admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-30T11:00:37.287447+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-30 11:03:28 +00:00
parent ca46ad1ce0
commit 4946c83ee0
5 changed files with 248 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
CVE-2024/CVE-2024-24xx/CVE-2024-2491.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2491",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-30T10:15:07.460",
"lastModified": "2024-03-30T10:15:07.460",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the *_html_tag* attribute of multiple widgets in all versions up to, and including, 2.7.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3053463/powerpack-lite-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22c4b981-6135-4c44-aa68-f0d51704a68c?source=cve",
"source": "security@wordfence.com"
}
]
}

92
CVE-2024/CVE-2024-30xx/CVE-2024-3085.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-3085",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-30T09:15:22.093",
"lastModified": "2024-03-30T09:15:22.093",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login Page. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258678 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_sqli.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.258678",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.258678",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.306958",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-30xx/CVE-2024-3086.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-3086",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-30T09:15:22.367",
"lastModified": "2024-03-30T09:15:22.367",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file ambulance-tracking.php of the component Ambulance Tracking Page. The manipulation of the argument searchdata leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258679."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_rxss.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.258679",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.258679",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.306960",
"source": "cna@vuldb.com"
}
]
}

18
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-03-30T09:00:37.795791+00:00
2024-03-30T11:00:37.287447+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-03-30T08:15:07.510000+00:00
2024-03-30T10:15:07.460000+00:00
```
### Last Data Feed Release
@ -33,20 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
243433
243436
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `3`
- [CVE-2024-2140](CVE-2024/CVE-2024-21xx/CVE-2024-2140.json) (`2024-03-30T07:15:08.893`)
- [CVE-2024-2141](CVE-2024/CVE-2024-21xx/CVE-2024-2141.json) (`2024-03-30T07:15:09.203`)
- [CVE-2024-2142](CVE-2024/CVE-2024-21xx/CVE-2024-2142.json) (`2024-03-30T07:15:09.513`)
