admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-18T16:00:17.047080+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-18 16:03:13 +00:00
parent 2aece3c1ee
commit 85144a25ff
28 changed files with 1594 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
CVE-2024/CVE-2024-396xx/CVE-2024-39666.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-39666",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:06.370",
"lastModified": "2024-08-18T14:15:06.370",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 9.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce/wordpress-woocommerce-plugin-9-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-432xx/CVE-2024-43238.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43238",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:06.583",
"lastModified": "2024-08-18T14:15:06.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs weMail allows Reflected XSS.This issue affects weMail: from n/a through 1.14.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wemail/wordpress-wemail-email-marketing-newsletter-optin-forms-subscribers-wordpress-plugin-plugin-1-14-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-432xx/CVE-2024-43276.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43276",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:06.787",
"lastModified": "2024-08-18T14:15:06.787",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Svetoslav Marinov (Slavi) Child Theme Creator allows Reflected XSS.This issue affects Child Theme Creator: from n/a through 1.5.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/orbisius-child-theme-creator/wordpress-child-theme-creator-by-orbisius-plugin-1-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43305.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43305",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:03.320",
"lastModified": "2024-08-18T15:15:03.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Code Amp Custom Layouts \u2013 Post + Product grids made easy allows Stored XSS.This issue affects Custom Layouts \u2013 Post + Product grids made easy: from n/a through 1.4.11."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-layouts/wordpress-custom-layouts-post-product-grids-made-easy-plugin-1-4-11-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43306.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43306",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:03.523",
"lastModified": "2024-08-18T15:15:03.523",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP-Lister Lite for eBay allows Reflected XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.6.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-lister-for-ebay/wordpress-wp-lister-lite-for-ebay-plugin-3-6-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43307.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43307",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:03.720",
"lastModified": "2024-08-18T15:15:03.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gordon B\u00f6hme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Structured Content: from n/a through 1.6.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/structured-content/wordpress-structured-content-json-ld-wpsc-plugin-1-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43308.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43308",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:03.920",
"lastModified": "2024-08-18T15:15:03.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutentor Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor allows Stored XSS.This issue affects Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor: from n/a through 3.3.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gutentor/wordpress-gutentor-gutenberg-blocks-page-builder-for-gutenberg-editor-plugin-3-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43309.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43309",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:04.110",
