admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-24T13:00:24.229357+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-24 13:00:27 +00:00
parent cad3e97103
commit 86cf40309b
10 changed files with 508 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-522xx/CVE-2023-52221.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52221",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:56.907",
"lastModified": "2024-01-24T12:15:56.907",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in UkrSolution Barcode Scanner and Inventory manager.This issue affects Barcode Scanner and Inventory manager: from n/a through 1.5.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-1-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22134.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22134",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:57.297",
"lastModified": "2024-01-24T12:15:57.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contact-form-7-mailchimp-extension/wordpress-contact-form-7-extension-for-mailchimp-plugin-0-5-70-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22135.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22135",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:57.500",
"lastModified": "2024-01-24T12:15:57.500",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through 2.4.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/order-import-export-for-woocommerce/wordpress-order-export-order-import-for-woocommerce-plugin-2-4-3-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-221xx/CVE-2024-22152.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22152",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:57.700",
"lastModified": "2024-01-24T12:15:57.700",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export for WooCommerce.This issue affects Product Import Export for WooCommerce: from n/a through 2.3.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/product-import-export-for-woo/wordpress-product-import-export-for-woocommerce-plugin-2-3-7-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-222xx/CVE-2024-22284.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22284",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:57.893",
"lastModified": "2024-01-24T12:15:57.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.7.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/asgaros-forum/wordpress-asgaros-forum-plugin-2-7-2-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-222xx/CVE-2024-22294.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22294",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:58.093",
"lastModified": "2024-01-24T12:15:58.093",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ip2location-country-blocker/wordpress-ip2location-country-blocker-plugin-2-33-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-223xx/CVE-2024-22301.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22301",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:58.290",
"lastModified": "2024-01-24T12:15:58.290",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ignazio Scimone Albo Pretorio On line.This issue affects Albo Pretorio On line: from n/a through 4.6.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/albo-pretorio-on-line/wordpress-albo-pretorio-on-line-plugin-4-6-6-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-223xx/CVE-2024-22308.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22308",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:58.483",
"lastModified": "2024-01-24T12:15:58.483",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.4.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-membership/wordpress-simple-membership-plugin-4-4-1-open-redirection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-223xx/CVE-2024-22309.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-22309",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-24T12:15:58.677",
"lastModified": "2024-01-24T12:15:58.677",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plugin-5-1-0-unauthenticated-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

32
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-24T11:00:24.811529+00:00
2024-01-24T13:00:24.229357+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-24T10:15:09.533000+00:00
2024-01-24T12:15:58.677000+00:00
```
### Last Data Feed Release
@ -29,28 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236719
236728
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `9`
* [CVE-2023-43988](CVE-2023/CVE-2023-439xx/CVE-2023-43988.json) (`2024-01-24T10:15:08.357`)
* [CVE-2023-43989](CVE-2023/CVE-2023-439xx/CVE-2023-43989.json) (`2024-01-24T10:15:08.410`)
* [CVE-2023-43990](CVE-2023/CVE-2023-439xx/CVE-2023-43990.json) (`2024-01-24T10:15:08.463`)
* [CVE-2023-43991](CVE-2023/CVE-2023-439xx/CVE-2023-43991.json) (`2024-01-24T10:15:08.510`)
* [CVE-2023-43992](CVE-2023/CVE-2023-439xx/CVE-2023-43992.json) (`2024-01-24T10:15:08.670`)
* [CVE-2023-43993](CVE-2023/CVE-2023-439xx/CVE-2023-43993.json) (`2024-01-24T10:15:08.843`)
* [CVE-2023-43994](CVE-2023/CVE-2023-439xx/CVE-2023-43994.json) (`2024-01-24T10:15:08.897`)
* [CVE-2023-43995](CVE-2023/CVE-2023-439xx/CVE-2023-43995.json) (`2024-01-24T10:15:08.950`)
* [CVE-2023-43996](CVE-2023/CVE-2023-439xx/CVE-2023-43996.json) (`2024-01-24T10:15:09.003`)
* [CVE-2023-43997](CVE-2023/CVE-2023-439xx/CVE-2023-43997.json) (`2024-01-24T10:15:09.140`)
* [CVE-2023-43998](CVE-2023/CVE-2023-439xx/CVE-2023-43998.json) (`2024-01-24T10:15:09.287`)
* [CVE-2023-43999](CVE-2023/CVE-2023-439xx/CVE-2023-43999.json) (`2024-01-24T10:15:09.343`)
* [CVE-2023-44000](CVE-2023/CVE-2023-440xx/CVE-2023-44000.json) (`2024-01-24T10:15:09.393`)
* [CVE-2023-44001](CVE-2023/CVE-2023-440xx/CVE-2023-44001.json) (`2024-01-24T10:15:09.440`)
* [CVE-2024-0854](CVE-2024/CVE-2024-08xx/CVE-2024-0854.json) (`2024-01-24T10:15:09.533`)
* [CVE-2023-52221](CVE-2023/CVE-2023-522xx/CVE-2023-52221.json) (`2024-01-24T12:15:56.907`)
* [CVE-2024-22134](CVE-2024/CVE-2024-221xx/CVE-2024-22134.json) (`2024-01-24T12:15:57.297`)
* [CVE-2024-22135](CVE-2024/CVE-2024-221xx/CVE-2024-22135.json) (`2024-01-24T12:15:57.500`)
* [CVE-2024-22152](CVE-2024/CVE-2024-221xx/CVE-2024-22152.json) (`2024-01-24T12:15:57.700`)
* [CVE-2024-22284](CVE-2024/CVE-2024-222xx/CVE-2024-22284.json) (`2024-01-24T12:15:57.893`)
* [CVE-2024-22294](CVE-2024/CVE-2024-222xx/CVE-2024-22294.json) (`2024-01-24T12:15:58.093`)
* [CVE-2024-22301](CVE-2024/CVE-2024-223xx/CVE-2024-22301.json) (`2024-01-24T12:15:58.290`)
* [CVE-2024-22308](CVE-2024/CVE-2024-223xx/CVE-2024-22308.json) (`2024-01-24T12:15:58.483`)
* [CVE-2024-22309](CVE-2024/CVE-2024-223xx/CVE-2024-22309.json) (`2024-01-24T12:15:58.677`)
### CVEs modified in the last Commit