- [CVE-2024-2143](CVE-2024/CVE-2024-21xx/CVE-2024-2143.json) (`2024-03-30T07:15:09.997`)
- [CVE-2024-2144](CVE-2024/CVE-2024-21xx/CVE-2024-2144.json) (`2024-03-30T07:15:10.497`)
- [CVE-2024-2948](CVE-2024/CVE-2024-29xx/CVE-2024-2948.json) (`2024-03-30T08:15:07.330`)
- [CVE-2024-3084](CVE-2024/CVE-2024-30xx/CVE-2024-3084.json) (`2024-03-30T08:15:07.510`)
- [CVE-2024-2491](CVE-2024/CVE-2024-24xx/CVE-2024-2491.json) (`2024-03-30T10:15:07.460`)
- [CVE-2024-3085](CVE-2024/CVE-2024-30xx/CVE-2024-3085.json) (`2024-03-30T09:15:22.093`)
- [CVE-2024-3086](CVE-2024/CVE-2024-30xx/CVE-2024-3086.json) (`2024-03-30T09:15:22.367`)
### CVEs modified in the last Commit

17
_state.csv
View File

@ -239838,7 +239838,7 @@ CVE-2024-21395,0,0,f1993dcc4aa6b30f8100a014aabe16306e5164d7170173d986fa0305ec479
CVE-2024-21396,0,0,89247a83900398acb67f829665b4596d2292eee6f6859844049c54511236f48b,2024-02-23T17:41:27.623000
CVE-2024-21397,0,0,513c417ad39d9a2066a289680b245c01e1ceeae2b0ee83f69db302cf1dfa050d,2024-02-23T17:47:25.600000
CVE-2024-21399,0,0,481cce32c9e9a83e040ae50a7ae1201df812aadb50eba52c79fdd8a16608ba2c,2024-02-09T03:00:47.227000
CVE-2024-2140,1,1,00c3e2168a7c47eb1826eb294f188731562727cf9d049d1cb71be48665026ae2,2024-03-30T07:15:08.893000
CVE-2024-2140,0,0,00c3e2168a7c47eb1826eb294f188731562727cf9d049d1cb71be48665026ae2,2024-03-30T07:15:08.893000
CVE-2024-21400,0,0,b652fe8c0b6abbaa87372d3f18128a0d3ba6de315b5c8ae76a9b6fb5a5c4dd18,2024-03-12T17:46:17.273000
CVE-2024-21401,0,0,169936f9e80ab8f68930febaec3b03620bcee4c9e21a4a75d7bfbfb87d28264c,2024-02-23T21:06:05.783000
CVE-2024-21402,0,0,3dc7f77c0dcdfcbea6de1ddb879c655a9bcdc8aea8cb1ca9e0fd0e2f41a79092,2024-02-22T18:38:54.443000
@ -239848,21 +239848,21 @@ CVE-2024-21405,0,0,7b2bcd85f8b75e36055a51e8d6e50e620fbb5da00673d7a82956b2dcc3d7e
CVE-2024-21406,0,0,4926f610f67020e143f717a8966dfc594abc79953c895df1691f78cfff880f19,2024-03-01T22:57:15.940000
CVE-2024-21407,0,0,13806882df1727e3bbc8e26b8c7dd4da4315e03da171f9dbf0647863a4d47218,2024-03-21T21:06:06.530000
CVE-2024-21408,0,0,5325218009ff3c8f10a3b9269e4b1c5ec312eb3ea56b73f6a728479c1bad3635,2024-03-21T21:06:09.543000
CVE-2024-2141,1,1,6ffc21259396265e873a86547783a6cdb4f662061372bc1c4dbf3645578deea3,2024-03-30T07:15:09.203000
CVE-2024-2141,0,0,6ffc21259396265e873a86547783a6cdb4f662061372bc1c4dbf3645578deea3,2024-03-30T07:15:09.203000
CVE-2024-21410,0,0,bd862af63cde79d77d3d96c08b20eb8ee12ef6b46d7738e8f98c5d9c8af65aee,2024-02-26T21:10:38.713000
CVE-2024-21411,0,0,752b3d730293c266885035a1f030073e3f7456710c29851319bdadbb6794b6d6,2024-03-12T17:46:17.273000
CVE-2024-21412,0,0,6df500642ad441e157d67f1fe17b6dc5155211f5565d89e1eed7797770fe5407,2024-03-07T17:48:58.173000
CVE-2024-21413,0,0,e8b53a5cd4bd3cc4178f808efd349017a89b016f9da30aa2b26e33753aaea59b,2024-02-23T21:04:05.710000
CVE-2024-21418,0,0,ef663b9214de74ab8b1eda2c85169dc13f12218d87536de8a5f4de5236a43541,2024-03-12T17:46:17.273000