"lastModified": "2024-08-18T15:15:04.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Socio WP Telegram Widget and Join Link allows Stored XSS.This issue affects WP Telegram Widget and Join Link: from n/a through 2.1.27."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wptelegram-widget/wordpress-wp-telegram-widget-and-join-link-plugin-2-1-27-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43313.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43313",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:04.310",
"lastModified": "2024-08-18T15:15:04.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FormFacade allows Reflected XSS.This issue affects FormFacade: from n/a through 1.3.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/formfacade/wordpress-formfacade-wordpress-plugin-for-google-forms-plugin-1-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43318.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43318",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:04.500",
"lastModified": "2024-08-18T15:15:04.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in E2Pdf.Com allows Stored XSS.This issue affects e2pdf: from n/a through 1.25.05."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/e2pdf/wordpress-e2pdf-export-to-pdf-tool-for-wordpress-plugin-1-25-05-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43320.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43320",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:04.693",
"lastModified": "2024-08-18T15:15:04.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through 3.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/addons-for-visual-composer/wordpress-wpbakery-page-builder-addons-plugin-3-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43321.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43321",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T15:15:04.897",
"lastModified": "2024-08-18T15:15:04.897",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Stored XSS.This issue affects Team Showcase: from n/a through 1.22.23."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/team/wordpress-team-showcase-plugin-1-22-23-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43324.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43324",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:06.990",
"lastModified": "2024-08-18T14:15:06.990",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through 2.2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cafe-lite/wordpress-clever-addons-for-elementor-plugin-2-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43327.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43327",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:07.197",
"lastModified": "2024-08-18T14:15:07.197",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/invite-anyone/wordpress-invite-anyone-plugin-1-4-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43329.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43329",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:07.400",
"lastModified": "2024-08-18T14:15:07.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Chill Allegiant allegiant allows Stored XSS.This issue affects Allegiant: from n/a through 1.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/allegiant/wordpress-allegiant-theme-1-2-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43330.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43330",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:07.597",
