Auto-Update: 2025-01-02T07:00:19.114486+00:00

2025-05-07 19:16:29 +00:00 · 2025-01-02 07:03:43 +00:00 · 2025-01-02 07:03:43 +00:00 · ebab9eb27b
commit ebab9eb27b
parent b0bb6352ef
7 changed files with 203 additions and 8 deletions
--- a/CVE-2002/CVE-2002-200xx/CVE-2002-20002.json
+++ b/CVE-2002/CVE-2002-200xx/CVE-2002-20002.json
@ -0,0 +1,64 @@
+{
+  "id": "CVE-2002-20002",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-01-02T05:15:06.430",
+  "lastModified": "2025-01-02T05:15:06.430",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-338"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/briandfoy/cpan-security-advisory/issues/184",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://metacpan.org/release/MNAGUIB/EasyTCP-0.15/view/EasyTCP.pm",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://metacpan.org/release/MNAGUIB/EasyTCP-0.26/changes",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-111xx/CVE-2024-11184.json
+++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11184.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-11184",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-02T06:15:06.697",
+  "lastModified": "2025-01-02T06:15:06.697",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/fc982bcb-9974-481f-aef4-580ae9edc3c8/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-113xx/CVE-2024-11357.json
+++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11357.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-11357",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-02T06:15:07.887",
+  "lastModified": "2025-01-02T06:15:07.887",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/7e8c6816-9b7a-43e8-9508-789c8051dd9b/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-125xx/CVE-2024-12595.json
+++ b/CVE-2024/CVE-2024-125xx/CVE-2024-12595.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-12595",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-02T06:15:07.983",
+  "lastModified": "2025-01-02T06:15:07.983",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/7a506438-3106-477f-816d-b9b116ec8555/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-568xx/CVE-2024-56830.json
+++ b/CVE-2024/CVE-2024-568xx/CVE-2024-56830.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-56830",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-01-02T05:15:07.967",
+  "lastModified": "2025-01-02T05:15:07.967",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-338"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/briandfoy/cpan-security-advisory/issues/184",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://metacpan.org/release/MNAGUIB/EasyTCP-0.26/changes",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-01-02T05:00:19.337200+00:00
+2025-01-02T07:00:19.114486+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-01-02T04:15:06.277000+00:00
+2025-01-02T06:15:07.983000+00:00
 ```

 ### Last Data Feed Release
@ -33,15 +33,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-275388
+275393
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `5`

