admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-09 03:57:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-24T11:00:20.688498+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-24 11:03:47 +00:00
parent 28c906457b
commit 5048e1ceb8
5 changed files with 208 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2024/CVE-2024-124xx/CVE-2024-12494.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12494",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-24T10:15:07.457",
"lastModified": "2025-01-24T10:15:07.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BMLT Meeting Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bmlt_meeting_map' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bmlt-meeting-map/tags/2.6.0/meeting_map.php#L33",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bmlt-meeting-map/tags/2.6.0/meeting_map.php#L462",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/73c01967-262c-48ab-a464-401b1cadd4be?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-135xx/CVE-2024-13545.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13545",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-24T09:15:22.797",
"lastModified": "2025-01-24T09:15:22.797",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included. If php://filter is enabled on the server, this issue may directly lead to Remote Code Execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://themes.trac.wordpress.org/browser/bootstrap-ultimate/1.4.9/docs/index.php#L8",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae07af10-e5fc-4f28-a343-f56c0e2bc324?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-135xx/CVE-2024-13583.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-13583",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-24T10:15:07.770",
"lastModified": "2025-01-24T10:15:07.770",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Simple Gallery with Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'c2tw_sgwf' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/simple-gallery-with-filter/trunk/simple-gallery-with-filter.php#L377",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3227234%40simple-gallery-with-filter&new=3227234%40simple-gallery-with-filter&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c088264-64a2-4a36-ae3b-fdf60f3837e2?source=cve",
"source": "security@wordfence.com"
}
]
}

22
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-24T09:00:20.566094+00:00
2025-01-24T11:00:20.688498+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-24T07:15:10.320000+00:00
2025-01-24T10:15:07.770000+00:00
```
### Last Data Feed Release
@ -33,28 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
278735
278738
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
- [CVE-2024-13680](CVE-2024/CVE-2024-136xx/CVE-2024-13680.json) (`2025-01-24T07:15:06.930`)
- [CVE-2024-13683](CVE-2024/CVE-2024-136xx/CVE-2024-13683.json) (`2025-01-24T07:15:08.523`)
