diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35291.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35291.json new file mode 100644 index 00000000000..3d32915124c --- /dev/null +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35291.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-35291", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-05-27T05:15:08.750", + "lastModified": "2024-05-27T05:15:08.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site scripting vulnerability exists in Splunk Config Explorer versions prior to 1.7.16. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN56781258/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://splunkbase.splunk.com/app/4353", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35297.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35297.json new file mode 100644 index 00000000000..9aa4e8b0e3a --- /dev/null +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35297.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-35297", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-05-27T05:15:09.617", + "lastModified": "2024-05-27T05:15:09.617", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site scripting vulnerability exists in WP Booking versions prior to 2.4.5. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN35838128/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?new=3084990%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php&old=2404687%40wp-easy-booking%2Ftrunk%2Fview%2Ffrontend%2Fbooking-locations.php", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://wordpress.org/plugins/wp-easy-booking/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-363xx/CVE-2024-36384.json b/CVE-2024/CVE-2024-363xx/CVE-2024-36384.json new file mode 100644 index 00000000000..38a2abf982e --- /dev/null +++ b/CVE-2024/CVE-2024-363xx/CVE-2024-36384.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-36384", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-05-27T04:15:09.143", + "lastModified": "2024-05-27T04:15:09.143", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Pointsharp Cryptshare Server before 7.0.0 has an XSS issue that is related to notification messages." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://documentation.cryptshare.com/w/CSSCurrent_en:Version_7.0.0#Additional_Changes", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-53xx/CVE-2024-5399.json b/CVE-2024/CVE-2024-53xx/CVE-2024-5399.json new file mode 100644 index 00000000000..703a7ecce49 --- /dev/null +++ b/CVE-2024/CVE-2024-53xx/CVE-2024-5399.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-5399", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-05-27T04:15:09.300", + "lastModified": "2024-05-27T04:15:09.300", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 157eaecfcc1..f3f8fe6b7fd 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-05-27T04:00:41.580225+00:00 +2024-05-27T06:00:31.312532+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-05-27T03:15:08.923000+00:00 +2024-05-27T05:15:09.617000+00:00 ``` ### Last Data Feed Release @@ -33,19 +33,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -251838 +251842 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `4` -- [CVE-2024-5392](CVE-2024/CVE-2024-53xx/CVE-2024-5392.json) (`2024-05-27T02:15:08.933`) -- [CVE-2024-5393](CVE-2024/CVE-2024-53xx/CVE-2024-5393.json) (`2024-05-27T02:15:09.240`) -- [CVE-2024-5394](CVE-2024/CVE-2024-53xx/CVE-2024-5394.json) (`2024-05-27T02:15:09.530`) -- [CVE-2024-5395](CVE-2024/CVE-2024-53xx/CVE-2024-5395.json) (`2024-05-27T03:15:08.370`) -- [CVE-2024-5396](CVE-2024/CVE-2024-53xx/CVE-2024-5396.json) (`2024-05-27T03:15:08.650`) -- [CVE-2024-5397](CVE-2024/CVE-2024-53xx/CVE-2024-5397.json) (`2024-05-27T03:15:08.923`) +- [CVE-2024-35291](CVE-2024/CVE-2024-352xx/CVE-2024-35291.json) (`2024-05-27T05:15:08.750`) +- [CVE-2024-35297](CVE-2024/CVE-2024-352xx/CVE-2024-35297.json) (`2024-05-27T05:15:09.617`) +- [CVE-2024-36384](CVE-2024/CVE-2024-363xx/CVE-2024-36384.json) (`2024-05-27T04:15:09.143`) +- [CVE-2024-5399](CVE-2024/CVE-2024-53xx/CVE-2024-5399.json) (`2024-05-27T04:15:09.300`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 