admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-08T09:00:19.843552+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-08 09:03:48 +00:00
parent 38585f21dc
commit ef08857227
4 changed files with 138 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-110xx/CVE-2024-11087.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11087",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T07:15:09.720",
"lastModified": "2025-03-08T07:15:09.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 200.3.9. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username and the user does not have an already-existing account for the service returning the token."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.miniorange.com/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f677b257-606a-45f2-ba85-3a56b8df2a3c?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-139xx/CVE-2024-13908.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-13908",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T07:15:10.690",
"lastModified": "2025-03-08T07:15:10.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_options' function in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bws-smtp/tags/1.1.8/includes/class-bwssmtp-settings.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3250935/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9f3b0637-b1ee-4e0b-95cd-11ac377805a7?source=cve",
"source": "security@wordfence.com"
}
]
}

16
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-08T07:00:19.913998+00:00
2025-03-08T09:00:19.843552+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-08T06:15:36.760000+00:00
2025-03-08T07:15:10.690000+00:00
```
### Last Data Feed Release
@ -33,19 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
284533
284535
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `2`
- [CVE-2024-12114](CVE-2024/CVE-2024-121xx/CVE-2024-12114.json) (`2025-03-08T06:15:35.103`)
- [CVE-2024-12119](CVE-2024/CVE-2024-121xx/CVE-2024-12119.json) (`2025-03-08T06:15:36.397`)
- [CVE-2024-13640](CVE-2024/CVE-2024-136xx/CVE-2024-13640.json) (`2025-03-08T05:15:31.673`)
- [CVE-2024-13825](CVE-2024/CVE-2024-138xx/CVE-2024-13825.json) (`2025-03-08T06:15:36.560`)
- [CVE-2024-13826](CVE-2024/CVE-2024-138xx/CVE-2024-13826.json) (`2025-03-08T06:15:36.657`)
- [CVE-2024-13844](CVE-2024/CVE-2024-138xx/CVE-2024-13844.json) (`2025-03-08T06:15:36.760`)
- [CVE-2024-11087](CVE-2024/CVE-2024-110xx/CVE-2024-11087.json) (`2025-03-08T07:15:09.720`)
- [CVE-2024-13908](CVE-2024/CVE-2024-139xx/CVE-2024-13908.json) (`2025-03-08T07:15:10.690`)
### CVEs modified in the last Commit

14
_state.csv
View File

@ -245230,6 +245230,7 @@ CVE-2024-11082,0,0,2068f4ddbc0d21e33db6ba3989176bd5aedcb5da6f30a07d96e2944d8ba88
CVE-2024-11083,0,0,8060d1be07c2085add29a68ce088e46bf1b117fbd5e8fe231b842cd4d2355c1d,2024-11-27T06:15:17.707000
CVE-2024-11085,0,0,997988ac78259b1ae8db8c6e9651c22f46fbbaea4f307171e6fff12e9b424710,2024-11-18T17:11:17.393000
CVE-2024-11086,0,0,f4d7f35e95dad05e023fed49ac9e59da09a947f51bc79e0e10dc6b97e93d7482,2024-11-20T13:15:04.020000