- [CVE-2024-12494](CVE-2024/CVE-2024-124xx/CVE-2024-12494.json) (`2025-01-24T10:15:07.457`)
- [CVE-2024-13545](CVE-2024/CVE-2024-135xx/CVE-2024-13545.json) (`2025-01-24T09:15:22.797`)
- [CVE-2024-13583](CVE-2024/CVE-2024-135xx/CVE-2024-13583.json) (`2025-01-24T10:15:07.770`)
### CVEs modified in the last Commit
Recently modified CVEs: `7`
Recently modified CVEs: `0`
- [CVE-2024-25994](CVE-2024/CVE-2024-259xx/CVE-2024-25994.json) (`2025-01-24T07:15:08.697`)
- [CVE-2024-25998](CVE-2024/CVE-2024-259xx/CVE-2024-25998.json) (`2025-01-24T07:15:09.093`)
- [CVE-2024-26000](CVE-2024/CVE-2024-260xx/CVE-2024-26000.json) (`2025-01-24T07:15:09.440`)
- [CVE-2024-26001](CVE-2024/CVE-2024-260xx/CVE-2024-26001.json) (`2025-01-24T07:15:09.653`)
- [CVE-2024-28135](CVE-2024/CVE-2024-281xx/CVE-2024-28135.json) (`2025-01-24T07:15:09.860`)
- [CVE-2024-28136](CVE-2024/CVE-2024-281xx/CVE-2024-28136.json) (`2025-01-24T07:15:10.107`)
- [CVE-2024-45276](CVE-2024/CVE-2024-452xx/CVE-2024-45276.json) (`2025-01-24T07:15:10.320`)
## Download and Usage

21
_state.csv
View File

@ -245458,6 +245458,7 @@ CVE-2024-12490,0,0,1555e4125b1bbd18e44ad154504a390e80c730aff0638a2c04280c85da66d
CVE-2024-12491,0,0,d9590e8254ca45b54a5272db38ba7d701c7bc7244fa53f0252652da7575fb348,2025-01-09T11:15:13.520000
CVE-2024-12492,0,0,d916ae3db37806ef5451c78588e17d1a804f7c9a228c6c5f62bb3eeb89f366ac,2024-12-13T17:12:51.283000
CVE-2024-12493,0,0,6a46a6d759741902a525239333dcb837d21dd46b0a90d6c339d060007873320f,2025-01-09T11:15:13.727000
CVE-2024-12494,1,1,160b327d54479c59bd0c50a5b1c92e659d8ad91ef599f9ebc5588cc94af877ba,2025-01-24T10:15:07.457000
CVE-2024-12495,0,0,14e632d2f81b312f37c9f019da64618a5fbe236ebe3efc373365c304ad48e27e,2025-01-07T07:15:27.370000
CVE-2024-12496,0,0,de7fd0f09c73ed509f4dfab83295b7a82e4ffb5b6ab1606f0959c5f84e1f552c,2025-01-09T11:15:13.937000
CVE-2024-12497,0,0,2fa5c57c56d5261d14e7efca34ea444e21df46aee84c2eede506aff4e7856847,2024-12-13T17:13:18.457000
@ -246139,10 +246140,12 @@ CVE-2024-13524,0,0,8904fc9b47632ebbae09c103a68ff131aa17785fda270c0fbbff20bc7cde5
CVE-2024-1353,0,0,afe5e84ebbb775598783ab5b808c4fd20532e7440cc7da3552115f2ac18ba752,2024-11-21T08:50:23.700000
CVE-2024-13536,0,0,2c346b2df91a5dc057c237d35edbe756ff5236144feccf10098be940a9698d61,2025-01-21T05:15:07.490000
CVE-2024-1354,0,0,5af9747793c0c7f9d624ad8210334d43a11a7e2ffd1bfd24e0f893306f01668b,2024-11-21T08:50:23.843000
CVE-2024-13545,1,1,f5bd0b2863cf0d152606cfd8d60f42594047593ffc3fcb8972c1bca106c2bb9c,2025-01-24T09:15:22.797000
CVE-2024-1355,0,0,6172baf85be4d7a27bbb49e6e2c61129e709fa636052c76496ed45a61202985b,2024-11-21T08:50:23.993000
CVE-2024-1356,0,0,6cb6186c899ef9742e559deecf7de4862ea2bb78bef5eed0c472ae9df79196b1,2024-11-21T08:50:24.133000
CVE-2024-1357,0,0,25eaf5b978f8da82b4d3e5ed8aa890834adc21c061c9c9c169613a72fe6996b1,2024-11-21T08:50:24.283000
CVE-2024-1358,0,0,c4ea31b36cfcd7f75873d740d9e38ca70692f76dad02370c8ddbe488b8025229,2025-01-17T19:52:41.687000
CVE-2024-13583,1,1,44920a7011d9c5e48f1d31e939d663d25532275d6b37565cff608cf5f20f231a,2025-01-24T10:15:07.770000
