admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-17T17:00:23.223353+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-17 17:03:48 +00:00
parent 5720aec97b
commit 8c3732c90a
4 changed files with 223 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2024/CVE-2024-138xx/CVE-2024-13879.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-13879",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-02-17T16:15:15.950",
"lastModified": "2025-02-17T16:15:15.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.2 due to insufficient validation on the webhook feature. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/xwp/stream/blob/develop/changelog.md#410---january-15-2025",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3226637%40stream&new=3226637%40stream&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8680ad0a-7513-408d-a62d-ffb0b0e7addb?source=cve",
"source": "security@wordfence.com"
}
]
}

148
CVE-2025/CVE-2025-13xx/CVE-2025-1392.json Normal file
View File

@ -0,0 +1,148 @@
{
"id": "CVE-2025-1392",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-17T16:15:16.120",
"lastModified": "2025-02-17T16:15:16.120",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in D-Link DIR-816 1.01TO and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.296023",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.296023",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.501351",
"source": "cna@vuldb.com"
},
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
}
]
}

13
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-17T15:01:14.704139+00:00
2025-02-17T17:00:23.223353+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-17T14:15:08.597000+00:00
2025-02-17T16:15:16.120000+00:00
```
### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
281554
281556
```
### CVEs added in the last Commit
Recently added CVEs: `2`
- [CVE-2025-1391](CVE-2025/CVE-2025-13xx/CVE-2025-1391.json) (`2025-02-17T14:15:08.413`)
- [CVE-2025-21103](CVE-2025/CVE-2025-211xx/CVE-2025-21103.json) (`2025-02-17T14:15:08.597`)
- [CVE-2024-13879](CVE-2024/CVE-2024-138xx/CVE-2024-13879.json) (`2025-02-17T16:15:15.950`)
- [CVE-2025-1392](CVE-2025/CVE-2025-13xx/CVE-2025-1392.json) (`2025-02-17T16:15:16.120`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2025-0648](CVE-2025/CVE-2025-06xx/CVE-2025-0648.json) (`2025-02-17T13:15:09.667`)
## Download and Usage

