diff --git a/CVE-2022/CVE-2022-45xx/CVE-2022-4539.json b/CVE-2022/CVE-2022-45xx/CVE-2022-4539.json new file mode 100644 index 00000000000..0cff7b2f543 --- /dev/null +++ b/CVE-2022/CVE-2022-45xx/CVE-2022-4539.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2022-4539", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-08-31T10:15:04.257", + "lastModified": "2024-08-31T10:15:04.257", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-348" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3055548/web-application-firewall/trunk/helper/utility.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e99531c-8742-4f91-8525-65bb3cb06644?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f50ed3db237..7842a02c044 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-31T10:00:16.619257+00:00 +2024-08-31T12:00:17.426792+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-31T09:15:07.937000+00:00 +2024-08-31T10:15:04.257000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -261633 +261634 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `1` -- [CVE-2022-4100](CVE-2022/CVE-2022-41xx/CVE-2022-4100.json) (`2024-08-31T09:15:03.720`) -- [CVE-2022-4536](CVE-2022/CVE-2022-45xx/CVE-2022-4536.json) (`2024-08-31T09:15:04.707`) -- [CVE-2024-0109](CVE-2024/CVE-2024-01xx/CVE-2024-0109.json) (`2024-08-31T09:15:05.140`) -- [CVE-2024-0110](CVE-2024/CVE-2024-01xx/CVE-2024-0110.json) (`2024-08-31T09:15:05.990`) -- [CVE-2024-0111](CVE-2024/CVE-2024-01xx/CVE-2024-0111.json) (`2024-08-31T09:15:06.593`) -- [CVE-2024-39578](CVE-2024/CVE-2024-395xx/CVE-2024-39578.json) (`2024-08-31T08:15:04.437`) -- [CVE-2024-39579](CVE-2024/CVE-2024-395xx/CVE-2024-39579.json) (`2024-08-31T08:15:05.210`) -- [CVE-2024-7717](CVE-2024/CVE-2024-77xx/CVE-2024-7717.json) (`2024-08-31T09:15:07.297`) -- [CVE-2024-8108](CVE-2024/CVE-2024-81xx/CVE-2024-8108.json) (`2024-08-31T09:15:07.937`) -- [CVE-2024-8276](CVE-2024/CVE-2024-82xx/CVE-2024-8276.json) (`2024-08-31T08:15:05.507`) +- [CVE-2022-4539](CVE-2022/CVE-2022-45xx/CVE-2022-4539.json) (`2024-08-31T10:15:04.257`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index cf8bb23aac9..5bd6ca6d049 100644 --- a/_state.csv +++ b/_state.csv @@ -206653,7 +206653,7 @@ CVE-2022-40996,0,0,c839f23ac68332848d0cc5207e2c5cc5f74df7b42759b0a7288ba1ea53591 CVE-2022-40997,0,0,78d3d4eb6f7eb4f008c398efebd8066a4e5777a21d45024fab37c65b17ea25d2,2023-02-03T16:28:40.330000 CVE-2022-40998,0,0,04a3c290c6fbb7117845b5eecdfb0bd5e2ac35f76e1a30df684928d04c47fce3,2023-02-03T16:28:45.953000 CVE-2022-40999,0,0,cc2db060fc5f4ce511d82740386254eeb3e8eb30dd4c3f2bdb5f77b1cb8a71bb,2023-02-03T17:16:49.763000 -CVE-2022-4100,1,1,a83c2f116bf54b4c30158091caa9250a691c2cbd72d76406c55de69d084510fa,2024-08-31T09:15:03.720000 +CVE-2022-4100,0,0,a83c2f116bf54b4c30158091caa9250a691c2cbd72d76406c55de69d084510fa,2024-08-31T09:15:03.720000 CVE-2022-41000,0,0,00bceac884434453ab99be669a832fea5448dc0b8a6aa62054a4754e75557c5a,2023-02-03T17:10:08.853000 CVE-2022-41001,0,0,3014faf6412dd2edacd9077095e86b893695856dd523a847cb727b546b224451,2023-02-03T17:10:27.997000 CVE-2022-41002,0,0,b4ce4f72266d12627fc4afb242ec298f017e8155eda440666825f788d1265c4d,2023-02-03T17:10:38.833000 @@ -209906,7 +209906,7 @@ CVE-2022-45356,0,0,83d350876a752cf437706a31e7b556fbd4ba9f694279a4ae3a851d5f8ede0 CVE-2022-45357,0,0,ba579ac1e526f1bf7af97732df82687a900411811c236d9041ec7a6dd62fcc46,2023-11-13T19:32:50.123000 CVE-2022-45358,0,0,3911a0bf538e0bb63700317c3e40c1399df5a5b8310bd2286fe64f1f8d3d9368,2023-04-21T17:32:07.110000 CVE-2022-45359,0,0,3760be0513103df2975a6720e1826f81f6477a84252afc56ef231a1f72dc9801,2023-11-07T03:54:41.697000 -CVE-2022-4536,1,1,ffd1368196465fef645e1867e0f4a8dc355d43a5950f1804dfe4e0dc09d87dbc,2024-08-31T09:15:04.707000 +CVE-2022-4536,0,0,ffd1368196465fef645e1867e0f4a8dc355d43a5950f1804dfe4e0dc09d87dbc,2024-08-31T09:15:04.707000 CVE-2022-45360,0,0,aa935f5e5cbfaab11464c3e6d53debf99aae5778b52f68b152c9f37afe40dbcd,2023-11-15T02:21:44.850000 CVE-2022-45361,0,0,27b3dd8401519ba05019e01ade076a8790e2476577e35c31204dd4f18d9c11c8,2023-04-28T03:44:44.493000 CVE-2022-45362,0,0,bf4c1ef665370c2e380ec4e03167ebf8216f01384c09a48754108c6421170e3c,2023-12-12T17:01:04.050000 @@ -209939,6 +209939,7 @@ CVE-2022-45386,0,0,7b3446e3b3989f7e5ccd2e451b22b6d2cbea799c20d222a0225af4be098a7 CVE-2022-45387,0,0,1b6789e5a2bdef3b9a51ef70a4247436faaf5b439c0647997f6a1acce747bded,2023-11-01T20:06:58.680000 CVE-2022-45388,0,0,025e99a3e388d7350ff8d89fe0963e64ee80d9df4946f011c4812b3960606341,2023-11-01T20:07:03.127000 CVE-2022-45389,0,0,28ab606bd595233a443b8b6100eb887bd3c045c4ef3770031f8142323e988fb1,2023-11-01T20:07:06.920000 +CVE-2022-4539,1,1,7968c7fa081a830a04810044da049d005e234522a9c2d13c8fd01e0a2d7ea2da,2024-08-31T10:15:04.257000 CVE-2022-45390,0,0,522be8e59ecc6fb313b565933e898b531a2e8fd9d26765f1376bd7635ec4e38e,2023-11-01T20:00:12.127000 CVE-2022-45391,0,0,dea9bedae939a1e5769a4fb06db662149e235d6b98bf5a315d9d10ecfa6eeacb,2023-11-01T20:00:33.640000 CVE-2022-45392,0,0,7f7d171479370c686e9f40b4723d02c41bf5fe9746488e84f4e2ffc4060515ef,2023-11-01T20:00:38.270000 @@ -241201,9 +241202,9 @@ CVE-2024-0103,0,0,eebac6a0b28b06a0ab4b619fce7f6cf8faf596bcdcd276c9218b76333b76bf CVE-2024-0104,0,0,6595bfebe996acef1097f81c3222472df485634a19ada40e2df8b906b135763a,2024-08-08T18:55:19.180000 CVE-2024-0107,0,0,2670b459a089ae5f3cd0aa7028750cb59c956e51bd2d2b4d1317045f653eac3f,2024-08-08T18:55:19.180000 