CVE-2024-13584,0,0,51a2a8790b306bf6f14abd867916b8a12305829a5bd93ce1ee2660a9c0414149,2025-01-22T04:15:06.907000
CVE-2024-1359,0,0,8114a50ae134a93430da828655ce595d1020af44415effc85b05f4f190881d3c,2024-11-21T08:50:24.543000
CVE-2024-13590,0,0,e744f6d4395f4b003bd865fd245dc1ce88f3f6497b82dad9a2ff5ecb2f4434d5,2025-01-22T04:15:07.083000
@ -246157,8 +246160,8 @@ CVE-2024-13659,0,0,3bad85b2b4f19e010a7bf4a45d7356a00001ab23b97f9cf072e6e1686c91a
CVE-2024-1366,0,0,41f2af73acb5e76ac7c2022807fff2e016bc9ca7fb30dc8ea18cd52e10cae6bb,2025-01-07T18:21:27.007000
CVE-2024-1367,0,0,3f60d63c26ab9e28e6dceb27e57632b2e7fb2cc7ac1eb4673458558449b3c5c8,2024-11-21T08:50:25.600000
CVE-2024-1368,0,0,e78cd290aff3eda879ea71814281e9fb9dbaef60630fac7d18ff14dae3d223f0,2024-11-21T08:50:25.737000
CVE-2024-13680,1,1,62173e4be535780cad87d71db6bb29f755aeab9483d96845d17c346a119fa175,2025-01-24T07:15:06.930000
CVE-2024-13683,1,1,fb57f44e8b2d58d524faa1dd2ea3874f278594c1d56e7f409ae90b680d7e79aa,2025-01-24T07:15:08.523000
CVE-2024-13680,0,0,62173e4be535780cad87d71db6bb29f755aeab9483d96845d17c346a119fa175,2025-01-24T07:15:06.930000
CVE-2024-13683,0,0,fb57f44e8b2d58d524faa1dd2ea3874f278594c1d56e7f409ae90b680d7e79aa,2025-01-24T07:15:08.523000
CVE-2024-1369,0,0,6f4848b431d59906fc570cd21627f350db35226c120e93c5a8a911f55c4de4fa,2024-11-21T08:50:25.857000
CVE-2024-1370,0,0,9f0498253935aff35f1be521427ae96ebc633e827d9cc62afad8ecd6626aa44f,2024-11-21T08:50:26.027000
CVE-2024-1371,0,0,700f360c37065b466d7daf295c0b566055365a6732e2b4756cd7fe3bd3dfd8e6,2024-11-21T08:50:26.150000
@ -251357,14 +251360,14 @@ CVE-2024-25990,0,0,1bb3a4871dc6ee6be602c4e981107a065224c1cfe3cec1a85e0aace83df27
CVE-2024-25991,0,0,bdaff74cc860fabd9fea722818c8994d3cd8818997d8278a23eb0063a9c89d32,2024-11-22T22:15:13.803000
CVE-2024-25992,0,0,840e46a05b6940bfb1db546201bd43418c17bffa3b756f10bdfcd373865bb822,2024-11-21T09:01:43.743000
CVE-2024-25993,0,0,5b2f5945913ce3c3566ab4fe77880caa269bd5b4dd62fdc2a7aa83b7078f8879,2024-11-21T09:01:43.930000
CVE-2024-25994,0,1,670065430607292775a7474d976ea7d198212c4682b62df1154867dae2bd2ab0,2025-01-24T07:15:08.697000
CVE-2024-25994,0,0,670065430607292775a7474d976ea7d198212c4682b62df1154867dae2bd2ab0,2025-01-24T07:15:08.697000
CVE-2024-25995,0,0,7552299c1dfc3c97b1182cc66dfde5945aeb024331a017e1db18f4d194757dc2,2025-01-23T18:43:09.417000
CVE-2024-25996,0,0,16b8380c30ed5f6b81a7f5a46529e1e7dec5cde09e2781957b3a8fde65e443ca,2025-01-23T18:44:35.577000
CVE-2024-25997,0,0,2054c6e45ee06908cc541c3f2efce9f95fc1b24a08ed054ed285d56b0320eb76,2025-01-23T18:45:15.403000
CVE-2024-25998,0,1,b28e09d11459c221a914b27ba58b9d7219c4ee3c0b56121118df5d2645bf87b6,2025-01-24T07:15:09.093000
CVE-2024-25998,0,0,b28e09d11459c221a914b27ba58b9d7219c4ee3c0b56121118df5d2645bf87b6,2025-01-24T07:15:09.093000
CVE-2024-25999,0,0,50a5ab0dd3cd4d63f169d2adbb36dbcc9302abecf001fa258294feb6e0e8d9c6,2025-01-23T18:46:09.307000
CVE-2024-26000,0,1,ef6350fadaf481876ad799e8605906c6862e20d4a48fd1e6118c6d86947f19b4,2025-01-24T07:15:09.440000
