admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-08T10:01:12.197410+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-08 10:04:06 +00:00
parent 12f4fe581a
commit dc1c51933a
7 changed files with 90 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CVE-2023/CVE-2023-265xx/CVE-2023-26531.json
View File

@ -2,12 +2,13 @@
"id": "CVE-2023-26531",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-13T01:15:07.410",
"lastModified": "2024-02-29T01:38:28.747",
"lastModified": "2024-07-08T09:15:02.397",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in \u95ea\u7535\u535a \u591a\u5408\u4e00\u641c\u7d22\u81ea\u52a8\u63a8\u9001\u7ba1\u7406\u63d2\u4ef6-\u652f\u6301Baidu/Google/Bing/IndexNow/Yandex/\u5934\u6761 plugin <=\u00a04.2.7 versions."
"value": "Cross-Site Request Forgery (CSRF) vulnerability in \u95ea\u7535\u535a \u591a\u5408\u4e00\u641c\u7d22\u81ea\u52a8\u63a8\u9001\u7ba1\u7406\u63d2\u4ef6-\u652f\u6301Baidu/Google/Bing/IndexNow/Yandex/\u5934\u6761 allows Cross Site Request Forgery.This issue affects \u591a\u5408\u4e00\u641c\u7d22\u81ea\u52a8\u63a8\u9001\u7ba1\u7406\u63d2\u4ef6-\u652f\u6301Baidu/Google/Bing/IndexNow/Yandex/\u5934\u6761: from n/a through 4.2.7."
},
{
"lang": "es",

7
CVE-2023/CVE-2023-491xx/CVE-2023-49188.json
View File

@ -2,12 +2,13 @@
"id": "CVE-2023-49188",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T15:15:10.600",
"lastModified": "2023-12-19T20:20:29.910",
"vulnStatus": "Analyzed",
"lastModified": "2024-07-08T09:15:02.663",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.This issue affects Track Geolocation Of Users Using Contact Form 7: from n/a through 1.4.\n\n"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.This issue affects Track Geolocation Of Users Using Contact Form 7: from n/a through 2.0."
},
{
"lang": "es",

4
CVE-2024/CVE-2024-346xx/CVE-2024-34603.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data."
},
{
"lang": "es",
"value": "El control de acceso inadecuado en Samsung Message anterior a SMR Jul-2024 Release 1 permite a atacantes locales acceder a datos de ubicaci\u00f3n."
}
],
"metrics": {

5
CVE-2024/CVE-2024-348xx/CVE-2024-34804.json
View File

@ -2,12 +2,13 @@
"id": "CVE-2024-34804",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:01.683",
"lastModified": "2024-06-13T18:36:09.013",
"lastModified": "2024-07-08T09:15:02.867",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.5."
"value": "Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.8."
},
{
"lang": "es",

60
CVE-2024/CVE-2024-373xx/CVE-2024-37389.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-37389",
"sourceIdentifier": "security@apache.org",
"published": "2024-07-08T08:15:10.847",
"lastModified": "2024-07-08T08:15:10.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3 support a description field in the Parameter Context configuration that is vulnerable to cross-site scripting. An authenticated user, authorized to configure a Parameter Context, can enter arbitrary JavaScript code, which the client browser will execute within the session context of the authenticated user. Upgrading to Apache NiFi 1.27.0 or 2.0.0-M4 is the recommended mitigation."
},
{
"lang": "es",
"value": "Apache NiFi 1.10.0 a 1.26.0 y 2.0.0-M1 a 2.0.0-M3 admiten un campo de descripci\u00f3n en la configuraci\u00f3n del contexto de par\u00e1metros que es vulnerable a Cross site Scripting. Un usuario autenticado, autorizado para configurar un contexto de par\u00e1metro, puede ingresar c\u00f3digo JavaScript arbitrario, que el navegador del cliente ejecutar\u00e1 dentro del contexto de sesi\u00f3n del usuario autenticado. La mitigaci\u00f3n recomendada es actualizar a Apache NiFi 1.27.0 o 2.0.0-M4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@apache.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/yso9fr0wtff53nk046h1o83hdyb1lrxh",
"source": "security@apache.org"
}
]
}

