Auto-Update: 2024-05-27T06:00:31.312532+00:00

CVE-2024/CVE-2024-352xx/CVE-2024-35291.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-35291",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-05-27T05:15:08.750",
+  "lastModified": "2024-05-27T05:15:08.750",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site scripting vulnerability exists in Splunk Config Explorer versions prior to 1.7.16. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN56781258/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://splunkbase.splunk.com/app/4353",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-352xx/CVE-2024-35297.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2024-35297",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-05-27T05:15:09.617",
+  "lastModified": "2024-05-27T05:15:09.617",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN35838128/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?new=3084990%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php&old=2404687%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://wordpress.org/plugins/wp-easy-booking/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-363xx/CVE-2024-36384.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-36384",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-05-27T04:15:09.143",
+  "lastModified": "2024-05-27T04:15:09.143",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Pointsharp Cryptshare Server before 7.0.0 has an XSS issue that is related to notification messages."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://documentation.cryptshare.com/w/CSSCurrent_en:Version_7.0.0#Additional_Changes",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-53xx/CVE-2024-5399.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-5399",
+  "sourceIdentifier": "twcert@cert.org.tw",
+  "published": "2024-05-27T04:15:09.300",
+  "lastModified": "2024-05-27T04:15:09.300",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "twcert@cert.org.tw",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "twcert@cert.org.tw",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html",
+      "source": "twcert@cert.org.tw"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-05-27T04:00:41.580225+00:00
+2024-05-27T06:00:31.312532+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-05-27T03:15:08.923000+00:00
+2024-05-27T05:15:09.617000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,19 +33,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-251838
+251842
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `6`
+Recently added CVEs: `4`
 
-- [CVE-2024-5392](CVE-2024/CVE-2024-53xx/CVE-2024-5392.json) (`2024-05-27T02:15:08.933`)
-- [CVE-2024-5393](CVE-2024/CVE-2024-53xx/CVE-2024-5393.json) (`2024-05-27T02:15:09.240`)
-- [CVE-2024-5394](CVE-2024/CVE-2024-53xx/CVE-2024-5394.json) (`2024-05-27T02:15:09.530`)
-- [CVE-2024-5395](CVE-2024/CVE-2024-53xx/CVE-2024-5395.json) (`2024-05-27T03:15:08.370`)
-- [CVE-2024-5396](CVE-2024/CVE-2024-53xx/CVE-2024-5396.json) (`2024-05-27T03:15:08.650`)
-- [CVE-2024-5397](CVE-2024/CVE-2024-53xx/CVE-2024-5397.json) (`2024-05-27T03:15:08.923`)
+- [CVE-2024-35291](CVE-2024/CVE-2024-352xx/CVE-2024-35291.json) (`2024-05-27T05:15:08.750`)
+- [CVE-2024-35297](CVE-2024/CVE-2024-352xx/CVE-2024-35297.json) (`2024-05-27T05:15:09.617`)
+- [CVE-2024-36384](CVE-2024/CVE-2024-363xx/CVE-2024-36384.json) (`2024-05-27T04:15:09.143`)
+- [CVE-2024-5399](CVE-2024/CVE-2024-53xx/CVE-2024-5399.json) (`2024-05-27T04:15:09.300`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -250442,6 +250442,8 @@ CVE-2024-3525,0,0,d160b9aacf64da3afa7deea3824b335adab6f10a287b9b570340cfda8c91ff