3ff7073294b..353fb97ba25 100644 --- a/_state.csv +++ b/_state.csv @@ -250442,6 +250442,8 @@ CVE-2024-3525,0,0,d160b9aacf64da3afa7deea3824b335adab6f10a287b9b570340cfda8c91ff CVE-2024-3526,0,0,7aa053534daa29503e740ad77b77cb47be1c8cd5e2a6b1d98f33dcb689c14e4e,2024-05-17T02:39:59.067000 CVE-2024-3528,0,0,12c1cd3d931c23013d321f77d84374875132cb3a519f997e82936b57d5eb40c0,2024-05-17T02:39:59.157000 CVE-2024-3529,0,0,a5064dfdb29cc291d331e7cb349f1ad4d7941de74c2bc68b73712d362eb35016,2024-05-17T02:39:59.247000 +CVE-2024-35291,1,1,a3d5b12307b63ea94946a3e2606f8b88d1d11c12b2225a7b8a5ddfab5295e490,2024-05-27T05:15:08.750000 +CVE-2024-35297,1,1,e360861fe1667d91be7d69a5bb5a77bf18c59a0b9349b049c420eca76e721d5d,2024-05-27T05:15:09.617000 CVE-2024-35299,0,0,3e4e645ea2334a2d70a8ac0e5a235ab378675ad9f04d95540b17d9c98a4ac10a,2024-05-16T13:03:05.353000 CVE-2024-3530,0,0,e12d930d34076470c73bc5005c248ade707b9149f13bae62cf727f0aa959148f,2024-05-17T02:39:59.340000 CVE-2024-35300,0,0,c9948d6a23b607dc905f5cedb43ddb5e762c784721f0ec88d5b26fbba2ccfab0,2024-05-16T13:03:05.353000 @@ -250814,6 +250816,7 @@ CVE-2024-3631,0,0,52e896a80c9b063fda6224c04771bbd75f72f78e3d3636ccff4bb724fd1661 CVE-2024-3634,0,0,940ae4dd6e92f9452379e49ccdcd29aa6fe6e9bda25faf9f7045c78090371ae8,2024-05-15T16:40:19.330000 CVE-2024-36361,0,0,f38f7877ee2fdf122f5bc8d2352bd0aed642365f6f8794612d7f1076f7aeed30,2024-05-24T13:03:05.093000 CVE-2024-3637,0,0,e0d8ef5f7498633f88592f7b832da01e95be5d925cdaa67450761833b0152a3c,2024-05-03T12:48:41.067000 +CVE-2024-36384,1,1,a0d79da3fdcabd7b9bb7cff9348fa87578adddb020086454394ad176d2bb39e2,2024-05-27T04:15:09.143000 CVE-2024-3640,0,0,abbf5a33cbca708fe19710dda7a796491ae1d1614e9cd03f43d6cddef8b09500,2024-05-17T18:36:31.297000 CVE-2024-3641,0,0,c281de95cce057acff2793609e8f843aad579a2f0257c0c2e0b6442733e87b14,2024-05-16T13:03:05.353000 CVE-2024-3642,0,0,bbed1ee941355da6f32a6eba37e95a843dd7913c7dd227d8da7f65dcb683674b,2024-05-16T13:03:05.353000 @@ -251831,9 +251834,10 @@ CVE-2024-5384,0,0,f4500262362ef3583d43791733167333f027a4b71744522134957852ac361d CVE-2024-5385,0,0,f2b8a921bbbae5377903f2b5f2e8fc9f12b1f4bf6825effcea83dae7c13f56f0,2024-05-27T00:15:09.570000 CVE-2024-5390,0,0,d8283129f1cafec514f6fe49089f9b638013dcc5faa8abc843fb9872a7a41e6b,2024-05-27T01:15:20.410000 CVE-2024-5391,0,0,d2f147fe931420ac482bb09887180ed160ed96b2a789c9d61e87da26ad5a9d7d,2024-05-27T01:15:20.693000 -CVE-2024-5392,1,1,32b7488f03c8662cc3b54e37129d6f008448525c7d5368899ed2a408bd8d7e49,2024-05-27T02:15:08.933000 -CVE-2024-5393,1,1,ed2dc1b6ac9a91750d66575f345de8d5e6e54c3f2e119a3131964a3971fdb266,2024-05-27T02:15:09.240000 -CVE-2024-5394,1,1,537bb898c77df0519c24f9f1263831287dc2feb6fe05007fed2482e0ced321e0,2024-05-27T02:15:09.530000 -CVE-2024-5395,1,1,f154f3c924c46a245ea427b3f229e3a073afff7418f39b61c0609f592714797a,2024-05-27T03:15:08.370000 -CVE-2024-5396,1,1,e9f88811caa549baff5b3a6d103ce0530ca526bf72b174c586ccd5552f6e4a10,2024-05-27T03:15:08.650000 -CVE-2024-5397,1,1,127f0e4aebb20af982b9f8f3c5e3c610f094604b0e4dbcdf747a9ca9a9d17d0c,2024-05-27T03:15:08.923000 +CVE-2024-5392,0,0,32b7488f03c8662cc3b54e37129d6f008448525c7d5368899ed2a408bd8d7e49,2024-05-27T02:15:08.933000 +CVE-2024-5393,0,0,ed2dc1b6ac9a91750d66575f345de8d5e6e54c3f2e119a3131964a3971fdb266,2024-05-27T02:15:09.240000 +CVE-2024-5394,0,0,537bb898c77df0519c24f9f1263831287dc2feb6fe05007fed2482e0ced321e0,2024-05-27T02:15:09.530000 +CVE-2024-5395,0,0,f154f3c924c46a245ea427b3f229e3a073afff7418f39b61c0609f592714797a,2024-05-27T03:15:08.370000 +CVE-2024-5396,0,0,e9f88811caa549baff5b3a6d103ce0530ca526bf72b174c586ccd5552f6e4a10,2024-05-27T03:15:08.650000 +CVE-2024-5397,0,0,127f0e4aebb20af982b9f8f3c5e3c610f094604b0e4dbcdf747a9ca9a9d17d0c,2024-05-27T03:15:08.923000 +CVE-2024-5399,1,1,11939ed21acc3c5ec586746ddde14b797a390e121836283682232169079970b5,2024-05-27T04:15:09.300000