mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-08 11:37:26 +00:00
Auto-Update: 2024-07-18T12:00:17.745623+00:00
This commit is contained in:
cad-safe-bot
parent
29cd33cfa3
commit
9f956b8184
33
CVE-2024/CVE-2024-407xx/CVE-2024-40725.json
Normal file
33
CVE-2024/CVE-2024-407xx/CVE-2024-40725.json
Normal file
@ -0,0 +1,33 @@
|
||||
{
|
||||
"id": "CVE-2024-40725",
|
||||
"sourceIdentifier": "security@apache.org",
|
||||
"published": "2024-07-18T10:15:02.357",
|
||||
"lastModified": "2024-07-18T10:15:02.357",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A partial fix for\u00a0 CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.62, which fixes this issue.\n\n"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@apache.org",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-668"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://httpd.apache.org/security/vulnerabilities_24.html",
|
||||
"source": "security@apache.org"
|
||||
}
|
||||
]
|
||||
}
|
||||
33
CVE-2024/CVE-2024-408xx/CVE-2024-40898.json
Normal file
33
CVE-2024/CVE-2024-408xx/CVE-2024-40898.json
Normal file
@ -0,0 +1,33 @@
|
||||
{
|
||||
"id": "CVE-2024-40898",
|
||||
"sourceIdentifier": "security@apache.org",
|
||||
"published": "2024-07-18T10:15:03.217",
|
||||
"lastModified": "2024-07-18T10:15:03.217",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue.\u00a0"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@apache.org",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-918"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://httpd.apache.org/security/vulnerabilities_24.html",
|
||||
"source": "security@apache.org"
|
||||
}
|
||||
]
|
||||
}
|
||||
56
CVE-2024/CVE-2024-65xx/CVE-2024-6504.json
Normal file
56
CVE-2024/CVE-2024-65xx/CVE-2024-6504.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-6504",
|
||||
"sourceIdentifier": "cve@rapid7.com",
|
||||
"published": "2024-07-18T10:15:03.373",
|
||||
"lastModified": "2024-07-18T10:15:03.373",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Rapid7 InsightVM Console versions below 6.6.260 suffer from a protection mechanism failure whereby an attacker with network access to the InsightVM Console can cause it to overload or crash by sending repeated invalid REST requests in a short timeframe, to the Console's port 443 causing the console to enter an exception handling logging loop, exhausting the CPU. There is no indication that an attacker can use this method to escalate privilege, acquire unauthorized access to data, or gain control of protected resources. This issue is fixed in version 6.6.261."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "cve@rapid7.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cve@rapid7.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-693"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://docs.rapid7.com/release-notes/insightvm/20240717/",
|
||||
