mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-11 16:13:34 +00:00
Auto-Update: 2024-10-19T08:00:17.387124+00:00
This commit is contained in:
cad-safe-bot
parent
40ca56d807
commit
b8cc72855e
64
CVE-2023/CVE-2023-62xx/CVE-2023-6243.json
Normal file
64
CVE-2023/CVE-2023-62xx/CVE-2023-6243.json
Normal file
@ -0,0 +1,64 @@
|
||||
{
|
||||
"id": "CVE-2023-6243",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-10-19T07:15:02.520",
|
||||
"lastModified": "2024-10-19T07:15:02.520",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The EventON PRO - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.8. This is due to missing or incorrect nonce validation on the admin_test_email function. This makes it possible for unauthenticated attackers to send test emails to arbitrary email addresses via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://docs.myeventon.com/documentations/eventon-changelog/",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3017939%40eventon-lite&new=3017939%40eventon-lite&sfp_email=&sfph_mail=",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1d0a40f8-4c31-447d-ac28-73cfe7a07687?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
60
CVE-2024/CVE-2024-98xx/CVE-2024-9889.json
Normal file
60
CVE-2024/CVE-2024-98xx/CVE-2024-9889.json
Normal file
@ -0,0 +1,60 @@
|
||||
{
|
||||
"id": "CVE-2024-9889",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-10-19T07:15:03.073",
|
||||
"lastModified": "2024-10-19T07:15:03.073",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget. This makes it possible for authenticated attackers, with contributor-level access and above, to view private/draft/password protected posts, pages, and Elementor templates that they should not have access to."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-200"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3171339%40elementinvader-addons-for-elementor&new=3171339%40elementinvader-addons-for-elementor&sfp_email=&sfph_mail=",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9bd04f78-0b9c-4985-b450-007bb5cc9e26?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
14
README.md
14
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-10-19T06:00:17.402946+00:00
|
||||
2024-10-19T08:00:17.387124+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-10-19T05:15:13.097000+00:00
|
||||
2024-10-19T07:15:03.073000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,17 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
266151
|
||||
266153
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `4`
|
||||
Recently added CVEs: `2`
|
||||
|
||||
- [CVE-2019-25218](CVE-2019/CVE-2019-252xx/CVE-2019-25218.json) (`2024-10-19T04:15:03.007`)
|
||||
- [CVE-2024-10131](CVE-2024/CVE-2024-101xx/CVE-2024-10131.json) (`2024-10-19T04:15:05.300`)
|
||||
- [CVE-2024-21536](CVE-2024/CVE-2024-215xx/CVE-2024-21536.json) (`2024-10-19T05:15:13.097`)
|
||||
- [CVE-2024-9219](CVE-2024/CVE-2024-92xx/CVE-2024-9219.json) (`2024-10-19T04:15:05.560`)
|
||||
- [CVE-2023-6243](CVE-2023/CVE-2023-62xx/CVE-2023-6243.json) (`2024-10-19T07:15:02.520`)
|
||||
