admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-09T04:00:19.054471+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-09 04:03:13 +00:00
parent a1c1e195c4
commit 69cec5231a
8 changed files with 291 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
CVE-2024/CVE-2024-220xx/CVE-2024-22020.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-22020",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-07-09T02:15:09.973",
"lastModified": "2024-07-09T02:15:09.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security flaw in Node.js allows a bypass of network import restrictions.\nBy embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security.\nVerified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports.\nExploiting this flaw can violate network import security, posing a risk to developers and servers."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 5.5
}
]
},
"references": [
{
"url": "https://hackerone.com/reports/2092749",
"source": "support@hackerone.com"
}
]
}

21
CVE-2024/CVE-2024-347xx/CVE-2024-34786.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-34786",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-07-09T02:15:10.177",
"lastModified": "2024-07-09T02:15:10.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation UniFi Access Points configured as standalone (not using UniFi Network Application) that could cause the SSID name to change and/or the WiFi Password to be removed on the 5GHz Radio.\n\nThis vulnerability is fixed in UniFi iOS app 10.15.2 and later."
}
],
"metrics": {},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-040-040/b4b508c0-8453-405b-8660-1f55ade669c0",
"source": "support@hackerone.com"
}
]
}

56
CVE-2024/CVE-2024-49xx/CVE-2024-4944.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-4944",
"sourceIdentifier": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"published": "2024-07-09T03:15:02.270",
"lastModified": "2024-07-09T03:15:02.270",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileged.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00010",
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3"
}
]
}

48
CVE-2024/CVE-2024-57xx/CVE-2024-5793.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2024-5793",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-09T02:15:10.240",
"lastModified": "2024-07-09T02:15:10.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Houzez Theme - Functionality plugin for WordPress is vulnerable to SQL Injection via the \u2018currency_code\u2019 parameter in all versions up to, and including, 3.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Custom-level (seller) access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://favethemes.zendesk.com/hc/en-us/articles/360041639432-Changelog",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a9bbe79-a4c3-42eb-8d4d-47d26dbe9f43?source=cve",
"source": "security@wordfence.com"
}
]
}

48
CVE-2024/CVE-2024-58xx/CVE-2024-5855.json Normal file
View File

@ -0,0 +1,48 @@
{
"id": "CVE-2024-5855",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-09T02:15:10.437",
"lastModified": "2024-07-09T02:15:10.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Media Hygiene: Remove or Delete Unused Images and More! plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the bulk_action_delete and delete_single_image_call AJAX actions in all versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary attachments. A nonce check was added in version 3.0.1, however, it wasn't until version 3.0.2 that a capability check was added."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3112249%40media-hygiene&new=3112249%40media-hygiene&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/44b02690-462a-458b-88c9-89acc9c209cb?source=cve",
"source": "security@wordfence.com"
}
]
}

56
CVE-2024/CVE-2024-59xx/CVE-2024-5974.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-5974",
"sourceIdentifier": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"published": "2024-07-09T03:15:02.507",
"lastModified": "2024-07-09T03:15:02.507",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall.\nThis issue affects Fireware OS: from 11.9.6 through 12.10.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00011",
"source": "5d1c2695-1a31-4499-88ae-e847036fd7e3"
}
]
}

