admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-05-31T04:00:37.880696+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-05-31 04:03:29 +00:00
parent d3ea9c5e19
commit d336ea971b
5 changed files with 152 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CVE-2024/CVE-2024-328xx/CVE-2024-32850.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-32850",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-05-31T02:15:08.843",
"lastModified": "2024-05-31T02:15:08.843",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of special elements used in a command ('Command Injection') exists in SkyBridge MB-A100/MB-A110 firmware Ver. 4.2.2 and earlier and SkyBridge BASIC MB-A130 firmware Ver. 1.5.5 and earlier. If the remote monitoring and control function is enabled on the product, an attacker with access to the product may execute an arbitrary command or login to the product with the administrator privilege."
}
],
"metrics": {},
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU94872523/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.seiko-sol.co.jp/archives/82992/",
"source": "vultures@jpcert.or.jp"
}
]
}

51
CVE-2024/CVE-2024-53xx/CVE-2024-5345.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-5345",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-31T03:15:08.613",
"lastModified": "2024-05-31T03:15:08.613",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Responsive Owl Carousel for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.2.0 via the layout parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. The inclusion is limited to PHP files."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/responsive-owl-carousel-elementor/trunk/includes/widgets/owl-carousel.php#L669",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3092511%40responsive-owl-carousel-elementor%2Ftrunk&old=3092226%40responsive-owl-carousel-elementor%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0638c8f3-070a-4b42-ba58-396f3f259b9d?source=cve",
"source": "security@wordfence.com"
}
]
}

59
CVE-2024/CVE-2024-54xx/CVE-2024-5418.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-5418",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-31T03:15:08.853",
"lastModified": "2024-05-31T03:15:08.853",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab & Slide widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.0/widgets/de-product-tab-slide.php#L1619",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/dethemekit-for-elementor/tags/2.1.4/widgets/de-product-tab-slide.php#L1617",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3094885/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/dethemekit-for-elementor/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/19bdbde1-1414-4113-890e-b6c96b8a6e11?source=cve",
"source": "security@wordfence.com"
}
]
}

20
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-05-31T02:00:30.252870+00:00
2024-05-31T04:00:37.880696+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-05-31T01:15:54.323000+00:00
2024-05-31T03:15:08.853000+00:00
```
### Last Data Feed Release
@ -33,26 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
252265
252268
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
- [CVE-2024-37017](CVE-2024/CVE-2024-370xx/CVE-2024-37017.json) (`2024-05-31T00:15:08.890`)
