admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-12T11:00:25.379315+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-12 11:00:29 +00:00
parent ec5d358094
commit 650fe94007
15 changed files with 771 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
CVE-2023/CVE-2023-417xx/CVE-2023-41703.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41703",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-02-12T09:15:10.480",
"lastModified": "2024-02-12T09:15:10.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avoid potentially malicious content. No publicly available exploits are known."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-417xx/CVE-2023-41704.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41704",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-02-12T09:15:10.697",
"lastModified": "2024-02-12T09:15:10.697",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Processing of CID references at E-Mail can be abused to inject malicious script code that passes the sanitization engine. Malicious script code could be injected to a users sessions when interacting with E-Mails. Please deploy the provided updates and patch releases. CID handing has been improved and resulting content is checked for malicious content. No publicly available exploits are known."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-417xx/CVE-2023-41705.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41705",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-02-12T09:15:10.880",
"lastModified": "2024-02-12T09:15:10.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Processing of user-defined DAV user-agent strings is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of DAV user-agents now gets monitored, and the related request is terminated if a resource threshold is reached. No publicly available exploits are known."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-417xx/CVE-2023-41706.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41706",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-02-12T09:15:11.073",
"lastModified": "2024-02-12T09:15:11.073",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing of user-defined drive search expressions is not limited No publicly available exploits are known."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-417xx/CVE-2023-41707.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41707",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-02-12T09:15:11.253",
"lastModified": "2024-02-12T09:15:11.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated if a resource threshold is reached.\r\n No publicly available exploits are known."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf",
"source": "security@open-xchange.com"
}
]
}

59
CVE-2023/CVE-2023-417xx/CVE-2023-41708.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41708",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-02-12T09:15:11.470",
"lastModified": "2024-02-12T09:15:11.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "References to the \"app loader\" functionality could contain redirects to unexpected locations. Attackers could forge app references that bypass existing safeguards to inject malicious script code. Please deploy the provided updates and patch releases. References to apps are now controlled more strict to avoid relative references. No publicly available exploits are known."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@open-xchange.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0007.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6259_7.10.6_2023-12-11.pdf",
"source": "security@open-xchange.com"
}
]
}

55
CVE-2023/CVE-2023-466xx/CVE-2023-46615.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-46615",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:11.717",
"lastModified": "2024-02-12T09:15:11.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects KD Coming Soon: from n/a through 1.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/kd-coming-soon/wordpress-kd-coming-soon-plugin-1-7-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

14
CVE-2023/CVE-2023-58xx/CVE-2023-5824.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5824",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-03T08:15:08.270",
"lastModified": "2024-01-25T18:15:08.250",
"lastModified": "2024-02-12T10:15:08.000",
"vulnStatus": "Modified",
"descriptions": [
{
@ -145,6 +145,18 @@
"url": "https://access.redhat.com/errata/RHSA-2024:0397",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0771",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0772",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0773",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5824",
"source": "secalert@redhat.com",

55
CVE-2024/CVE-2024-235xx/CVE-2024-23512.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23512",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:11.913",
"lastModified": "2024-02-12T09:15:11.913",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in wpxpo ProductX \u2013 WooCommerce Builder & Gutenberg WooCommerce Blocks.This issue affects ProductX \u2013 WooCommerce Builder & Gutenberg WooCommerce Blocks: from n/a through 3.1.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/product-blocks/wordpress-productx-plugin-3-1-4-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-248xx/CVE-2024-24875.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24875",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:12.110",
"lastModified": "2024-02-12T09:15:12.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Yannick Lefebvre Link Library.This issue affects Link Library: from n/a through 7.5.13.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/link-library/wordpress-link-library-plugin-7-5-13-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-248xx/CVE-2024-24884.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24884",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:12.320",
"lastModified": "2024-02-12T09:15:12.320",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ari-cf7-connector/wordpress-contact-form-7-connector-plugin-1-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-248xx/CVE-2024-24887.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24887",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:12.517",
"lastModified": "2024-02-12T09:15:12.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Contest Gallery Photos and Files Contest Gallery \u2013 Contact Form, Upload Form, Social Share and Voting Plugin for WordPress.This issue affects Photos and Files Contest Gallery \u2013 Contact Form, Upload Form, Social Share and Voting Plugin for WordPress: from n/a through 21.2.8.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contest-gallery/wordpress-photos-and-files-contest-gallery-plugin-21-2-8-4-csrf-leading-to-gallery-creation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24929.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24929",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:12.713",
"lastModified": "2024-02-12T09:15:12.713",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-contact-form/wordpress-wp-contact-form-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24935.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24935",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T09:15:12.907",
"lastModified": "2024-02-12T09:15:12.907",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WpSimpleTools Basic Log Viewer.This issue affects Basic Log Viewer: from n/a through 1.0.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wpsimpletools-log-viewer/wordpress-basic-log-viewer-plugin-1-0-4-cross-site-request-forgery-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

