mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-07 11:07:05 +00:00
Auto-Update: 2024-10-04T12:00:18.697204+00:00
This commit is contained in:
cad-safe-bot
parent
b289bdb60a
commit
700625af95
64
CVE-2024/CVE-2024-90xx/CVE-2024-9071.json
Normal file
64
CVE-2024/CVE-2024-90xx/CVE-2024-9071.json
Normal file
@ -0,0 +1,64 @@
|
||||
{
|
||||
"id": "CVE-2024-9071",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-10-04T10:15:12.903",
|
||||
"lastModified": "2024-10-04T10:15:12.903",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Easy Demo Importer \u2013 A Modern One-Click Demo Import Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.4,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 3.1,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3162305/",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/plugins/easy-demo-importer/#developers",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/27a1f457-6bd9-41eb-83e1-cb9e62950041?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
64
CVE-2024/CVE-2024-92xx/CVE-2024-9271.json
Normal file
64
CVE-2024/CVE-2024-92xx/CVE-2024-9271.json
Normal file
@ -0,0 +1,64 @@
|
||||
{
|
||||
"id": "CVE-2024-9271",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-10-04T10:15:13.873",
|
||||
"lastModified": "2024-10-04T10:15:13.873",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.4,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 3.1,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3161983/",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/plugins/rewp/#developers",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a7d340b9-6a77-481c-983c-f4774ecff285?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
19
README.md
19
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-10-04T08:00:20.095017+00:00
|
||||
2024-10-04T12:00:18.697204+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-10-04T07:15:03.857000+00:00
|
||||
2024-10-04T10:15:13.873000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,22 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
264460
|
||||
264462
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `9`
|
||||
Recently added CVEs: `2`
|
||||
|
||||
- [CVE-2024-47854](CVE-2024/CVE-2024-478xx/CVE-2024-47854.json) (`2024-10-04T06:15:03.027`)
|
||||
- [CVE-2024-47855](CVE-2024/CVE-2024-478xx/CVE-2024-47855.json) (`2024-10-04T06:15:04.093`)
|
||||
- [CVE-2024-6442](CVE-2024/CVE-2024-64xx/CVE-2024-6442.json) (`2024-10-04T06:15:04.370`)
|
||||
- [CVE-2024-6443](CVE-2024/CVE-2024-64xx/CVE-2024-6443.json) (`2024-10-04T06:15:05.160`)
|
||||
- [CVE-2024-6444](CVE-2024/CVE-2024-64xx/CVE-2024-6444.json) (`2024-10-04T07:15:02.877`)
|
||||
- [CVE-2024-8804](CVE-2024/CVE-2024-88xx/CVE-2024-8804.json) (`2024-10-04T06:15:05.353`)
|
||||
- [CVE-2024-9242](CVE-2024/CVE-2024-92xx/CVE-2024-9242.json) (`2024-10-04T06:15:05.647`)
|
||||
- [CVE-2024-9306](CVE-2024/CVE-2024-93xx/CVE-2024-9306.json) (`2024-10-04T07:15:03.550`)
|
||||