- [CVE-2024-37018](CVE-2024/CVE-2024-370xx/CVE-2024-37018.json) (`2024-05-31T01:15:54.323`)
- [CVE-2024-32850](CVE-2024/CVE-2024-328xx/CVE-2024-32850.json) (`2024-05-31T02:15:08.843`)
- [CVE-2024-5345](CVE-2024/CVE-2024-53xx/CVE-2024-5345.json) (`2024-05-31T03:15:08.613`)
- [CVE-2024-5418](CVE-2024/CVE-2024-54xx/CVE-2024-5418.json) (`2024-05-31T03:15:08.853`)
### CVEs modified in the last Commit
Recently modified CVEs: `5`
Recently modified CVEs: `0`
- [CVE-2024-1023](CVE-2024/CVE-2024-10xx/CVE-2024-1023.json) (`2024-05-31T01:15:53.040`)
- [CVE-2024-1086](CVE-2024/CVE-2024-10xx/CVE-2024-1086.json) (`2024-05-31T01:00:03.283`)
- [CVE-2024-1300](CVE-2024/CVE-2024-13xx/CVE-2024-1300.json) (`2024-05-31T01:15:53.967`)
- [CVE-2024-24919](CVE-2024/CVE-2024-249xx/CVE-2024-24919.json) (`2024-05-31T01:00:03.283`)
- [CVE-2024-2700](CVE-2024/CVE-2024-27xx/CVE-2024-2700.json) (`2024-05-31T01:15:54.150`)
## Download and Usage

17
_state.csv
View File

@ -241016,7 +241016,7 @@ CVE-2024-1019,0,0,27c6fed97db80e9684966512d657c2ae1b8d86be0f46f2f894fd714e51d0d5
CVE-2024-1020,0,0,9c38654e469ac00d17546e26ec534d4c7bea2be6d89bdf28044962880f9d5820,2024-05-17T02:35:10.867000
CVE-2024-1021,0,0,5a8e02d7058c067054b063aabba5540169cc60bb5eef34be87a607c196ef7d5f,2024-05-17T02:35:10.970000
CVE-2024-1022,0,0,69eec4d7da603217ad4d94fbf09fef8fa962f38c93419612a0efc6f64912229c,2024-05-17T02:35:11.070000
CVE-2024-1023,0,1,832d76c2a7892c5300f2672da9b4be5692c4772b3d9ccc839273c6cce5374e6c,2024-05-31T01:15:53.040000
CVE-2024-1023,0,0,832d76c2a7892c5300f2672da9b4be5692c4772b3d9ccc839273c6cce5374e6c,2024-05-31T01:15:53.040000
CVE-2024-1024,0,0,7bb01e43c6a7b4af67cf4acf4dcde6df2e6c572cbde2c1a38447944ffb722a3a,2024-05-17T02:35:11.210000
CVE-2024-1026,0,0,784347fcfe5d9ff4657c79eb997eb71c4a7b21475ee666dddd58b83b384cf3ea,2024-05-17T02:35:11.320000
CVE-2024-1027,0,0,1d01269e0df9bfa3c025958f48e327f6c3ac7e82a2b5d48fe02f1b63f0a6aa09,2024-05-17T02:35:11.427000
@ -241076,7 +241076,7 @@ CVE-2024-1082,0,0,5d2917cbc0ebe1d44667869da021a3fe152a9311cc75cb6f51732f94daecc6
CVE-2024-1083,0,0,12f71ff8092607030cf18bf8a64ce08dcbfadccd528aaaf70c8824b0476991c9,2024-03-13T18:16:18.563000
CVE-2024-1084,0,0,034d85bf39978c9573e4dbc412f1867f9df271e85d3cd30f25c6648ff5a9703b,2024-02-13T19:45:42.327000
CVE-2024-1085,0,0,649a4a278db01305790c1d25d5fb8d26a8b328f3c410af99f7747f493230845c,2024-02-05T20:41:40.513000
CVE-2024-1086,0,1,5d85991a665335200c380b02d0af53f494822617e72b855b98d1419dee926e01,2024-05-31T01:00:03.283000
CVE-2024-1086,0,0,5d85991a665335200c380b02d0af53f494822617e72b855b98d1419dee926e01,2024-05-31T01:00:03.283000
CVE-2024-1087,0,0,bfb73beeec450e6da5995b5f21712b59848b559e03cbbae3eab10a626379de00,2024-01-31T13:15:11.030000
CVE-2024-1088,0,0,9e4fcd4d80be5fd2d14ec6d1eed4646f24ed688d5f028fb9bbb59da4f601b1b1,2024-03-05T13:41:01.900000
CVE-2024-1089,0,0,c420c84f1c9ea1e3f949226f3064a7cb757fb25c8f460e9f69a5f8ab62483f91,2024-02-29T13:49:29.390000
@ -241261,7 +241261,7 @@ CVE-2024-1296,0,0,ab648d9dba58ca530bb990b50d92c4f5ce9f591faa8fbeeb49385095b8425c
CVE-2024-1297,0,0,1fc219bb038ab422185a999365115aff94759fe3e5ff94e3dc4180f1d6bc82d0,2024-02-20T19:50:53.960000
CVE-2024-1298,0,0,183fffca6bfb02ef60f07817fa282525fd76fdba224033b58a02642498da8e82,2024-05-30T21:15:09.213000