 CVE-2024-3526,0,0,7aa053534daa29503e740ad77b77cb47be1c8cd5e2a6b1d98f33dcb689c14e4e,2024-05-17T02:39:59.067000
 CVE-2024-3528,0,0,12c1cd3d931c23013d321f77d84374875132cb3a519f997e82936b57d5eb40c0,2024-05-17T02:39:59.157000
 CVE-2024-3529,0,0,a5064dfdb29cc291d331e7cb349f1ad4d7941de74c2bc68b73712d362eb35016,2024-05-17T02:39:59.247000
+CVE-2024-35291,1,1,a3d5b12307b63ea94946a3e2606f8b88d1d11c12b2225a7b8a5ddfab5295e490,2024-05-27T05:15:08.750000
+CVE-2024-35297,1,1,e360861fe1667d91be7d69a5bb5a77bf18c59a0b9349b049c420eca76e721d5d,2024-05-27T05:15:09.617000
 CVE-2024-35299,0,0,3e4e645ea2334a2d70a8ac0e5a235ab378675ad9f04d95540b17d9c98a4ac10a,2024-05-16T13:03:05.353000
 CVE-2024-3530,0,0,e12d930d34076470c73bc5005c248ade707b9149f13bae62cf727f0aa959148f,2024-05-17T02:39:59.340000
 CVE-2024-35300,0,0,c9948d6a23b607dc905f5cedb43ddb5e762c784721f0ec88d5b26fbba2ccfab0,2024-05-16T13:03:05.353000
@@ -250814,6 +250816,7 @@ CVE-2024-3631,0,0,52e896a80c9b063fda6224c04771bbd75f72f78e3d3636ccff4bb724fd1661
 CVE-2024-3634,0,0,940ae4dd6e92f9452379e49ccdcd29aa6fe6e9bda25faf9f7045c78090371ae8,2024-05-15T16:40:19.330000
 CVE-2024-36361,0,0,f38f7877ee2fdf122f5bc8d2352bd0aed642365f6f8794612d7f1076f7aeed30,2024-05-24T13:03:05.093000
 CVE-2024-3637,0,0,e0d8ef5f7498633f88592f7b832da01e95be5d925cdaa67450761833b0152a3c,2024-05-03T12:48:41.067000
+CVE-2024-36384,1,1,a0d79da3fdcabd7b9bb7cff9348fa87578adddb020086454394ad176d2bb39e2,2024-05-27T04:15:09.143000
 CVE-2024-3640,0,0,abbf5a33cbca708fe19710dda7a796491ae1d1614e9cd03f43d6cddef8b09500,2024-05-17T18:36:31.297000
 CVE-2024-3641,0,0,c281de95cce057acff2793609e8f843aad579a2f0257c0c2e0b6442733e87b14,2024-05-16T13:03:05.353000
 CVE-2024-3642,0,0,bbed1ee941355da6f32a6eba37e95a843dd7913c7dd227d8da7f65dcb683674b,2024-05-16T13:03:05.353000
@@ -251831,9 +251834,10 @@ CVE-2024-5384,0,0,f4500262362ef3583d43791733167333f027a4b71744522134957852ac361d
 CVE-2024-5385,0,0,f2b8a921bbbae5377903f2b5f2e8fc9f12b1f4bf6825effcea83dae7c13f56f0,2024-05-27T00:15:09.570000
 CVE-2024-5390,0,0,d8283129f1cafec514f6fe49089f9b638013dcc5faa8abc843fb9872a7a41e6b,2024-05-27T01:15:20.410000
 CVE-2024-5391,0,0,d2f147fe931420ac482bb09887180ed160ed96b2a789c9d61e87da26ad5a9d7d,2024-05-27T01:15:20.693000
-CVE-2024-5392,1,1,32b7488f03c8662cc3b54e37129d6f008448525c7d5368899ed2a408bd8d7e49,2024-05-27T02:15:08.933000
-CVE-2024-5393,1,1,ed2dc1b6ac9a91750d66575f345de8d5e6e54c3f2e119a3131964a3971fdb266,2024-05-27T02:15:09.240000
-CVE-2024-5394,1,1,537bb898c77df0519c24f9f1263831287dc2feb6fe05007fed2482e0ced321e0,2024-05-27T02:15:09.530000
-CVE-2024-5395,1,1,f154f3c924c46a245ea427b3f229e3a073afff7418f39b61c0609f592714797a,2024-05-27T03:15:08.370000
-CVE-2024-5396,1,1,e9f88811caa549baff5b3a6d103ce0530ca526bf72b174c586ccd5552f6e4a10,2024-05-27T03:15:08.650000
-CVE-2024-5397,1,1,127f0e4aebb20af982b9f8f3c5e3c610f094604b0e4dbcdf747a9ca9a9d17d0c,2024-05-27T03:15:08.923000
+CVE-2024-5392,0,0,32b7488f03c8662cc3b54e37129d6f008448525c7d5368899ed2a408bd8d7e49,2024-05-27T02:15:08.933000
+CVE-2024-5393,0,0,ed2dc1b6ac9a91750d66575f345de8d5e6e54c3f2e119a3131964a3971fdb266,2024-05-27T02:15:09.240000
+CVE-2024-5394,0,0,537bb898c77df0519c24f9f1263831287dc2feb6fe05007fed2482e0ced321e0,2024-05-27T02:15:09.530000
+CVE-2024-5395,0,0,f154f3c924c46a245ea427b3f229e3a073afff7418f39b61c0609f592714797a,2024-05-27T03:15:08.370000
+CVE-2024-5396,0,0,e9f88811caa549baff5b3a6d103ce0530ca526bf72b174c586ccd5552f6e4a10,2024-05-27T03:15:08.650000
+CVE-2024-5397,0,0,127f0e4aebb20af982b9f8f3c5e3c610f094604b0e4dbcdf747a9ca9a9d17d0c,2024-05-27T03:15:08.923000
+CVE-2024-5399,1,1,11939ed21acc3c5ec586746ddde14b797a390e121836283682232169079970b5,2024-05-27T04:15:09.300000