16
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-07-09T02:00:18.305880+00:00
2024-07-09T04:00:19.054471+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-07-09T00:15:02.320000+00:00
2024-07-09T03:15:02.507000+00:00
```
### Last Data Feed Release
@ -33,15 +33,19 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
256044
256050
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `6`
- [CVE-2024-5549](CVE-2024/CVE-2024-55xx/CVE-2024-5549.json) (`2024-07-09T00:15:02.050`)
- [CVE-2024-5569](CVE-2024/CVE-2024-55xx/CVE-2024-5569.json) (`2024-07-09T00:15:02.320`)
- [CVE-2024-22020](CVE-2024/CVE-2024-220xx/CVE-2024-22020.json) (`2024-07-09T02:15:09.973`)
- [CVE-2024-34786](CVE-2024/CVE-2024-347xx/CVE-2024-34786.json) (`2024-07-09T02:15:10.177`)
- [CVE-2024-4944](CVE-2024/CVE-2024-49xx/CVE-2024-4944.json) (`2024-07-09T03:15:02.270`)
- [CVE-2024-5793](CVE-2024/CVE-2024-57xx/CVE-2024-5793.json) (`2024-07-09T02:15:10.240`)
- [CVE-2024-5855](CVE-2024/CVE-2024-58xx/CVE-2024-5855.json) (`2024-07-09T02:15:10.437`)
- [CVE-2024-5974](CVE-2024/CVE-2024-59xx/CVE-2024-5974.json) (`2024-07-09T03:15:02.507`)
### CVEs modified in the last Commit

10
_state.csv
View File

@ -243645,6 +243645,7 @@ CVE-2024-22016,0,0,72bb3341c866069974fe863b6c9e848e25809f5f0697d51cda8a3c348c967
CVE-2024-22017,0,0,eda129adeae4ecfa4b275b7bc6bb5638800d036cf47c85fe2baa6a803f743c01,2024-06-10T17:16:18.773000
CVE-2024-22019,0,0,49190872720c4c119c607cdd3cd1206179dcd2b84c9cd0a4595a1040743a11fe,2024-05-01T18:15:13.800000
CVE-2024-2202,0,0,830996a3e5b6be902d6f2e65d3759482285591493d041fcbf74113f66926d781,2024-03-25T01:51:01.223000
CVE-2024-22020,1,1,7ac9a9c321ee32f5a7c3029e4b874c847226caf8006b26e3abdd3012e630e857,2024-07-09T02:15:09.973000
CVE-2024-22021,0,0,ba38d4b86a2c5af951f989c7a28594b6207f0b19739ba3d580be6e4d49001bfb,2024-02-29T01:44:04.690000
CVE-2024-22022,0,0,925c0d46bbd39b5d0f2644b5e26e0cd82488a20b7de7cccfa4639e9bb8f60d9e,2024-02-15T18:45:30.887000
CVE-2024-22023,0,0,738809cdca073240a61fbce615868c0b1c3f7d174f610e159e035e11db1f2996,2024-07-03T01:46:59.843000
@ -251993,6 +251994,7 @@ CVE-2024-34772,0,0,635f5a0bcdcc084928ed60d40a3f5691181a54a2efa05b50e13ad74622471
CVE-2024-34773,0,0,8d4786b71411a201832db647dece110e046d5ed6169dce1446e93616263bacee,2024-05-14T19:17:55.627000
CVE-2024-34777,0,0,241250eac73524748eb5086b6b92bdea38568ca1ebb8b3f151f19ab25319a6c6,2024-06-21T15:58:51.410000
CVE-2024-3478,0,0,ae882595ac6fe06ab517c1e505d55eeeed4b5c0450cbd6b83825ab78d9e88f1e,2024-05-02T13:27:25.103000
CVE-2024-34786,1,1,94d1c061cc5f13dffb4f68e0e197de19d4c89677c31a8380fea1af84a624bb00,2024-07-09T02:15:10.177000
CVE-2024-34789,0,0,b4abe5a3fd205f47118c608999fff7fb705b59bf0f04c59cc3f88812458f1961,2024-06-03T14:46:24.250000
CVE-2024-3479,0,0,fd58a9eee7829eb22d6cfb17d87e6b7652b13a6666535069e70c5a2768e8dce6,2024-05-03T15:32:19.637000