17
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-07-08T08:01:37.390510+00:00
2024-07-08T10:01:12.197410+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-07-08T07:15:04.100000+00:00
2024-07-08T09:15:02.867000+00:00
```
### Last Data Feed Release
@ -33,21 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
255987
255988
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `1`
- [CVE-2024-34602](CVE-2024/CVE-2024-346xx/CVE-2024-34602.json) (`2024-07-08T07:15:02.663`)
- [CVE-2024-34603](CVE-2024/CVE-2024-346xx/CVE-2024-34603.json) (`2024-07-08T07:15:04.100`)
- [CVE-2024-37389](CVE-2024/CVE-2024-373xx/CVE-2024-37389.json) (`2024-07-08T08:15:10.847`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `4`
- [CVE-2023-26531](CVE-2023/CVE-2023-265xx/CVE-2023-26531.json) (`2024-07-08T09:15:02.397`)
- [CVE-2023-49188](CVE-2023/CVE-2023-491xx/CVE-2023-49188.json) (`2024-07-08T09:15:02.663`)
- [CVE-2024-34603](CVE-2024/CVE-2024-346xx/CVE-2024-34603.json) (`2024-07-08T07:15:04.100`)
- [CVE-2024-34804](CVE-2024/CVE-2024-348xx/CVE-2024-34804.json) (`2024-07-08T09:15:02.867`)
## Download and Usage

11
_state.csv
View File

@ -219640,7 +219640,7 @@ CVE-2023-26528,0,0,de53b1b2365d082b16b3e52476599015c39991bd236b22656587fd68c2487
CVE-2023-26529,0,0,9c86f8a783ccfd1f1e41d892b0db8dd3fe1abff5ea8ae669029a676e57a1754f,2023-11-07T04:09:37.600000
CVE-2023-2653,0,0,0e0a3a49c4bec46a7cceaf51372840b53f07b29fb0f57002bda7f4b682a6e70b,2024-05-17T02:23:07.510000
CVE-2023-26530,0,0,fb64b33e1966b9ed3009e9d92488933c1e46806691006672d22a22d9ebd4bc0e,2023-08-22T00:56:35.657000
CVE-2023-26531,0,0,af19bf2d79c4fa64015e35150c451c74f7180845296effe24e52a3dfd864865b,2024-02-29T01:38:28.747000
CVE-2023-26531,0,1,fe01822521ff89bdb05fb8289d9cecffa6980a7671aabe2077aa791e958071ab,2024-07-08T09:15:02.397000
CVE-2023-26532,0,0,7f0b35ad1cf0fcbd24dc9f1216197cb177b6520f4478684c2c08cca69f327b17,2023-11-27T22:08:32.057000
CVE-2023-26533,0,0,8d39412f80f99869d331564890ce6e042d03ea07290c69b81e1612dd5faab023,2023-12-06T17:43:35.347000
CVE-2023-26534,0,0,15c4231e630b7398008d9551a749fa9246bb7f2677305d8d75759252628df3c6,2023-06-28T07:14:06.263000
@ -236302,7 +236302,7 @@ CVE-2023-49183,0,0,2e675f6060b1d0f3f34c75175ec2e7ad4f737511b8336158dd45bef3681ae
CVE-2023-49184,0,0,d5000ae1b227810f39b2b9b0da886c37cda56c5bb7329d1ed93f858de6759550,2023-12-19T20:43:19.030000
CVE-2023-49185,0,0,b6277b639298401f8399c0dce995cbfcf5d945a31862630dbc2cba961ff9cdf0,2023-12-19T20:45:06.317000
CVE-2023-49187,0,0,81995564cd401d0d066a0dc7261569a5ffb0837b171050d33a27c61c90483de6,2023-12-19T20:22:11.963000
CVE-2023-49188,0,0,e1be8236300ca82253a1a63a6008d89a53b9ac8f558e31ebe5bc0f4332423b27,2023-12-19T20:20:29.910000
CVE-2023-49188,0,1,67bc196c55897bbe5e6e5ae2196a0067888a23ca1fc2090533d10c1feb63c692,2024-07-08T09:15:02.663000
CVE-2023-49189,0,0,95bbd96e9ec7f5da63c94c1e5827b56177be7ed187de737936c906acd31f4dd5,2023-12-21T16:48:17.663000
CVE-2023-4919,0,0,3b93cda20a1b77a48164e0c6d3027eba6d2bfcc93f418435f4ad08d5d42e790b,2023-11-07T04:23:10.030000
CVE-2023-49190,0,0,7d830fa095412d91a51036c9e09f47da8a17ce8103c61b31e671df98dfb4780e,2023-12-21T16:49:34.847000