CVE-2024-1299,0,0,165a6e5bf7396c9871edb84a6ce28d3386b33fd34eb9238065e890fa150a178a,2024-03-07T13:52:27.110000
CVE-2024-1300,0,1,843d0cf47128991e9d7cbff1831c7ad94a9bd78e5cc7dab19b0a5a8848cb7f51,2024-05-31T01:15:53.967000
CVE-2024-1300,0,0,843d0cf47128991e9d7cbff1831c7ad94a9bd78e5cc7dab19b0a5a8848cb7f51,2024-05-31T01:15:53.967000
CVE-2024-1301,0,0,68d5e322fab21220735382791ea9287e8104e954fa5bc7b1f8f02021f25e280b,2024-03-12T17:46:17.273000
CVE-2024-1302,0,0,e42b35f7a02693024fada8fec8e812444e0bb721c54c537bf6c1b8db8c60ce66,2024-03-12T17:46:17.273000
CVE-2024-1303,0,0,d6386ac67e1b3bd9c657849a1747229ab86034b9c989d20fb5cde0be8bba0359,2024-03-12T17:46:17.273000
@ -244622,7 +244622,7 @@ CVE-2024-24908,0,0,8283d99d7a40754c521eccb4d65696182424210fa0da9643faa3048901b25
CVE-2024-2491,0,0,56d5936f32866edf29962cfc16d1b84e21384fb0d36dc5404e3888c50a6878ee,2024-04-01T01:12:59.077000
CVE-2024-24910,0,0,bb7bb7f4f89300a6c40465a407ba5586d91f4a455e8da02c5a17663b7715ec72,2024-04-18T18:25:55.267000
CVE-2024-24912,0,0,79cdf936b61cd3c2ac1888b2bf7026a51d657f04895fbd14d8ade234a06c9bbb,2024-05-01T19:50:25.633000
CVE-2024-24919,0,1,72806e1c6b9ddda43c1ca50ab2960ec7b9fa2eba89f77150cbfe01adea70f81b,2024-05-31T01:00:03.283000
CVE-2024-24919,0,0,72806e1c6b9ddda43c1ca50ab2960ec7b9fa2eba89f77150cbfe01adea70f81b,2024-05-31T01:00:03.283000
CVE-2024-2492,0,0,a83da3e7ac12e71f3238f0026df94ba19b3a7e74326df6047a5459c611fae961,2024-04-10T13:23:38.787000
CVE-2024-24920,0,0,0c6e0a299c3dcb3e2c9c47cd3391320c9c9126b8fcb7683d54f65bff941cba09,2024-02-13T14:01:00.987000
CVE-2024-24921,0,0,2756f13f54e6771800d4e52f7442498e73a8fe2b3f97e730b1c320dbcf7f624d,2024-02-13T14:01:00.987000
@ -246082,7 +246082,7 @@ CVE-2024-26996,0,0,cea553e0454def5a96fbfdf9d710c263c431f278cf804a7efd8ec8ff0107b
CVE-2024-26997,0,0,bdfca562d47f9e5d3fc1098c4dacc21d61a7ba014b51a9e792d5f847f7afb48b,2024-05-03T06:15:11.950000
CVE-2024-26998,0,0,822a5cfb35cd9e5868bbf4bda50d2331021edf4824c2d8385d4feca7d97a1dd2,2024-05-13T08:15:11.390000
CVE-2024-26999,0,0,9ac4807c2521e1d8db890c0527b001317552b4ac44ce0b01702365258c787f45,2024-05-03T06:15:12.137000
CVE-2024-2700,0,1,0ab479fa522a944d9d3fb08b496777a56bf41be14a6567ecbaf49b865c2472da,2024-05-31T01:15:54.150000
CVE-2024-2700,0,0,0ab479fa522a944d9d3fb08b496777a56bf41be14a6567ecbaf49b865c2472da,2024-05-31T01:15:54.150000
CVE-2024-27000,0,0,ad2ef5bdd7c2f9d77d1b6346a92f926b0e0114b79caa616e96d2bb2c427a8aac,2024-05-03T06:15:12.350000
CVE-2024-27001,0,0,f4defde5af84e6133600f9028ad4a44c6061db86e7d3ca3705bde065e8cf1441,2024-05-03T06:15:12.590000
CVE-2024-27002,0,0,6190ad6afa26f7583c9a538caad37267ed161406911969a163db177bf76cd4a6,2024-05-13T08:15:11.473000
@ -249540,6 +249540,7 @@ CVE-2024-32834,0,0,d2ed9ea40163afd5f111e44be27b5edfb4cb8a8dd0234c49fdc13943a21fb
CVE-2024-32835,0,0,a55a936ce932c192bddb52ecc7ef5c50500f7aaee0689f590c1aa942fe932618,2024-04-24T13:39:42.883000
CVE-2024-32836,0,0,b79abde0b1fb00c320171e12e4361e475bc7a0910a68d24b478ff673cfed4676,2024-04-24T13:39:42.883000
CVE-2024-3285,0,0,ea17e16acaa3172cbcc052cf9bfb1b3e7ee2b004434b062b8e67c1c1ed8bff14,2024-04-11T12:47:44.137000
CVE-2024-32850,1,1,df111e9c097d0d92132a1876ea8ece172e0febc039d526d9e009002112ecff3b,2024-05-31T02:15:08.843000
CVE-2024-3286,0,0,2b72849c89237e28c3d3a120424f9748393454aee8e724834e4cfefbfa74f3f9,2024-05-17T18:36:31.297000