"lastModified": "2024-08-18T14:15:07.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IdeaBox Creations PowerPack for Beaver Builder allows Reflected XSS.This issue affects PowerPack for Beaver Builder: from n/a before 2.37.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bbpowerpack/wordpress-powerpack-for-beaver-builder-plugin-2-37-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43335.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43335",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:07.800",
"lastModified": "2024-08-18T14:15:07.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks \u2013 WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks \u2013 WordPress Gutenberg Blocks: from n/a through 1.8.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/responsive-block-editor-addons/wordpress-responsive-blocks-wordpress-gutenberg-blocks-plugin-1-8-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43342.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43342",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:07.993",
"lastModified": "2024-08-18T14:15:07.993",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ultimate-store-kit/wordpress-ultimate-store-kit-elementor-addons-woocommerce-builder-edd-builder-elementor-store-builder-product-grid-product-table-woocommerce-slider-plugin-1-6-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43344.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43344",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:08.190",
"lastModified": "2024-08-18T14:15:08.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Icegram allows Stored XSS.This issue affects Icegram: from n/a through 3.1.25."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/icegram/wordpress-icegram-engage-ultimate-wp-popup-builder-lead-generation-optins-and-cta-plugin-3-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43346.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43346",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:08.403",
"lastModified": "2024-08-18T14:15:08.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wow-Company Modal Window allows Stored XSS.This issue affects Modal Window: from n/a through 6.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/modal-window/wordpress-modal-window-create-popup-modal-window-plugin-6-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43347.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43347",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:08.597",
"lastModified": "2024-08-18T14:15:08.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VirusTran Button contact VR allows Stored XSS.This issue affects Button contact VR: from n/a through 4.7.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/button-contact-vr/wordpress-button-contact-vr-plugin-4-7-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43348.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43348",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:08.793",
"lastModified": "2024-08-18T14:15:08.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/purity-of-soul/wordpress-purity-of-soul-theme-1-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43349.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43349",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:08.993",
"lastModified": "2024-08-18T14:15:08.993",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AREOI All Bootstrap Blocks allows Stored XSS.This issue affects All Bootstrap Blocks: from n/a through 1.3.19."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/all-bootstrap-blocks/wordpress-all-bootstrap-blocks-plugin-1-3-19-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43351.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43351",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:09.187",