CVE-2024-34790,0,0,9e31f1a476eb6c02a36285de2f1caa75b634dd2719e2ac168a65fe68e0cc5979,2024-06-03T14:46:24.250000
@ -255109,6 +255111,7 @@ CVE-2024-4940,0,0,cb78cb49a43bd348a99dcd2f7e1d39ee831dc08e65c1988e89651f86623130
CVE-2024-4941,0,0,04ed79d9b1e3032260e31cb6cd2ea8a25db6821440182f4cb50592b145bee1e2,2024-06-07T14:56:05.647000
CVE-2024-4942,0,0,157240698edb46a5deca9943c90e89d5c268795c03f1dadbb4d2f6e28d77068b,2024-06-06T14:17:35.017000
CVE-2024-4943,0,0,d9b88319a5992961df806c2aff168607709c5e19495e72269f7fd7790830e1d9,2024-05-21T12:37:59.687000
CVE-2024-4944,1,1,a57995eb1ec9aa01add18e609846b77b990bf63b23a0d545f93722ff35d463f3,2024-07-09T03:15:02.270000
CVE-2024-4945,0,0,862ec6002e9c3369e40f6935606e597aac95fb1ef3a2f5a2c72d02ef723dafd2,2024-06-04T19:20:54.767000
CVE-2024-4946,0,0,de881559bc92412238785deff68c564cad0647963d61d3efd064c0cec6c4ee1e,2024-06-04T19:20:54.867000
CVE-2024-4947,0,0,8b22fa92c86c832263b0660c6b596a76b1c7e8c155bae82cd88218c6326792e3,2024-07-03T02:08:19.620000
@ -255564,7 +255567,7 @@ CVE-2024-5544,0,0,dc180b504fcb3a2003d6a08111fbd0a7a95f9d21df8e253c1af1716f464343
CVE-2024-5545,0,0,9270f54f7803e859f3c51cd9a03c613d31e2403f79820ead3f02bc3b56a4bf36,2024-07-05T15:12:08.467000
CVE-2024-5547,0,0,10fc933ab96f74e48222460cfee3e0b1d295bbaa26e68f34704c5127d22daf4a,2024-06-27T19:25:12.067000
CVE-2024-5548,0,0,0dab8d0a6f7f4b5d3115df8861f1ab0c0c70d1308be14527ce7ee2ffa61fade4,2024-06-27T19:25:12.067000
CVE-2024-5549,1,1,bf37298d7fdeb39824ffb32e43c6adca372db50cacb1f80a1bed184a37e51d88,2024-07-09T00:15:02.050000
CVE-2024-5549,0,0,bf37298d7fdeb39824ffb32e43c6adca372db50cacb1f80a1bed184a37e51d88,2024-07-09T00:15:02.050000
CVE-2024-5550,0,0,e4fc13aea5b719d7c555043aa9a8be47a59e2f4d5eac2e9fa0d5ff8a8edb892f,2024-06-07T14:56:05.647000
CVE-2024-5551,0,0,fe2ff56c261c11c34cfc92fd4dff768d263978728e8caa50b89ded66a68c1f4c,2024-06-17T12:42:04.623000
CVE-2024-5552,0,0,12abaaddd513e722275738643d6cd32f6bb9e257da98294dd5bedf4ad4cbf55d,2024-06-07T14:56:05.647000
@ -255575,7 +255578,7 @@ CVE-2024-5559,0,0,2783b17045adc6e83e5bf6acfe749e5c6489b786d017eb582b973704c839f4
CVE-2024-5560,0,0,f1a6e79f857dcb0da00298e85540b2901c155f3f4e8e842ef291f9f993b61e1f,2024-06-13T18:36:09.010000
CVE-2024-5564,0,0,9795ccf7f64c945419f550534828bd8bef2f36c164c7b95941f181710cd7c39c,2024-06-28T19:15:07.147000
CVE-2024-5565,0,0,e1d36fa68b4a73d6b78bd8eb39c3f27f14d8d32dc884b4fdfa0f8545d690e8d1,2024-07-03T02:09:05.567000
CVE-2024-5569,1,1,ac110bbf906dcc167f158cf33c51b4e9d88846b11b248c4bbd05584d7c26ee60,2024-07-09T00:15:02.320000
CVE-2024-5569,0,0,ac110bbf906dcc167f158cf33c51b4e9d88846b11b248c4bbd05584d7c26ee60,2024-07-09T00:15:02.320000
CVE-2024-5570,0,0,1f1ed1d460e111500125bee4bd672bf4d3d1893979a351b847eab3c62fb55e82,2024-06-28T10:27:00.920000
CVE-2024-5571,0,0,105c4e644019eeccf72c6e63813cdc36601b1b9a7e3cba5bc172df86631261e6,2024-06-11T17:29:03.277000
