diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3236.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3236.json new file mode 100644 index 00000000000..8c6bfa0399e --- /dev/null +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3236.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-3236", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-06-17T06:15:08.923", + "lastModified": "2024-06-17T06:15:08.923", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Popup Builder WordPress plugin before 1.1.33 does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting attacks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/a6c2da28-dc03-4bcc-a6c3-ee55a73861db/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-43xx/CVE-2024-4305.json b/CVE-2024/CVE-2024-43xx/CVE-2024-4305.json new file mode 100644 index 00000000000..ef5a6c55c82 --- /dev/null +++ b/CVE-2024/CVE-2024-43xx/CVE-2024-4305.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-4305", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-06-17T06:15:09.140", + "lastModified": "2024-06-17T06:15:09.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.1.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/635be98d-4c17-4e75-871f-9794d85a2eb1/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5650.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5650.json new file mode 100644 index 00000000000..0ab3b9d9bea --- /dev/null +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5650.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-5650", + "sourceIdentifier": "7168b535-132a-4efe-a076-338f829b2eb9", + "published": "2024-06-17T07:15:41.647", + "lastModified": "2024-06-17T07:15:41.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute arbitrary programs with the authority of the SYSTEM account.\n\nThe affected products and versions are as follows:\nCENTUM CS 3000 R3.08.10 to R3.09.50\nCENTUM VP R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, R6.01.00 to R6.11.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "7168b535-132a-4efe-a076-338f829b2eb9", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "7168b535-132a-4efe-a076-338f829b2eb9", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://web-material3.yokogawa.com/1/36044/files/YSAR-24-0002-E.pdf", + "source": "7168b535-132a-4efe-a076-338f829b2eb9" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-60xx/CVE-2024-6047.json b/CVE-2024/CVE-2024-60xx/CVE-2024-6047.json new file mode 100644 index 00000000000..1a048bd9db8 --- /dev/null +++ b/CVE-2024/CVE-2024-60xx/CVE-2024-6047.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-6047", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-06-17T06:15:09.237", + "lastModified": "2024-06-17T06:15:09.237", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 3705bb12a78..7ad1af43412 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-06-17T06:00:18.270609+00:00 +2024-06-17T08:00:19.404156+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-06-17T04:15:09.867000+00:00 +2024-06-17T07:15:41.647000+00:00 ``` ### Last Data Feed Release @@ -33,15 +33,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -254251 +254255 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `4` -- [CVE-2024-6045](CVE-2024/CVE-2024-60xx/CVE-2024-6045.json) (`2024-06-17T04:15:09.287`) -- [CVE-2024-6046](CVE-2024/CVE-2024-60xx/CVE-2024-6046.json) (`2024-06-17T04:15:09.867`) +- [CVE-2024-3236](CVE-2024/CVE-2024-32xx/CVE-2024-3236.json) (`2024-06-17T06:15:08.923`) +- [CVE-2024-4305](CVE-2024/CVE-2024-43xx/CVE-2024-4305.json) (`2024-06-17T06:15:09.140`) +- [CVE-2024-5650](CVE-2024/CVE-2024-56xx/CVE-2024-5650.json) (`2024-06-17T07:15:41.647`) +- [CVE-2024-6047](CVE-2024/CVE-2024-60xx/CVE-2024-6047.json) (`2024-06-17T06:15:09.237`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index