CVE-2024-21419,0,0,2b2cb4db09da9495fc2ecf8fae18cde53ce11b6d772c946de837373d3f835c9d,2024-03-12T17:46:17.273000
CVE-2024-2142,1,1,2baa1be14ea87a7ce70e0e3e17dfb569e87ae981e3997dfc9470e8fa34c8ded6,2024-03-30T07:15:09.513000
CVE-2024-2142,0,0,2baa1be14ea87a7ce70e0e3e17dfb569e87ae981e3997dfc9470e8fa34c8ded6,2024-03-30T07:15:09.513000
CVE-2024-21420,0,0,4a89fb64b6e21ff3e8e62b1263c75efc47583308c96cfb26d691252d4777d2ed,2024-02-13T18:22:43.577000
CVE-2024-21421,0,0,7f3d201054cbde03fea298b3b62f09a5835e6858ea20c6e60673b54188a987a6,2024-03-12T17:46:17.273000
CVE-2024-21423,0,0,bdd3e5505bf37095cf28502668c3363668037784f8adcb8492701fb6ce5eb572,2024-02-26T13:42:22.567000
CVE-2024-21426,0,0,d393d657fa9631ae4a7e338940f17c59c22b9a1c79406ce6c198e0e929a7ae1b,2024-03-12T17:46:17.273000
CVE-2024-21427,0,0,f2592991e7304b29003b372e68d3f0a5c7232d5b37eb13a43127f77590c861e8,2024-03-12T17:46:17.273000
CVE-2024-21429,0,0,432d3834c625233c5a21b7d14e6b2d92ea43b60981cfe0a7c1e3f6363d4b8242,2024-03-12T17:46:17.273000
CVE-2024-2143,1,1,8a3b02b64ed809034af3eb8399c73ec5024d4cbd3eb660ceef73c1ce395e0221,2024-03-30T07:15:09.997000
CVE-2024-2143,0,0,8a3b02b64ed809034af3eb8399c73ec5024d4cbd3eb660ceef73c1ce395e0221,2024-03-30T07:15:09.997000
CVE-2024-21430,0,0,f0323e656bba17b2c286d5c2f562080f05bce6bcbf944452b18cf9b643e389d2,2024-03-12T17:46:17.273000
CVE-2024-21431,0,0,26c4452850a50cb1240e5475bc72713eb6853df62e53111991ad8917b98a91ea,2024-03-12T17:46:17.273000
CVE-2024-21432,0,0,fab8d7290e99771982b5f8cadee12a7229e54e95365bb6c52ca3b2240ad66917,2024-03-12T17:46:17.273000
@ -239873,7 +239873,7 @@ CVE-2024-21436,0,0,0dd87189c7353c26efcd8b4c46b990b4f91e29fa2912a735a2fd44ab16c87
CVE-2024-21437,0,0,d68d1284ce344470b1e7d6e7ec437e6a811301e250b1bf82bd56ca2589342e67,2024-03-12T17:46:17.273000
CVE-2024-21438,0,0,0984d49fe88902a08e3f8bcc7e2245bb23fd280e9382fbcf6192c69efb734310,2024-03-12T17:46:17.273000
CVE-2024-21439,0,0,27307394f1ffff04a4b85c5411a75da570619f8a3ad6f4da08c2e001914244e1,2024-03-12T17:46:17.273000
CVE-2024-2144,1,1,f64c0f9437d43b93b69b19c4a347cc382ba1e5cb79a3b9c75bcc71d3c3b01060,2024-03-30T07:15:10.497000
CVE-2024-2144,0,0,f64c0f9437d43b93b69b19c4a347cc382ba1e5cb79a3b9c75bcc71d3c3b01060,2024-03-30T07:15:10.497000
CVE-2024-21440,0,0,6f61fd68e9deac86867c494212547f54aa54ff0eb7ab6436113da9b0d1135d3e,2024-03-12T17:46:17.273000
CVE-2024-21441,0,0,60ec7a64913922ceeff946bffca3a156dc2df936ff37cc69f9b4248e6770163b,2024-03-12T17:46:17.273000
CVE-2024-21442,0,0,e32988f4a6f4e8b33b6e29cea1f1a0ef77e96b7daa729f5981a98fdcb7c815e2,2024-03-12T17:46:17.273000
@ -241421,6 +241421,7 @@ CVE-2024-24904,0,0,78ac0ecc337c1c3cf6e2760caf67e88b6e00a19c5576326a3f49c9a71b975
CVE-2024-24905,0,0,0364517ab894b73bf8c30cbe20b80273a93d4e9e263ab05b98b6931e08025cbd,2024-03-01T15:23:36.177000
