From 8338cc2664e95f9505abf2f7f9a2189d7cfcc0f5 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 24 Dec 2024 00:58:43 +0000 Subject: [PATCH] Auto-Update: 2024-12-24T00:55:19.367681+00:00 --- CVE-2018/CVE-2018-251xx/CVE-2018-25106.json | 137 ++++++++++++++++++++ README.md | 19 +-- _state.csv | 21 +-- 3 files changed, 153 insertions(+), 24 deletions(-) create mode 100644 CVE-2018/CVE-2018-251xx/CVE-2018-25106.json diff --git a/CVE-2018/CVE-2018-251xx/CVE-2018-25106.json b/CVE-2018/CVE-2018-251xx/CVE-2018-25106.json new file mode 100644 index 00000000000..7a0f11581aa --- /dev/null +++ b/CVE-2018/CVE-2018-251xx/CVE-2018-25106.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2018-25106", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-23T23:15:05.720", + "lastModified": "2024-12-23T23:15:05.720", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebula_send_to_hubspot of the file libs/Legacy/Legacy.php. The manipulation leads to sql injection. The attack may be initiated remotely. The patch is named 41230a81db0f671c570c2644bc2f80565ca83c5a. It is recommended to apply a patch to fix this issue." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/webuidesigning/NebulaX/commit/41230a81db0f671c570c2644bc2f80565ca83c5a", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289163", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289163", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 6788f6f8c3b..82335ecdf1f 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-23T23:00:19.882631+00:00 +2024-12-24T00:55:19.367681+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-23T22:15:07.800000+00:00 +2024-12-23T23:15:05.720000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -274584 +274585 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -- [CVE-2024-53961](CVE-2024/CVE-2024-539xx/CVE-2024-53961.json) (`2024-12-23T21:15:05.820`) +- [CVE-2018-25106](CVE-2018/CVE-2018-251xx/CVE-2018-25106.json) (`2024-12-23T23:15:05.720`) ### CVEs modified in the last Commit -Recently modified CVEs: `9` +Recently modified CVEs: `0` -- [CVE-2021-47382](CVE-2021/CVE-2021-473xx/CVE-2021-47382.json) (`2024-12-23T21:00:53.340`) -- [CVE-2021-47385](CVE-2021/CVE-2021-473xx/CVE-2021-47385.json) (`2024-12-23T21:01:31.227`) -- [CVE-2023-31239](CVE-2023/CVE-2023-312xx/CVE-2023-31239.json) (`2024-12-23T22:15:06.137`) -- [CVE-2023-32201](CVE-2023/CVE-2023-322xx/CVE-2023-32201.json) (`2024-12-23T22:15:06.950`) -- [CVE-2023-32270](CVE-2023/CVE-2023-322xx/CVE-2023-32270.json) (`2024-12-23T22:15:07.120`) -- [CVE-2023-32273](CVE-2023/CVE-2023-322xx/CVE-2023-32273.json) (`2024-12-23T22:15:07.290`) -- [CVE-2023-32276](CVE-2023/CVE-2023-322xx/CVE-2023-32276.json) (`2024-12-23T22:15:07.457`) -- [CVE-2023-32288](CVE-2023/CVE-2023-322xx/CVE-2023-32288.json) (`2024-12-23T22:15:07.623`) -- [CVE-2023-32538](CVE-2023/CVE-2023-325xx/CVE-2023-32538.json) (`2024-12-23T22:15:07.800`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 642e02fc3a3..77653f471e7 100644 --- a/_state.csv +++ b/_state.csv @@ -121428,6 +121428,7 @@ CVE-2018-25101,0,0,2bd8285666e4acb96b73073e83438f9de7be045d6343092b9bbb8ecde1424 CVE-2018-25103,0,0,898e59dad77386a317e4ff1bf68be33ab8be6db6918e382c5845df0e79bdcf13,2024-11-21T04:03:34.090000 CVE-2018-25104,0,0,07c0f7f8deacc6ae3510edd97c87fb0b6a5d5de0a9d91e721e0835794336db5c,2024-10-18T12:52:33.507000 CVE-2018-25105,0,0,d16cf144daafb93b508b5b5e5d66a4d924219330c977526c844488af5bef18a9,2024-10-30T18:23:57.830000 +CVE-2018-25106,1,1,658db890b0f85234a4f50b6559c622f3dadd208cff16da60b860a8c6dbc352d5,2024-12-23T23:15:05.720000 CVE-2018-2515,0,0,5409b099d6b1ad12de2273669dad1cdf61ce6e1c2e305b93396a548635b48aa4,2023-11-07T02:57:57.887000 CVE-2018-2560,0,0,64c0ce8dd86b8cd41f028fc0faeb4c2703b3a3d6c99b5cfb7e065de6e8a10aab,2024-11-21T04:03:56.060000 CVE-2018-2561,0,0,03752647d2e63906688e002ddaaa7e85aba13094709fdf81fa6e8215efd59a07,2024-11-21T04:03:56.197000 @@ -187546,10 +187547,10 @@ CVE-2021-47378,0,0,61aa0638bc7ee0395a662fdc5f4f13b5b1b9ce16346a6ed71a2a125033914 CVE-2021-47379,0,0,3af783699b681bcffb74a2660da0530399c3e52991b6855e838ae2f4f2a4a6f7,2024-12-23T20:47:30.867000 CVE-2021-47380,0,0,334d3b8b44718c38a1a24aa2305d3adcb569796b98de33e4074b5736ae175e69,2024-12-23T20:48:01.910000 CVE-2021-47381,0,0,ea9581172c2cef8c9f5c61fde5035f577a718b0e4516fc363d9583f7adc1168e,2024-11-21T06:36:01.627000 -CVE-2021-47382,0,1,8bab4ab03bcce99a1b3027a4efeeeb53a848c9a61cc4386f322e0997042df3bf,2024-12-23T21:00:53.340000 +CVE-2021-47382,0,0,8bab4ab03bcce99a1b3027a4efeeeb53a848c9a61cc4386f322e0997042df3bf,2024-12-23T21:00:53.340000 CVE-2021-47383,0,0,0fea9bf20d9be4ceb176eb152b0a196ea8810eed9df3d1f03d48ee0cced5dcc0,2024-11-21T06:36:01.867000 CVE-2021-47384,0,0,bb89862113d2a6336d33a29fcea8543dd2e3a5aaa8344e5d7c7ced6e0e1c1175,2024-11-21T06:36:01.983000 -CVE-2021-47385,0,1,c6a82e7a12e897338326b0272d766105a2467dab6588deae93331929ba6df3aa,2024-12-23T21:01:31.227000 +CVE-2021-47385,0,0,c6a82e7a12e897338326b0272d766105a2467dab6588deae93331929ba6df3aa,2024-12-23T21:01:31.227000 CVE-2021-47386,0,0,e2c2600fd20b80e34f73e540ac913f3f01a2782eb98515ebb9fa3047ce7b2d75,2024-11-21T06:36:02.267000 CVE-2021-47387,0,0,f9abbc75a71e5f75679f53162608a51731e5b30a945f073035121479b6bfac5c,2024-11-21T06:36:02.443000 CVE-2021-47388,0,0,9de2de675603cafd819912e559a516121c2d74bcad1e43875773a30530ae8e72,2024-11-21T06:36:02.560000 @@ -224242,7 +224243,7 @@ CVE-2023-31235,0,0,20daa2722f33192c83ab080afa28b151d9a5d2beeaccf042b17ccda79251e CVE-2023-31236,0,0,126c1f9f8e7f9d345b2b4ef536b49c7045d186ceacff8f015d2b69a71b74cf11,2024-11-21T08:01:41.010000 CVE-2023-31237,0,0,0a352cabe307daa8069d8329407c493d9cc84626b4cea5eda67e039a48109b21,2024-11-21T08:01:41.133000 CVE-2023-31238,0,0,11a72567041a3076066807dbe48ebaf14ba0774bcbfb5b06972c4cd36c749ae3,2024-11-21T08:01:41.260000 -CVE-2023-31239,0,1,38367017ce12f3d3e0238994f3c8e25cc7abbdbd5fc046c31e1c836a53c24d1d,2024-12-23T22:15:06.137000 +CVE-2023-31239,0,0,38367017ce12f3d3e0238994f3c8e25cc7abbdbd5fc046c31e1c836a53c24d1d,2024-12-23T22:15:06.137000 CVE-2023-3124,0,0,67cc12c86892de6b2248381c3363d0ccd4341fb7a3797b32711efc303565f768,2024-11-21T08:16:30.680000 