admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-20T23:55:19.145140+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-20 23:58:53 +00:00
parent 43f0af513e
commit 95448a45b3
4 changed files with 135 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
CVE-2020/CVE-2020-368xx/CVE-2020-36844.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2020-36844",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-20T22:15:28.950",
"lastModified": "2025-04-20T22:15:28.950",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"exclusively-hosted-service"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.doyler.net/security-not-included/knowbe4-vulnerabilities",
"source": "cve@mitre.org"
}
]
}

63
CVE-2020/CVE-2020-368xx/CVE-2020-36845.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2020-36845",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-20T22:15:29.690",
"lastModified": "2025-04-20T22:15:29.690",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"exclusively-hosted-service"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://www.doyler.net/security-not-included/knowbe4-vulnerabilities",
"source": "cve@mitre.org"
}
]
}

11
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-20T22:00:19.513308+00:00
2025-04-20T23:55:19.145140+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-20T20:15:13.553000+00:00
2025-04-20T22:15:29.690000+00:00
```
### Last Data Feed Release
@ -33,14 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
290943
290945
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
- [CVE-2025-43955](CVE-2025/CVE-2025-439xx/CVE-2025-43955.json) (`2025-04-20T20:15:13.553`)
- [CVE-2020-36844](CVE-2020/CVE-2020-368xx/CVE-2020-36844.json) (`2025-04-20T22:15:28.950`)
- [CVE-2020-36845](CVE-2020/CVE-2020-368xx/CVE-2020-36845.json) (`2025-04-20T22:15:29.690`)
### CVEs modified in the last Commit

4
_state.csv
View File

@ -159611,6 +159611,8 @@ CVE-2020-36840,0,0,2926db043fdb0e8192aea6b1566e98cdedb30bd0d207e0c9b7fd57f0b2c70
CVE-2020-36841,0,0,435f561ac28bd6843959dd71ae0ae92aa0b6edf75e8094045c0b200540a2758d,2024-10-16T16:38:14.557000
CVE-2020-36842,0,0,aa409bdde21a1952d265f5aff9fddfa11fdb1da8db2d6b76fb10ddce24ac91d8,2024-10-30T21:03:53.807000
CVE-2020-36843,0,0,023fb2c50bcc67a3bb33f41e6bdffdf9e9ccdfb393ddc1b6592a73ee3ce02ee8,2025-03-13T06:15:34.043000
CVE-2020-36844,1,1,8552a356aa32cceb6b28779ed8d3382542c47f0deb4b43f8af0a1e81f0d7ad0d,2025-04-20T22:15:28.950000
CVE-2020-36845,1,1,33956f42cd1bfa85bb74727f73c5c8712159f623f58ef3489902083eb49b8b4c,2025-04-20T22:15:29.690000
CVE-2020-3685,0,0,ebc768dfe955ad0c52041c7e2608a91c2b5719c6059fc65a66fc055e90d4e6b0,2024-11-21T05:31:34.290000
CVE-2020-3686,0,0,fed42ed77b3514bcd56d213454eba10c6543e81893514c48ebacb4355f05304f,2024-11-21T05:31:34.463000
CVE-2020-3687,0,0,4f5fc687e6ec97625652ba8cc878e5dcedb758a9b86899e8a0bd5d38bccb2613,2024-11-21T05:31:34.637000
@ -290941,4 +290943,4 @@ CVE-2025-43921,0,0,b59dba0610887a199b0faf2f19a0e03e63d8e4472120cfd2c980e88dc9fae
CVE-2025-43928,0,0,7e137dc78a97082b3c993605d044d26a389eebe6d6590183c90296f75caf000e,2025-04-20T03:15:35.003000
CVE-2025-43929,0,0,b7b16912e19748274928ce4ed708cddadca19d9026021836109f3f82db667fc8,2025-04-20T14:15:13.230000
CVE-2025-43954,0,0,f2044552c25b024e3accb93e74b0e1e3ecf9ad47f8e8029720c29485b7686cc3,2025-04-20T19:15:43.137000
CVE-2025-43955,1,1,0a56ed412a1ea3144b576f60e4e3fb6913c480fcdf88a628feedd34ca43f5fa8,2025-04-20T20:15:13.553000
CVE-2025-43955,0,0,0a56ed412a1ea3144b576f60e4e3fb6913c480fcdf88a628feedd34ca43f5fa8,2025-04-20T20:15:13.553000

Can't render this file because it is too large.