admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-20T12:00:17.875105+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-20 12:03:14 +00:00
parent b8b934409d
commit 47ef3da4fa
7 changed files with 217 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CVE-2020/CVE-2020-73xx/CVE-2020-7357.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-7357",
"sourceIdentifier": "cve@rapid7.com",
"published": "2020-08-06T16:15:13.670",
"lastModified": "2023-07-27T13:31:55.497",
"lastModified": "2024-08-20T11:54:57.010",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -116,8 +116,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cayintech:cms-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE249CD-C688-48F5-98ED-8F9733F316D0"
"criteria": "cpe:2.3:a:cayintech:cms-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F24E3257-5F03-4379-BF2F-C524CF5256F7"
}
]
},
@ -143,8 +143,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cayintech:cms-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE249CD-C688-48F5-98ED-8F9733F316D0"
"criteria": "cpe:2.3:a:cayintech:cms-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F24E3257-5F03-4379-BF2F-C524CF5256F7"
}
]
},
@ -170,8 +170,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cayintech:cms-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE249CD-C688-48F5-98ED-8F9733F316D0"
"criteria": "cpe:2.3:a:cayintech:cms-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F24E3257-5F03-4379-BF2F-C524CF5256F7"
}
]
},

48
CVE-2024/CVE-2024-216xx/CVE-2024-21689.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2024-21689",
"sourceIdentifier": "security@atlassian.com",
"published": "2024-08-20T10:15:04.103",
"lastModified": "2024-08-20T10:15:04.103",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689\u00a0 was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.\r\n\r\nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.17\r\n\r\n Bamboo Data Center and Server 9.6: Upgrade to a release greater than or equal to 9.6.5\r\n\r\nSee the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).\r\n\r\nThis vulnerability was reported via our Bug Bounty program."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@atlassian.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1431535667",
"source": "security@atlassian.com"
},
{
"url": "https://jira.atlassian.com/browse/BAM-25858",
"source": "security@atlassian.com"
}
]
}

82
CVE-2024/CVE-2024-288xx/CVE-2024-28829.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-28829",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-08-20T10:15:05.693",
"lastModified": "2024-08-20T10:15:05.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate privileges."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
}
}
]
},
"weaknesses": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-272"
},
{
"lang": "en",
"value": "CWE-807"
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/16249",
"source": "security@checkmk.com"
}
]
}

4
CVE-2024/CVE-2024-432xx/CVE-2024-43202.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "Exposure of Remote Code Execution in Apache Dolphinscheduler.\n\nThis issue affects Apache DolphinScheduler: before 3.2.2. \n\nWe recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue."
},
{
"lang": "es",
"value": "Exposici\u00f3n de la ejecuci\u00f3n remota de c\u00f3digo en Apache Dolphinscheduler. Este problema afecta a Apache DolphinScheduler: versiones anteriores a 3.2.2. Recomendamos a los usuarios que actualicen Apache DolphinScheduler a la versi\u00f3n 3.2.2, que soluciona el problema."
}
],
"metrics": {},

60
CVE-2024/CVE-2024-70xx/CVE-2024-7054.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7054",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-08-20T11:15:03.540",
"lastModified": "2024-08-20T11:15:03.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Popup Maker \u2013 Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018close_text\u2019 parameter in all versions up to, and including, 1.19.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3137126/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/73524687-7703-4912-aad5-2a31122ba9b2?source=cve",
"source": "security@wordfence.com"
}
]
}