CVE-2023-31240,0,0,353d37d85d0a9b7a55ddbf8bea51a0e809ce76463f66ea7a3065130f5a0e75f6,2024-12-09T18:15:20.887000 CVE-2023-31241,0,0,cbefd93432634453869e3a3854e829d76c88847907d35a3404131afce046c1cd,2024-12-09T18:15:21.090000 @@ -224865,7 +224866,7 @@ CVE-2023-32194,0,0,8845f016c85ede034f40ec0cefedc27534f7a571f4a5bc51875940261ad3c CVE-2023-32196,0,0,de21b311b4e56d3a3e4aceecb7213b5d1ea4ce282d0eda00cb240d24b29bd9bd,2024-10-16T16:38:14.557000 CVE-2023-3220,0,0,60dd783c3ead3cf222f72f3af6cb46e458ae1bec6174b63a99c735f758734ff6,2024-11-21T08:16:43.633000 CVE-2023-32200,0,0,bd3b707fd4f345c8c3028816f1e6552e40039230142d8b9e762e26d6d0380966,2024-11-21T08:02:53.243000 -CVE-2023-32201,0,1,931662d2bb3c46b3ef8495876fa9a03301878dcf7cc2306d578f2b4f434d18a1,2024-12-23T22:15:06.950000 +CVE-2023-32201,0,0,931662d2bb3c46b3ef8495876fa9a03301878dcf7cc2306d578f2b4f434d18a1,2024-12-23T22:15:06.950000 CVE-2023-32202,0,0,e2c24c84537688439264cd465b421a98fad6a5179b84fddeb05252e348ad893b,2024-11-21T08:02:53.537000 CVE-2023-32203,0,0,e2d1f0345e23b1f6af5f4532692cd64bf0afb0f32d62a816599871540a9e6771,2024-11-21T08:02:53.673000 CVE-2023-32204,0,0,ce3eba6dcf01bbfd1359b31c6749939018fc23321f929678e60800c962b4fa0b,2024-11-21T08:02:53.790000 @@ -224932,13 +224933,13 @@ CVE-2023-32267,0,0,b6f580f3ddb2c5a933d3f101abcaff0612364f4d209853bb6aaf5ef829b8b CVE-2023-32268,0,0,8c089f6b3ed768ed2e29abb93b2f5112afe0825c1ad0026c3a8ffe185b55f73a,2024-11-21T08:03:00.653000 CVE-2023-32269,0,0,efd65719f578efe2a321651e486efb08033992e098571e5039ca24120947aff3,2024-11-21T08:03:00.787000 CVE-2023-3227,0,0,fc22d9f27d691c63e217667353f6fa7f50100f3ddc4896977ced6460068d3532,2024-11-21T08:16:44.653000 -CVE-2023-32270,0,1,078bff17a1e5d23a69c6ba3d525b161bb9e3581edde6766b3e91b3771809867e,2024-12-23T22:15:07.120000 +CVE-2023-32270,0,0,078bff17a1e5d23a69c6ba3d525b161bb9e3581edde6766b3e91b3771809867e,2024-12-23T22:15:07.120000 CVE-2023-32271,0,0,111fc8a9e023e7ab3334edb4a814cd553d9eec52bed71fd8dc5f5f9349ea54e1,2024-11-21T08:03:01.050000 CVE-2023-32272,0,0,8d95a3c72f1d155b534dc0f03ddf704f903c294bd92121caaaa926bc5ea7f6bf,2024-11-21T08:03:01.180000 -CVE-2023-32273,0,1,dbc475022c89175f11fdad4ca43f4540448222863dd4e5d16f2a947690dc5b88,2024-12-23T22:15:07.290000 +CVE-2023-32273,0,0,dbc475022c89175f11fdad4ca43f4540448222863dd4e5d16f2a947690dc5b88,2024-12-23T22:15:07.290000 CVE-2023-32274,0,0,0b7b3dec85916257fb59243b4648f3caacde127983ed50fc26b64e840ee62cdc,2024-11-21T08:03:01.410000 CVE-2023-32275,0,0,a799c362e16c2f920ef3849f9d4df53d0b136c22ea7da7a5b665b880c2c629bf,2024-11-21T08:03:01.530000 -CVE-2023-32276,0,1,d02be46d62a3471b014f25ffbe8b8d0f2be5aaea76861955d2fd7d73e93de101,2024-12-23T22:15:07.457000 +CVE-2023-32276,0,0,d02be46d62a3471b014f25ffbe8b8d0f2be5aaea76861955d2fd7d73e93de101,2024-12-23T22:15:07.457000 CVE-2023-32278,0,0,3857fac1d586d0ab69b68ddf5e1412a8c03e72178ea8bcbe5480bea560ced136,2024-11-21T08:03:01.780000 CVE-2023-32279,0,0,292951eab2d522ee2c24e4aa1c375e0a56b8a7247fc54c421f69234c131e6dce,2024-11-21T08:03:01.910000 