"lastModified": "2024-08-18T14:15:09.187",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Bravada bravada allows Stored XSS.This issue affects Bravada: from n/a through 1.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bravada/wordpress-bravada-theme-1-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-433xx/CVE-2024-43352.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43352",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-08-18T14:15:09.380",
"lastModified": "2024-08-18T14:15:09.380",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Organic Themes GivingPress Lite allows Stored XSS.This issue affects GivingPress Lite: from n/a through 1.8.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/givingpress-lite/wordpress-givingpress-lite-theme-1-8-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

137
CVE-2024/CVE-2024-79xx/CVE-2024-7906.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-7906",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-18T14:15:09.593",
"lastModified": "2024-08-18T14:15:09.593",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in DedeBIZ 6.3.0. This vulnerability affects the function get_mime_type of the file /admin/dialog/select_images_post.php of the component Attachment Settings. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/DeepMountains/Mirage/blob/main/CVE17-4.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.275032",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.275032",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.388363",
"source": "cna@vuldb.com"
}
]
}

35
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-08-18T14:00:17.232605+00:00
2024-08-18T16:00:17.047080+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-08-18T13:15:03.637000+00:00
2024-08-18T15:15:04.897000+00:00
```
### Last Data Feed Release
@ -33,15 +33,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
260395
260421
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `26`
- [CVE-2024-43353](CVE-2024/CVE-2024-433xx/CVE-2024-43353.json) (`2024-08-18T13:15:03.637`)
- [CVE-2024-7905](CVE-2024/CVE-2024-79xx/CVE-2024-7905.json) (`2024-08-18T12:15:04.397`)
- [CVE-2024-43238](CVE-2024/CVE-2024-432xx/CVE-2024-43238.json) (`2024-08-18T14:15:06.583`)
- [CVE-2024-43276](CVE-2024/CVE-2024-432xx/CVE-2024-43276.json) (`2024-08-18T14:15:06.787`)
- [CVE-2024-43305](CVE-2024/CVE-2024-433xx/CVE-2024-43305.json) (`2024-08-18T15:15:03.320`)
- [CVE-2024-43306](CVE-2024/CVE-2024-433xx/CVE-2024-43306.json) (`2024-08-18T15:15:03.523`)
- [CVE-2024-43307](CVE-2024/CVE-2024-433xx/CVE-2024-43307.json) (`2024-08-18T15:15:03.720`)
- [CVE-2024-43308](CVE-2024/CVE-2024-433xx/CVE-2024-43308.json) (`2024-08-18T15:15:03.920`)
- [CVE-2024-43309](CVE-2024/CVE-2024-433xx/CVE-2024-43309.json) (`2024-08-18T15:15:04.110`)
- [CVE-2024-43313](CVE-2024/CVE-2024-433xx/CVE-2024-43313.json) (`2024-08-18T15:15:04.310`)
- [CVE-2024-43318](CVE-2024/CVE-2024-433xx/CVE-2024-43318.json) (`2024-08-18T15:15:04.500`)
- [CVE-2024-43320](CVE-2024/CVE-2024-433xx/CVE-2024-43320.json) (`2024-08-18T15:15:04.693`)
- [CVE-2024-43321](CVE-2024/CVE-2024-433xx/CVE-2024-43321.json) (`2024-08-18T15:15:04.897`)
- [CVE-2024-43324](CVE-2024/CVE-2024-433xx/CVE-2024-43324.json) (`2024-08-18T14:15:06.990`)
- [CVE-2024-43327](CVE-2024/CVE-2024-433xx/CVE-2024-43327.json) (`2024-08-18T14:15:07.197`)
- [CVE-2024-43329](CVE-2024/CVE-2024-433xx/CVE-2024-43329.json) (`2024-08-18T14:15:07.400`)
- [CVE-2024-43330](CVE-2024/CVE-2024-433xx/CVE-2024-43330.json) (`2024-08-18T14:15:07.597`)
- [CVE-2024-43335](CVE-2024/CVE-2024-433xx/CVE-2024-43335.json) (`2024-08-18T14:15:07.800`)
- [CVE-2024-43342](CVE-2024/CVE-2024-433xx/CVE-2024-43342.json) (`2024-08-18T14:15:07.993`)
