admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-06-16T23:55:17.816398+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-06-16 23:58:09 +00:00
parent 8287f2b03a
commit a337cdb157
5 changed files with 226 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2024/CVE-2024-344xx/CVE-2024-34451.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-34451",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T22:15:09.130",
"lastModified": "2024-06-16T22:15:09.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For headers."
}
],
"metrics": {},
"references": [
{
"url": "https://docs.google.com/document/d/1iy0X4Vc9xXYoBxFrcW6ATo8GKPV6ivuLVzn6GgEpwqE",
"source": "cve@mitre.org"
},
{
"url": "https://ghost.org/docs/faq/proxying-https-infinite-loops/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/TryGhost/Ghost/releases",
"source": "cve@mitre.org"
}
]
}

92
CVE-2024/CVE-2024-60xx/CVE-2024-6039.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-6039",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-16T22:15:09.360",
"lastModified": "2024-06-16T22:15:09.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268752."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://msecureltd.blogspot.com/2024/05/friday-fun-pentest-series-6.html",
"source": "cna@vuldb.com"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Jun/2",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.268752",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.268752",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-60xx/CVE-2024-6041.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-6041",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-16T23:15:49.417",
"lastModified": "2024-06-16T23:15:49.417",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268765 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/ssiicckk/cve/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.268765",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.268765",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.357816",
"source": "cna@vuldb.com"
}
]
}

16
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-06-16T22:00:18.014877+00:00
2024-06-16T23:55:17.816398+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-06-16T21:15:50.820000+00:00
2024-06-16T23:15:49.417000+00:00
```
### Last Data Feed Release
@ -33,22 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
254242
254245
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
- [CVE-2023-27636](CVE-2023/CVE-2023-276xx/CVE-2023-27636.json) (`2024-06-16T21:15:50.620`)
- [CVE-2024-38396](CVE-2024/CVE-2024-383xx/CVE-2024-38396.json) (`2024-06-16T21:15:50.730`)
- [CVE-2024-34451](CVE-2024/CVE-2024-344xx/CVE-2024-34451.json) (`2024-06-16T22:15:09.130`)
- [CVE-2024-6039](CVE-2024/CVE-2024-60xx/CVE-2024-6039.json) (`2024-06-16T22:15:09.360`)
- [CVE-2024-6041](CVE-2024/CVE-2024-60xx/CVE-2024-6041.json) (`2024-06-16T23:15:49.417`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2024-5197](CVE-2024/CVE-2024-51xx/CVE-2024-5197.json) (`2024-06-16T21:15:50.820`)
## Download and Usage

9
_state.csv
View File

@ -220251,7 +220251,7 @@ CVE-2023-27632,0,0,72e7e9925d098df2de82642a3c2bfee4aa8f3278e28c56d0e4a17757caddb
CVE-2023-27633,0,0,8e4b74b4184edb608abc6ee4f458b5e4e307fc065abb72f930b14fb3e3c81cb3,2023-11-30T19:19:27.577000
CVE-2023-27634,0,0,9ee8fd113b6062c33121fe5260b8d446ee36032dfd38e8c4a69ce557c38d8e84,2023-06-22T16:20:13.857000
CVE-2023-27635,0,0,f9de5ed0d38d73d3be76457559eb4126ab9edb025cecb276aec1304acf0ece35,2023-03-13T16:40:51.640000
CVE-2023-27636,1,1,31eba1933fcee5b37a6a2d42657a97c7ca0171efc1f6886eb3c9341c6332a0a8,2024-06-16T21:15:50.620000
CVE-2023-27636,0,0,31eba1933fcee5b37a6a2d42657a97c7ca0171efc1f6886eb3c9341c6332a0a8,2024-06-16T21:15:50.620000
CVE-2023-27637,0,0,f5e96dafa954f10818b922bc2fead2cc059311446dcc0a11d6a34dea4a1e0644,2023-06-21T15:58:54.023000
