admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-12-18 19:04:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-15T09:01:12.503487+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-15 09:01:16 +00:00
parent 9b16f426f0
commit d2060357ff
16 changed files with 724 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
CVE-2023/CVE-2023-436xx/CVE-2023-43609.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43609",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-09T04:15:07.583",
"lastModified": "2024-02-09T14:31:23.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-15T07:22:35.487",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.8
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -50,14 +80,104 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0366C834-5B10-4E1E-85F7-139361C04C2B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF5297A-99CA-4D56-8081-1F987B770426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "57FCACE0-20E6-469A-AD42-011B5CF7AF89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8CBE2-CA78-4B35-AA04-13247025AF8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAE53AD-7F73-467B-B8BB-0F13F520EAE4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD3C3C1-67EA-4366-8CFD-D41702E634BE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-465xx/CVE-2023-46596.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-46596",
"sourceIdentifier": "security.vulnerabilities@algosec.com",
"published": "2024-02-15T06:15:45.453",
"lastModified": "2024-02-15T06:23:39.303",
"lastModified": "2024-02-15T07:15:07.370",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in\u00a0version A32.20, A32.50, A32.60 allows an attacker to initiate an XSS attack by injecting malicious executable scripts into the code of application. Fixed in version\u00a0A32.20 (b600 and\nabove),\u00a0A32.50 (b430 and\nabove),\u00a0A32.60 (b250 and\nabove)"
"value": "Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in\u00a0version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version\u00a0A32.20 (b600 and\nabove),\u00a0A32.50 (b430 and\nabove),\u00a0A32.60 (b250 and\nabove)"
}
],
"metrics": {

128
CVE-2023/CVE-2023-466xx/CVE-2023-46687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46687",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-09T04:15:07.813",
"lastModified": "2024-02-09T14:31:23.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-15T07:22:46.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -50,14 +80,104 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0366C834-5B10-4E1E-85F7-139361C04C2B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF5297A-99CA-4D56-8081-1F987B770426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "57FCACE0-20E6-469A-AD42-011B5CF7AF89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8CBE2-CA78-4B35-AA04-13247025AF8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAE53AD-7F73-467B-B8BB-0F13F520EAE4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD3C3C1-67EA-4366-8CFD-D41702E634BE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-472xx/CVE-2023-47256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47256",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-01T22:15:55.103",
"lastModified": "2024-02-07T17:15:07.247",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-15T07:15:08.250",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -74,6 +74,10 @@
}
],
"references": [
{
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256",
"source": "cve@mitre.org"
},
{
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-472xx/CVE-2023-47257.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47257",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-01T22:15:55.170",
"lastModified": "2024-02-07T14:17:28.073",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-15T07:15:08.777",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -74,6 +74,10 @@
}
],
"references": [
{
"url": "https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256",
"source": "cve@mitre.org"
},
{
"url": "https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix",
"source": "cve@mitre.org",

128
CVE-2023/CVE-2023-497xx/CVE-2023-49716.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49716",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-09T04:15:08.007",
"lastModified": "2024-02-09T14:31:23.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-15T07:23:22.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -50,14 +80,104 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0366C834-5B10-4E1E-85F7-139361C04C2B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF5297A-99CA-4D56-8081-1F987B770426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "57FCACE0-20E6-469A-AD42-011B5CF7AF89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8CBE2-CA78-4B35-AA04-13247025AF8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAE53AD-7F73-467B-B8BB-0F13F520EAE4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD3C3C1-67EA-4366-8CFD-D41702E634BE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
]
}
]
}

128
CVE-2023/CVE-2023-517xx/CVE-2023-51761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51761",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-02-09T04:15:08.210",
"lastModified": "2024-02-09T14:31:23.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-15T07:24:09.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -50,14 +80,104 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc370xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0366C834-5B10-4E1E-85F7-139361C04C2B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc370xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF5297A-99CA-4D56-8081-1F987B770426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc700xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "57FCACE0-20E6-469A-AD42-011B5CF7AF89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc700xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8CBE2-CA78-4B35-AA04-13247025AF8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:emerson:gc1500xa_firmware:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAE53AD-7F73-467B-B8BB-0F13F520EAE4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:emerson:gc1500xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD3C3C1-67EA-4366-8CFD-D41702E634BE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-62xx/CVE-2023-6240.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6240",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-04T14:15:47.787",
"lastModified": "2024-02-13T00:40:57.653",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-15T08:15:45.610",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
@ -70,12 +70,12 @@
]
},
{
"source": "secalert@redhat.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-402"
"value": "CWE-203"
}
]
}