- [CVE-2024-9889](CVE-2024/CVE-2024-98xx/CVE-2024-9889.json) (`2024-10-19T07:15:03.073`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
10
_state.csv
10
_state.csv
@ -138409,7 +138409,7 @@ CVE-2019-25214,0,0,209759ddc9f3dec6ad9bb1ee77aa8e686cf7710724268dd2a32dc328422e2
|
||||
CVE-2019-25215,0,0,e894585b718ba6ffd4c4fb2559e624b9ffb182a68ef25ae0e57369eba12bd404,2024-10-16T16:38:14.557000
|
||||
CVE-2019-25216,0,0,4deb2b163c53c3da84ce16e745f05ec6e2891bf0f3544a26c07ca5c280831bcc,2024-10-16T16:38:14.557000
|
||||
CVE-2019-25217,0,0,30c2571b4837240b6da6c51001318f4e94ce56e8b309a54c15bcaa6ac6286204,2024-10-16T16:38:14.557000
|
||||
CVE-2019-25218,1,1,48ecd4ad301624f5202ce4ff1ca96a9be4cc909ceef958bab7ef67a666519ae1,2024-10-19T04:15:03.007000
|
||||
CVE-2019-25218,0,0,48ecd4ad301624f5202ce4ff1ca96a9be4cc909ceef958bab7ef67a666519ae1,2024-10-19T04:15:03.007000
|
||||
CVE-2019-2522,0,0,438e5228ba492857a388b8016b2219394ce3508b8a36f1f8aede8ea3eeec2072,2020-08-24T17:37:01.140000
|
||||
CVE-2019-2523,0,0,4a0e4915f05e6fa4b1849fafb208e6fb024214d6840b1c8202b1873b064ed383,2020-08-24T17:37:01.140000
|
||||
CVE-2019-2524,0,0,bee2c79f8df3b71e86ab52db9d5dee51c63979ccd70534be30c64d8fa54a9384,2020-08-24T17:37:01.140000
|
||||
@ -240418,6 +240418,7 @@ CVE-2023-6239,0,0,b65e4e0202f8c904d3bed9c0b298036f60e92b6b3988771b4545deac730dcf
|
||||
CVE-2023-6240,0,0,9a8f126fd8f5ef282af06e27627122b943a8da0b0302096eb47cb5d50f4fd387,2024-09-14T00:15:12.483000
|
||||
CVE-2023-6241,0,0,78adb3fd4a8ac4efb92f5a6775561b5f1500ff800960b1d97c9d0a5ad6838839,2024-03-04T13:58:23.447000
|
||||
CVE-2023-6242,0,0,8cb486488143e74f052ae2f63ddae224c09f708bec76f7ceae67b2e585a168c1,2024-01-18T18:13:53.840000
|
||||
CVE-2023-6243,1,1,73d0760b29c715a05af43aac15a1ddb3e52fb7b057ba6d61b1db91034c71d252,2024-10-19T07:15:02.520000
|
||||
CVE-2023-6244,0,0,e75e6775cafe9ec86cf77e396a624ef7fd7fcbcac6b9762312ce1f3427f7fd7e,2024-01-18T16:13:00.490000
|
||||
CVE-2023-6245,0,0,28e9b7ff9285b21700d4fe9397a4e09496c4b2441b7d2de4ae7c1a7ecf0e3ecd,2023-12-13T14:41:10.210000
|
||||
CVE-2023-6246,0,0,cf7f0537a32584936060f9a515de78d86839499a8af746409b793ff3b62faa25,2024-02-16T13:15:10.023000
|
||||
@ -242272,7 +242273,7 @@ CVE-2024-10128,0,0,a67b73dc6f57a0b3a94887822b2256c69bf41055cb13df61c910ec69f48fb
|
||||
CVE-2024-10129,0,0,ec775af0248379f5d868655b54172a35331f8d92a81885707988267ce16d674c,2024-10-18T22:15:04.013000
|
||||
CVE-2024-1013,0,0,0ecf415fc1e3c9674ce36da20d6e67872f02747822a72b780ad0899083ff5765,2024-03-18T12:38:25.490000
|
||||
CVE-2024-10130,0,0,005b5772134ad7ab3ff093e3d1f3c1dcefb8a6bac854c40ff82f3832025c5145,2024-10-18T22:15:04.683000
|
||||
CVE-2024-10131,1,1,ec7f7d7eafabbce2d329a6df322b2a0ff4b203d8976eb09a804b94ea08a31f0c,2024-10-19T04:15:05.300000
|
||||
CVE-2024-10131,0,0,ec7f7d7eafabbce2d329a6df322b2a0ff4b203d8976eb09a804b94ea08a31f0c,2024-10-19T04:15:05.300000
|
||||
CVE-2024-1014,0,0,8e546db835ee0e62e0f6ed5b95e90d5586231fc78746cbbfef7db3d61b3c5f3d,2024-02-02T02:05:39.277000
|
||||
CVE-2024-1015,0,0,5516b1d1af5a9d3814b8a6e102d3692fcdb9c463b2e2645787afdcb157946f20,2024-02-02T02:04:13.267000
|
||||