- [CVE-2024-9435](CVE-2024/CVE-2024-94xx/CVE-2024-9435.json) (`2024-10-04T07:15:03.857`)
|
||||
- [CVE-2024-9071](CVE-2024/CVE-2024-90xx/CVE-2024-9071.json) (`2024-10-04T10:15:12.903`)
|
||||
- [CVE-2024-9271](CVE-2024/CVE-2024-92xx/CVE-2024-9271.json) (`2024-10-04T10:15:13.873`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
20
_state.csv
20
_state.csv
@ -261032,8 +261032,8 @@ CVE-2024-4783,0,0,413c0436e6758a988a0c847533b21e34b17a9d936626eba8cda1a5d1f87e01
|
||||
CVE-2024-4784,0,0,4cc2a5a387e2d44a289947f3cae3cd294fd9977dc8f62a4a2754567f4ad78544,2024-08-23T16:59:30.430000
|
||||
CVE-2024-4785,0,0,86459565331431d4effe5c5baf904159b952a2a7d490db9da0fcd3795764e799,2024-08-20T15:44:20.567000
|
||||
CVE-2024-47850,0,0,5cfa949a2f348d42209a7ad3229b3dfd8e701c71f62b530011920d6cc2b47a69,2024-10-04T05:15:11.243000
|
||||
CVE-2024-47854,1,1,8ada47c8e41eb3ba9174f6b1435ebc115a61393d1f9e0638f68136c31d9e2c64,2024-10-04T06:15:03.027000
|
||||
CVE-2024-47855,1,1,61e282832f73281829ef7583678470d096ee6a7f581cbce86a225d728613c584,2024-10-04T06:15:04.093000
|
||||
CVE-2024-47854,0,0,8ada47c8e41eb3ba9174f6b1435ebc115a61393d1f9e0638f68136c31d9e2c64,2024-10-04T06:15:03.027000
|
||||
CVE-2024-47855,0,0,61e282832f73281829ef7583678470d096ee6a7f581cbce86a225d728613c584,2024-10-04T06:15:04.093000
|
||||
CVE-2024-4786,0,0,bbc8c5b9b549878acd4ee1e5896d7add0ba995b55e84e619083dd37cca26f8f1,2024-07-29T14:12:08.783000
|
||||
CVE-2024-4787,0,0,6e9b8652de9328ef9248746b2fe52f715cb97566c59048ae6277a1aaed304f45,2024-06-20T12:44:01.637000
|
||||
CVE-2024-4788,0,0,036e4ce9e476328c73022572d41365684f416f1f77ea3a1f5e72bdd2454ce2ec,2024-08-05T20:23:52.467000
|
||||
@ -262475,9 +262475,9 @@ CVE-2024-6438,0,0,dda5c3ef0b29175f6296e0b89d7c12c3e07fe51c2f0cc30ea59ffede8f2663
|
||||
CVE-2024-6439,0,0,17c8c0dedf84f798cc0f5ae1eb12bcfee8d03a9530b75eee07a6ecb983f8a09a,2024-07-02T17:58:39.773000
|
||||
CVE-2024-6440,0,0,2c5be04f311531a7679fd469afc24458b735968d4c5b698cdcf03804f39d3eef,2024-07-02T17:58:15.410000
|
||||
CVE-2024-6441,0,0,15383e1684ea64dc1d374e71fe60467b8bfc18bde94b0e73415ebe68688c2118,2024-07-02T17:44:45.700000
|
||||
CVE-2024-6442,1,1,c447fd21cd44a9b02f2817edf5de524deb3d008389cb0d42f60bb389c591a4b3,2024-10-04T06:15:04.370000
|
||||
CVE-2024-6443,1,1,d08394e0070894131819b9a5154ca9752eb7170874299ab3437aeb40ef47ddf5,2024-10-04T06:15:05.160000
|
||||
CVE-2024-6444,1,1,4707fe42307561d9c9157bd0f99f783e8c32216a0a7ebc01cf806124e2433bf5,2024-10-04T07:15:02.877000
|
||||
CVE-2024-6442,0,0,c447fd21cd44a9b02f2817edf5de524deb3d008389cb0d42f60bb389c591a4b3,2024-10-04T06:15:04.370000
|
||||
CVE-2024-6443,0,0,d08394e0070894131819b9a5154ca9752eb7170874299ab3437aeb40ef47ddf5,2024-10-04T06:15:05.160000
|
||||
CVE-2024-6444,0,0,4707fe42307561d9c9157bd0f99f783e8c32216a0a7ebc01cf806124e2433bf5,2024-10-04T07:15:02.877000
|
||||
CVE-2024-6445,0,0,d4bd07ae9eba462d90eb79dcc7204c56bd4679ce8063eb2ebe32db5f30ce9fc7,2024-09-12T16:14:51.480000
|
||||
CVE-2024-6446,0,0,40ba33596a31d7c54c56d318bcab067473a99b16234df2e24accf4e6227c9e31,2024-09-14T15:17:11.720000
|