CVE-2024-24906,0,0,b228b1520570950c7c3e86ac4523299ab67e1d327a9c2256213093954d2009dd,2024-03-01T14:04:04.827000
CVE-2024-24907,0,0,10281c2cdefacd19bcde83af128428b7182a3d780a05c7b0d1630f2ada3f8271,2024-03-01T15:23:36.177000
CVE-2024-2491,1,1,3a2cac36f3611f311c24b6e56ab4a32260a4f518dc4c29962fdd8b96ee6c7d9f,2024-03-30T10:15:07.460000
CVE-2024-24920,0,0,0c6e0a299c3dcb3e2c9c47cd3391320c9c9126b8fcb7683d54f65bff941cba09,2024-02-13T14:01:00.987000
CVE-2024-24921,0,0,2756f13f54e6771800d4e52f7442498e73a8fe2b3f97e730b1c320dbcf7f624d,2024-02-13T14:01:00.987000
CVE-2024-24922,0,0,680b15f3fa23668c58f8fb97e1903f0bb50dd4180870bdd41f68c0313884ae2b,2024-02-13T14:01:00.987000
@ -243047,7 +243048,7 @@ CVE-2024-29471,0,0,82d45a5ffd79414ce139218b143945b76a967fb1502a8005b616153a32c45
CVE-2024-29472,0,0,8914457096a81cfec257e1932986907f8b2f25a966f10c0d7629905ec24b0f86,2024-03-21T12:58:51.093000
CVE-2024-29473,0,0,2dcbe7e94767e08f46a9353b62d8f30da500a221f5affb32fc9ef958cfff985b,2024-03-21T12:58:51.093000
CVE-2024-29474,0,0,cd74b93fedbacc13ab911c0f2a2b89e07d9e578953f3b262ce40503b72930e98,2024-03-21T12:58:51.093000
CVE-2024-2948,1,1,a4fcee96ac543a16a7c4648e47d99e7d01a8481e14063944ded2893728590958,2024-03-30T08:15:07.330000
CVE-2024-2948,0,0,a4fcee96ac543a16a7c4648e47d99e7d01a8481e14063944ded2893728590958,2024-03-30T08:15:07.330000
CVE-2024-29489,0,0,b53e28436eacd43712154645616899ea4ad86f89638685c2d1c1f1bd71a439fa,2024-03-29T12:45:02.937000
CVE-2024-29499,0,0,bc8db29a97bf5517e5213278d0d5f5ecdec4b51f00adea3262848d25f6e735bc,2024-03-22T19:02:10.300000
CVE-2024-2951,0,0,7025f71f619ebfb5f00b29e3d72fe62bb5f0ea0dbfe92a58b33e63352aa0779c,2024-03-27T12:29:41.530000
@ -243417,7 +243418,9 @@ CVE-2024-30645,0,0,88b4c3396d5e0adacc93f28d39da5928d08265f1211f6c05c1d8690fd0f03
CVE-2024-3077,0,0,764729ebf4e3dc3c20da54caae721047879db4db5e2887f4d077635ba39ad95a,2024-03-29T12:45:02.937000
CVE-2024-3078,0,0,07ca6090eecfc88a41afb186ab370517deca7caa0d1280cb8ed031f58d59e15a,2024-03-29T13:28:22.880000
CVE-2024-3081,0,0,dffc68d1388aac08d9d9a9d84e2f2854f24235b2dd8bd2e907a0a195e3c85f14,2024-03-29T15:15:14.657000
CVE-2024-3084,1,1,feb04b6812a124315d1816b70ccdcdd41a89f3d42f26905fef1bc9732a4ee86a,2024-03-30T08:15:07.510000
CVE-2024-3084,0,0,feb04b6812a124315d1816b70ccdcdd41a89f3d42f26905fef1bc9732a4ee86a,2024-03-30T08:15:07.510000
CVE-2024-3085,1,1,f189393abcf3f39030a0b0c96f6cb9307d0bf6deb0ef88912d8e876c4692bd1c,2024-03-30T09:15:22.093000
CVE-2024-3086,1,1,cc5a01ab88ce423f04c8e499fc5c4ae76ca65b66c37b46eb53fe666ff0b26be5,2024-03-30T09:15:22.367000
CVE-2024-3094,0,0,c6fffd56cf4a81476425ca638ec856baec49e7641b48e65fcf99476d7346527a,2024-03-29T19:15:41.947000
CVE-2024-31032,0,0,f6232fe0ef0534ba6d6e20ea0777fd8892cbb87efba42355deb8d8634b00d21e,2024-03-29T17:15:20.993000
CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000

Can't render this file because it is too large.