17
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-08-20T10:00:17.044988+00:00
2024-08-20T12:00:17.875105+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-08-20T08:15:05.240000+00:00
2024-08-20T11:54:57.010000+00:00
```
### Last Data Feed Release
@ -33,21 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
260565
260568
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
- [CVE-2024-38808](CVE-2024/CVE-2024-388xx/CVE-2024-38808.json) (`2024-08-20T08:15:05.023`)
- [CVE-2024-43202](CVE-2024/CVE-2024-432xx/CVE-2024-43202.json) (`2024-08-20T08:15:05.240`)
- [CVE-2024-21689](CVE-2024/CVE-2024-216xx/CVE-2024-21689.json) (`2024-08-20T10:15:04.103`)
- [CVE-2024-28829](CVE-2024/CVE-2024-288xx/CVE-2024-28829.json) (`2024-08-20T10:15:05.693`)
- [CVE-2024-7054](CVE-2024/CVE-2024-70xx/CVE-2024-7054.json) (`2024-08-20T11:15:03.540`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `2`
- [CVE-2020-7357](CVE-2020/CVE-2020-73xx/CVE-2020-7357.json) (`2024-08-20T11:54:57.010`)
- [CVE-2024-43202](CVE-2024/CVE-2024-432xx/CVE-2024-43202.json) (`2024-08-20T08:15:05.240`)
## Download and Usage

9
_state.csv
View File

@ -162392,7 +162392,7 @@ CVE-2020-7352,0,0,afc6ee4cf18db2ed0456ede05649052adb58c120b557434e96b16354b7b1a8
CVE-2020-7354,0,0,f598c4ab4c8e0fc6e1fa1518c897e666502a41063fa43ef22528036e255b8a0e,2020-07-02T14:16:19.047000
CVE-2020-7355,0,0,21678348c6ab54bd647cb0adf24cbadf80a4e86307a0a93ab682f4751f2d3e81,2020-07-06T18:00:10.870000
CVE-2020-7356,0,0,c475bcad58cc418896a927dd04fbc402403e3108dc4ff2f5ff0e24a52b9866e9,2020-08-12T13:39:55.297000
CVE-2020-7357,0,0,b288897b35b6f9f944081380107bc57c623119bd3f9e1f213c1f591f53b2c5ff,2023-07-27T13:31:55.497000
CVE-2020-7357,0,1,bac4a7276d9f5d71ccc44054da41226cd390aff37577fe9ff7d3f99d691228a5,2024-08-20T11:54:57.010000
CVE-2020-7358,0,0,d4d7bfd2ece7759444149b05a38b24ed8fd0f90837ce8c52cd20acf0eb7d49a6,2020-09-28T18:36:41.360000
CVE-2020-7360,0,0,5aa402d7a3007a8bc874c17b9213c25200a862b036297cf2dce435e8b34f5b8f,2020-08-19T21:26:02.727000
CVE-2020-7361,0,0,714be09efee1b86a48a42c5d0d463785915953295001fd0dd7eec0a6eec0925f,2020-08-10T16:57:02.577000
@ -243934,6 +243934,7 @@ CVE-2024-21684,0,0,59f12a4b04761da303d7e3a40c8e6edc45c41d4945c065d5a0ffea7371041
CVE-2024-21685,0,0,5660fcc85eb1dde5c65259d6d6205ae74624ad923dcf6470bb4f3577f99d7f00,2024-06-20T12:44:01.637000
CVE-2024-21686,0,0,4a77c3c56e7b5b00a78de09ce573bf8e0630b6f60379d0ccdce9209c8559bd43,2024-07-17T13:34:20.520000
CVE-2024-21687,0,0,376ba9a42cfc804d783dd58059d1accf85ade36be58bc6e24e95588c80302a09,2024-08-01T13:46:48.050000
CVE-2024-21689,1,1,f0f6270ad75f42f9e86f2978ae6cfad32cfccffa4225a56d905159e7cada06df,2024-08-20T10:15:04.103000
CVE-2024-2169,0,0,25fcbf8b9d7008ea9954a41615969f4d36543f4a604eb878bcc8b4c5c18a9fe0,2024-08-02T17:35:41.760000
CVE-2024-2170,0,0,758d6332b5fccd657d38a7eddcc769e16fb72e0c1b6514443e29b8614302434a,2024-03-26T12:55:05.010000
CVE-2024-2171,0,0,e9c79cd9676afcf55166b18cc4887c5a70983811183f36611429f962ee8d8a26,2024-06-07T14:56:05.647000
@ -248838,6 +248839,7 @@ CVE-2024-28825,0,0,2060c8862968982d4a6159b0b62313dec95ecc020293b85f137ce41396383
CVE-2024-28826,0,0,ccabc68ae1502fb496d2010a22f66c953a12ff1a849372d7235937980a01c570,2024-05-29T13:02:09.280000
CVE-2024-28827,0,0,30d6d403e5c79dbab459dc4233554203969c32826737ea25dceb545e947896f1,2024-07-11T13:05:54.930000
CVE-2024-28828,0,0,f569edfaae2cfaafb15d4f5e29614839e3689bfe76be347c8b67efdf6d0be50b,2024-08-07T17:57:38.413000