CVE-2024-26001,0,1,80b53353cb90e4e7cc8d3eed8bc902065b2ac1044471301dc6339b75c31896ed,2025-01-24T07:15:09.653000
CVE-2024-26000,0,0,ef6350fadaf481876ad799e8605906c6862e20d4a48fd1e6118c6d86947f19b4,2025-01-24T07:15:09.440000
CVE-2024-26001,0,0,80b53353cb90e4e7cc8d3eed8bc902065b2ac1044471301dc6339b75c31896ed,2025-01-24T07:15:09.653000
CVE-2024-26002,0,0,29b56c9e147fa83eb24489b42c54b01114ea8aff6637ccda166324fe23af696f,2025-01-23T18:48:12.083000
CVE-2024-26003,0,0,2973eb2e12787e95c03652cdddebcacd0af754ddb124ccb9d5541ab9de2f19a8,2025-01-23T18:48:31.273000
CVE-2024-26004,0,0,5f2db0d4800dd3ceddaa734a338db3f7a0f793f35a062edf3d3c306c699d3f77,2025-01-23T18:48:50.163000
@ -253189,8 +253192,8 @@ CVE-2024-28131,0,0,ac6341de81d38b323cb8d4155aaff35dcc48c0fd487702b27be5fe24c82bd
CVE-2024-28132,0,0,175c8a5b906c462629f50efa40142a9a2be9cbc5170b0eaf7994a7275f266134,2024-11-21T09:05:52.973000
CVE-2024-28133,0,0,fec6c7357447819fb436bfb9997d53500fd95b590db80c6055368fcac45d4f48,2025-01-23T18:51:57.947000
CVE-2024-28134,0,0,b0919666b0f34351efe00bd2f6f51ef2467ff3d61054895f246cb590e96fadf7,2025-01-23T18:53:02.387000
CVE-2024-28135,0,1,4f4a21a1a288b01c3fa6070574965739ed47eacf6961b076d6989ee5f5836aa5,2025-01-24T07:15:09.860000
CVE-2024-28136,0,1,394242f1f44d99342d20015798e79137eb92866080b510fe6e23ba2b7988eef7,2025-01-24T07:15:10.107000
CVE-2024-28135,0,0,4f4a21a1a288b01c3fa6070574965739ed47eacf6961b076d6989ee5f5836aa5,2025-01-24T07:15:09.860000
CVE-2024-28136,0,0,394242f1f44d99342d20015798e79137eb92866080b510fe6e23ba2b7988eef7,2025-01-24T07:15:10.107000
CVE-2024-28137,0,0,105a9b8098676a321182ba3e38a622ecd30363b52944acd9d44e0abeedc8e261,2025-01-23T18:55:34.780000
CVE-2024-28138,0,0,7540adf222242b3ccd9079360e172ae2d27fa567648cc2b65a134e46fe0cfaf5,2024-12-11T17:15:14.827000
CVE-2024-28139,0,0,edf594f5edfd9e55d8089c9470f493c8f819aa8b8096683baf0211d16796568a,2024-12-12T17:15:10.010000
@ -265982,7 +265985,7 @@ CVE-2024-45272,0,0,3cbe9546f436b7333a625278040b68b5252f1ac350bc29aeb6d230eef9a78
CVE-2024-45273,0,0,90f538757a022a9d1ff1f339e76e5d7a9b1b64ef86fa06f723a029e6afe997a0,2024-11-21T09:37:35.450000
CVE-2024-45274,0,0,d3b6f41a266d1ce016972123bfb527bbaf56761d4cbbc4f02ed98b8c5327e187,2024-11-21T09:37:35.617000
CVE-2024-45275,0,0,793f1a8f2d315f5b669d9bb70cf26f22c702a8d8386c19f8189afe3d949d2f23,2024-11-21T09:37:35.750000
CVE-2024-45276,0,1,515a1d815682cf455b2ef1d4505819eb5c6ca42642f27c74f7c848fe1a3f839e,2025-01-24T07:15:10.320000
CVE-2024-45276,0,0,515a1d815682cf455b2ef1d4505819eb5c6ca42642f27c74f7c848fe1a3f839e,2025-01-24T07:15:10.320000
CVE-2024-45277,0,0,b7b3506298562238b7d28f352bb69f163610ceea06080643a76a372172e1f5fc,2024-11-14T17:54:28.373000
CVE-2024-45278,0,0,806f10f7c91a8d829227f4ae7cff97fcfb08c132d7f8de70a7c88c5c57d64862,2024-11-14T17:17:12.640000
CVE-2024-45279,0,0,03d470f5225a3376d2a8d81ee375ba02b76c658c5da8664ce98a2cd2e84e2841,2024-09-10T12:09:50.377000

Can't render this file because it is too large.