- [CVE-2024-56829](CVE-2024/CVE-2024-568xx/CVE-2024-56829.json) (`2025-01-02T04:15:05.557`)
- [CVE-2025-22214](CVE-2025/CVE-2025-222xx/CVE-2025-22214.json) (`2025-01-02T04:15:06.277`)
+- [CVE-2002-20002](CVE-2002/CVE-2002-200xx/CVE-2002-20002.json) (`2025-01-02T05:15:06.430`)
+- [CVE-2024-11184](CVE-2024/CVE-2024-111xx/CVE-2024-11184.json) (`2025-01-02T06:15:06.697`)
+- [CVE-2024-11357](CVE-2024/CVE-2024-113xx/CVE-2024-11357.json) (`2025-01-02T06:15:07.887`)
+- [CVE-2024-12595](CVE-2024/CVE-2024-125xx/CVE-2024-12595.json) (`2025-01-02T06:15:07.983`)
+- [CVE-2024-56830](CVE-2024/CVE-2024-568xx/CVE-2024-56830.json) (`2025-01-02T05:15:07.967`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -6322,6 +6322,7 @@ CVE-2002-1998,0,0,c1dfc17425fe5280a8f8d7674c5dd1936cd2a3abf6f2c2f706e4f5d3bb30b9
 CVE-2002-1999,0,0,1cd2b64d98fe205fa9a732fe01375f406e6dea44ec5c7e4cd3107abf98aa48f6,2024-11-20T23:42:37.470000
 CVE-2002-2000,0,0,b771eb96550f865d808545623a225a6513a9d270d95a2baec5b82ea876bd4439,2024-11-20T23:42:37.890000
 CVE-2002-20001,0,0,9ad76a83dd89b6e483ca98d39d4e5ee21005302fb85fd38cc72d7fdd4a5f75a0,2024-11-20T23:42:37.617000
+CVE-2002-20002,1,1,9dacc2cc5d91b76edc221cdf7003739b75d4022c0b9244a547f49206e76a9541,2025-01-02T05:15:06.430000
 CVE-2002-2001,0,0,dbd3fd3dc8c988ac4c286a0c9e706f3e75ece00e9bd5d5951f31cd73efaf9784,2024-11-20T23:42:38.037000
 CVE-2002-2002,0,0,f943ce32d3eba4cb71615b7075c2c2c69ca36ad8ea36458a885f6eeee688d4e3,2024-11-20T23:42:38.180000
 CVE-2002-2003,0,0,f2cfc516c534d0754bc15a6392787a2695d556b0fcdfae6965c4234ecdf7826f,2024-11-20T23:42:38.330000
@ -244060,6 +244061,7 @@ CVE-2024-1118,0,0,5892c5cb5035116962f7e30650f1b71bd45f8ad30b4b01eab037a4e1aa6605
 CVE-2024-11181,0,0,aa594ba57631b73c4894aef736578593d0f2a318cb6f2860143cdc09e6e00669,2024-12-12T07:15:08.057000
 CVE-2024-11182,0,0,839f1685ea34a3c272b2d127eef16ed28a29a569b605edcbd45f80cf77986f43,2024-11-21T17:15:10.683000
 CVE-2024-11183,0,0,8282c9e1f772506d9f5acf45e96feaf2b371bed80c8a40149bb54b67928d899c,2024-12-09T17:15:08.327000
+CVE-2024-11184,1,1,9d9b1ca5818a82e9e3c9d1a2b9537b3febb63c4df9ac43a9467a51a9f7435f12,2025-01-02T06:15:06.697000
 CVE-2024-11188,0,0,8070c22ab1552d28f4790f36fbb035b9ddec6883502131d83e84861dfa7e75e7,2024-11-23T06:15:17.570000
 CVE-2024-1119,0,0,fd6fae855233e3069d5ad6668474ced6e974623a6a3e8b05b97956b4e3b84a10,2024-11-21T08:49:50.530000
 CVE-2024-11192,0,0,622aba98a27076a2a021a04e2ca8d2d8e68f9a0f8f389faf864ac66d01cca101,2024-11-26T09:15:05.563000
@ -244196,6 +244198,7 @@ CVE-2024-11352,0,0,de3582e15d7397e011d69382c9fedc502b246facf9b57003a974bb327fc47
 CVE-2024-11353,0,0,9cdabea534e964700c7cde9ffd2f1a82245a0291b01694ff89cf8e86136ee6b3,2024-12-07T02:15:17.850000
 CVE-2024-11354,0,0,87986c107f2d598ec9b5e54e0419b4149d63b452699e5d17cc10ffbc61f46d56,2024-11-26T17:34:55.767000
 CVE-2024-11355,0,0,bcd06b7aaf6858bb0e6c5d2b1c10c8ea5c66a082156d2df4f7c406b73d08ca66,2024-11-22T06:15:19.450000
+CVE-2024-11357,1,1,8cd50b5862d01e817874083bfff3d47fe4297ce378ce5695dcbb1bcaa3c1badc,2025-01-02T06:15:07.887000
