admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-09T08:00:21.119674+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-09 08:03:56 +00:00
parent 16170ac027
commit caa374a482
6 changed files with 154 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2024/CVE-2024-68xx/CVE-2024-6857.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-6857",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-09T06:15:39.347",
"lastModified": "2025-04-09T06:15:39.347",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its Header, Footer and Body Script Settings, which could allow attackers to make logged admins perform such action via a CSRF attack"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/97636602-2dd0-465b-b6dc-acb42147edb3/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-68xx/CVE-2024-6860.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-6860",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-09T06:15:41.177",
"lastModified": "2025-04-09T06:15:41.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its permalink suffix settings, which could allow attackers to make logged admins perform such action via a CSRF attack"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/1d09d3dd-aa49-4ff1-80e7-6d176e378916/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-82xx/CVE-2024-8243.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-8243",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-09T06:15:41.360",
"lastModified": "2025-04-09T06:15:41.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordPress/Plugin Upgrade Time Out Plugin WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/8e1e2d8d-41aa-49bc-95d5-dae75be788d5/",
"source": "contact@wpscan.com"
}
]
}

78
CVE-2025/CVE-2025-34xx/CVE-2025-3442.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-3442",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2025-04-09T07:15:41.210",
"lastModified": "2025-04-09T07:15:41.210",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability exists in TP-Link Tapo\u00a0H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "vdisclose@cert-in.org.in",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"references": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0072",
"source": "vdisclose@cert-in.org.in"
}
]
}

13
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-09T06:00:20.402681+00:00
2025-04-09T08:00:21.119674+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-09T05:15:43.253000+00:00
2025-04-09T07:15:41.210000+00:00
```
### Last Data Feed Release
@ -33,14 +33,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
289259
289263
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `4`
- [CVE-2025-3100](CVE-2025/CVE-2025-31xx/CVE-2025-3100.json) (`2025-04-09T05:15:43.253`)
- [CVE-2024-6857](CVE-2024/CVE-2024-68xx/CVE-2024-6857.json) (`2025-04-09T06:15:39.347`)
- [CVE-2024-6860](CVE-2024/CVE-2024-68xx/CVE-2024-6860.json) (`2025-04-09T06:15:41.177`)
- [CVE-2024-8243](CVE-2024/CVE-2024-82xx/CVE-2024-8243.json) (`2025-04-09T06:15:41.360`)
- [CVE-2025-3442](CVE-2025/CVE-2025-34xx/CVE-2025-3442.json) (`2025-04-09T07:15:41.210`)
### CVEs modified in the last Commit

6
_state.csv
View File

@ -278305,7 +278305,9 @@ CVE-2024-6853,0,0,c32873085402b2894b4bf1b73443804566c49c5f1974bc7f522ee6bcef892a
CVE-2024-6854,0,0,32c1e89716f6a1b49a203344a9f9ec397aca8e0e732a479bcba293cbe40b6523,2025-03-20T10:15:34.377000
