admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-05T10:00:42.554478+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-05 10:03:42 +00:00
parent a239f3be6d
commit 4479252308
6 changed files with 210 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
CVE-2024/CVE-2024-451xx/CVE-2024-45107.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45107",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-09-05T09:15:03.123",
"lastModified": "2024-09-05T09:15:03.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb24-57.html",
"source": "psirt@adobe.com"
}
]
}

12
CVE-2024/CVE-2024-48xx/CVE-2024-4872.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-4872",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2024-08-27T13:15:05.890",
"lastModified": "2024-08-30T16:15:10.100",
"lastModified": "2024-09-05T09:15:03.743",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -69,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-943"
}
]
}
],
"configurations": [

60
CVE-2024/CVE-2024-53xx/CVE-2024-5309.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-5309",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-05T09:15:04.253",
"lastModified": "2024-09-05T09:15:04.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Form Vibes \u2013 Database Manager for Forms plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the fv_export_csv, reset_settings, save_settings, save_columns_settings, get_analytics_data, get_event_logs_data, delete_submissions, and get_submissions functions in all versions up to, and including, 1.4.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform multiple unauthorized actions. NOTE: This vulnerability is partially fixed in version 1.4.12."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3128705%40form-vibes&new=3128705%40form-vibes&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aba88c4c-93a4-4c1c-b239-68b5fec87146?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-83xx/CVE-2024-8363.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-8363",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-05T09:15:04.620",
"lastModified": "2024-09-05T09:15:04.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STI Buttons shortcode in all versions up to, and including, 2.02 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/share-this-image/tags/2.02/includes/class-sti-shortcodes.php#L40",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3146524/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/share-this-image/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d01b6056-a38d-4a60-9cdc-68663aa2aed6?source=cve",
"source": "security@wordfence.com"
}
]
}

15
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-05T08:00:18.660906+00:00
2024-09-05T10:00:42.554478+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-05T07:15:02.657000+00:00
2024-09-05T09:15:04.620000+00:00
```
### Last Data Feed Release
@ -33,22 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
261982
261985
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
- [CVE-2024-6835](CVE-2024/CVE-2024-68xx/CVE-2024-6835.json) (`2024-09-05T07:15:02.657`)
- [CVE-2024-6846](CVE-2024/CVE-2024-68xx/CVE-2024-6846.json) (`2024-09-05T06:15:03.143`)
- [CVE-2024-45107](CVE-2024/CVE-2024-451xx/CVE-2024-45107.json) (`2024-09-05T09:15:03.123`)