- [CVE-2024-43344](CVE-2024/CVE-2024-433xx/CVE-2024-43344.json) (`2024-08-18T14:15:08.190`)
- [CVE-2024-43346](CVE-2024/CVE-2024-433xx/CVE-2024-43346.json) (`2024-08-18T14:15:08.403`)
- [CVE-2024-43347](CVE-2024/CVE-2024-433xx/CVE-2024-43347.json) (`2024-08-18T14:15:08.597`)
- [CVE-2024-43348](CVE-2024/CVE-2024-433xx/CVE-2024-43348.json) (`2024-08-18T14:15:08.793`)
- [CVE-2024-43349](CVE-2024/CVE-2024-433xx/CVE-2024-43349.json) (`2024-08-18T14:15:08.993`)
- [CVE-2024-43351](CVE-2024/CVE-2024-433xx/CVE-2024-43351.json) (`2024-08-18T14:15:09.187`)
- [CVE-2024-43352](CVE-2024/CVE-2024-433xx/CVE-2024-43352.json) (`2024-08-18T14:15:09.380`)
- [CVE-2024-7906](CVE-2024/CVE-2024-79xx/CVE-2024-7906.json) (`2024-08-18T14:15:09.593`)
### CVEs modified in the last Commit

30
_state.csv
View File

@ -256125,6 +256125,7 @@ CVE-2024-39661,0,0,3f1668a68073bea87fcbf672ceb545c5a59db448343e0d059e706cf687088
CVE-2024-39662,0,0,ecb8cd04dc8c581f4fd22cff35dcfdcc1a520a4f1c785762e812b3c3e81a9d07,2024-08-02T12:59:43.990000
CVE-2024-39663,0,0,5485eaa9a0e5d035b45ebfad60ac233472860db52699a29a8033be0ed950f5c1,2024-08-02T12:59:43.990000
CVE-2024-39665,0,0,09032edffccd86a516bf404f98ff59a6b17bdff21bd482e1c39e1f40936a2fc5,2024-08-02T12:59:43.990000
CVE-2024-39666,1,1,b3f5ddc4d98a342e6d0b5dae1d643cb7e9b63458cf23dee0d7a3de18c21f76db,2024-08-18T14:15:06.370000
CVE-2024-39667,0,0,483e2b41258c01952d1dfafe22eec63feafc1e77df76287d6f99eb2cf4ad80bc,2024-08-02T12:59:43.990000
CVE-2024-39668,0,0,f12715ae868c1f9b453d75a4c5a1e62f3252bb0d334eacbb04bc073b1c1987fc,2024-08-02T12:59:43.990000
CVE-2024-39669,0,0,56d6b274e749be30b1ff4d12ff6c858882279f47b773d710e8ac61d1e37bcfa3,2024-07-03T02:05:50.580000
@ -257749,20 +257750,44 @@ CVE-2024-43227,0,0,ad1f6a93845342802a80b9924c653d05f8aded241d8c4fe476abc24eaae6f
CVE-2024-4323,0,0,8795dbc0ef00377d638f97794032c86e045103be19a16a47714b9d0a60088551,2024-05-20T13:00:04.957000
CVE-2024-43231,0,0,576ae207e6ba8489a6ff51c30718ab9a1cd372eb2df3fcba4d400349b580379a,2024-08-13T12:58:25.437000
CVE-2024-43233,0,0,1b4af7770e832b42b8de9434c8175a113ca03ccd398ae87b3d3135806048f23d,2024-08-13T12:58:25.437000
CVE-2024-43238,1,1,ce7255c1c134cad6a5254a06b54b5fe5157846bb5f240a12571bb3e78a220737,2024-08-18T14:15:06.583000
CVE-2024-4324,0,0,fc63521759a8641132ed78ae3099f2b2ca0952db3d329b9ead7b1b38a39cf68e,2024-05-02T18:00:37.360000
CVE-2024-4325,0,0,76d9bad54216516dac1d03211c486bb781521a024ebba7e9a0e98047a78d0bf5,2024-06-07T14:56:05.647000
CVE-2024-4326,0,0,d965aff3554882d9e9e5ba1861fcd18121a605b5a6347dc41a19bd090bda9a65,2024-05-16T13:03:05.353000
CVE-2024-4327,0,0,9a5f942b6958d2271ac79f44a3dfa6f019a91702ea5bf4b7c110b804ce763bfb,2024-05-17T02:40:22.673000
CVE-2024-43275,0,0,78ead3cb089aaf7c18ceb1d81053b0c408f631313f8368c9da5d02a09209ccb7,2024-08-15T13:01:10.150000
CVE-2024-43276,1,1,1327b07b07996c9ea2c2148b4a57bbf83cde40df49695242a6b4d52226e84136,2024-08-18T14:15:06.787000
CVE-2024-4328,0,0,243566e1cc6bca4cb71823d7b7f30591e3ccaa89bb4c9ba718cf8de1f025e822,2024-06-12T19:33:00.527000
CVE-2024-4329,0,0,915fdd462793e35dddcb6a188ef6774a9ebc56a526b1b0698bddaf3c23ba3b77,2024-05-14T16:11:39.510000
CVE-2024-4330,0,0,fc15b5e6e8f2f0c0d6f88562ddea62a293dcb49ee86f17536355ec11fc8680c3,2024-05-30T18:19:11.743000
CVE-2024-43305,1,1,9fd98bb7d48477ddbf9f1b10a6ec28752b423d821908baff2191f5d92b81ba9f,2024-08-18T15:15:03.320000
CVE-2024-43306,1,1,c162cc879c38af0ff6ff430290e806b67f6106e77f71856ef233366846e5edda,2024-08-18T15:15:03.523000
CVE-2024-43307,1,1,28f6bcbe7ef6126b298409cdbb1de3962dd527765ec65de7dfbaa9be794b5105,2024-08-18T15:15:03.720000
CVE-2024-43308,1,1,cc1218affded6df6733cd6e6243d85a9b7c149caac0e64148014f977b1b2dd4a,2024-08-18T15:15:03.920000
CVE-2024-43309,1,1,6a6641f301d22a4a49ef14bd4948e4eb2ad8fdc01b0b78446732e53b57213ee2,2024-08-18T15:15:04.110000