||||
CVE-2024-6447,0,0,45fe1e3b45bb9052a54143ac6931092e1b37ff897cd56aa11e3df59780bc06cb,2024-07-11T13:05:54.930000
|
||||
@ -264204,7 +264204,7 @@ CVE-2024-8800,0,0,d956ac136643b04f0243a452c8ccfdf197118d0e853c27476b810517af9801
|
||||
CVE-2024-8801,0,0,b5bc4f982a594acb6aaf56b2e8a82653b32de0b2ae7bfdf440e37c28bdd34de7,2024-09-30T14:23:46.140000
|
||||
CVE-2024-8802,0,0,fa13adca8a22ec6e50f47087a1da6c1e490e962abace9f54c6d7c55cc28a4817,2024-10-04T05:15:11.930000
|
||||
CVE-2024-8803,0,0,1e0c20c4da3042f287bedde6aa980588230b643699023347d741bb81db132ef8,2024-10-02T17:15:12.677000
|
||||
CVE-2024-8804,1,1,7c528ca66db5ca77abb50794657dc450a6d4f88358c2365f5ecb81bde5817e53,2024-10-04T06:15:05.353000
|
||||
CVE-2024-8804,0,0,7c528ca66db5ca77abb50794657dc450a6d4f88358c2365f5ecb81bde5817e53,2024-10-04T06:15:05.353000
|
||||
CVE-2024-8850,0,0,60f99c260767f82bf00cc7954ec3e058985003b965020b8d3dac7a45b3ea5f64,2024-09-25T18:49:53.397000
|
||||
CVE-2024-8853,0,0,b5a3b0675f8f2657c7381537f08c47ae3a3694c18acf1b18976370e35c278f0e,2024-09-25T17:49:25.653000
|
||||
CVE-2024-8858,0,0,a55a2b45b2b7a3f3c60e0d8077307a88defc4d63f2b498893a25b1463c90c22f,2024-10-02T18:41:29.067000
|
||||
@ -264305,6 +264305,7 @@ CVE-2024-9060,0,0,e35befe0c19e9c59756c7c70c224c449f9b987489f50a3c4c91195a0ebac85
|
||||
CVE-2024-9063,0,0,df96d256cb802a721004c9ac9223f80a26c192f9136fb3599130ecff1f9d6c94,2024-09-25T01:15:48.670000
|
||||
CVE-2024-9068,0,0,01b6ceee3583b3b207ab2eeaf4c2684cbe8e9990b1a6178aa8ad730654493f98,2024-10-02T19:55:50.547000
|
||||
CVE-2024-9069,0,0,904bb0393747d55de1840c322bbad7ae9d27b3e14c3398a0999f4d003e7be886,2024-10-02T19:37:49.777000
|
||||
CVE-2024-9071,1,1,957e62c0393f0628f9347c6d61d1bdf135a92652d16fab07ebf75d67cdba8861,2024-10-04T10:15:12.903000
|
||||
CVE-2024-9073,0,0,e1a3718934b1c8aa8070be1e5efd6407ed841e421f9f505c84906bd05d8d4d7e,2024-10-02T19:32:43.047000
|
||||
CVE-2024-9075,0,0,3b33ab99769a9c852230df8e8b6083f862011911d6a5bcadbdc727ad6f83ab66,2024-09-30T15:27:39.313000
|
||||
CVE-2024-9076,0,0,8c57021a64484b6edbf7ffabe5a971516c1732fccafbf97d4089a67e7015212f,2024-09-27T16:14:04.977000
|
||||
@ -264372,12 +264373,13 @@ CVE-2024-9225,0,0,141d0d35e11a2cd106662fadee1419850af7b64bb767687c4551fb0ce39a77
|
||||
CVE-2024-9228,0,0,9405c3cfc45dca66268ec52ff9d3afd2509e4b32bf0c50779cb731b661651911,2024-10-01T09:15:07.750000
|
||||
CVE-2024-9237,0,0,8e6e22e1e3f1d7c42a4af8690ec68b6567f1938aac087ae222b58b78114ae60d,2024-10-04T05:15:12.390000
|
||||
CVE-2024-9241,0,0,c97fba2c7aa884bcdd52fc5811a712b361d655a1df561d8ca3d939dedb183a39,2024-10-01T09:15:08.287000
|
||||
CVE-2024-9242,1,1,e9b47715b8866c0bb06824338df1ab32ffe4086045274b1a5798b8af973e0ccc,2024-10-04T06:15:05.647000
|
||||
CVE-2024-9242,0,0,e9b47715b8866c0bb06824338df1ab32ffe4086045274b1a5798b8af973e0ccc,2024-10-04T06:15:05.647000
|
||||
CVE-2024-9265,0,0,a960537dfc00aa7287cda3b344edaa9968d5f1c511cd23e19840dec685ffedab,2024-10-01T09:15:08.810000
|
||||
CVE-2024-9266,0,0,9236ddab7a32ddd3f2f213c68ff62e8764199194dacaa0a345239e73e7878693,2024-10-03T19:15:05.027000