CVE-2024-6855,0,0,90f2d13d44f8f828bf763de830744fe8eb18f3e691a5c2b2dc7b2a27fa87440f,2024-09-11T16:21:38.833000
CVE-2024-6856,0,0,1d52c3649f05c0c980b64fd1f5cab54dbc58352542fcb0edf74878935b496390,2024-09-11T16:20:45.503000
CVE-2024-6857,1,1,189e6cf1cf24623bcff66ad5de0b00a3ee6eb4383baeec643fc8edc656d72e89,2025-04-09T06:15:39.347000
CVE-2024-6859,0,0,99cc3843207fd338974a08448fdfdd51e73aa2b0c5e6d439886a3b34324f4c56,2024-09-11T16:19:18.517000
CVE-2024-6860,1,1,d48441a52eca43c2807c1b7ae35a2507c213159f67b2b90b0f7e7beed0d83ef4,2025-04-09T06:15:41.177000
CVE-2024-6861,0,0,044736717015d06acc2491073ba6a9df1ca8940561a45316f91ac956b3ed072e,2024-11-06T18:17:17.287000
CVE-2024-6862,0,0,0b764ca2b57fb11a8ddab3d8974f90cc772246aa3fcbedf5e5f916af6152ab7d,2024-09-19T18:37:20.910000
CVE-2024-6863,0,0,6746ff85964b6fdf68b9ece5610845e7fb5a9c81952fa6356d5e94fb9ae562a9,2025-03-20T10:15:34.493000
@ -279585,6 +279587,7 @@ CVE-2024-8239,0,0,18b394f2b5d58ff518aa61d1f84e6af22701eb55acac6cfa2d9fb37044a676
CVE-2024-8240,0,0,1934c55d8bd175d4c64cf692d01034dde01f2a9bd239d9d216b155301fabaafb,2025-02-11T02:15:36.233000
CVE-2024-8241,0,0,240ba22278e87fbb937226c292941562b9ebf07091a7db9ad5e4be808dc7ed87,2024-09-26T22:03:42.123000
CVE-2024-8242,0,0,92d0ae52b788a9098d6ea012d6ef1e1a99012f68944ecf4931a72818291dd2bf,2024-09-18T15:47:56.553000
CVE-2024-8243,1,1,4c37d33939c8715951d5311140af46eb0c319fea77fe0767ae402a6774206dd5,2025-04-09T06:15:41.360000
CVE-2024-8246,0,0,ea2df83409a33312ca032d3b27b5ff08f3181f1f746d560031e6109e1151a3ff,2024-09-26T14:00:09.783000
CVE-2024-8247,0,0,a04d24ec28629f0a7f3d1129eb338d89007fb8e025fca533d6d95e26c91f4a7c,2024-09-26T21:49:54.290000
CVE-2024-8248,0,0,ef9fb395d105d137f73713a418b791223ae30f031a7bb1b24390667ec7a2e014,2025-03-20T10:15:41.737000
@ -288332,7 +288335,7 @@ CVE-2025-30971,0,0,92b14f174c92599de02a891c3fcb3bebb1869a41eef00ab5d9b6626db1c99
CVE-2025-3098,0,0,ce95a008105100dc05dac96d60492ad8c2a1a9010656c6a251be6a7755736abb,2025-04-02T14:58:07.527000
CVE-2025-30987,0,0,1ddeca9f293b13339e82c187149d285418438fc60231797e7c68c5fcad6fe64b,2025-04-01T20:26:30.593000
CVE-2025-3099,0,0,9e53ac247011e5c9d18381ea42caceb1c07bbbabd16a29680a8aab5d54621675,2025-04-02T14:58:07.527000
CVE-2025-3100,1,1,b54d4c37e8adb05fbf9af87aa5f70a2392a159113dc9f8c80daee2c68af64123,2025-04-09T05:15:43.253000
CVE-2025-3100,0,0,b54d4c37e8adb05fbf9af87aa5f70a2392a159113dc9f8c80daee2c68af64123,2025-04-09T05:15:43.253000
CVE-2025-31001,0,0,4265bbb6e115d79eef571dbbe3c6c20ebe4772d8a6b0bb96964817d20c125ddf,2025-04-01T20:26:11.547000
CVE-2025-31010,0,0,2eedda8f330a9beae819a4cd9d50315b7c3705aef34f39a70e86c91cbd492554,2025-03-28T18:11:40.180000
CVE-2025-31016,0,0,9f9353b55280d52026be79b202ae8bc2b442e0024607fdee2a6c539bec9857cb,2025-04-01T20:26:30.593000
@ -289258,3 +289261,4 @@ CVE-2025-3432,0,0,32b4909a605e3dc15d41b2069e1ead14c30bcbe2dfa78debc747a89be022e4
CVE-2025-3433,0,0,46dd66c57af291abbb1b77326145823e13d716692eb68902a18c25a048a17397,2025-04-08T18:13:53.347000
CVE-2025-3436,0,0,350fe0ab040ca88ca01e6b9c153bc7bb9c0c6c278cf5357b8d0cb98bb355f464,2025-04-08T18:13:53.347000
CVE-2025-3437,0,0,e73b4884af1e4c5b90938b61853540dd90f98780db8cdd9f4d702d9b75697db1,2025-04-08T18:13:53.347000
CVE-2025-3442,1,1,ad72e2ebf864daeef8312c2c3c83d3aa4c0ecdada76f6977f0159713eb09e6d2,2025-04-09T07:15:41.210000

Can't render this file because it is too large.