admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-05-14T22:00:38.374500+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-05-14 22:03:31 +00:00
parent f7ac477463
commit ebaf35471a
18 changed files with 735 additions and 427 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2020/CVE-2020-121xx/CVE-2020-12102.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-12102",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-04-28T21:15:11.773",
"lastModified": "2020-05-18T12:15:13.573",
"lastModified": "2024-05-14T20:15:09.087",
"vulnStatus": "Modified",
"descriptions": [
{
@ -93,6 +93,10 @@
}
],
"references": [
{
"url": "https://cyberaz0r.info/2020/04/tiny-file-manager-multiple-vulnerabilities/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/prasathmani/tinyfilemanager/commit/a0c595a8e11e55a43eeaa68e1a3ce76365f29d06",
"source": "cve@mitre.org"
@ -100,21 +104,6 @@
{
"url": "https://github.com/prasathmani/tinyfilemanager/issues/357",
"source": "cve@mitre.org"
},
{
"url": "https://www.quantumleap.it/news/advisory/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.quantumleap.it/tiny-file-manager-path-traversal-recursive-directory-listing-and-absolute-path-file-backup-copy/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

21
CVE-2020/CVE-2020-121xx/CVE-2020-12103.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-12103",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-04-28T22:15:12.780",
"lastModified": "2020-05-18T12:15:13.713",
"lastModified": "2024-05-14T20:15:10.827",
"vulnStatus": "Modified",
"descriptions": [
{
@ -93,6 +93,10 @@
}
],
"references": [
{
"url": "https://cyberaz0r.info/2020/04/tiny-file-manager-multiple-vulnerabilities/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/prasathmani/tinyfilemanager/commit/a0c595a8e11e55a43eeaa68e1a3ce76365f29d06",
"source": "cve@mitre.org"
@ -100,21 +104,6 @@
{
"url": "https://github.com/prasathmani/tinyfilemanager/issues/357",
"source": "cve@mitre.org"
},
{
"url": "https://www.quantumleap.it/news/advisory/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.quantumleap.it/tiny-file-manager-path-traversal-recursive-directory-listing-and-absolute-path-file-backup-copy/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

86
CVE-2020/CVE-2020-230xx/CVE-2020-23066.json
View File

@ -2,90 +2,14 @@
"id": "CVE-2020-23066",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T19:15:09.590",
"lastModified": "2023-07-05T13:51:03.290",
"vulnStatus": "Analyzed",
"lastModified": "2024-05-14T21:15:07.947",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in TinyMCE v.4.9.6 and before and v.5.0.0 thru v.5.1.4 allows an attacker to execute arbitrary code via the editor function."
"value": "Rejected reason: DO NOT USE THIS CVE ID NUMBER. Consult IDs: CVE-2020-17480. Reason: This CVE Record is a duplicate of CVE-2020-17480. Notes: All CVE users should reference CVE-2020-17480 instead of this record."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.6",
"matchCriteriaId": "271BEE8F-149D-4F6C-AACB-09FCD77BA49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.1.4",
"matchCriteriaId": "1EA6FBE2-8A68-4556-BE7A-55C289B61860"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://portswigger.net/daily-swig/xss-vulnerability-patched-in-tinymce",
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
]
}
]
"metrics": {},
"references": []
}

6
CVE-2020/CVE-2020-241xx/CVE-2020-24165.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2020-24165",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-28T21:15:07.510",
"lastModified": "2023-10-13T01:17:47.597",
"vulnStatus": "Analyzed",
"lastModified": "2024-05-14T21:15:09.990",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS)."
"value": "An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS). Note: This is disputed as a bug and not a valid security issue by multiple third parties."
}
],
"metrics": {

63
CVE-2020/CVE-2020-263xx/CVE-2020-26312.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2020-26312",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-14T21:15:10.587",
"lastModified": "2024-05-14T21:15:10.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may \nenable attackers to read and/or write to arbitrary locations outside the\n designated target folder.\u00a0The routine `untarFile` attempts to guard against creating symbolic links that point outside the directory a tar archive is extracted to. However, a malicious tarball first linking `subdir/parent` to `..` (allowed, because `subdir/..` falls within the archive root) and then linking `subdir/parent/escapes` to `..` results in a symbolic link pointing to the tarball\u2019s parent directory, contrary to the routine\u2019s goals. This issue may lead to arbitrary file write (with same permissions as the program running the unpack operation) if the attacker can control the archive file. Additionally, if the attacker has read access to the unpacked files, they may be able to read arbitrary system files the parent process has permissions to read. As of time of publication, no patch for this issue is available.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://github.com/dotmesh-io/dotmesh/blob/master/pkg/archiver/tar.go#L255",
"source": "security-advisories@github.com"
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2020-254-zipslip-dotmesh/",
"source": "security-advisories@github.com"
}
]
}