CVE-2024-4331,0,0,f83a1d11dfb2c744e38bc97e75352f54247538f697e111d3b125724e343ab75a,2024-07-03T02:07:25.070000
CVE-2024-43313,1,1,9f016e11abc51c162cbb68def428d2301e20425131f0ceed6a98db33d449ccf2,2024-08-18T15:15:04.310000
CVE-2024-43318,1,1,b3eec787ca00cc1277ca41c66d7b3f354b16e0d89114bb90efb1de3f373dbe4f,2024-08-18T15:15:04.500000
CVE-2024-4332,0,0,229e2a44f62342d9fecf4d77bd1ae1368633da9c89a437515cafc4b1ffcbd9b7,2024-06-03T19:23:17.807000
CVE-2024-43320,1,1,951d5aa8f8321f3bbb08736a83f3b5bb2eb023b49c477596a49570897ee3b4bb,2024-08-18T15:15:04.693000
CVE-2024-43321,1,1,412b667b57584a1a850b6b935ee963a15ff05a90781256cbfb41b1fb974714dc,2024-08-18T15:15:04.897000
CVE-2024-43324,1,1,76cf3f26ac0f3fd153a1ce482effef994d5f8372f2b8fa48c7537ba455385109,2024-08-18T14:15:06.990000
CVE-2024-43327,1,1,f0dc6fa187f7a0536637007cafd249bc2c6e88cf46e7662b6ca51a2214d0052c,2024-08-18T14:15:07.197000
CVE-2024-43329,1,1,f2dddc3cc1cf66278244805f602d67f1c448cec8f86f9a645594d7c450004cef,2024-08-18T14:15:07.400000
CVE-2024-4333,0,0,640575820e0b30891814a5a9385bc808a4cb1fa6f8846116192c877d2f9953e9,2024-05-14T19:17:55.627000
CVE-2024-43330,1,1,7e47c2a279e2683674ab70552afd1bcfa18cc6856f2ad2a818324110dbeab033,2024-08-18T14:15:07.597000
CVE-2024-43335,1,1,55eacbeda747cb7454ab956a8321dde1266597c0e3f4481d03e079f6fb2d8295,2024-08-18T14:15:07.800000
CVE-2024-4334,0,0,0bbc9e9de57a0c229384d6d19ec0f1942ba088838a67e65a09daa4455a2054dd,2024-05-02T18:00:37.360000
CVE-2024-43342,1,1,ae1a497fc2d01bf8409c86a604ef92224e6ccab6dd8913dd2dda626fcfe4abaf,2024-08-18T14:15:07.993000
CVE-2024-43344,1,1,7ffe4867fdbe319aecf111ed8029276c6b365d160c505a31c1f7d2effa73da4b,2024-08-18T14:15:08.190000
CVE-2024-43346,1,1,d7da79348dadc4e619c70198aef0979e758a09b67eb9d9ca3d45f76a9eba2d36,2024-08-18T14:15:08.403000
CVE-2024-43347,1,1,151804af95c9ae28497f46dd877847b750672a82239dc83fdae21aa765b4eaae,2024-08-18T14:15:08.597000
CVE-2024-43348,1,1,6a37677082f2247ee5c2620ee069bb780a9e39d79f9379f6908d0805a34f2cee,2024-08-18T14:15:08.793000
CVE-2024-43349,1,1,90d696d5b6e861a834162335ad7d1b0695397514fe0b751b2c66b44a72e77f51,2024-08-18T14:15:08.993000
CVE-2024-4335,0,0,0ca058a6a5d3d4471e4538114fc6d3ccf52ed0e69923cf2c5461b8aef31c87bc,2024-05-14T16:11:39.510000
CVE-2024-43353,1,1,b36e57f698bbcecaaa53e730e555a16c07221c30e4dda17b92fa02b775f2b264,2024-08-18T13:15:03.637000
CVE-2024-43351,1,1,9f14d9d85581aedf9e6daae162bb0a2a0f46734d33ad2208e90c8bb2eee02bd3,2024-08-18T14:15:09.187000
CVE-2024-43352,1,1,e83e0c41595f85fcfebebb84fc3a271a645f1df8a676f95c21b46f5a73ce6fa6,2024-08-18T14:15:09.380000
CVE-2024-43353,0,0,b36e57f698bbcecaaa53e730e555a16c07221c30e4dda17b92fa02b775f2b264,2024-08-18T13:15:03.637000
CVE-2024-43357,0,0,5dc27b73f336cd5e6c70fedf39032f4547faea9efaaa946c66076ebffd733738,2024-08-15T19:15:20.107000
CVE-2024-43358,0,0,fbf8fe905c3ca9abb9115b42cc5614eccd0cebf28f3e14adb9347834e27ffc3a,2024-08-13T12:58:25.437000
CVE-2024-43359,0,0,65d4fabedd6480e45a35d791ca8acdefa39599f7f2c5dac0d8096fc11d685101,2024-08-13T12:58:25.437000
@ -260393,4 +260418,5 @@ CVE-2024-7901,0,0,618a2039f51cbbbc0d5c3ddaa5027b5967637dce6171bdd0d5691af36c86bc
CVE-2024-7902,0,0,cbd573e84ca67ff2b53cf8a42d7d83afc92757983fa6b70e4db7dd6cd063dfb8,2024-08-17T22:15:04.190000
CVE-2024-7903,0,0,8d7843d16187b57c0ec430196d9a14825eadb602191eca2998b1f5041ce037b8,2024-08-18T07:15:03.763000
CVE-2024-7904,0,0,c57b9b0a7afe4ddf2b389d6f0877116812f1d85f16981e375bb4bc54849ca0fc,2024-08-18T09:15:04.973000
CVE-2024-7905,1,1,83bd74ff7f9a0d327aa4b77d2021933a8729049dacae0baa5dce168c40c2a131,2024-08-18T12:15:04.397000
CVE-2024-7905,0,0,83bd74ff7f9a0d327aa4b77d2021933a8729049dacae0baa5dce168c40c2a131,2024-08-18T12:15:04.397000
CVE-2024-7906,1,1,7b5af4f9a5ce556bb7ea2828ad0737ab7becadf15cc6307b3c18c76423443d69,2024-08-18T14:15:09.593000

Can't render this file because it is too large.