CVE-2024-0108,0,0,5d44d156a42931d34be8718fccfbc54a1ca3396e038fd79a34eb85bdcafe7c82,2024-08-08T18:55:19.180000 -CVE-2024-0109,1,1,cf394968cae272d11b9b137051fc00f01cd4332d30b5168ec501c7d83a891201,2024-08-31T09:15:05.140000 -CVE-2024-0110,1,1,eb34c5a209aed42997fda6539791c1595362c7d96bd3869aea18845d551c38c1,2024-08-31T09:15:05.990000 -CVE-2024-0111,1,1,d18905ba745496c18d5822b5e47a6aacf5c945ac2ef683248851c9139ea4ae0e,2024-08-31T09:15:06.593000 +CVE-2024-0109,0,0,cf394968cae272d11b9b137051fc00f01cd4332d30b5168ec501c7d83a891201,2024-08-31T09:15:05.140000 +CVE-2024-0110,0,0,eb34c5a209aed42997fda6539791c1595362c7d96bd3869aea18845d551c38c1,2024-08-31T09:15:05.990000 +CVE-2024-0111,0,0,d18905ba745496c18d5822b5e47a6aacf5c945ac2ef683248851c9139ea4ae0e,2024-08-31T09:15:06.593000 CVE-2024-0113,0,0,82aa6c2d6a1230a654d03d8945e8c90c2026652fe480e569afba608925097413,2024-08-12T13:41:36.517000 CVE-2024-0115,0,0,4fb44679050e322769dc378d58be0c8b9b5f064409d3cd72438a6c6f1e1c078d,2024-08-12T13:41:36.517000 CVE-2024-0151,0,0,e688008e47f7f2b2995cf15f9fce74bb525b3898f5e47db0ad5b6ce2aa86a255,2024-08-09T19:35:02.910000 @@ -256347,8 +256348,8 @@ CVE-2024-39570,0,0,477f2cc2b899254fd1996622a7d04056a7ae423def8bf935cbc64caf51d26 CVE-2024-39571,0,0,5f5a00a374a36754f81b606fe5b7617af673280667e3ded939b747c7e23ff34f,2024-07-09T18:19:14.047000 CVE-2024-39573,0,0,66fc7feceb0e35a8b2e536fb0fe145ff47c70fa679791c05a2dafe67c9ad9e6e,2024-07-12T14:15:16.400000 CVE-2024-39576,0,0,b954c37b27403600557da0d261dd953de929a61b04f025c8697cd0d77090d715,2024-08-22T12:48:02.790000 -CVE-2024-39578,1,1,4aff28ec8bea068d5bdca3095928d140e891472c5ade585c9afbe602e2eed640,2024-08-31T08:15:04.437000 -CVE-2024-39579,1,1,6a677b9df793cc22585afbeb18a5748edb6bc7aa133d8e6af13eeab3984d4476,2024-08-31T08:15:05.210000 +CVE-2024-39578,0,0,4aff28ec8bea068d5bdca3095928d140e891472c5ade585c9afbe602e2eed640,2024-08-31T08:15:04.437000 +CVE-2024-39579,0,0,6a677b9df793cc22585afbeb18a5748edb6bc7aa133d8e6af13eeab3984d4476,2024-08-31T08:15:05.210000 CVE-2024-3958,0,0,d5a5e3b155f3063c251dfec6027d4759e62e1ec9e2382396e782467b23eef014,2024-08-29T15:50:33.257000 CVE-2024-39584,0,0,1d0a6aff0073f4836d9654764326ceeb368acd09f92344e463ab3214871c70e5,2024-08-28T12:57:27.610000 CVE-2024-3959,0,0,1ce1302f5c536ae0ba1596a30e53c3274b88d91eb780326b1103788329e8cf86,2024-06-28T13:21:52.223000 @@ -261326,7 +261327,7 @@ CVE-2024-7709,0,0,885c8ab670bc9137207c7147a93dbb83f228a878ced7f9e3351a8e82272eda CVE-2024-7711,0,0,d162b2aa52f460525a4de3c665dffbe11ff5ad157026981df71b9201129fde70,2024-08-21T12:30:33.697000 CVE-2024-7712,0,0,0b5a8e9c5ba36af8bef340cc5ae017c9fa1ba3b9186fddf3fda3dcc554ec2462,2024-08-30T16:15:11.050000 