43
CVE-2021/CVE-2021-222xx/CVE-2021-22280.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2021-22280",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-05-14T20:15:11.263",
"lastModified": "2024-05-14T20:15:11.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nImproper DLL loading algorithms in B&R Automation Studio may allow an authenticated local attacker to\nexecute code with elevated privileges.\n\nThis issue affects Automation Studio versions before 4.12.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.6,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://www.br-automation.com/fileadmin/2021-10_DLL_Hijacking_Vulnerability_in_Automation_Studio-7dd34511.pdf",
"source": "cybersecurity@ch.abb.com"
}
]
}

8
CVE-2021/CVE-2021-363xx/CVE-2021-36387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36387",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-14T19:15:09.180",
"lastModified": "2021-10-20T14:15:56.043",
"vulnStatus": "Analyzed",
"lastModified": "2024-05-14T21:15:11.260",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,10 @@
"Third Party Advisory"
]
},
{
"url": "https://cyberaz0r.info/2021/10/yellowfin-multiple-vulnerabilities/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities/blob/main/README.md",
"source": "cve@mitre.org",

8
CVE-2021/CVE-2021-363xx/CVE-2021-36388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36388",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-14T19:15:09.223",
"lastModified": "2021-10-20T15:14:37.923",
"vulnStatus": "Analyzed",
"lastModified": "2024-05-14T20:15:12.353",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -101,6 +101,10 @@
"Third Party Advisory"
]
},
{
"url": "https://cyberaz0r.info/2021/10/yellowfin-multiple-vulnerabilities/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities/blob/main/README.md",
"source": "cve@mitre.org",

8
CVE-2021/CVE-2021-363xx/CVE-2021-36389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-36389",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-14T19:15:09.263",
"lastModified": "2021-10-20T15:18:00.257",
"vulnStatus": "Analyzed",
"lastModified": "2024-05-14T20:15:13.290",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,10 @@
"Third Party Advisory"
]
},
{
"url": "https://cyberaz0r.info/2021/10/yellowfin-multiple-vulnerabilities/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/cyberaz0r/Yellowfin-Multiple-Vulnerabilities/blob/main/README.md",
"source": "cve@mitre.org",

20
CVE-2022/CVE-2022-281xx/CVE-2022-28132.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-28132",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T21:15:11.760",
"lastModified": "2024-05-14T21:15:11.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication mechanisms, view sensitive information stored in the database, and potentially exfiltrate data."
}
],
"metrics": {},
"references": [
{
"url": "https://www.exploit-db.com/exploits/50939",
"source": "cve@mitre.org"
}
]
}

32
CVE-2024/CVE-2024-30xx/CVE-2024-3044.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2024-3044",
"sourceIdentifier": "security@documentfoundation.org",
"published": "2024-05-14T21:15:12.627",
"lastModified": "2024-05-14T21:15:12.627",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@documentfoundation.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-3044",
"source": "security@documentfoundation.org"
}
]
}

20
CVE-2024/CVE-2024-315xx/CVE-2024-31556.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-31556",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T21:15:12.060",
"lastModified": "2024-05-14T21:15:12.060",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in Reportico Web before v.8.1.0 allows a local attacker to execute arbitrary code and obtain sensitive information via the sessionid function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/reportico-web/reportico/issues/53",
"source": "cve@mitre.org"
}
]
}

55
CVE-2024/CVE-2024-320xx/CVE-2024-32021.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-32021",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-14T20:15:13.630",
"lastModified": "2024-05-14T20:15:13.630",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning\nwill be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-547"
}
]
}
],
"references": [
{
"url": "https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2024/CVE-2024-324xx/CVE-2024-32465.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-32465",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-05-14T20:15:14.540",
"lastModified": "2024-05-14T20:15:14.540",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but vulnerabilities allow those protections to be bypassed. In the context of cloning local repositories owned by other users, this vulnerability has been covered in CVE-2024-32004. But there are circumstances where the fixes for CVE-2024-32004 are not enough: For example, when obtaining a `.zip` file containing a full copy of a Git repository, it should not be trusted by default to be safe, as e.g. hooks could be configured to run within the context of that repository. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid using Git in repositories that have been obtained via archives from untrusted sources."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.7,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://git-scm.com/docs/git#_security",
"source": "security-advisories@github.com"
},
{
"url": "https://git-scm.com/docs/git-clone",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-45xx/CVE-2024-4561.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-4561",
"sourceIdentifier": "security@progress.com",
"published": "2024-05-14T21:15:13.010",
"lastModified": "2024-05-14T21:15:13.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nIn WhatsUp Gold versions released before 2023.1.2 , \n\na blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@progress.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@progress.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/Announcing-WhatsUp-Gold-v2023-1-2",
"source": "security@progress.com"
},
{
"url": "https://www.progress.com/network-monitoring",
"source": "security@progress.com"
}
]
}