@ -251889,8 +251889,8 @@ CVE-2024-34599,0,0,a6a02ad306f0c667d9b45f855de943b1e86d6818ea503b59522cbea821b71
CVE-2024-3460,0,0,5d753d09cd0688d7cf59cbd53a149eb7d45b8f22859b402f63de2cfaab817466,2024-05-14T16:11:39.510000
CVE-2024-34600,0,0,35051d817085423dbdeb6ae129690762237334bf5ea735f991f5984e5199c534,2024-07-02T18:05:54.487000
CVE-2024-34601,0,0,ba64108f851deae844e8486d0d241f7b45e96c9b76d20a149cd00653a5152768,2024-07-02T18:07:05.737000
CVE-2024-34602,1,1,a092ec376b20b5bae003e3af1b412b2662656f4989316a07694f2689d75bbbb4,2024-07-08T07:15:02.663000
CVE-2024-34603,1,1,4f0c1e7202d10e8101cb7ffe013b0c0b325405fef25e0e9452e429bef704a4aa,2024-07-08T07:15:04.100000
CVE-2024-34602,0,0,a092ec376b20b5bae003e3af1b412b2662656f4989316a07694f2689d75bbbb4,2024-07-08T07:15:02.663000
CVE-2024-34603,0,1,09eef9607bb516b8f931b0fb1ca16807a9027d1191d223bb4f866dff768ab3be,2024-07-08T07:15:04.100000
CVE-2024-3461,0,0,2a4b7c0e1a8d6b06d86abf0c486b3a9f2d1fa6266081d4aec9284221b4574ee3,2024-05-14T16:11:39.510000
CVE-2024-3462,0,0,42d76b75905cddaca7c4512a98c3e5490f6eba6d1a37db8a52d4bde8c84e9ded,2024-05-14T16:11:39.510000
CVE-2024-3463,0,0,ec14f43c3b7b14f535006ee59b80bf351769520d95be8808071caf75bd274960,2024-05-17T02:39:57.447000
@ -251980,7 +251980,7 @@ CVE-2024-34800,0,0,86c2747c3a96d291be880702f2f8a1bb4679cc66d13fbbf0cf4c80b6c3772
CVE-2024-34801,0,0,0b1a4ab0468bb98a950b8edf087ff2c536030eeba11e5be47337600f37c39c40,2024-06-03T14:46:24.250000
CVE-2024-34802,0,0,0e49233d84194178a4d9b1b84c4ef45995110e8bbf1416904c517ba7839fb5e2,2024-06-12T13:32:45.327000
CVE-2024-34803,0,0,3bacd90aafced0596a908c7bddcf15434c904fd7688d7a7dfb5d78f5281cf184,2024-06-03T14:46:24.250000
CVE-2024-34804,0,0,8b1a03aff2bee75f1d7e2d38f06661560e66a943349ec39e039b0e6e1778fa92,2024-06-13T18:36:09.013000
CVE-2024-34804,0,1,47720cdf6115b63aa02c7f403e22a073628f6ce441cc468fab5e642dd29d8865,2024-07-08T09:15:02.867000
CVE-2024-34805,0,0,4db06c40a60d0ea9fc68ae0b74b3d16b7df09b33205e3b40409d2383df796279,2024-05-17T18:36:31.297000
CVE-2024-34806,0,0,3b1b6563ba887546de6e8afcda84fbe0c4e88d6cd4a9afa2164171d94fd3a99a,2024-05-17T18:35:35.070000
CVE-2024-34807,0,0,1b210e8fbd98db6886fdf7153f61122f9d59a5653f7e82ad43004bb026f58b60,2024-05-17T18:35:35.070000
@ -253526,6 +253526,7 @@ CVE-2024-37384,0,0,4ede7c4b4e1e1de259445d49ca3b43a6d0a75b7dcaf1ea245b8f6306c1e67
CVE-2024-37385,0,0,ab67b8a0f073ce7f5c28ca11584627dbf70b59e11b1337a1068ce1887aeb0943,2024-06-07T14:56:05.647000
CVE-2024-37387,0,0,fe2e0e702592a3b950e5c7ffa6cd887e6a1ea8123fb6a269a45db83eafdcfbbc,2024-07-03T02:04:17.790000
CVE-2024-37388,0,0,78091082c96da1cca6d1b3a881a45160af8428a4ada3a4ba554597b78ade9a76,2024-06-07T19:24:09.243000
CVE-2024-37389,1,1,eb49ab026d347a0f0672e015074c79d1b9639f4e450caaa9b01e59a990b09593,2024-07-08T08:15:10.847000
CVE-2024-3739,0,0,18ca969c974b63c6d16494fbcc2d63756747cacc5947332fefb20d9c592537e4,2024-05-17T02:40:06.067000
CVE-2024-37393,0,0,b93d796f3c4283b87dfd22c20f36a8116f582a381c44650f39c5ea43e6b806f2,2024-07-03T02:04:18.707000
CVE-2024-3740,0,0,1025f598f3437296a5a18526d2723c88eb3b5b46ea06c50b765dc694c6a0bd1a,2024-05-17T02:40:06.170000

Can't render this file because it is too large.