CVE-2024-11087,1,1,848ba3dab32ff0162f5d034f77bfa9e62fe8169091600aa61dde0d51e75daeb2,2025-03-08T07:15:09.720000
CVE-2024-11088,0,0,63268aae491d1c648e7cfec2d8bb4b9b8988c9a8de960fef99629298e381225d,2024-11-21T15:15:21.097000
CVE-2024-11089,0,0,0f46a9a629be88f215b4a7ad0d79575a4e3b0caab898de683427fa2e5561e411,2024-11-21T15:15:21.500000
CVE-2024-1109,0,0,a7b1e71489d6774ecfe851782646b725fb9b27ab957ae0f8b7f311d63d7950f6,2024-11-21T08:49:48.980000
@ -246213,12 +246214,12 @@ CVE-2024-12110,0,0,f266935beaa447960f1dea8d3421db64eefadfd0613c53fd8d2543de02327
CVE-2024-12111,0,0,94cbde89c1eb7b342ad5b2e1b90e676e3d9dc7b09262fa3ba8de5cb41e47a11b,2024-12-19T20:15:06.950000
CVE-2024-12112,0,0,675887d484c30a489c839813de06f4a2c0e83ee331233fc3bb15be475c6237ea,2025-01-08T04:15:06.683000
CVE-2024-12113,0,0,0bdfe41c5a64263ce4ffd0544313d0c31d434d9cc9cdcddc31e4e993f9227f44,2025-01-25T08:15:07.640000
CVE-2024-12114,1,1,a573726227504c54f7775e4642c1a5e57372c2edff9edca1f7fdd774c94b0afd,2025-03-08T06:15:35.103000
CVE-2024-12114,0,0,a573726227504c54f7775e4642c1a5e57372c2edff9edca1f7fdd774c94b0afd,2025-03-08T06:15:35.103000
CVE-2024-12115,0,0,e6944683813361fa4999b92dbfb5849d2d0c20bc3f6186b671317bdf2839435d,2024-12-07T02:15:18.653000
CVE-2024-12116,0,0,4a2ceff80336184e35d0f53deaa453232f189dd136149b8e8e0cd03d307eb4c7,2025-01-11T08:15:24.867000
CVE-2024-12117,0,0,5c2bbc39fb5b6d6401c07a64822b77288aeec30fc2cbad0cd60835722d462264,2025-01-24T19:05:36.597000
CVE-2024-12118,0,0,53b83933f551ececfa18c3425346c572b309683166fe43cf8e2b8b5aba7a4fb2,2025-01-31T16:12:19.363000
CVE-2024-12119,1,1,ea99dc2399a3ce818c31c35a8fb510ab50fa224580923cb2e2ae390e012d4ceb,2025-03-08T06:15:36.397000
CVE-2024-12119,0,0,ea99dc2399a3ce818c31c35a8fb510ab50fa224580923cb2e2ae390e012d4ceb,2025-03-08T06:15:36.397000
CVE-2024-1212,0,0,52e4474344b365aa8515919611aaaf23e114280be5e50b84140b93ffe9041ce9,2025-01-27T21:48:30.333000
CVE-2024-12121,0,0,03702b315699ac0a86731f33a73d0aefd1ecc16bf8d72dc7730c1bb362033b62,2024-12-19T02:15:22.610000
CVE-2024-12122,0,0,2085a2ad9176305a3af7546ac3413558f58015df8bc020f0278e8be2ceaa6a06,2025-01-09T11:15:11.860000
@ -247613,7 +247614,7 @@ CVE-2024-13636,0,0,060ea877f973da3e3139131075fc6b65a68ba520ee71166120bdf003d38b6
CVE-2024-13638,0,0,eb0f7891b8d7544d8603ae647ef33cb2a949acbc2f71d820d25576adb876013a,2025-03-06T16:36:54.387000
CVE-2024-13639,0,0,071381e5184000ecf8c72dcde14c2011c1cb4ea4b355e15fb5e9c5b4fb270c14,2025-02-18T18:15:51.587000
CVE-2024-1364,0,0,47f33fd19586ab96196a2cb0337c2030aca42f1bd8c4ab84cfa2e52c3dbe5e59,2024-11-21T08:50:25.223000
CVE-2024-13640,1,1,d2970b957e898dabd48434bbb548e289bf53a4dc6d7188842294685c04e684ff,2025-03-08T05:15:31.673000
CVE-2024-13640,0,0,d2970b957e898dabd48434bbb548e289bf53a4dc6d7188842294685c04e684ff,2025-03-08T05:15:31.673000
CVE-2024-13641,0,0,f5ae933978b19eaa8786ac84fc5f20a253f923886108cb6b544c748640981d51,2025-02-25T19:39:47.477000
CVE-2024-13642,0,0,e62737ae89b22b0d2ca4d332b68aa19e6175af0f52e0500481826051778e9daf,2025-02-04T16:00:49.540000
CVE-2024-13643,0,0,976eb3748a453f62f41c154b29792936c30855f6728fa73bdd9cf169ffa6a36c,2025-02-11T08:15:30.450000