CVE-2024-32866,0,0,20522d9aebf09a5d43cbab0aa4b3dc9ed937958cfd0ea9d3803e03cb59093366,2024-04-24T13:39:42.883000
CVE-2024-32867,0,0,8b49049697f6722e345366f8694914765116c8554c5893cf239e1c1a736d6057,2024-05-07T20:07:58.737000
@ -251207,8 +251208,8 @@ CVE-2024-3696,0,0,54c8c42492f1c31e1d0d081b12ae9fb101d447905039b557dcc4372130239b
CVE-2024-3697,0,0,cc8cf5a7af305c88ebdfa6655aacb4fa5ec406664965d679a29a0cbf17ffb930,2024-05-17T02:40:04.710000
CVE-2024-3698,0,0,13b4029eb6179dbe788598788e16556a1995d850ddfc4af1ee0c4e86961a3a21,2024-05-17T02:40:04.800000
CVE-2024-3701,0,0,d78f52a76181001272debccb095fb5971bb478ebc111313d9ff2994f4ec0598f,2024-04-15T13:15:31.997000
CVE-2024-37017,1,1,a92df0fafe66b57fbe8f6a1f20bf3902c65d99ba86bca3f5a67b04f174fafc33,2024-05-31T00:15:08.890000
CVE-2024-37018,1,1,369f4f53e34cd54c57d99b89ebf6aea6aedb35d7f020c20028cdc1b2916fe8e4,2024-05-31T01:15:54.323000
CVE-2024-37017,0,0,a92df0fafe66b57fbe8f6a1f20bf3902c65d99ba86bca3f5a67b04f174fafc33,2024-05-31T00:15:08.890000
CVE-2024-37018,0,0,369f4f53e34cd54c57d99b89ebf6aea6aedb35d7f020c20028cdc1b2916fe8e4,2024-05-31T01:15:54.323000
CVE-2024-3703,0,0,46d289814974ee20b6160fe56cc828277066d832a1c60ccf5d9c1a62d06c47e2,2024-05-03T12:48:41.067000
CVE-2024-3704,0,0,ad7f205e31bc442943bbd584692b194a3485d815654eeb83e4eefef6a6eff393,2024-04-15T13:15:51.577000
CVE-2024-3705,0,0,44f1c76d2f6cd8dab882ddfdbdbe908a4e3a8f22d6a90f31f0279b7faf87a669,2024-04-15T13:15:51.577000
@ -252188,6 +252189,7 @@ CVE-2024-5338,0,0,f1fc65a7b53696dcb1b22f7cb4a402d175011424b23786711e5e263fd7ec2e
CVE-2024-5339,0,0,06454cd858966bd04fe11523962adaa26a10dc55f1781c23c279a6bf8e0f1118,2024-05-28T12:39:42.673000
CVE-2024-5340,0,0,c66c0c9e55de3c725084d3080da1dc604d47daf703d95b2c548541ec6a382225,2024-05-28T12:39:42.673000
CVE-2024-5341,0,0,2b72dd4ef57e598a2469a1d6786a4762ce0fcb8187c35f2f4bd1ff39b4044b7e,2024-05-30T13:15:41.297000
CVE-2024-5345,1,1,ab408465466f89085738a2657691827a8c34288c9c24d6282b532357c2e7aa95,2024-05-31T03:15:08.613000
CVE-2024-5350,0,0,60bbd22831ddecb115d40713a9dc768f9983e70563a63aa9f7486c68fbd4f9e1,2024-05-28T12:39:42.673000
CVE-2024-5351,0,0,75936f9a30b9b2678d667660507da4226e150a018add31c316ae6f6c8d9a34b8,2024-05-28T12:39:42.673000
CVE-2024-5352,0,0,436cc86ab2a56db91a02662bc69df77d88892fce705caf803e28ba33694f3f1c,2024-05-28T12:39:42.673000
@ -252244,6 +252246,7 @@ CVE-2024-5411,0,0,e0e2b037ba712eee566a50718dc689d20775fc59c9b248d0618a71b0dcd07b
CVE-2024-5413,0,0,b82b9711af907924143b902545bad47c16b9191e82f7488c30e422ab2732b1e2,2024-05-28T14:59:09.827000
CVE-2024-5414,0,0,00699255cb30deaace9d09c2453b71a81be7d08b48d1c00b566847910d37827a,2024-05-28T14:59:09.827000
CVE-2024-5415,0,0,30fb2f383abca6cc2ff9ab88331c18d1b11c9d102c850a6497c8044d92363f58,2024-05-28T14:59:09.827000
CVE-2024-5418,1,1,1d2ad2df007595b2da9031a43cb4322b2ece3287a48cad8d9581b799a377fd31,2024-05-31T03:15:08.853000
CVE-2024-5428,0,0,48df461aef64d2744feebfecb3948a4ed7b72d467be8b3109a057cc13cad6e25,2024-05-28T14:59:09.827000
CVE-2024-5433,0,0,d0946774ada383b4af0e78f23b9c449d05f83a7124810af4e383f90b0cdbda75,2024-05-29T13:02:09.280000
CVE-2024-5434,0,0,dc2716eb218edba725ac85c17a2930de7a00b6563d0ca53040574106ea0b92ed,2024-05-29T13:02:09.280000

Can't render this file because it is too large.