- [CVE-2024-5309](CVE-2024/CVE-2024-53xx/CVE-2024-5309.json) (`2024-09-05T09:15:04.253`)
- [CVE-2024-8363](CVE-2024/CVE-2024-83xx/CVE-2024-8363.json) (`2024-09-05T09:15:04.620`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
- [CVE-2022-33324](CVE-2022/CVE-2022-333xx/CVE-2022-33324.json) (`2024-09-05T06:15:02.567`)
- [CVE-2024-4872](CVE-2024/CVE-2024-48xx/CVE-2024-4872.json) (`2024-09-05T09:15:03.743`)
## Download and Usage

11
_state.csv
View File

@ -200881,7 +200881,7 @@ CVE-2022-33320,0,0,53b1a5e436527faa1cebfad886fe5d90daf2ddea610cdf42cec04c30406d7
CVE-2022-33321,0,0,f08f3d2a1ea94faeb1827d0d4b024b8c32827ba48274c6b867ba32747a59ebb9,2023-10-26T06:15:07.963000
CVE-2022-33322,0,0,7ff248c565bc42bc3802f98c8ac00781d12e20d761a4266864a0f06f7fc40369,2023-10-26T06:15:09.297000
CVE-2022-33323,0,0,b7548220c3996ab726a549324752cc8cde43d445dc842d762b33be0b60ab8018,2023-07-21T19:22:23.673000
CVE-2022-33324,0,1,a6cc85e7dde18b9f0ecc072e6ade673e2bb4dba60a698781e7c5ffa02a7230e6,2024-09-05T06:15:02.567000
CVE-2022-33324,0,0,a6cc85e7dde18b9f0ecc072e6ade673e2bb4dba60a698781e7c5ffa02a7230e6,2024-09-05T06:15:02.567000
CVE-2022-33325,0,0,0949ae6b95981d6af5bdcf0228eb349596ce61b2e6e59d2297c1926bcc061b68,2022-07-12T20:01:30.937000
CVE-2022-33326,0,0,b22e07c896bc4c4f6f90e98ba7d610d5b2985796e3c92d4eae3cf0555d80180d,2022-07-12T20:02:29.537000
CVE-2022-33327,0,0,93dfc900e34e99d26cb79669271c95a9d7b449a4bc6837ff14242a659fff885e,2022-07-12T20:03:25.853000
@ -259004,6 +259004,7 @@ CVE-2024-45076,0,0,fe0f4191b6a3c0f00817eee263152abe7e6fd77b9ac84d4c4387ef43801e4
CVE-2024-4508,0,0,26388c420646a8ddc4ee2de628a691e0fa51808e2f848ae0f9b7aad58ccb1298,2024-05-17T02:40:26.220000
CVE-2024-4509,0,0,996942a0a2c59f4d53067a2868fbad35944719504585e3998bbd4d788c545588,2024-06-04T19:20:40.347000
CVE-2024-4510,0,0,e609022dce213b03ba687f592023f15f3e261f085d88e9ff14f3b7ffe9969d1b,2024-05-17T02:40:26.417000
CVE-2024-45107,1,1,00b4e9759c85a577f5865a2e45d2c1d020283ac795213a2fbefbac794ac75393,2024-09-05T09:15:03.123000
CVE-2024-4511,0,0,4d9dcedc762dab13753e2b0a6fba06d0880c8f0afe543668ff587ed1c4cea3d1,2024-06-04T19:20:40.443000
CVE-2024-4512,0,0,26a6b6bccaf4c25a8f55831184ccf900ec4db9044766abdc62f8dfefbc7cb546,2024-06-04T19:20:40.540000
CVE-2024-4513,0,0,6c3f318b0d8a8c538c1f3920692d132bd9a92a5cfece17f174b91ed826f80818,2024-06-04T19:20:40.633000
@ -259429,7 +259430,7 @@ CVE-2024-4868,0,0,115d92ddb75cc1364cb7dc1ed780a32e113f5bc6f17706ce21f4cd60cd219a
CVE-2024-4869,0,0,c966893d60f3d2b834063ff6490a8006deca39b71769e89345f5be1133a2f10c,2024-06-26T12:44:29.693000
CVE-2024-4870,0,0,34dc62fe0d9ee09fd087b0b9ccdcdae4c15125668207018dedb4b3cfd451baf0,2024-06-04T16:57:41.053000
CVE-2024-4871,0,0,27d58887099f376e93909bb4c2214524b0789bbba79f05cabea36e120d5295ee,2024-08-12T16:15:17.313000
CVE-2024-4872,0,0,d3552ad5e455a2f03e0985e27ab9fdd410d5c0a63d6a88f9e1f6765e28d6bcca,2024-08-30T16:15:10.100000
CVE-2024-4872,0,1,c60d4ff9e5499bf7427bb540017644c2677aac5e300662a3bf0eae497fb13b4d,2024-09-05T09:15:03.743000
CVE-2024-4873,0,0,acc2d485a3cc66f2d361ddda92f62901a8108a4490dc81ea4acfb7f60771d88d,2024-06-20T12:44:01.637000
CVE-2024-4874,0,0,4b5967df7915507c9b0020b0ee4984332d2c23e37a57b9a262a2ae6c5b300f4b,2024-06-24T19:41:12.293000