6
CVE-2023/CVE-2023-62xx/CVE-2023-6246.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6246",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-31T14:15:48.420",
"lastModified": "2024-02-04T10:15:08.490",
"lastModified": "2024-02-15T07:15:09.137",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
@ -166,6 +166,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt",
"source": "secalert@redhat.com"
}
]
}

8
CVE-2023/CVE-2023-67xx/CVE-2023-6779.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6779",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-31T14:15:48.700",
"lastModified": "2024-02-09T00:59:49.720",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-15T07:15:10.220",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -179,6 +179,10 @@
"Exploit",
"Mailing List"
]
},
{
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt",
"source": "secalert@redhat.com"
}
]
}

55
CVE-2024/CVE-2024-03xx/CVE-2024-0353.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-0353",
"sourceIdentifier": "security@eset.com",
"published": "2024-02-15T08:15:46.023",
"lastModified": "2024-02-15T08:15:46.023",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET\u2019s file operations to delete files without having proper permission."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@eset.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@eset.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed",
"source": "security@eset.com"
}
]
}

47
CVE-2024/CVE-2024-07xx/CVE-2024-0708.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0708",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-15T07:15:10.757",
"lastModified": "2024-02-15T07:15:10.757",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Landing Page Cat \u2013 Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers to access landing pages that may not be public."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3034324/landing-page-cat/trunk/includes/landing/landing.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7b34f50a-4d2d-49b8-86e4-0416c8be202b?source=cve",
"source": "security@wordfence.com"
}
]
}

32
CVE-2024/CVE-2024-217xx/CVE-2024-21727.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-21727",
"sourceIdentifier": "security@joomla.org",
"published": "2024-02-15T07:15:11.167",
"lastModified": "2024-02-15T07:15:11.167",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "XSS vulnerability in DP Calendar component for Joomla."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://extensions.joomla.org/extension/dpcalendar/",
"source": "security@joomla.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24256.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24256",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-15T08:15:46.410",
"lastModified": "2024-02-15T08:15:46.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hr_position directory."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/l8l1/killl.github.io/blob/main/3.md",
"source": "cve@mitre.org"
}
]
}

24
CVE-2024/CVE-2024-243xx/CVE-2024-24386.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-24386",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-15T08:15:46.497",
"lastModified": "2024-02-15T08:15:46.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload to the /var/lib/vitalpbx/scripts folder."
}
],
"metrics": {},
"references": [
{
"url": "https://erickduarte.notion.site/VitalPBX-3-2-4-5-ee402173241c493687aa22ec60160c67?pvs=4",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/erick-duarte/CVE-2024-24386",
"source": "cve@mitre.org"
}
]
}