CVE-2024-1016,0,0,71cf76ab1a6b276906d8ecf764cf0be1d15a9c7c60543569d9e172588701616f,2024-05-17T02:35:10.520000
|
||||
@ -244462,7 +244463,7 @@ CVE-2024-21532,0,0,a24d27f47c5298fab706ab72282873a260fc61d5e510f460d432a2b7b9c38
|
||||
CVE-2024-21533,0,0,b6d94b5290ee8a666e06ea3154c21a82f3a037332835b4cbc04bf2409f97ee11,2024-10-10T12:57:21.987000
|
||||
CVE-2024-21534,0,0,b752ab4dc63cdf4c5681dd0e8f0538c7b04ba97e65d41096c405fe76b964ca23,2024-10-16T09:15:03.410000
|
||||
CVE-2024-21535,0,0,2e7744380a1db7060122e5ae23002590579ae07efcc1f1beb06e6a3a8350e174,2024-10-17T20:36:29.213000
|
||||
CVE-2024-21536,1,1,770b7890e55d0cd49ec2dc3b9448202fd5362d352ddf0a63d1e9f0c254f1d18d,2024-10-19T05:15:13.097000
|
||||
CVE-2024-21536,0,0,770b7890e55d0cd49ec2dc3b9448202fd5362d352ddf0a63d1e9f0c254f1d18d,2024-10-19T05:15:13.097000
|
||||
CVE-2024-2154,0,0,ab5f0b39bb38e5c25606bad964d563e0edda059ff34db22b99ca2b3670b021ff,2024-05-17T02:38:04.970000
|
||||
CVE-2024-21545,0,0,614ed901d7a98204a096c9331020afa9e58729de6a0c722ccca7898674ea9a4d,2024-09-26T13:32:02.803000
|
||||
CVE-2024-2155,0,0,499612150b3a1be829ef430bb3388eb54a55d7bb52271f37f2a76ceb8af6c56f,2024-05-17T02:38:05.063000
|
||||
@ -265790,7 +265791,7 @@ CVE-2024-9211,0,0,2701fea91f9be8cf1cd1e5693145c9b46f27f6fcdb96052a4b980af632a066
|
||||
CVE-2024-9213,0,0,31f33319f9359990d4006b16b291c444261bcf993a594e4963d2f42975eaaf14,2024-10-18T12:52:33.507000
|
||||
CVE-2024-9215,0,0,a2b4a7b85cc10e131d947f9ea57761eb1ffd891ccc6b3de8f68e6c912c75a7eb,2024-10-18T12:53:04.627000
|
||||
CVE-2024-9218,0,0,1fe5a0dc5cbc5663db71bfb2b02fdc2baeca2012618f21fc2618b5a68d78cab6,2024-10-08T15:33:58.617000
|
||||
CVE-2024-9219,1,1,0212b723b5837ba301f83fb90cbcf354553485b046b601dd80a90d21067cef5f,2024-10-19T04:15:05.560000
|
||||
CVE-2024-9219,0,0,0212b723b5837ba301f83fb90cbcf354553485b046b601dd80a90d21067cef5f,2024-10-19T04:15:05.560000
|
||||
CVE-2024-9220,0,0,6bac7ddea6b917eb69cb1f74123e8b2dddc4799202193b6b6e16b0128e05e777,2024-10-07T19:19:59.487000
|
||||
CVE-2024-9221,0,0,feb1b16d88be55b92259cd20b799cece7abb9935cf5adfed4d1f38e82a4356d4,2024-10-15T12:58:51.050000
|
||||
CVE-2024-9222,0,0,aa75daaaa6f167f771e02be32b7ac6d9115eba757cf38ea3ae7fe336f82931ef,2024-10-08T15:34:13.250000
|
||||
@ -266085,6 +266086,7 @@ CVE-2024-9863,0,0,5a2779f928f03a35905e31f60158c72d5505c6aaa35173f98063e46d2c1389
|
||||
CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000
|
||||
CVE-2024-9873,0,0,54e1b937a83aa8c512a9ce3ab381594073150b73716fb01cf60c5f6e4db0c415,2024-10-16T16:38:14.557000
|
||||
CVE-2024-9888,0,0,de5de1e3177c72ea1d0a5d19aa48b1693390bd1baf1f85524c962ffa2c18433f,2024-10-16T16:38:14.557000
|
||||
CVE-2024-9889,1,1,0b3b7545dde906fe90387e12e3b83b4a894a23cbd921465fbc28a4b03f9f9d4f,2024-10-19T07:15:03.073000
|
||||
CVE-2024-9891,0,0,53ec4da3ba927732190105b9993cdfaefd46788f3c82dc582d229482b0eb1fcc,2024-10-16T16:38:14.557000
|
||||
CVE-2024-9892,0,0,584f5c7c0c5a775fc15fb3ba6088d5cb7abd48140a1f2b1bd6d2a1fd7b17f015,2024-10-18T12:52:33.507000
|
||||
CVE-2024-9893,0,0,426d02de035749f6abb2956fee210a61cbcd97da25fe8818e92240a83b0a6b07,2024-10-16T16:38:14.557000
|
||||
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user