Auto-Update: 2024-12-08T07:00:19.263780+00:00

This commit is contained in:
cad-safe-bot 2024-12-08 07:03:39 +00:00
parent e6cbafdc40
commit fc3226dc07
3 changed files with 255615 additions and 255599 deletions

View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12209",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-08T06:15:04.823",
"lastModified": "2024-12-08T06:15:04.823",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-health/tags/v2.16.4/src/Actions/RestoreRouter.php#L45",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3202883%40wp-health&new=3202883%40wp-health&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c74ce3e8-cab9-4cc6-a1ad-1e51f7268474?source=cve",
"source": "security@wordfence.com"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-08T03:00:18.988682+00:00
2024-12-08T07:00:19.263780+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-07T23:15:34.810000+00:00
2024-12-08T06:15:04.823000+00:00
```
### Last Data Feed Release
@ -33,69 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
272597
272598
```
### CVEs added in the last Commit
Recently added CVEs: `114`
Recently added CVEs: `1`
- [CVE-2024-52799](CVE-2024/CVE-2024-527xx/CVE-2024-52799.json) (`2024-11-21T17:15:24.220`)
- [CVE-2024-52803](CVE-2024/CVE-2024-528xx/CVE-2024-52803.json) (`2024-11-21T17:15:24.470`)
- [CVE-2024-53089](CVE-2024/CVE-2024-530xx/CVE-2024-53089.json) (`2024-11-21T19:15:11.817`)
- [CVE-2024-53090](CVE-2024/CVE-2024-530xx/CVE-2024-53090.json) (`2024-11-21T19:15:12.010`)
- [CVE-2024-53091](CVE-2024/CVE-2024-530xx/CVE-2024-53091.json) (`2024-11-21T19:15:12.177`)
- [CVE-2024-53092](CVE-2024/CVE-2024-530xx/CVE-2024-53092.json) (`2024-11-21T19:15:12.380`)
- [CVE-2024-53093](CVE-2024/CVE-2024-530xx/CVE-2024-53093.json) (`2024-11-21T19:15:12.530`)
- [CVE-2024-53094](CVE-2024/CVE-2024-530xx/CVE-2024-53094.json) (`2024-11-21T19:15:12.680`)
- [CVE-2024-53095](CVE-2024/CVE-2024-530xx/CVE-2024-53095.json) (`2024-11-21T19:15:12.867`)
- [CVE-2024-53334](CVE-2024/CVE-2024-533xx/CVE-2024-53334.json) (`2024-11-21T18:15:13.890`)
- [CVE-2024-7016](CVE-2024/CVE-2024-70xx/CVE-2024-7016.json) (`2024-11-21T13:15:06.723`)
- [CVE-2024-7026](CVE-2024/CVE-2024-70xx/CVE-2024-7026.json) (`2024-11-21T14:15:18.837`)
- [CVE-2024-7517](CVE-2024/CVE-2024-75xx/CVE-2024-7517.json) (`2024-11-21T11:15:35.990`)
- [CVE-2024-7837](CVE-2024/CVE-2024-78xx/CVE-2024-7837.json) (`2024-11-22T09:15:12.850`)
- [CVE-2024-8157](CVE-2024/CVE-2024-81xx/CVE-2024-8157.json) (`2024-11-21T11:15:36.273`)
- [CVE-2024-8525](CVE-2024/CVE-2024-85xx/CVE-2024-8525.json) (`2024-11-21T16:15:27.217`)
- [CVE-2024-8526](CVE-2024/CVE-2024-85xx/CVE-2024-8526.json) (`2024-11-21T16:15:27.437`)