74
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-15T07:00:26.520976+00:00
2024-02-15T09:01:12.503487+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-15T06:27:52.447000+00:00
2024-02-15T08:15:46.497000+00:00
```
### Last Data Feed Release
@ -29,68 +29,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238635
238640
```
### CVEs added in the last Commit
Recently added CVEs: `24`
Recently added CVEs: `5`
* [CVE-2021-29633](CVE-2021/CVE-2021-296xx/CVE-2021-29633.json) (`2024-02-15T06:15:44.667`)
* [CVE-2021-29634](CVE-2021/CVE-2021-296xx/CVE-2021-29634.json) (`2024-02-15T06:15:44.810`)
* [CVE-2021-29635](CVE-2021/CVE-2021-296xx/CVE-2021-29635.json) (`2024-02-15T06:15:44.853`)
* [CVE-2021-29636](CVE-2021/CVE-2021-296xx/CVE-2021-29636.json) (`2024-02-15T06:15:44.890`)
* [CVE-2021-29637](CVE-2021/CVE-2021-296xx/CVE-2021-29637.json) (`2024-02-15T06:15:44.937`)
* [CVE-2021-29638](CVE-2021/CVE-2021-296xx/CVE-2021-29638.json) (`2024-02-15T06:15:44.977`)
* [CVE-2021-29639](CVE-2021/CVE-2021-296xx/CVE-2021-29639.json) (`2024-02-15T06:15:45.013`)
* [CVE-2021-29640](CVE-2021/CVE-2021-296xx/CVE-2021-29640.json) (`2024-02-15T06:15:45.057`)
* [CVE-2022-23084](CVE-2022/CVE-2022-230xx/CVE-2022-23084.json) (`2024-02-15T05:15:08.833`)
* [CVE-2022-23085](CVE-2022/CVE-2022-230xx/CVE-2022-23085.json) (`2024-02-15T05:15:09.110`)
* [CVE-2022-23086](CVE-2022/CVE-2022-230xx/CVE-2022-23086.json) (`2024-02-15T05:15:09.273`)
* [CVE-2022-23087](CVE-2022/CVE-2022-230xx/CVE-2022-23087.json) (`2024-02-15T05:15:09.337`)
* [CVE-2022-23088](CVE-2022/CVE-2022-230xx/CVE-2022-23088.json) (`2024-02-15T05:15:09.440`)
* [CVE-2022-23089](CVE-2022/CVE-2022-230xx/CVE-2022-23089.json) (`2024-02-15T05:15:09.620`)
* [CVE-2022-23090](CVE-2022/CVE-2022-230xx/CVE-2022-23090.json) (`2024-02-15T06:15:45.103`)
* [CVE-2022-23091](CVE-2022/CVE-2022-230xx/CVE-2022-23091.json) (`2024-02-15T06:15:45.147`)
* [CVE-2022-23092](CVE-2022/CVE-2022-230xx/CVE-2022-23092.json) (`2024-02-15T06:15:45.190`)
* [CVE-2022-23093](CVE-2022/CVE-2022-230xx/CVE-2022-23093.json) (`2024-02-15T06:15:45.240`)
* [CVE-2023-46596](CVE-2023/CVE-2023-465xx/CVE-2023-46596.json) (`2024-02-15T06:15:45.453`)
* [CVE-2023-51787](CVE-2023/CVE-2023-517xx/CVE-2023-51787.json) (`2024-02-15T06:15:46.067`)
* [CVE-2024-1488](CVE-2024/CVE-2024-14xx/CVE-2024-1488.json) (`2024-02-15T05:15:10.257`)
* [CVE-2024-25559](CVE-2024/CVE-2024-255xx/CVE-2024-25559.json) (`2024-02-15T05:15:10.870`)
* [CVE-2024-25940](CVE-2024/CVE-2024-259xx/CVE-2024-25940.json) (`2024-02-15T05:15:11.100`)
* [CVE-2024-25941](CVE-2024/CVE-2024-259xx/CVE-2024-25941.json) (`2024-02-15T05:15:11.200`)
* [CVE-2024-0708](CVE-2024/CVE-2024-07xx/CVE-2024-0708.json) (`2024-02-15T07:15:10.757`)
* [CVE-2024-21727](CVE-2024/CVE-2024-217xx/CVE-2024-21727.json) (`2024-02-15T07:15:11.167`)
* [CVE-2024-0353](CVE-2024/CVE-2024-03xx/CVE-2024-0353.json) (`2024-02-15T08:15:46.023`)
* [CVE-2024-24256](CVE-2024/CVE-2024-242xx/CVE-2024-24256.json) (`2024-02-15T08:15:46.410`)
* [CVE-2024-24386](CVE-2024/CVE-2024-243xx/CVE-2024-24386.json) (`2024-02-15T08:15:46.497`)
### CVEs modified in the last Commit
Recently modified CVEs: `72`
Recently modified CVEs: `10`