 CVE-2024-11358,0,0,47cd4959cf6059d3ce512e4a70aacad449e0c8fa7c946c06b27cb8a531be2885,2024-12-16T17:15:07.543000
 CVE-2024-11359,0,0,df4c05f348228b2c2882e44a6e533849bb9a56f9c6073e32478ef7ab197c57b9,2024-12-12T06:15:21.157000
 CVE-2024-1136,0,0,f1cac8b5fbb038c0eb6351f127c8e971963556b8c2146fbf8d7dfc6a2c8abb13,2024-11-21T08:49:52.597000
@ -245035,6 +245038,7 @@ CVE-2024-12588,0,0,9ef4dd85f085f6ba612688cc14a2c49d05248e20e75bd2d7bdd4aff39b5ac
 CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000
 CVE-2024-12591,0,0,ab3753b6008fbe3e6034e40f9f857196cd212596c7c67b4ab270eba30c140899,2024-12-21T10:15:09.177000
 CVE-2024-12594,0,0,594b37b561926a174996b6f220ac2c193da316e698a771fbe44cfee2e4625e76,2024-12-24T06:15:33.297000
+CVE-2024-12595,1,1,043edb96d6269789838d91a2386c0bc1b89141e247cab074abdf1c8a44ea625c,2025-01-02T06:15:07.983000
 CVE-2024-12596,0,0,5fc66f30988060a8b7bb1a593c82bd6c3fc2c995268e617c35d93ef410dc9a09,2024-12-18T04:15:08.253000
 CVE-2024-1260,0,0,237fdcd6650ec6f817190c6cbe0c450181ce5f478e263f9f314859cdec5f8244,2024-11-21T08:50:10.880000
 CVE-2024-12601,0,0,f9b91f2d20d6914a3b5ca3c9af2a431f615ff9e20926a30171bf1c35967a6eba,2024-12-17T12:15:20.543000
@ -271726,8 +271730,9 @@ CVE-2024-56802,0,0,da728ab84e76725e7f1ed6578c989f7ec589be40d92bd30231bd6257f075c
 CVE-2024-56803,0,0,eee3eebec301dd05474bd51393e9516d724e6fb38a0b710fc7c30e1617a14fb2,2024-12-31T23:15:41.553000
 CVE-2024-5681,0,0,25a463be80d3bb29af40554a62ba0e4276aefee689d98e36dee0bcfe769073f6,2024-11-21T09:48:08.953000
 CVE-2024-5682,0,0,61babb4b22790f05b1e6fb044157f817a85668af929c91e823c0d3ae99b2f335,2024-09-20T12:30:51.220000
-CVE-2024-56829,1,1,fcfa36974c852d932885c96747da2cc23be2b7a17669e081af66b57860868c9f,2025-01-02T04:15:05.557000
+CVE-2024-56829,0,0,fcfa36974c852d932885c96747da2cc23be2b7a17669e081af66b57860868c9f,2025-01-02T04:15:05.557000
 CVE-2024-5683,0,0,881352e7cddbf9570cae104e43894ad6185c01dcb07cd1be33b2f8fea4b1c33b,2024-11-21T09:48:09.327000
+CVE-2024-56830,1,1,0b8982ede577e151082d86452278a97229466e1cf72da90e7f98506233ec6926,2025-01-02T05:15:07.967000
 CVE-2024-5684,0,0,89fc556df6ea8323aa11fe4b3357624e27d83b832e2994b2f9ef28181d8fd16e,2024-11-21T09:48:09.440000
 CVE-2024-5685,0,0,0c1a4251459dbb721b4f03df2fa84a864dbca3ca052d26de3db680c230fc2f87,2024-11-21T09:48:09.570000
 CVE-2024-5686,0,0,494008cd50a5cb32ba05dd687e88d5cd5348379ce547e26ef1644b29c1645806,2024-11-21T09:48:09.690000
@ -275386,4 +275391,4 @@ CVE-2024-9997,0,0,c951d1dfad7abcf434414a546a4fccad53052e3fa40c16bd73a8c37c97d5eb
 CVE-2024-9998,0,0,0419a3dad23ae850906f2650ca4d40b180999b4a5d360bcc1b838f8893ae2af5,2024-11-12T11:15:03.840000
 CVE-2024-9999,0,0,cad7c92a380ae514b71a1dd06f3b79a139ea65cb773110d32be2b942d72ae5af,2024-11-13T17:01:58.603000
 CVE-2025-0168,0,0,fde79a3f95dbae8045d22c8e981cbdd84ae894d89db499f6872ba4edd67b57a4,2025-01-01T14:15:23.590000
-CVE-2025-22214,1,1,e2cc6e4f91ccc0784ce6c5e7f203a7b7ecf1116a49ea9d5798e3ff93276eaeec,2025-01-02T04:15:06.277000
+CVE-2025-22214,0,0,e2cc6e4f91ccc0784ce6c5e7f203a7b7ecf1116a49ea9d5798e3ff93276eaeec,2025-01-02T04:15:06.277000