1437cb,2024-06-20T12:44:01.637000
+CVE-2024-5902,1,1,ee0aaad857ea23a8005d28af5fb21df67510241d1b94bcb3669f48f8ef8e3c14,2024-07-12T22:15:02.437000
 CVE-2024-5905,0,0,52472d1772ec890cf9f052f234eba7e8e08aa90a47029f036f0775ad3cc74056,2024-06-13T18:36:09.010000
 CVE-2024-5906,0,0,b7fc466b9931ce265a1ef81017e39098b5ad31bf494bc22103ede7f6c2cace23,2024-06-13T18:36:09.010000
 CVE-2024-5907,0,0,17327a712757852c4b43c811f24252c9a6d5917388dc8b093882f86e14b7ae5b,2024-06-13T18:36:09.010000