59
CVE-2024/CVE-2024-45xx/CVE-2024-4562.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-4562",
"sourceIdentifier": "security@progress.com",
"published": "2024-05-14T21:15:13.767",
"lastModified": "2024-05-14T21:15:13.767",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nIn WhatsUp Gold versions released before 2023.1.2 , \n\nan SSRF vulnerability exists in Whatsup Gold's \n\nIssue exists in the HTTP Monitoring functionality.\u00a0 \n\nDue to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads to the Server Side Request Forgery.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@progress.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@progress.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/Announcing-WhatsUp-Gold-v2023-1-2",
"source": "security@progress.com"
},
{
"url": "https://www.progress.com/network-monitoring",
"source": "security@progress.com"
}
]
}

75
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-05-14T20:00:38.557545+00:00
2024-05-14T22:00:38.374500+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-05-14T19:18:31.490000+00:00
2024-05-14T21:15:13.767000+00:00
```
### Last Data Feed Release
@ -33,68 +33,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
249893
249902
```
### CVEs added in the last Commit
Recently added CVEs: `24`
Recently added CVEs: `9`
- [CVE-2024-0862](CVE-2024/CVE-2024-08xx/CVE-2024-0862.json) (`2024-05-14T19:15:08.413`)
- [CVE-2024-2637](CVE-2024/CVE-2024-26xx/CVE-2024-2637.json) (`2024-05-14T19:15:10.230`)
- [CVE-2024-27110](CVE-2024/CVE-2024-271xx/CVE-2024-27110.json) (`2024-05-14T18:15:09.933`)
- [CVE-2024-32002](CVE-2024/CVE-2024-320xx/CVE-2024-32002.json) (`2024-05-14T19:15:10.810`)
- [CVE-2024-32004](CVE-2024/CVE-2024-320xx/CVE-2024-32004.json) (`2024-05-14T19:15:11.377`)
- [CVE-2024-32020](CVE-2024/CVE-2024-320xx/CVE-2024-32020.json) (`2024-05-14T19:15:12.240`)
- [CVE-2024-33485](CVE-2024/CVE-2024-334xx/CVE-2024-33485.json) (`2024-05-14T18:15:11.950`)
- [CVE-2024-3676](CVE-2024/CVE-2024-36xx/CVE-2024-3676.json) (`2024-05-14T19:15:12.970`)
- [CVE-2024-4367](CVE-2024/CVE-2024-43xx/CVE-2024-4367.json) (`2024-05-14T18:15:12.467`)
- [CVE-2024-4764](CVE-2024/CVE-2024-47xx/CVE-2024-4764.json) (`2024-05-14T18:15:12.820`)
- [CVE-2024-4765](CVE-2024/CVE-2024-47xx/CVE-2024-4765.json) (`2024-05-14T18:15:13.133`)
- [CVE-2024-4766](CVE-2024/CVE-2024-47xx/CVE-2024-4766.json) (`2024-05-14T18:15:13.393`)
- [CVE-2024-4767](CVE-2024/CVE-2024-47xx/CVE-2024-4767.json) (`2024-05-14T18:15:13.683`)
- [CVE-2024-4768](CVE-2024/CVE-2024-47xx/CVE-2024-4768.json) (`2024-05-14T18:15:14.013`)
- [CVE-2024-4769](CVE-2024/CVE-2024-47xx/CVE-2024-4769.json) (`2024-05-14T18:15:14.297`)
- [CVE-2024-4770](CVE-2024/CVE-2024-47xx/CVE-2024-4770.json) (`2024-05-14T18:15:14.560`)
- [CVE-2024-4771](CVE-2024/CVE-2024-47xx/CVE-2024-4771.json) (`2024-05-14T18:15:14.830`)
- [CVE-2024-4772](CVE-2024/CVE-2024-47xx/CVE-2024-4772.json) (`2024-05-14T18:15:15.083`)
- [CVE-2024-4773](CVE-2024/CVE-2024-47xx/CVE-2024-4773.json) (`2024-05-14T18:15:15.330`)
- [CVE-2024-4774](CVE-2024/CVE-2024-47xx/CVE-2024-4774.json) (`2024-05-14T18:15:15.613`)
- [CVE-2024-4775](CVE-2024/CVE-2024-47xx/CVE-2024-4775.json) (`2024-05-14T18:15:15.890`)
- [CVE-2024-4776](CVE-2024/CVE-2024-47xx/CVE-2024-4776.json) (`2024-05-14T18:15:16.157`)
- [CVE-2024-4777](CVE-2024/CVE-2024-47xx/CVE-2024-4777.json) (`2024-05-14T18:15:16.413`)
- [CVE-2024-4778](CVE-2024/CVE-2024-47xx/CVE-2024-4778.json) (`2024-05-14T18:15:16.720`)
- [CVE-2020-26312](CVE-2020/CVE-2020-263xx/CVE-2020-26312.json) (`2024-05-14T21:15:10.587`)
- [CVE-2021-22280](CVE-2021/CVE-2021-222xx/CVE-2021-22280.json) (`2024-05-14T20:15:11.263`)
- [CVE-2022-28132](CVE-2022/CVE-2022-281xx/CVE-2022-28132.json) (`2024-05-14T21:15:11.760`)