8
_state.csv
View File

@ -246730,6 +246730,7 @@ CVE-2024-13850,0,0,6b9449e6648abb1edf82833d79485652b7d8e214965b03129c424b1f771ff
CVE-2024-1386,0,0,0e88f4287d62ff6aff092302a9322ab713c8f07c6df5c6bed70e82252a8c824b,2024-11-21T08:50:28.063000
CVE-2024-13867,0,0,b22bb2f54b64760b76b696bbb0a0a23f6d99826e999c63e0854f07bc507510b1,2025-02-13T10:15:09.847000
CVE-2024-1387,0,0,8e6bcbdaec79085616e17d0cff8f7e9074033b4370339ebb2fb375231d6ccb3f,2025-01-07T18:19:26.400000
CVE-2024-13879,1,1,9feaa77a4a107496b778129b23b28c9a020cd8ce5e3b7bb155fa8c6898d38c2d,2025-02-17T16:15:15.950000
CVE-2024-1388,0,0,4055ac29f5fc98e5c697dde8e9fd854a4a3e80aad935e1d1af922e2721330e53,2025-01-16T15:18:18.140000
CVE-2024-1389,0,0,44c915b89d8f24815db27dcf9521c10fcca5d968291afb2cbd201094aadb9d12,2025-01-27T17:15:51.567000
CVE-2024-1390,0,0,ffdeb8cc4a3b1077717739c1e237f842eedff68b0ec02858887f3acd549f9f88,2025-01-22T16:49:11.553000
@ -278976,7 +278977,7 @@ CVE-2025-0631,0,0,a91b2711b77974f80919f9c5b372be80fd124e74c35c8b96965898a857e3e9
CVE-2025-0635,0,0,70c8222d27016e17aff5c1d526075d61ce18278ab51b947a8b84bf01759f271d,2025-01-23T11:15:10.890000
CVE-2025-0637,0,0,527088f0979b18ce444b6ef69464399256b011e8d9eae0913ca1205a9c4503aa,2025-01-23T16:15:36.617000
CVE-2025-0638,0,0,d2f28f2eed7bea7b9f8ec19bd8fd1769a6b74ef8696049ed8fd676bfab511c4b,2025-01-22T16:15:29.977000
CVE-2025-0648,0,1,ec79ce6f39b47487aa16e0340c9bff69ff776daf1028d3a38c4c3ba8e39e1fa4,2025-02-17T13:15:09.667000
CVE-2025-0648,0,0,ec79ce6f39b47487aa16e0340c9bff69ff776daf1028d3a38c4c3ba8e39e1fa4,2025-02-17T13:15:09.667000
CVE-2025-0650,0,0,a9fc324c64dd82aee521d1bffa9b7782cf03bd2f6e410628d7018de6f1170f96,2025-02-06T09:15:11.697000
CVE-2025-0651,0,0,e2215d27193b6db6cba4dbdda5349954e60373a439e45e60be4d39bd216d0a6b,2025-01-22T18:15:20.363000
CVE-2025-0659,0,0,a231e421d524771ecef4ddd421dffcbb4d37f1c0838cd9830fba22194e88f80c,2025-01-28T16:15:40.360000
@ -279322,7 +279323,8 @@ CVE-2025-1381,0,0,8a9685f5e5b8ebad8a0ac5f23a89b6b3ba45fc062151114d3deac1372ed1f0
CVE-2025-1387,0,0,3471c5e221fd26cc82d790d0348e17ce666394a812c51ab6ee55856ad41c6d05,2025-02-17T04:15:08.807000
CVE-2025-1388,0,0,6166d0831a99cbb271e76281dd624232fbaf9903152209f7151545224b25416d,2025-02-17T04:15:08.960000
CVE-2025-1389,0,0,b6f1b0c672dbbad3874206b7be5adc417f88010255a18af2ae0024e0bb3a7bd5,2025-02-17T05:15:10.317000
CVE-2025-1391,1,1,a1f2e3a8ca093b8de620c0e72b50119acca7a6fd87679168958e3acea938ff79,2025-02-17T14:15:08.413000
CVE-2025-1391,0,0,a1f2e3a8ca093b8de620c0e72b50119acca7a6fd87679168958e3acea938ff79,2025-02-17T14:15:08.413000
CVE-2025-1392,1,1,381fc64763a47738c9a933c7e4bcfcc84ef66c73e4a81eacddf01751da768947,2025-02-17T16:15:16.120000
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000
@ -279413,7 +279415,7 @@ CVE-2025-21088,0,0,2fc6ecd1dae8270574ff01139ed8a42b63c05aa457c258a8d76906ce3a93c
CVE-2025-21091,0,0,14a5f94bd4155cb401565e2a5aae76cc90c7a8d9e7b6e7f408f118d52738b6aa,2025-02-05T18:15:30.613000
CVE-2025-21101,0,0,0410baf8ce887e4bee4e642f5416b4c957a9c2a93d873e61b46c5aa6fe5ccada,2025-02-04T15:50:56.233000
CVE-2025-21102,0,0,933ca72a52260837d55d5545fa75f1f12ce9dc7f55e3f7d4f145fee0707ab4ba,2025-01-24T19:10:11.977000
CVE-2025-21103,1,1,b6d1fa36e078291047471a4019ca1c4957d97737dc18368f9adb3746c2dfa968,2025-02-17T14:15:08.597000
CVE-2025-21103,0,0,b6d1fa36e078291047471a4019ca1c4957d97737dc18368f9adb3746c2dfa968,2025-02-17T14:15:08.597000
CVE-2025-21107,0,0,0827735892f4001f988a0739aad719c8ee1fb9144fe1da312da1da34f24b5ce6,2025-02-07T20:01:14.760000
CVE-2025-21111,0,0,36449c466fabe660f3fc2f10d8992e6a7d9c5e3d2cf72d3dce2cc840c6da552b,2025-01-24T19:11:42.417000
CVE-2025-21117,0,0,3c59ddab13aed7617d82cbb9fbab3c190cbfe8b424cc570d2e879fe06ca6cee2,2025-02-05T14:15:27.417000

Can't render this file because it is too large.