@ -247762,8 +247763,8 @@ CVE-2024-13818,0,0,b34cef01cb19d809209555e3902d48d3c034a9e483326b43d02f63f2eb672
CVE-2024-1382,0,0,46ba372cc585c5cc80406db23ae24542751b0e1ef43905cbc6e0bcf967676a5e,2025-01-21T17:04:33.737000
CVE-2024-13821,0,0,74f5b87067df469dcc6e71e5e4a2f7f3dcf26b1308f6ab7ad834a12bda68d3f3,2025-02-25T19:37:29.223000
CVE-2024-13822,0,0,3edf451af12e328cb622d46a3fda862fd00644484907c17ca32254fbaff076b3,2025-02-24T12:15:11.193000
CVE-2024-13825,1,1,0db8c4d707800246648cd28b5b93aa431f14bac50a3c3bc09e3ca284ae0e1b86,2025-03-08T06:15:36.560000
CVE-2024-13826,1,1,2568fca2f8ce4259efdd2e11dc3130dbc57de2e90729695fcfd32e6262c097f5,2025-03-08T06:15:36.657000
CVE-2024-13825,0,0,0db8c4d707800246648cd28b5b93aa431f14bac50a3c3bc09e3ca284ae0e1b86,2025-03-08T06:15:36.560000
CVE-2024-13826,0,0,2568fca2f8ce4259efdd2e11dc3130dbc57de2e90729695fcfd32e6262c097f5,2025-03-08T06:15:36.657000
CVE-2024-13827,0,0,40b9b2f1bee49602bcbc26b5d44dfb98f0e80093153eca031d92ad08d38031db,2025-03-05T09:15:09.390000
CVE-2024-13829,0,0,0eb68c1cd51e57e24834aa430c28539b9740e4aeaf2e4bf4d57d2d018e612c3a,2025-02-05T06:15:31.257000
CVE-2024-1383,0,0,93ff0b2eb9f4abe59909f3b49d94bb9635c166ee2ef0054262af8a40f59e1121,2025-02-13T20:02:55.647000
@ -247779,7 +247780,7 @@ CVE-2024-1384,0,0,f50cb0336a3fe51b62fe599c783d20749a5fb92b8e797d5c0ac36d466c13f7
CVE-2024-13841,0,0,42857531268142aae6c02637b3b6e7d79dd71736d6804136946d48ddaede14a2,2025-02-07T07:15:14.573000
CVE-2024-13842,0,0,e27bb87d0390ea96b584ec0f6fbe747157fb2de816ea15a1791b354e66567fcd,2025-02-20T15:55:29.770000
CVE-2024-13843,0,0,7b075d61798f8069984290c52e4033a7424dc56423296944d32554dce61a6d7f,2025-02-20T15:55:03.547000
CVE-2024-13844,1,1,81ddb8fc03ce25ceece0afbd18ad8d4b3c0b8a9bc1577cb6c59ed4c2d3c9b575,2025-03-08T06:15:36.760000
CVE-2024-13844,0,0,81ddb8fc03ce25ceece0afbd18ad8d4b3c0b8a9bc1577cb6c59ed4c2d3c9b575,2025-03-08T06:15:36.760000
CVE-2024-13846,0,0,bc15bbce097a905951a0b88c5b6aded5de0269f145c99c529b730210812bf05d,2025-02-25T03:27:13.767000
CVE-2024-13848,0,0,5623c6bf6e4d11fedf071f2d8a6a41f683ea08f022ec414f86d8eab78ceadbd1,2025-02-21T15:51:59.213000
CVE-2024-13849,0,0,ff236b733a56083f87d9fda1374c64bc737bce2f85ab541b6c51d8f632de7db5,2025-02-25T20:58:18.983000
@ -247817,6 +247818,7 @@ CVE-2024-13904,0,0,6ed46fabfefc9c5da61282f47ce5a7f4388439dd6fcf28ed8981cf00c9bb3
CVE-2024-13905,0,0,94a06017058e47ea224d64f1fcc59573ef0629f841649e95825b26eac6b9c491,2025-02-27T05:15:13.610000
CVE-2024-13906,0,0,49d3c886d6eb569e3be95840598d3644d2e3a759a922a1777a4a1a594b4b6b41,2025-03-07T08:15:37.467000
CVE-2024-13907,0,0,f2da3425f3470ad3127836884558cd2ad3921d2f9bdfdbcb35d8a21b911174f4,2025-02-27T07:15:33.543000
CVE-2024-13908,1,1,b02feb571c3f56395c71015215fc0c37a39f6c271a94ae36e8f1cf1686537b5a,2025-03-08T07:15:10.690000
CVE-2024-1391,0,0,fccbf24dfb651f372e2b51106217c90f4de85c1f936edcd91290184be12fa7b9,2025-01-17T19:52:57.843000
CVE-2024-13910,0,0,1da974c8b4278339ddaf4e1b70396d7d0139387963424ab28e0cb7907c842a5e,2025-03-01T09:15:09.517000
CVE-2024-13911,0,0,5c6ec30a98a23b22a75401ffb9290b39df569bd0f5609894fc8fdc52c5d0d4f8,2025-03-01T08:15:33.803000

Can't render this file because it is too large.