"source": "cve@rapid7.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
16
README.md
16
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-07-18T10:00:18.038246+00:00
|
||||
2024-07-18T12:00:17.745623+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-07-18T09:15:02.980000+00:00
|
||||
2024-07-18T10:15:03.373000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,18 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
257432
|
||||
257435
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `5`
|
||||
Recently added CVEs: `3`
|
||||
|
||||
- [CVE-2024-29014](CVE-2024/CVE-2024-290xx/CVE-2024-29014.json) (`2024-07-18T08:15:02.173`)
|
||||
- [CVE-2024-3242](CVE-2024/CVE-2024-32xx/CVE-2024-3242.json) (`2024-07-18T09:15:02.337`)
|
||||
- [CVE-2024-40764](CVE-2024/CVE-2024-407xx/CVE-2024-40764.json) (`2024-07-18T08:15:02.340`)
|
||||
- [CVE-2024-5554](CVE-2024/CVE-2024-55xx/CVE-2024-5554.json) (`2024-07-18T09:15:02.740`)
|
||||
- [CVE-2024-5555](CVE-2024/CVE-2024-55xx/CVE-2024-5555.json) (`2024-07-18T09:15:02.980`)
|
||||
- [CVE-2024-40725](CVE-2024/CVE-2024-407xx/CVE-2024-40725.json) (`2024-07-18T10:15:02.357`)
|
||||
- [CVE-2024-40898](CVE-2024/CVE-2024-408xx/CVE-2024-40898.json) (`2024-07-18T10:15:03.217`)
|
||||
- [CVE-2024-6504](CVE-2024/CVE-2024-65xx/CVE-2024-6504.json) (`2024-07-18T10:15:03.373`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
13
_state.csv
13
_state.csv
@ -248638,7 +248638,7 @@ CVE-2024-29010,0,0,a9ff9c65174c33f2e792fcb56ee4004994b28661d6208ebb1e88e717582f6
|
||||
CVE-2024-29011,0,0,eb92887d9a2ecd248daea80b2641ebf2c57344e5f41ce9050910fcddaf740a0c,2024-05-01T19:50:25.633000
|
||||
CVE-2024-29012,0,0,9854a7c749ef4b580fb184d07bfa61dd0b58798d25f74e88968772bdc7b97a82,2024-06-20T12:43:25.663000
|
||||
CVE-2024-29013,0,0,484672126a29689243d7bf576a9922dde1cc94a163178a0a8a32a5a36268d182,2024-06-20T12:43:25.663000
|
||||
CVE-2024-29014,1,1,405709e3a0547e21309cb04b7f669af7fe1634fc9caff83aa631d67879b4134a,2024-07-18T08:15:02.173000
|
||||
CVE-2024-29014,0,0,405709e3a0547e21309cb04b7f669af7fe1634fc9caff83aa631d67879b4134a,2024-07-18T08:15:02.173000
|
||||
CVE-2024-29018,0,0,0688752b1434844c55e6cd721e2221622ec0094595898dc16074b9d8a9b658da,2024-03-21T12:58:51.093000
|
||||
CVE-2024-29019,0,0,ad22499f8dda93d004eb62f1b9a36df352f03e492a86d6142b84d27273c03d4d,2024-04-11T12:47:44.137000
|
||||
CVE-2024-2902,0,0,8f66133d16da6ff672ed0ae058cb886f79d625c60e88da002b56c847ce98f5ef,2024-05-17T02:38:36.520000
|
||||
@ -250900,7 +250900,7 @@ CVE-2024-32407,0,0,fbfaf7068ca597095592e38589ff8309655659ac5408bc5050ead219b55bb
|
||||
CVE-2024-32409,0,0,cdbdcb7de47ba32c82cee0bb38b83e5519f96f658f96608562f1e326a9e11332,2024-07-03T01:56:34.063000
|
||||
CVE-2024-3241,0,0,30b752b6ef5f38382b5d572e3de76b73f3f6fe3c9ee69699b564850e70a0c6b3,2024-05-14T19:17:55.627000
|
||||
CVE-2024-32418,0,0,8172cdb05b747b2afd259a179cd5212ac2debbeaf77726c784f5b816cfdb0abc,2024-07-03T01:56:34.817000