CVE-2023-3228,0,0,766e4cd19f2ab52c2e633f49961af6674b7d054cbfc6685e87b050fdb49e45ee,2024-11-21T08:16:44.790000 @@ -224948,7 +224949,7 @@ CVE-2023-32282,0,0,3eb71e7f3cda8c621dc0c045dbe04ad2953a152588a397051769ffcb03a8a CVE-2023-32283,0,0,9d2ad9864ccc4e8672714f3e6da954a951cef60a0b33014ebd1f210661371609,2024-11-21T08:03:02.417000 CVE-2023-32284,0,0,d0d78a4b2a7745c5328d854cf71b08544d116e7a0cc0d027d86eb9b49a1ef40a,2024-11-21T08:03:02.547000 CVE-2023-32285,0,0,98ef0293a5ae9d1c27252f5ab49cdf2eb2c45aa79d05962e381289ddd222d925,2024-11-21T08:03:02.667000 -CVE-2023-32288,0,1,eb31c2378126f1fc5a4d17d7dc29a63b369ee46b35b58f76be9ae654b39ffec0,2024-12-23T22:15:07.623000 +CVE-2023-32288,0,0,eb31c2378126f1fc5a4d17d7dc29a63b369ee46b35b58f76be9ae654b39ffec0,2024-12-23T22:15:07.623000 CVE-2023-32289,0,0,831692e60f900d61c13697e9724b2cf94d5cb61a356c360dfeeb8c1f3cb56ae8,2024-11-21T08:03:02.987000 CVE-2023-3229,0,0,1a970c549f63ac6d576d7882e00269a4f0740704078d39cb5af4f2cc5d314b6d,2024-11-21T08:16:44.943000 CVE-2023-32290,0,0,6064c4d4ce58ee0d9d82cfe3fa985c8a9f74303a960cb4899e735aa0f8b928ce,2024-11-21T08:03:03.113000 @@ -225208,7 +225209,7 @@ CVE-2023-32534,0,0,fbf2ca2a7134e34b52e0bd441b6e658302d55234681f3fab5d32c69bd7d59 CVE-2023-32535,0,0,31ce01a75a67a33768175f3dff24d7227ca8c537211d1dd44cc6dc984aeb3082,2024-11-21T08:03:32.940000 CVE-2023-32536,0,0,e9a1effe3c63c3d511b25a744732827e39bda4a52044eb0f0426b0721c73acde,2024-11-21T08:03:33.057000 CVE-2023-32537,0,0,5b665d8daeaf0b9e98d095bbb4adbb05e33eb725903e777cdfac5c165d59586a,2024-11-21T08:03:33.173000 -CVE-2023-32538,0,1,a79d0585f270682db5770c35be3f4e736ef61823d7816ae241bf0b95cac5e6c1,2024-12-23T22:15:07.800000 +CVE-2023-32538,0,0,a79d0585f270682db5770c35be3f4e736ef61823d7816ae241bf0b95cac5e6c1,2024-12-23T22:15:07.800000 CVE-2023-32539,0,0,71ad1b5c1cc0ec4f644596ee207d926ecdcd9338838c3d15e2441513236980d5,2024-11-21T08:03:33.427000 CVE-2023-3254,0,0,fb297b58092938a677653620d6902c1be9e99ed463481ac0db15d06c51aace63,2024-11-21T08:16:48.480000 CVE-2023-32540,0,0,17d7e60098adb11e4ca0fdfac768c1e1e30e660e9be67ce9c066bba56cf52f04,2024-11-21T08:03:33.563000 @@ -270039,7 +270040,7 @@ CVE-2024-53958,0,0,e4f482e2a03eae216a10399e99f654a343bd239d8a996661687745f01455a CVE-2024-53959,0,0,68036dd248b75f87e5f3d9391181f98f189af951a522aae2a41316aec0dfe235,2024-12-13T17:50:13.643000 CVE-2024-5396,0,0,a2e12a462b12b592c06259ea229afce64d9cb2b529021eb0ae1f63c97dd38d23,2024-11-21T09:47:34.430000 CVE-2024-53960,0,0,980ae01bf410da0473069e1a3eb7a3f001cc1d8a12dcc0d46a5730cb7c2b0449,2024-12-13T17:50:01.533000 -CVE-2024-53961,1,1,2e0e7f84a0689967b3fbeed60cfb468a59017571466067d3915d8bff5b5d538b,2024-12-23T21:15:05.820000 +CVE-2024-53961,0,0,2e0e7f84a0689967b3fbeed60cfb468a59017571466067d3915d8bff5b5d538b,2024-12-23T21:15:05.820000 CVE-2024-5397,0,0,1c1b9f46c7fae3545f6c6bff25b88c782d3838975abd0364f3776c48ef8d8b3f,2024-11-21T09:47:34.563000 CVE-2024-53975,0,0,1c6eb06597883327a72f325fc0f751cbd0dc5c99b87a33d8b2ef4784e7416fa6,2024-11-27T15:15:26.923000 CVE-2024-53976,0,0,e0e34654e2920917adcad83ccc486a90e5a6d39da581d67f84c5bbc103fd6b7b,2024-11-26T16:15:21.430000