baba3e07f2f..aac507f33db 100644 --- a/_state.csv +++ b/_state.csv @@ -249934,6 +249934,7 @@ CVE-2024-32354,0,0,2cb98cf03f55f0d3f314d8f78a7b2ae13f23e6c4927c02df2076089e9fc3c CVE-2024-32355,0,0,2701a15118616315b80ef66d15278af6b7051848ac735d5427c3a4cdd16dfa55,2024-05-14T19:17:55.627000 CVE-2024-32358,0,0,4361acd373c6387e4e9f8c587956d55ed79588179fa5465dd154715a342d96e5,2024-04-25T17:24:59.967000 CVE-2024-32359,0,0,b4d29b953e327824af6c91976648aff102dd83fb9c76233181d51fd1f9cb1231,2024-05-02T18:00:37.360000 +CVE-2024-3236,1,1,75bea4137d8edbae355f7a6346bcdbeee4a422fdd030e3b76c726676436069d0,2024-06-17T06:15:08.923000 CVE-2024-32368,0,0,e5f9ac1f5e4b7deacae1b8adfb72b39f31c0e06e3a2c110e19b743f4b05d773c,2024-04-22T19:24:12.920000 CVE-2024-32369,0,0,9089831a6180c7b5be681767b4ccc10fae87b49242f26b69d51f8d148f2c2512,2024-05-07T20:07:58.737000 CVE-2024-3237,0,0,98b407c7ff694e30bff011becf60591f80a0369e19a531a10c3c30601e8332ec,2024-05-06T12:44:56.377000 @@ -253217,6 +253218,7 @@ CVE-2024-4301,0,0,7d8f056252c47ce14526f7e57454b7b6b871eb1459dd2b3842b28d98543d66 CVE-2024-4302,0,0,39865ef94639e31233f81e22f823186b850ad673927660a59987e37ec9048236,2024-04-29T12:42:03.667000 CVE-2024-4303,0,0,dc23292aa9a60d1b5e39a68c94abae91eeace7edd419d8c3c5c76a7757513679,2024-04-29T12:42:03.667000 CVE-2024-4304,0,0,26620f2e8ced99fdd3bda531b587b99eceacc7574327e1e3504df0a80354f331,2024-04-29T12:42:03.667000 +CVE-2024-4305,1,1,d35774118ecf764d0a942956bd90ab19ea9ec26ac335556caa76076ef2607ae0,2024-06-17T06:15:09.140000 CVE-2024-4306,0,0,e9aaa66e23013eeddb017fc28910aff24c8ac74d8e5a2f36c0285b37028fcebf,2024-04-29T12:42:03.667000 CVE-2024-4307,0,0,8632ca6475393105acd262617756d75d5dfc473b5ad0365976bdee020429b7af,2024-04-30T13:11:16.690000 CVE-2024-4308,0,0,c30b8d7bce14d8d06db9bf545139ec925cbf528f27e8b442e0e9c6b9a7a51847,2024-04-30T13:11:16.690000 @@ -254113,6 +254115,7 @@ CVE-2024-5638,0,0,ecd29107ace2c39372f8ad7d26b6d92a031cf986dc4e07d96162e8140ebd09 CVE-2024-5640,0,0,86163b3d741cee0a4e50ef8553f0c82f1f0c15bd48d022d2d250ef0f55c23f10,2024-06-07T14:56:05.647000 CVE-2024-5645,0,0,1faba0fd6e05694e3fff7011c206b3ecee3c45fddb7e6c575993af231224a181,2024-06-11T17:57:47.197000 CVE-2024-5646,0,0,23240aeec5f40e46e6951e19eff4b72273567c29932f06ca0851d3144bb5ebaa,2024-06-13T18:36:09.013000 +CVE-2024-5650,1,1,d150ba9135c0cbc011e01b5df5c37d308515ee8c2debc8941020c718f492c7ea,2024-06-17T07:15:41.647000 CVE-2024-5653,0,0,283076b6ccce08ae3d1ddf9d7f5983a839d66c80929543a8a527d0bfdf86a2f9,2024-06-06T14:17:35.017000 CVE-2024-5654,0,0,e22a0b433d38e113ff7c2fe935a2ac4a2eac96ee27b605312aa4a4c8d50d69a0,2024-06-10T02:52:08.267000 CVE-2024-5656,0,0,40c34e526e2032c59043b8834b1648291001d5e69a19326cbf74d918e6c8fbc1,2024-06-13T14:15:13.397000 @@ -254248,5 +254251,6 @@ CVE-2024-6041,0,0,e6d63ca11ea2ff9ed09ea53c6094128fe340ff7325fdab7606f076aa9a2a19 CVE-2024-6042,0,0,ed54c5636265103325c04d8d2622ce50f3889c9971c74cd395d52c55b95a2414,2024-06-17T00:15:09.323000 CVE-2024-6043,0,0,ed62535c42832e37b4fd65db6511e39d988a0b0325ab18bd1d36764965ef2443,2024-06-17T01:15:49.627000 CVE-2024-6044,0,0,e7b2e64c18c97b6be6b2136ab4aca56f14648e5731c5f26d1f52a5c372063f27,2024-06-17T03:15:09.163000 -CVE-2024-6045,1,1,5e79506df39ea8f7267328abe49cc0d381005956c29a9bbdf201937bde58f730,2024-06-17T04:15:09.287000 -CVE-2024-6046,1,1,cf19d451114556c426f3983a5e1a8618f01d19ba531031d5d307bd6aadf6f22a,2024-06-17T04:15:09.867000 +CVE-2024-6045,0,0,5e79506df39ea8f7267328abe49cc0d381005956c29a9bbdf201937bde58f730,2024-06-17T04:15:09.287000 +CVE-2024-6046,0,0,cf19d451114556c426f3983a5e1a8618f01d19ba531031d5d307bd6aadf6f22a,2024-06-17T04:15:09.867000 +CVE-2024-6047,1,1,33851d2173ef78ee0807d12113329874f85615006162a09982f22e0159875ef2,2024-06-17T06:15:09.237000