|
||||
CVE-2024-3242,1,1,6cafd525a926c5470f9d6d5da47d78f55adbd23a8c62b565e3c027d8d396fc36,2024-07-18T09:15:02.337000
|
||||
CVE-2024-3242,0,0,6cafd525a926c5470f9d6d5da47d78f55adbd23a8c62b565e3c027d8d396fc36,2024-07-18T09:15:02.337000
|
||||
CVE-2024-32428,0,0,e92a586d0042e2a50a8472dedb0e8a402fc021118b6e178b0be2f35b18ed1a72,2024-04-15T13:15:31.997000
|
||||
CVE-2024-32429,0,0,08bf59fbf8ca8215ee905eedbc96639cdf782abe560db5472396d2a8508a1db9,2024-04-15T13:15:31.997000
|
||||
CVE-2024-3243,0,0,b3be2b5736d16e5fdb86721d9ee927a8c62b47b675a9c47320a4673743e48844,2024-04-16T13:24:07.103000
|
||||
@ -255337,6 +255337,7 @@ CVE-2024-40690,0,0,0a05f7a4f7971e105a22713da576e2849ab9ee90c08902f265b260950371b
|
||||
CVE-2024-4070,0,0,f50441c69b27e00682c793729b411e41b0ab8839510e28fbeccbd72a35bcaeb5,2024-06-04T19:20:29.567000
|
||||
CVE-2024-4071,0,0,5f6b5ae6c8e3d6e0ce3e89718b14a6bb17b22a46ae9131966ebec62404b12da9,2024-05-17T02:40:14.747000
|
||||
CVE-2024-4072,0,0,5325ee2ea26a58f6ec285799bb6ee6c62eeadace5f641482183f3a76d39bf009,2024-05-17T02:40:14.847000
|
||||
CVE-2024-40725,1,1,f5c6511fd9bf412f8a63ac08dfbc002200876aa5a9fc1750760cf171e8bf54bc,2024-07-18T10:15:02.357000
|
||||
CVE-2024-40726,0,0,763881d353b2a872c395d06db8ff47aa2480183ffa56c57536446e062ec43bc5,2024-07-11T15:06:22.967000
|
||||
CVE-2024-40727,0,0,b9db12f74fa9e60fafdd87d2e3b118721f9da9edf52efc272fb39aa64e4cd584,2024-07-11T15:06:23.850000
|
||||
CVE-2024-40728,0,0,d97174880a17752231869c0d95676d772e9b6b0c723f3642cbcef679b7e80f73,2024-07-11T02:59:17.007000
|
||||
@ -255358,7 +255359,7 @@ CVE-2024-40741,0,0,ddd0ff9476ed1ff47a6c6ea90383139e3fceeb76685fa77b077d9f9786ebe
|
||||
CVE-2024-40742,0,0,a7b4d8a63cd84bbed8ae36225a2d630607182f2ae3b73228fc1ab3090889f783,2024-07-11T15:06:29.580000
|
||||
CVE-2024-4075,0,0,29d19ea935c989efa2e770180ba61eb06fe49f0b181d6d812a7498d3145b983a,2024-05-17T02:40:15.170000
|
||||
CVE-2024-40750,0,0,123c568c4a271c6bb023f9091df0f00fec1f937f3d0585148d7948581d7b9455,2024-07-11T13:06:13.187000
|
||||
CVE-2024-40764,1,1,267f3f3d30a8502468edc23dc8bb5b2360a4ab98ca518100d90deb3a7fdd8159,2024-07-18T08:15:02.340000
|
||||
CVE-2024-40764,0,0,267f3f3d30a8502468edc23dc8bb5b2360a4ab98ca518100d90deb3a7fdd8159,2024-07-18T08:15:02.340000
|
||||
CVE-2024-4077,0,0,d4f08c4fa42913c8d00f3fecbe96233f1448e9383bf97ebcbeca4cc0f2c8ae2b,2024-04-25T13:18:02.660000
|
||||
CVE-2024-4078,0,0,4f6a573d2d42430a81000704c37318a2f1d7afadf71bcba45d97fec5f925233f,2024-05-16T13:03:05.353000
|
||||
CVE-2024-4082,0,0,02264cef46dbd3bc30b90eb0e358643df5f32c233cd928965c67d2a95fa3306a,2024-05-14T16:11:39.510000
|
||||
@ -255368,6 +255369,7 @@ CVE-2024-4085,0,0,7aad6a4056b6c332cceb43166a488ef1c1b3002f44d4bee7dddba365a66e15
|
||||
CVE-2024-4086,0,0,4591112164bebe25a6e3755e5f7d7b3acd1442e1405281bbc9f49b1286c02b38,2024-05-02T18:00:37.360000
|
||||
CVE-2024-4087,0,0,559dc8fcb531eb7d96e390fa33463b50a20c5a688e8dbefeb3187bf1d2c5f774,2024-06-03T14:46:24.250000