34
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-12T09:00:25.445564+00:00
2024-02-12T11:00:25.379315+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-12T08:15:41.390000+00:00
2024-02-12T10:15:08+00:00
```
### Last Data Feed Release
@ -29,29 +29,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238146
238159
```
### CVEs added in the last Commit
Recently added CVEs: `10`
Recently added CVEs: `13`
* [CVE-2023-47526](CVE-2023/CVE-2023-475xx/CVE-2023-47526.json) (`2024-02-12T07:15:07.650`)
* [CVE-2023-50875](CVE-2023/CVE-2023-508xx/CVE-2023-50875.json) (`2024-02-12T07:15:08.920`)
* [CVE-2023-51370](CVE-2023/CVE-2023-513xx/CVE-2023-51370.json) (`2024-02-12T07:15:09.637`)
* [CVE-2023-51403](CVE-2023/CVE-2023-514xx/CVE-2023-51403.json) (`2024-02-12T07:15:10.247`)
* [CVE-2024-24889](CVE-2024/CVE-2024-248xx/CVE-2024-24889.json) (`2024-02-12T07:15:10.947`)
* [CVE-2024-25100](CVE-2024/CVE-2024-251xx/CVE-2024-25100.json) (`2024-02-12T07:15:11.577`)
* [CVE-2024-23513](CVE-2024/CVE-2024-235xx/CVE-2024-23513.json) (`2024-02-12T08:15:40.457`)
* [CVE-2024-24796](CVE-2024/CVE-2024-247xx/CVE-2024-24796.json) (`2024-02-12T08:15:40.810`)
* [CVE-2024-24797](CVE-2024/CVE-2024-247xx/CVE-2024-24797.json) (`2024-02-12T08:15:41.090`)
* [CVE-2024-24926](CVE-2024/CVE-2024-249xx/CVE-2024-24926.json) (`2024-02-12T08:15:41.390`)
* [CVE-2023-41703](CVE-2023/CVE-2023-417xx/CVE-2023-41703.json) (`2024-02-12T09:15:10.480`)
* [CVE-2023-41704](CVE-2023/CVE-2023-417xx/CVE-2023-41704.json) (`2024-02-12T09:15:10.697`)
* [CVE-2023-41705](CVE-2023/CVE-2023-417xx/CVE-2023-41705.json) (`2024-02-12T09:15:10.880`)
* [CVE-2023-41706](CVE-2023/CVE-2023-417xx/CVE-2023-41706.json) (`2024-02-12T09:15:11.073`)
* [CVE-2023-41707](CVE-2023/CVE-2023-417xx/CVE-2023-41707.json) (`2024-02-12T09:15:11.253`)
* [CVE-2023-41708](CVE-2023/CVE-2023-417xx/CVE-2023-41708.json) (`2024-02-12T09:15:11.470`)
* [CVE-2023-46615](CVE-2023/CVE-2023-466xx/CVE-2023-46615.json) (`2024-02-12T09:15:11.717`)
* [CVE-2024-23512](CVE-2024/CVE-2024-235xx/CVE-2024-23512.json) (`2024-02-12T09:15:11.913`)
* [CVE-2024-24875](CVE-2024/CVE-2024-248xx/CVE-2024-24875.json) (`2024-02-12T09:15:12.110`)
* [CVE-2024-24884](CVE-2024/CVE-2024-248xx/CVE-2024-24884.json) (`2024-02-12T09:15:12.320`)
* [CVE-2024-24887](CVE-2024/CVE-2024-248xx/CVE-2024-24887.json) (`2024-02-12T09:15:12.517`)
* [CVE-2024-24929](CVE-2024/CVE-2024-249xx/CVE-2024-24929.json) (`2024-02-12T09:15:12.713`)
* [CVE-2024-24935](CVE-2024/CVE-2024-249xx/CVE-2024-24935.json) (`2024-02-12T09:15:12.907`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
* [CVE-2023-5824](CVE-2023/CVE-2023-58xx/CVE-2023-5824.json) (`2024-02-12T10:15:08.000`)
## Download and Usage