- [CVE-2024-3044](CVE-2024/CVE-2024-30xx/CVE-2024-3044.json) (`2024-05-14T21:15:12.627`)
- [CVE-2024-31556](CVE-2024/CVE-2024-315xx/CVE-2024-31556.json) (`2024-05-14T21:15:12.060`)
- [CVE-2024-32021](CVE-2024/CVE-2024-320xx/CVE-2024-32021.json) (`2024-05-14T20:15:13.630`)
- [CVE-2024-32465](CVE-2024/CVE-2024-324xx/CVE-2024-32465.json) (`2024-05-14T20:15:14.540`)
- [CVE-2024-4561](CVE-2024/CVE-2024-45xx/CVE-2024-4561.json) (`2024-05-14T21:15:13.010`)
- [CVE-2024-4562](CVE-2024/CVE-2024-45xx/CVE-2024-4562.json) (`2024-05-14T21:15:13.767`)
### CVEs modified in the last Commit
Recently modified CVEs: `220`
Recently modified CVEs: `7`
- [CVE-2024-34717](CVE-2024/CVE-2024-347xx/CVE-2024-34717.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-34771](CVE-2024/CVE-2024-347xx/CVE-2024-34771.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-34772](CVE-2024/CVE-2024-347xx/CVE-2024-34772.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-34773](CVE-2024/CVE-2024-347xx/CVE-2024-34773.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-34914](CVE-2024/CVE-2024-349xx/CVE-2024-34914.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-34950](CVE-2024/CVE-2024-349xx/CVE-2024-34950.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-35009](CVE-2024/CVE-2024-350xx/CVE-2024-35009.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-35010](CVE-2024/CVE-2024-350xx/CVE-2024-35010.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-35011](CVE-2024/CVE-2024-350xx/CVE-2024-35011.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-35012](CVE-2024/CVE-2024-350xx/CVE-2024-35012.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-3579](CVE-2024/CVE-2024-35xx/CVE-2024-3579.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4138](CVE-2024/CVE-2024-41xx/CVE-2024-4138.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4139](CVE-2024/CVE-2024-41xx/CVE-2024-4139.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4144](CVE-2024/CVE-2024-41xx/CVE-2024-4144.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4333](CVE-2024/CVE-2024-43xx/CVE-2024-4333.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4392](CVE-2024/CVE-2024-43xx/CVE-2024-4392.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4440](CVE-2024/CVE-2024-44xx/CVE-2024-4440.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4445](CVE-2024/CVE-2024-44xx/CVE-2024-4445.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4473](CVE-2024/CVE-2024-44xx/CVE-2024-4473.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4624](CVE-2024/CVE-2024-46xx/CVE-2024-4624.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4761](CVE-2024/CVE-2024-47xx/CVE-2024-4761.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4810](CVE-2024/CVE-2024-48xx/CVE-2024-4810.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4859](CVE-2024/CVE-2024-48xx/CVE-2024-4859.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4860](CVE-2024/CVE-2024-48xx/CVE-2024-4860.json) (`2024-05-14T19:17:55.627`)
- [CVE-2024-4871](CVE-2024/CVE-2024-48xx/CVE-2024-4871.json) (`2024-05-14T19:17:55.627`)
- [CVE-2020-12102](CVE-2020/CVE-2020-121xx/CVE-2020-12102.json) (`2024-05-14T20:15:09.087`)
- [CVE-2020-12103](CVE-2020/CVE-2020-121xx/CVE-2020-12103.json) (`2024-05-14T20:15:10.827`)
- [CVE-2020-23066](CVE-2020/CVE-2020-230xx/CVE-2020-23066.json) (`2024-05-14T21:15:07.947`)
- [CVE-2020-24165](CVE-2020/CVE-2020-241xx/CVE-2020-24165.json) (`2024-05-14T21:15:09.990`)
- [CVE-2021-36387](CVE-2021/CVE-2021-363xx/CVE-2021-36387.json) (`2024-05-14T21:15:11.260`)
- [CVE-2021-36388](CVE-2021/CVE-2021-363xx/CVE-2021-36388.json) (`2024-05-14T20:15:12.353`)
- [CVE-2021-36389](CVE-2021/CVE-2021-363xx/CVE-2021-36389.json) (`2024-05-14T20:15:13.290`)
## Download and Usage

511
_state.csv
View File

File diff suppressed because it is too large Load Diff