admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-12T07:00:24.116696+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-12 07:00:27 +00:00
parent 15cf123281
commit 3139d93852
8 changed files with 366 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2024/CVE-2024-249xx/CVE-2024-24927.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24927",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T06:15:08.030",
"lastModified": "2024-02-12T06:15:08.030",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme allows Reflected XSS.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/brooklyn/wordpress-brooklyn-theme-4-9-7-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24928.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24928",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T06:15:08.313",
"lastModified": "2024-02-12T06:15:08.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through 0.9.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/content-cards/wordpress-content-cards-plugin-0-9-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24930.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24930",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T06:15:08.520",
"lastModified": "2024-02-12T06:15:08.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes.Com Buttons Shortcode and Widget allows Stored XSS.This issue affects Buttons Shortcode and Widget: from n/a through 1.16.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/buttons-shortcode-and-widget/wordpress-buttons-shortcode-and-widget-plugin-1-16-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24931.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24931",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T06:15:08.717",
"lastModified": "2024-02-12T06:15:08.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swadeshswain Before After Image Slider WP allows Stored XSS.This issue affects Before After Image Slider WP: from n/a through 2.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/before-after-image-slider/wordpress-before-after-image-slider-wp-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24932.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24932",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T06:15:08.917",
"lastModified": "2024-02-12T06:15:08.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Djo VK Poster Group allows Reflected XSS.This issue affects VK Poster Group: from n/a through 2.0.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vk-poster-group/wordpress-vk-poster-group-plugin-2-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24933.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24933",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T06:15:09.120",
"lastModified": "2024-02-12T06:15:09.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prasidhda Malla Honeypot for WP Comment allows Reflected XSS.This issue affects Honeypot for WP Comment: from n/a through 2.2.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/honeypot-for-wp-comment/wordpress-honeypot-for-wp-comment-plugin-2-2-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

24
CVE-2024/CVE-2024-257xx/CVE-2024-25744.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-25744",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-12T05:15:07.710",
"lastModified": "2024-02-12T05:15:07.710",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c."
}
],
"metrics": {},
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.7",
"source": "cve@mitre.org"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b82a8dbd3d2f4563156f7150c6f2ecab6e960b30",
"source": "cve@mitre.org"
}
]
}

25
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-02-12T05:00:24.573217+00:00 2024-02-12T07:00:24.116696+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-02-12T04:15:07.610000+00:00 2024-02-12T06:15:09.120000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,27 +29,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
238129 238136
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `4` Recently added CVEs: `7`
* [CVE-2023-52429](CVE-2023/CVE-2023-524xx/CVE-2023-52429.json) (`2024-02-12T03:15:32.573`) * [CVE-2024-25744](CVE-2024/CVE-2024-257xx/CVE-2024-25744.json) (`2024-02-12T05:15:07.710`)
* [CVE-2024-25739](CVE-2024/CVE-2024-257xx/CVE-2024-25739.json) (`2024-02-12T03:15:32.770`) * [CVE-2024-24927](CVE-2024/CVE-2024-249xx/CVE-2024-24927.json) (`2024-02-12T06:15:08.030`)
* [CVE-2024-25740](CVE-2024/CVE-2024-257xx/CVE-2024-25740.json) (`2024-02-12T03:15:32.823`) * [CVE-2024-24928](CVE-2024/CVE-2024-249xx/CVE-2024-24928.json) (`2024-02-12T06:15:08.313`)
* [CVE-2024-25741](CVE-2024/CVE-2024-257xx/CVE-2024-25741.json) (`2024-02-12T03:15:32.870`) * [CVE-2024-24930](CVE-2024/CVE-2024-249xx/CVE-2024-24930.json) (`2024-02-12T06:15:08.520`)
* [CVE-2024-24931](CVE-2024/CVE-2024-249xx/CVE-2024-24931.json) (`2024-02-12T06:15:08.717`)
* [CVE-2024-24932](CVE-2024/CVE-2024-249xx/CVE-2024-24932.json) (`2024-02-12T06:15:08.917`)
* [CVE-2024-24933](CVE-2024/CVE-2024-249xx/CVE-2024-24933.json) (`2024-02-12T06:15:09.120`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `4` Recently modified CVEs: `0`
* [CVE-2023-28531](CVE-2023/CVE-2023-285xx/CVE-2023-28531.json) (`2024-02-12T03:15:32.443`)
* [CVE-2023-22467](CVE-2023/CVE-2023-224xx/CVE-2023-22467.json) (`2024-02-12T04:15:07.610`)
* [CVE-2024-1283](CVE-2024/CVE-2024-12xx/CVE-2024-1283.json) (`2024-02-12T03:15:32.633`)
* [CVE-2024-1284](CVE-2024/CVE-2024-12xx/CVE-2024-1284.json) (`2024-02-12T03:15:32.710`)
## Download and Usage ## Download and Usage