CVE-2024-4875,0,0,5a9bf10de46e2f944321ed00fa6d17c799716a219001f5797c9cce4abb6a2b7b,2024-05-21T12:37:59.687000
@ -259818,6 +259819,7 @@ CVE-2024-5304,0,0,d968010935b9808df14ec3827c68c660e5030ff1e10dd473ede1e120c2d002
CVE-2024-5305,0,0,d7ef5e26da1b4b55d5a1323c739605451e8b0fffa749e9d5cf8a79ba440fa94f,2024-08-23T15:05:41.013000
CVE-2024-5306,0,0,d647292a2595d4b4621658b069669f43be59c7629ba28057e1c1f9a15fcc4dc0,2024-08-23T15:01:42.337000
CVE-2024-5307,0,0,9f60aac251e2e03d9552a0394a9c798214f03b8e43e7cbb0dd9de3359653dec5,2024-08-23T15:00:25.687000
CVE-2024-5309,1,1,93f6324ef588075362c9ed8d35215b555730c1d7846ddf78d2ab3b60cf40ddc0,2024-09-05T09:15:04.253000
CVE-2024-5310,0,0,be68f6d898e4e59f65162318c0ea0836be8ef675c080dff90d77e5a0c98b0b1e,2024-06-04T19:21:04.583000
CVE-2024-5311,0,0,4e4e9b4edb642fa4d04760ded51b93254fd12f5bde190a96e2c1818c58cf4797,2024-06-03T14:46:24.250000
CVE-2024-5312,0,0,18bbe6bd336686ff14003841f43dce1a45b7d1ab8cfffd6fca5539a180b7243f,2024-05-24T13:03:05.093000
@ -261025,10 +261027,10 @@ CVE-2024-6828,0,0,5e3bce0050be5ef41f841daf735b80af46e729368278d26d6a7ddc5bbbdee6
CVE-2024-6830,0,0,66325e33317c6fde8b929b285667c5104c4ae04492532b5067560968ff36e7fb,2024-07-18T12:28:43.707000
CVE-2024-6833,0,0,b0ea48d29166f6347ac218b4f9f93d3f7fc599fd932b64c35cfa55e5a1a94672,2024-07-18T12:28:43.707000
CVE-2024-6834,0,0,23e85f57c9b7230818a4425261a24fd150d79ea72676d6bce04d47efdd69630e,2024-08-01T14:00:44.750000
CVE-2024-6835,1,1,94e13e7b310eb631f2774d11f10c7f2e181fe3d079a527ce1362df98d058353d,2024-09-05T07:15:02.657000
CVE-2024-6835,0,0,94e13e7b310eb631f2774d11f10c7f2e181fe3d079a527ce1362df98d058353d,2024-09-05T07:15:02.657000
CVE-2024-6836,0,0,94c1bcaa18f7036265464de8eba36ccdaae9b63d5d20f60a8cc42904bb485160,2024-07-29T20:20:30.867000
CVE-2024-6843,0,0,aec077e7d49dac8e1cb0382a7568b4a4d58cd66583979c6d1347903e4ac17bee,2024-08-21T15:35:12.407000
CVE-2024-6846,1,1,aab6172c7fcc63e6eaaf9c2dd7e7db62f6e31e9e22fe3d78ebb46657617ac45a,2024-09-05T06:15:03.143000
CVE-2024-6846,0,0,aab6172c7fcc63e6eaaf9c2dd7e7db62f6e31e9e22fe3d78ebb46657617ac45a,2024-09-05T06:15:03.143000
CVE-2024-6847,0,0,3aed5f2ad75c2a50eaefca5c72002315f9d747456f8615efa188f54be39bf54d,2024-08-20T19:35:15.040000
CVE-2024-6848,0,0,e171c12c58967922126feefb09977b436bb9e206684562a37899ca6ed3e35d20,2024-07-22T13:00:31.330000
CVE-2024-6864,0,0,469a0ad039e39ca71e90d0d65b529134e06346783388106a10d2fa7d0b356379,2024-09-03T20:22:16.433000
@ -261950,6 +261952,7 @@ CVE-2024-8346,0,0,b4457249ac6e42b712016be7384df47b946c6e796e6e27191d31db6f56c093
CVE-2024-8347,0,0,14715b4855076c65c4bf21be6c68b62e0d22e8650a0e63bf9f5074414663f3cb,2024-09-04T16:42:49.037000
CVE-2024-8348,0,0,d08ea1deaed5cbc2f4a773e843468145326bb3a1da186780c7ff7b6cd74aae9b,2024-09-04T16:43:30.310000
CVE-2024-8362,0,0,54abf718b9bfba93199694e9f50bfa28d6dfde9a56fb3c77d91594ed8cbda92f,2024-09-04T14:35:16.777000
CVE-2024-8363,1,1,f314da762243a1e5cb997be7eda01594dfa28c1de5fda918b52e9481e4865419,2024-09-05T09:15:04.620000
CVE-2024-8365,0,0,81c889787151e95f50edc31d86d0d8800a4aaa4de596dc2a7252c4cbdeb9547d,2024-09-04T14:37:03.543000
CVE-2024-8366,0,0,be663b51eff047ef5324516e3dc05e341a7647978df6a6f91fe297f3f5c5eb50,2024-09-04T11:26:49.020000
CVE-2024-8367,0,0,5172ded1dd5d5dccb77f0059a7c6495922e642ce8e52859a1f0a60d7fb927bb9,2024-09-03T12:59:02.453000

Can't render this file because it is too large.