|
||||
CVE-2024-9267,0,0,dc0e2a16aa688a38c35f6b9ffae7fc1a73b41beb5eb56dfb80ff17744ee58cdd,2024-10-01T08:15:06.103000
|
||||
CVE-2024-9268,0,0,7e7771d589d5219f5f8e1d4b856d8a4ecc833e195b34661fddc76da01954ef5a,2024-09-27T17:15:14.497000
|
||||
CVE-2024-9269,0,0,17a005cc0d3d32766c2354e4e21cb5a6af989b17ac72800bc0de449fb0f65c28,2024-10-01T08:15:06.313000
|
||||
CVE-2024-9271,1,1,2ea88abcbf961aaa15b521ad34b35dc9cddcc77bca5e08580f9b2be138919aef,2024-10-04T10:15:13.873000
|
||||
CVE-2024-9272,0,0,3bcc3e0378e59bc6d6daede197b60eb874d387818f18424bcf6330089754e28e,2024-10-01T08:15:06.510000
|
||||
CVE-2024-9273,0,0,d541667891e816199f828382e531f52a986321fd7f85b5856a4bc94c161620a8,2024-09-27T17:15:14.550000
|
||||
CVE-2024-9274,0,0,cc5814507328948ef506c997bdd3cfe686c60b8346a4520f66a47bfd431a0fe5,2024-10-01T08:15:06.723000
|
||||
@ -264403,7 +264405,7 @@ CVE-2024-9299,0,0,0e06149ad72b9bceed8023fce5d46e4c2d87e230ca1e26b3a70118742de53d
|
||||
CVE-2024-9300,0,0,8cf4fd8be1a68079d9b09593a267df47fb69eec7140ede32d9eeb623680961c8,2024-10-01T13:34:58.760000
|
||||
CVE-2024-9301,0,0,73ba33e42a5a66e63775d86ddfdf57e7a04bcd9ceda925406fc4894f153c084a,2024-09-30T12:45:57.823000
|
||||
CVE-2024-9304,0,0,77296627b4e73471315e7e445cf2a4183f5c2120111f84509ea16b607bc5907e,2024-10-01T08:15:06.943000
|
||||
CVE-2024-9306,1,1,4ca35b197e1e8441ae7b54d80e40679c30ed3e0a26a5e3ec8e56c166d1689ce9,2024-10-04T07:15:03.550000
|
||||
CVE-2024-9306,0,0,4ca35b197e1e8441ae7b54d80e40679c30ed3e0a26a5e3ec8e56c166d1689ce9,2024-10-04T07:15:03.550000
|
||||
CVE-2024-9313,0,0,533b0d999ec7273986b8e84d0a0b2d019578bc94f6735184fe1b7224c917a32a,2024-10-03T11:15:13.940000
|
||||
CVE-2024-9315,0,0,dcae3590349756096f3149f913fcd278d961f7a38fe3ece525d39bf3aa5da14a,2024-10-01T13:33:59.480000
|
||||
CVE-2024-9316,0,0,dc1cd9e0c0f14c1ac859a7efc8a45f5e2b48ab85717e9999593b73d7873483e5,2024-10-02T13:29:29.813000
|
||||
@ -264454,7 +264456,7 @@ CVE-2024-9411,0,0,0ed7229fadcaa0ba2be6aae3ed0a903fea8ee7057f413ca8d29b7080b09aae
|
||||
CVE-2024-9421,0,0,113e7be703208961a4797379eec546ebda83429cccc93934d64732f5dbb32085,2024-10-04T05:15:14.030000
|
||||
CVE-2024-9423,0,0,c94940e86c4d0857c214a72b7785993b36e482d8dc6d4d5d12ed70a35b4f0f3b,2024-10-02T16:15:11.250000
|
||||
CVE-2024-9429,0,0,db0d8ee6274f5889e645bc8f06bc2c127c429edd7f6e0ee6aa8f7a2649e83d4c,2024-10-02T13:15:12.617000
|
||||
CVE-2024-9435,1,1,3547393000ed8dce8618b05e9dca518261bffd0df796ca17f2125743b1b7dc37,2024-10-04T07:15:03.857000
|
||||
CVE-2024-9435,0,0,3547393000ed8dce8618b05e9dca518261bffd0df796ca17f2125743b1b7dc37,2024-10-04T07:15:03.857000
|
||||
CVE-2024-9440,0,0,a014a1e56d1851c7e48b58fd953e33ac08c51de3cb3a714389caa1ff00e4d989,2024-10-02T19:15:15.880000
|
||||
CVE-2024-9441,0,0,384255352f00f9a9db206fa87755d8414cb6b20054a48cca8134e02f7821516e,2024-10-02T19:15:16.100000
|
||||
CVE-2024-9445,0,0,fabfc564c6ed891571f4b9f8b25796aae5fe877150de0eb458cd1c36e31c1f17,2024-10-04T05:15:14.230000
|
||||
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user