CVE-2024-7715,0,0,cce2a99e52ea07f4f42d2501434c3e0483cd57d931341a557261d628f3236d39,2024-08-15T15:15:22.690000 -CVE-2024-7717,1,1,f00706ee1baf5a394923a0a0dad2d09d12bb781145461f609ad88387b2483023,2024-08-31T09:15:07.297000 +CVE-2024-7717,0,0,f00706ee1baf5a394923a0a0dad2d09d12bb781145461f609ad88387b2483023,2024-08-31T09:15:07.297000 CVE-2024-7720,0,0,ddf81bc4df03ac1e2d7b5b61581e0a5dc6cc3f46e57542a631155ffde48ea5ad,2024-08-28T14:35:14.160000 CVE-2024-7722,0,0,dd34a6c6fa187cfdff62390c6b38a3b9bbf49b761e6117c420a823ed09401edf,2024-08-21T17:24:59.627000 CVE-2024-7723,0,0,0bdf76bf964a28a97b4d4d8ab086a048836c54fd8be0e41d26426907a661be8a,2024-08-21T17:24:59.627000 @@ -261513,7 +261514,7 @@ CVE-2024-8087,0,0,9e47ad2dfed1c8a4045274b6d757cb5a75d1e05917b45ee6f1489b72f67b87 CVE-2024-8088,0,0,eefe1a1372d9b46aa5e566c2ef27254fde97726a0efc2a70dcee8d1d993663e7,2024-08-28T14:15:08.813000 CVE-2024-8089,0,0,e6e12db9d845890df3284b8f9ed104fa7a1183d91532c3c72d090f8235aedb4e,2024-08-27T13:21:22.927000 CVE-2024-8105,0,0,6cd123057443a6d5affcf89562c6f3c6a2170e0a192f0587b00965446f3cfd3c,2024-08-30T21:15:14.577000 -CVE-2024-8108,1,1,d62eddeaea383802c2c9bdd94723ce665d25e031b2aceafa799a47db7d82ff95,2024-08-31T09:15:07.937000 +CVE-2024-8108,0,0,d62eddeaea383802c2c9bdd94723ce665d25e031b2aceafa799a47db7d82ff95,2024-08-31T09:15:07.937000 CVE-2024-8112,0,0,53bc9e4fb84bb028363b46c3cb18428063770b5e5c085f93ec85e24d18222c0b,2024-08-23T16:18:28.547000 CVE-2024-8113,0,0,663828d204cb9ecb17f530ae295b4541dee23e7a4b7b9d658530d5cb44ff87e3,2024-08-23T16:18:28.547000 CVE-2024-8120,0,0,01c88c2799a0f705aef2a62e6160ed1b8715b8884806e83ea99e7deea744cebf,2024-08-26T12:47:20.187000 @@ -261599,7 +261600,7 @@ CVE-2024-8252,0,0,f4e1dbfa0b6d48720eeed9955e08877eeab027a9e95da449606e54f658411a CVE-2024-8255,0,0,6c498c108684434305256b803e17a8c75dfbb80191f87c9993edaaba373ae570,2024-08-30T13:00:05.390000 CVE-2024-8260,0,0,f101d670db69158c5137b9cf48a8e7cb0ec0fce3493e5bb1cee914b2ce3bf746,2024-08-30T13:15:12.347000 CVE-2024-8274,0,0,2e72bc43a203eeb2ca1fcfae541f54785b8e5b3521a9432105d2a793d09a50c0,2024-08-30T13:00:05.390000 -CVE-2024-8276,1,1,6cb857fab1da8b8f1f8884c221a1fd6af354eec011ce400123b2effe69da1e99,2024-08-31T08:15:05.507000 +CVE-2024-8276,0,0,6cb857fab1da8b8f1f8884c221a1fd6af354eec011ce400123b2effe69da1e99,2024-08-31T08:15:05.507000 CVE-2024-8285,0,0,ba7b4052e2f074472c350ff5d1b947afb131dfa211ec7918822ad719f76b947b,2024-08-30T22:15:06.963000 CVE-2024-8294,0,0,76cafe7a1838d9cd0244706a299f12cd4ba69ef653952654db2fa070ca07bd0d,2024-08-30T15:38:13.437000 CVE-2024-8295,0,0,907331a3a97a6618443e3aff92f4e758c3135b25ca0d9fb01d74d067e9cd6716,2024-08-30T15:37:41.510000