|
||||
CVE-2024-4088,0,0,61cc31924b86843bbd20c326ef7465dc1aa394b548458b2e1a9fc62c09ede628,2024-06-11T17:11:30.193000
|
||||
CVE-2024-40898,1,1,ea2ac8aa9f5470fd7c51feeacbe6e9501dc5c5767d66be37a9ce3ef1319cd30d,2024-07-18T10:15:03.217000
|
||||
CVE-2024-40899,0,0,399edbb3ae55c9064feee50a907cd0884ae99e053c5b1099ea0c6ce857c84ca0,2024-07-12T16:34:58.687000
|
||||
CVE-2024-40900,0,0,7b446ac0e2fb8346f52210e74f60f31139175b44ad58b663c503c1a87553fa71,2024-07-12T16:34:58.687000
|
||||
CVE-2024-40901,0,0,c32f4e74e760256a39dcff8a0aaa33652235a20a44936979ccd2be0dbce683a1,2024-07-12T16:34:58.687000
|
||||
@ -256722,8 +256724,8 @@ CVE-2024-5550,0,0,dab352871e5b1599db274fe7ee72f4ef4902afffcd5667b3ef675a3fe452e4
|
||||
CVE-2024-5551,0,0,ca5e789273b5636b74263243545d1f65c528acd57d0658c81bfbbb492d45e594,2024-06-17T12:42:04.623000
|
||||
CVE-2024-5552,0,0,7f73b574dd8e83d52dd7f28ecc579b960fbf7de562da98c7e63b5b8e0fd54be8,2024-06-07T14:56:05.647000
|
||||
CVE-2024-5553,0,0,c4739ca4bfc71591786473d36aff26ccf561ba778e4c902dca863cedff7bba13,2024-06-13T18:36:09.013000
|
||||
CVE-2024-5554,1,1,1fddb13775149d998ecff581e430a013d99ba755bc3a57235fce4c5af979f6af,2024-07-18T09:15:02.740000
|
||||
CVE-2024-5555,1,1,5993f0bcb942313985be154f9cb4e811e5cf399a1b6c11a4ebf7cd26568e8837,2024-07-18T09:15:02.980000
|
||||
CVE-2024-5554,0,0,1fddb13775149d998ecff581e430a013d99ba755bc3a57235fce4c5af979f6af,2024-07-18T09:15:02.740000
|
||||
CVE-2024-5555,0,0,5993f0bcb942313985be154f9cb4e811e5cf399a1b6c11a4ebf7cd26568e8837,2024-07-18T09:15:02.980000
|
||||
CVE-2024-5557,0,0,e58f4a9974ae6a6ad512e69202e5dee259550c69c446c060784da606557be50e,2024-06-13T18:36:09.010000
|
||||
CVE-2024-5558,0,0,f5606f757a3846688e526f8e8c7b353ed841a6a8222c822314196faac2c09cd1,2024-06-13T18:36:09.010000
|
||||
CVE-2024-5559,0,0,0c59604cbf219c2ba1c247f52c304752b12dd0f3c92c8b3c96e21ad233f99b0a,2024-06-13T18:36:09.010000
|
||||
@ -257317,6 +257319,7 @@ CVE-2024-6488,0,0,0c5ecb49d7296b409f5d61bd70a5d017ad6f69068345855a00f0bd7c78566f
|
||||
CVE-2024-6492,0,0,82f79625038ad5debf137137104e45e1e353947b9c4b14df742baece7a047a71,2024-07-17T13:34:20.520000
|
||||
CVE-2024-6495,0,0,0b63a825f2423d6e7ce9297b9249f183116fa1df04bb2bd344ba05222b36e9dd,2024-07-12T16:34:58.687000
|
||||
CVE-2024-6501,0,0,45d58d6fcd90c3b83531e796541078a549af17f7a81eb1fbfe7d6944aa2bc8ac,2024-07-11T13:06:13.187000
|
||||
CVE-2024-6504,1,1,f44a34e9611de1294df33c9b7937894870431037ef5da652daa1afd365b3bd41,2024-07-18T10:15:03.373000
|
||||
CVE-2024-6505,0,0,b8708084cd092b6ca88acb18ad5e80f748f8e2829ec040b8958bfe3c1fee2cd6,2024-07-08T15:41:17.883000
|
||||
CVE-2024-6506,0,0,58310ca3e68e3dacb16dafd9b32db187bdf111a88d3da008267c8c84bbec48d6,2024-07-05T12:55:51.367000
|
||||
CVE-2024-6507,0,0,4e3b24fd61e25de66a6840473e4d19109a713188592b0f05efa1cbb9de33936e,2024-07-08T14:19:21.610000
|
||||
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user