CVE-2024-5573,0,0,51a9ffd3da1267c4eef69596ac09c3dbea287270e0762cf7f98d2ed1f452fbf5,2024-06-26T12:44:29.693000
@ -255705,6 +255708,7 @@ CVE-2024-5787,0,0,7676e1b0ab184e8654efc91f56a8d84cd9d6d539bf642c0a4ff7f743a62b9d
CVE-2024-5788,0,0,b8c011e09345f8c438c15d748dc7ecb5f2eb62164ea0c1da7169d985a2f9f593,2024-06-28T10:27:00.920000
CVE-2024-5790,0,0,f8b87ca5470f9146716524e5e38538dc26468d2ae797b52818768e7113cbca8a,2024-07-01T12:37:24.220000
CVE-2024-5791,0,0,424014ca254e257c8c57009775e061d0dd2abf87fc81691a50ea6d1a360bb310,2024-06-24T20:00:46.390000
CVE-2024-5793,1,1,af5a5b6481201cf3530d669d7483e5b5d72a03324906b65441139d3ef7b4ea9b,2024-07-09T02:15:10.240000
CVE-2024-5796,0,0,ee9ea77d6816c67e871ce0ce39c4d235af8efb4db7bec50166a494d6f8b7e47e,2024-06-28T10:27:00.920000
CVE-2024-5798,0,0,f6c60b5ac812e7711b355fdc9c4ea7ca1c381d5fa9189e95b5ac079c15b31d9c,2024-06-13T18:36:09.010000
CVE-2024-5805,0,0,d5f814a63108fa76cde55a23a7ee4c9d4c1228e8f74ac6f24226e1e9997c1554,2024-06-25T18:50:42.040000
@ -255740,6 +255744,7 @@ CVE-2024-5846,0,0,0b2d8f18d514785edc16bc8a9875d408ec093858a0edbb60b84e2acabc32d1
CVE-2024-5847,0,0,af863962a64ba64b748fc267021bdca1358cb53ef73ef1a0e2073c98890c9fa1,2024-07-03T02:09:31.730000
CVE-2024-5851,0,0,1ff86bf427427298fe5dc39bbfedb897b9870fd2315cf065507e70165fb41d41,2024-06-13T18:36:09.013000
CVE-2024-5853,0,0,4db307c3757855b51e51fa12e1eb9aa67e540512d9bb40f822c5370c3893dc4f,2024-06-20T12:44:01.637000
CVE-2024-5855,1,1,b90d3fcafd8e229d80167b4f5d2f3aed65497222ce1cbd14143f59d272d601d1,2024-07-09T02:15:10.437000
CVE-2024-5858,0,0,30241924d409355226bb80c4fb982c4833f84483f4f89b94e986f70fe7751e71,2024-06-17T12:42:04.623000
CVE-2024-5859,0,0,5b284a4381086ad6bad860c96074f61ed02c9601ee45c79362fb0f8a492df8fd,2024-06-24T19:21:07.943000
CVE-2024-5860,0,0,56b79e1c6d22cf1e6319b4d2696b988928a56f1c09b2a292e92b44a530d0359a,2024-07-05T13:52:14.463000
@ -255796,6 +255801,7 @@ CVE-2024-5967,0,0,a8cf0971f84f68dc327704c7b15af8c68f3ca5a6cf4ca8aa54163d9ca95100
CVE-2024-5970,0,0,118b7b2e028a3447b60495fc36df0133e6c8ea6adad2a5f3d89bac8698786790,2024-06-20T12:44:01.637000
CVE-2024-5971,0,0,4c029e3f50bafbefeafdd3bea254ba330995380b3f87a3e11bd5645cadf91acc,2024-07-08T21:15:12.480000
CVE-2024-5972,0,0,3700c5b3eb4bcd1d3bafe18b568e7aab0a0471128c3ce92a2f73ba8aa9a9cb4f,2024-06-28T19:15:07.500000
CVE-2024-5974,1,1,41bc2a5468ec6e846fb0d5ca66e59c6c799063474682442dfaf14d89f985b4c7,2024-07-09T03:15:02.507000
CVE-2024-5976,0,0,e855126a3e03657c0f9ccfb70e360e6531fe17aa442fb39ef6227c53616360fe,2024-06-17T12:43:31.090000
CVE-2024-5979,0,0,ecf851c3d3de50590eb0b5525283c723dc89573922e14c045baaee03d0d0831b,2024-06-27T19:25:12.067000
CVE-2024-5980,0,0,c1ed3bf259928f44163accb5dee81e38c4dedf71ab1a0c47da4cd2f2cf410bfa,2024-06-27T19:25:12.067000

Can't render this file because it is too large.