CVE-2023-27638,0,0,5cd34a25b1b1c666172842fadc815a9184e7e8ac62405db4dd44ac58263f8cf9,2023-06-21T15:58:51.637000
CVE-2023-27639,0,0,daab8d89214e5f23c8ce51895b80b9b851613ddfb70e7707d1ed360b4ff90038,2023-06-09T15:48:23.720000
@ -251225,6 +251225,7 @@ CVE-2024-34447,0,0,6838a7a92bb676f1940cdd14d99cd1fb2165891227a7272db6bf0dd16c72b
CVE-2024-34448,0,0,2ee47d576d9de678e8b37edc8c4fb672f63b76bc5fc5740404718a42f40a4222,2024-05-22T18:59:20.240000
CVE-2024-34449,0,0,97d09fdadfd613905dbfd9871f1d974c32ae8fd0c469e4b64fe2252427eb7288,2024-06-04T19:20:00.563000
CVE-2024-3445,0,0,2031eee497e177f244890449ab10d2f196dd08d103f846fc9b20779b1f74d465,2024-05-17T02:39:56.830000
CVE-2024-34451,1,1,663471d43fe7cb5c9dc857a13832eb14eaeea5e6a90bcbe8cb053f87d54c43d0,2024-06-16T22:15:09.130000
CVE-2024-34453,0,0,9363deaf6a5ec68194d671cadb0973a2ba23402d3e2800c4f9eea6dbd677c5cd,2024-05-06T12:44:56.377000
CVE-2024-34454,0,0,5a4e256350d1e944e58328b51d73ec47802d2b17d3b93d5d7c62570b2e291430,2024-05-28T12:39:28.377000
CVE-2024-34455,0,0,cf6832f7361884f15470d2143d9f538281f7bb0657fc697433a93775fe331b3f,2024-05-07T18:15:08.417000
@ -252849,7 +252850,7 @@ CVE-2024-3838,0,0,bd55ca068ebe4472845bce1f3d037932d27279da54b129864c942318cbf6c3
CVE-2024-3839,0,0,5078cfd1c7c68c41b30fd8b0c9c6a095120ec81bc8166ccecb75ba3c8be530b5,2024-05-03T04:15:09.127000
CVE-2024-38394,0,0,b7905f2ae2eb17cbed3be25dd4808382398830bcc009f76f7afa4ea5aa30c201,2024-06-16T00:15:49.380000
CVE-2024-38395,0,0,5bb6dd0f5e97700ce812289117a576b65078958ac34c1888edfd08af782ddc24,2024-06-16T01:15:48.537000
CVE-2024-38396,1,1,5ed5dd74f4c2896fd9567dbb06ab82714005bea63675c2f923c01ccd5358e9a8,2024-06-16T21:15:50.730000
CVE-2024-38396,0,0,5ed5dd74f4c2896fd9567dbb06ab82714005bea63675c2f923c01ccd5358e9a8,2024-06-16T21:15:50.730000
CVE-2024-3840,0,0,403182a28ab5f4c1d5b284d35c53f5335d4c6aac194c57fd7d723522380d6b0f,2024-05-03T03:16:29.067000
CVE-2024-3841,0,0,115f766a88fd32831299505e83a1207ec4bfedfbb7b32163caf9b2dcda142051,2024-05-03T04:15:09.563000
CVE-2024-38427,0,0,c9ecd39a568b95c31d63f8769cee9236b638565b6acbe0b0872c46341576b067,2024-06-16T02:15:08.557000
@ -253854,7 +253855,7 @@ CVE-2024-5193,0,0,4619a3332fd1de828c7e949279cabe4a2b063d71a4e227126d8bf6d303fb6e
CVE-2024-5194,0,0,2277a7390d0159b3dc2e5dfd100175220ffc5f5725f8c88a7a9344e62a79d516,2024-06-04T19:21:01.977000
CVE-2024-5195,0,0,f6d192ea152622e2514b6c95ac0c9e8770ec516eb328b6bc7a2579d1133e54f5,2024-06-04T19:21:02.077000
CVE-2024-5196,0,0,8c75ba8e0441d5b101d1cc87d2ef19242f3cca5ce8fbf68169f935d22da02519,2024-06-04T19:21:02.183000
CVE-2024-5197,0,1,e5a1e2e3af76ae1463b1471e62c8e67ed3eee2f7431619804309412d3993d4cd,2024-06-16T21:15:50.820000
CVE-2024-5197,0,0,e5a1e2e3af76ae1463b1471e62c8e67ed3eee2f7431619804309412d3993d4cd,2024-06-16T21:15:50.820000
CVE-2024-5201,0,0,bf1f4d37f88403bb38854e126758e4f0ff9b7f5c32e7a6f763dbd9ae66e356bd,2024-05-24T01:15:30.977000
CVE-2024-5202,0,0,b978a5507939d8449bc120b0c8b4b839304f46efdad98898b1b0c13e65a259b1,2024-05-24T01:15:30.977000
CVE-2024-5203,0,0,c1cbddceebcc79a6f3361ec6d421c84f7c0d786eefdc42d89301f7f288b04ff8,2024-06-13T18:36:09.010000
@ -254241,3 +254242,5 @@ CVE-2024-6013,0,0,651dc28b0d36561214443ec0cc7f81ce295e1039fe6ae4299b3b2c235dcf64
CVE-2024-6014,0,0,447d1a16310eff0e496932f7f1a6d1afc96f629b99180c369729bf735e4c2f54,2024-06-15T17:15:49.100000
CVE-2024-6015,0,0,ce17981a2f5c1abb173d15e7815cded0a62d2475c1da467d89f43737bdc158c6,2024-06-15T17:15:49.403000
CVE-2024-6016,0,0,ca762f4b4cad5059b56c7cba83da0542825d18a3a76ea0906d6c1e6b2a00f540,2024-06-15T19:15:48.443000
CVE-2024-6039,1,1,b95cc2c25372a777e07390d97534935dbe452a5a533742bda3ef4325dc878c01,2024-06-16T22:15:09.360000
CVE-2024-6041,1,1,e6d63ca11ea2ff9ed09ea53c6094128fe340ff7325fdab7606f076aa9a2a1946,2024-06-16T23:15:49.417000

Can't render this file because it is too large.