* [CVE-2024-1367](CVE-2024/CVE-2024-13xx/CVE-2024-1367.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-1471](CVE-2024/CVE-2024-14xx/CVE-2024-1471.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-24300](CVE-2024/CVE-2024-243xx/CVE-2024-24300.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-24301](CVE-2024/CVE-2024-243xx/CVE-2024-24301.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-25620](CVE-2024/CVE-2024-256xx/CVE-2024-25620.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-1523](CVE-2024/CVE-2024-15xx/CVE-2024-1523.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-26260](CVE-2024/CVE-2024-262xx/CVE-2024-26260.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-26261](CVE-2024/CVE-2024-262xx/CVE-2024-26261.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-26262](CVE-2024/CVE-2024-262xx/CVE-2024-26262.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-26263](CVE-2024/CVE-2024-262xx/CVE-2024-26263.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-26264](CVE-2024/CVE-2024-262xx/CVE-2024-26264.json) (`2024-02-15T06:23:39.303`)
* [CVE-2024-0169](CVE-2024/CVE-2024-01xx/CVE-2024-0169.json) (`2024-02-15T06:24:58.003`)
* [CVE-2024-22223](CVE-2024/CVE-2024-222xx/CVE-2024-22223.json) (`2024-02-15T06:25:07.800`)
* [CVE-2024-22224](CVE-2024/CVE-2024-222xx/CVE-2024-22224.json) (`2024-02-15T06:25:21.423`)
* [CVE-2024-22225](CVE-2024/CVE-2024-222xx/CVE-2024-22225.json) (`2024-02-15T06:25:29.100`)
* [CVE-2024-22227](CVE-2024/CVE-2024-222xx/CVE-2024-22227.json) (`2024-02-15T06:25:36.360`)
* [CVE-2024-22228](CVE-2024/CVE-2024-222xx/CVE-2024-22228.json) (`2024-02-15T06:25:45.463`)
* [CVE-2024-22230](CVE-2024/CVE-2024-222xx/CVE-2024-22230.json) (`2024-02-15T06:25:53.660`)
* [CVE-2024-25207](CVE-2024/CVE-2024-252xx/CVE-2024-25207.json) (`2024-02-15T06:26:56.397`)
* [CVE-2024-25208](CVE-2024/CVE-2024-252xx/CVE-2024-25208.json) (`2024-02-15T06:27:02.687`)
* [CVE-2024-25212](CVE-2024/CVE-2024-252xx/CVE-2024-25212.json) (`2024-02-15T06:27:12.610`)
* [CVE-2024-25213](CVE-2024/CVE-2024-252xx/CVE-2024-25213.json) (`2024-02-15T06:27:20.520`)
* [CVE-2024-25214](CVE-2024/CVE-2024-252xx/CVE-2024-25214.json) (`2024-02-15T06:27:33.513`)
* [CVE-2024-25215](CVE-2024/CVE-2024-252xx/CVE-2024-25215.json) (`2024-02-15T06:27:41.287`)
* [CVE-2024-25216](CVE-2024/CVE-2024-252xx/CVE-2024-25216.json) (`2024-02-15T06:27:52.447`)
* [CVE-2023-46596](CVE-2023/CVE-2023-465xx/CVE-2023-46596.json) (`2024-02-15T07:15:07.370`)
* [CVE-2023-47256](CVE-2023/CVE-2023-472xx/CVE-2023-47256.json) (`2024-02-15T07:15:08.250`)
* [CVE-2023-47257](CVE-2023/CVE-2023-472xx/CVE-2023-47257.json) (`2024-02-15T07:15:08.777`)
* [CVE-2023-6246](CVE-2023/CVE-2023-62xx/CVE-2023-6246.json) (`2024-02-15T07:15:09.137`)
* [CVE-2023-6779](CVE-2023/CVE-2023-67xx/CVE-2023-6779.json) (`2024-02-15T07:15:10.220`)
* [CVE-2023-43609](CVE-2023/CVE-2023-436xx/CVE-2023-43609.json) (`2024-02-15T07:22:35.487`)
* [CVE-2023-46687](CVE-2023/CVE-2023-466xx/CVE-2023-46687.json) (`2024-02-15T07:22:46.397`)
* [CVE-2023-49716](CVE-2023/CVE-2023-497xx/CVE-2023-49716.json) (`2024-02-15T07:23:22.473`)
* [CVE-2023-51761](CVE-2023/CVE-2023-517xx/CVE-2023-51761.json) (`2024-02-15T07:24:09.660`)
* [CVE-2023-6240](CVE-2023/CVE-2023-62xx/CVE-2023-6240.json) (`2024-02-15T08:15:45.610`)
## Download and Usage