CVE-2024-28829,1,1,a7fa399c45c4b30b83fa5874f8d0009a31e3673b80cb4e5fb7a82b85175ff469,2024-08-20T10:15:05.693000
CVE-2024-2883,0,0,4414164b8fa79ba498c6ddbb6ab7a825d3f0a39397b4604f63f00efe5e5aaa16,2024-07-03T01:53:37.420000
CVE-2024-28830,0,0,49bb68528483eea32fe70c10feda0199ddfef50b4330a9b74a5779b200dbf298,2024-06-26T12:44:29.693000
CVE-2024-28831,0,0,8b0cc22b019b2f22717d4926d7f18f8c0f1245da30fda97cee3d4dd670ef131d,2024-06-25T12:24:17.873000
@ -255680,7 +255682,7 @@ CVE-2024-3879,0,0,a6db760401fb215a79d8f48992cc838e1a5c23839a86defd39dd342ef1c5f8
CVE-2024-38791,0,0,5a7109970d4cb90cfbe2865705276e5511d9a261f6cba475b72302a204ad6517,2024-08-02T12:59:43.990000
CVE-2024-3880,0,0,6dd5da57a8412b823038a64a32d07af4547e4dfdd637b54b90b4556bfd34431d,2024-06-04T19:20:26
CVE-2024-38806,0,0,aa1ff0885d521aab036aaf6506258a484aa869322b524482869e0e1df3ac4a48,2024-07-19T13:01:44.567000
CVE-2024-38808,1,1,bb0e6b8344eeed7e26d70817f6d4edf7cb31c986018adba6a163f9247ea03ce1,2024-08-20T08:15:05.023000
CVE-2024-38808,0,0,bb0e6b8344eeed7e26d70817f6d4edf7cb31c986018adba6a163f9247ea03ce1,2024-08-20T08:15:05.023000
CVE-2024-3881,0,0,3699310594a82ce285b52bf9c21755fa8173160a66408c76064512e538b3fcc8,2024-05-17T02:40:10.360000
CVE-2024-38810,0,0,a603a78d398d7cf9548f67c3689d42cf7b8c56de9aeed74307fe9000f806a658,2024-08-20T04:15:07.993000
CVE-2024-3882,0,0,8cf286ca42c3a62eccb821d9ac0678dabad594eee248c127390ddaf169987d46,2024-05-17T02:40:10.457000
@ -257759,7 +257761,7 @@ CVE-2024-4318,0,0,7b0a62dc8691f5e6f2210e7e19a78c6d4d5c9f053f662e7593a96cdc8c097a
CVE-2024-4319,0,0,7ca0245a01df3d5ced472265b32f90c6f6a22a37af3715d5589379ecac1f6a24,2024-06-11T13:54:12.057000
CVE-2024-43199,0,0,94150f8459e19abf18625a946d8a507867275817cd3d9928084030fcb7fa8330,2024-08-12T12:59:48.253000
CVE-2024-4320,0,0,f21f873c3bfeb896c071276000f6bbe2ae4420d2f2c3184178334c98a666705b,2024-06-07T14:56:05.647000
CVE-2024-43202,1,1,4cf9bfa865550a52f74779e98db41652bb1dd380f1d824e207021d345fe4b972,2024-08-20T08:15:05.240000
CVE-2024-43202,0,1,403cde958a51af9acc480f0f95630c40baab10f0bbf6cb2b53237e18afff9101,2024-08-20T08:15:05.240000
CVE-2024-43207,0,0,e22c5710770b6cfc075b06ecdaad97a6d82c458382d84efdd62d5cddbde66f6b,2024-08-19T12:59:59.177000
CVE-2024-4321,0,0,9cab2a859d144dd765da27aaa03d49bb12083c0b11abfa900a9b065f4ea718e1,2024-05-16T13:03:05.353000
CVE-2024-43210,0,0,38b1ddd569737ddf84a414c75c09c54bffe5570d779b3b2b7d84160c7c88ff6c,2024-08-13T12:58:25.437000
@ -260045,6 +260047,7 @@ CVE-2024-7029,0,0,5175bec03cf7f2378284f608514536d153bc0fcc9978511b168a2887b7029c
CVE-2024-7031,0,0,4808703a4cd0b97f67a773c5f222b01d69a2fff387801423358b3ea99670c83a,2024-08-05T12:41:45.957000
CVE-2024-7047,0,0,c626b8092c8533dfe4198c51e8e35d5946df1ed097b6fb1d01ca755685dc1b0d,2024-07-25T12:36:39.947000
CVE-2024-7050,0,0,f402c0a89ba2917236fe6639793bd54ee4751807250eba7a4dde84d4a362ffd7,2024-07-29T14:12:08.783000
CVE-2024-7054,1,1,43918e4682eea2254587dd6be24c57fd33f0a630b01e2ccb4238160b7399ff51,2024-08-20T11:15:03.540000
CVE-2024-7055,0,0,b0e8b0793ccc61abbc70699af6d91421241877ab1f640f57d490cff121ecbcd0,2024-08-06T16:30:24.547000
CVE-2024-7057,0,0,e86292da776d8c2eee12db885a241ac453174252cdfea8e6058f6d373bd4dc19,2024-07-25T12:36:39.947000
CVE-2024-7060,0,0,2e0c92013c1ddde1bca0ad9e62aa50d23e69e1a598796a2170f54fccf61e7f4b,2024-07-25T12:36:39.947000

Can't render this file because it is too large.