- [CVE-2024-8735](CVE-2024/CVE-2024-87xx/CVE-2024-8735.json) (`2024-11-22T06:15:20.013`)
- [CVE-2024-8929](CVE-2024/CVE-2024-89xx/CVE-2024-8929.json) (`2024-11-22T07:15:03.447`)
- [CVE-2024-8932](CVE-2024/CVE-2024-89xx/CVE-2024-8932.json) (`2024-11-22T06:15:20.197`)
- [CVE-2024-9111](CVE-2024/CVE-2024-91xx/CVE-2024-9111.json) (`2024-11-21T11:15:36.480`)
- [CVE-2024-9371](CVE-2024/CVE-2024-93xx/CVE-2024-9371.json) (`2024-11-21T11:15:36.780`)
- [CVE-2024-9600](CVE-2024/CVE-2024-96xx/CVE-2024-9600.json) (`2024-11-21T11:15:37.787`)
- [CVE-2024-9828](CVE-2024/CVE-2024-98xx/CVE-2024-9828.json) (`2024-11-21T11:15:38.173`)
- [CVE-2024-9875](CVE-2024/CVE-2024-98xx/CVE-2024-9875.json) (`2024-11-21T09:54:49.903`)
- [CVE-2024-12209](CVE-2024/CVE-2024-122xx/CVE-2024-12209.json) (`2024-12-08T06:15:04.823`)
### CVEs modified in the last Commit
Recently modified CVEs: `255430`
Recently modified CVEs: `0`
- [CVE-2024-9970](CVE-2024/CVE-2024-99xx/CVE-2024-9970.json) (`2024-10-17T20:33:59.873`)
- [CVE-2024-9971](CVE-2024/CVE-2024-99xx/CVE-2024-9971.json) (`2024-10-17T20:34:30.257`)
- [CVE-2024-9972](CVE-2024/CVE-2024-99xx/CVE-2024-9972.json) (`2024-11-21T11:15:38.670`)
- [CVE-2024-9973](CVE-2024/CVE-2024-99xx/CVE-2024-9973.json) (`2024-10-15T19:27:44.020`)
- [CVE-2024-9974](CVE-2024/CVE-2024-99xx/CVE-2024-9974.json) (`2024-10-15T19:28:37.377`)
- [CVE-2024-9975](CVE-2024/CVE-2024-99xx/CVE-2024-9975.json) (`2024-10-16T13:44:46.220`)
- [CVE-2024-9976](CVE-2024/CVE-2024-99xx/CVE-2024-9976.json) (`2024-10-16T13:42:24.153`)
- [CVE-2024-9977](CVE-2024/CVE-2024-99xx/CVE-2024-9977.json) (`2024-10-16T16:38:43.170`)
- [CVE-2024-9978](CVE-2024/CVE-2024-99xx/CVE-2024-9978.json) (`2024-12-03T13:15:05.140`)
- [CVE-2024-9979](CVE-2024/CVE-2024-99xx/CVE-2024-9979.json) (`2024-10-16T16:38:43.170`)
- [CVE-2024-9980](CVE-2024/CVE-2024-99xx/CVE-2024-9980.json) (`2024-10-17T18:03:34.807`)
- [CVE-2024-9981](CVE-2024/CVE-2024-99xx/CVE-2024-9981.json) (`2024-10-17T18:05:29.947`)
- [CVE-2024-9982](CVE-2024/CVE-2024-99xx/CVE-2024-9982.json) (`2024-10-15T12:57:46.880`)
- [CVE-2024-9983](CVE-2024/CVE-2024-99xx/CVE-2024-9983.json) (`2024-10-16T22:03:42.020`)
- [CVE-2024-9984](CVE-2024/CVE-2024-99xx/CVE-2024-9984.json) (`2024-10-16T22:03:23.407`)
- [CVE-2024-9985](CVE-2024/CVE-2024-99xx/CVE-2024-9985.json) (`2024-10-16T22:02:08.117`)
- [CVE-2024-9986](CVE-2024/CVE-2024-99xx/CVE-2024-9986.json) (`2024-10-21T13:07:47.700`)
- [CVE-2024-9987](CVE-2024/CVE-2024-99xx/CVE-2024-9987.json) (`2024-10-25T19:06:35.350`)
- [CVE-2024-9988](CVE-2024/CVE-2024-99xx/CVE-2024-9988.json) (`2024-11-07T17:00:29.560`)
- [CVE-2024-9989](CVE-2024/CVE-2024-99xx/CVE-2024-9989.json) (`2024-11-07T17:00:56.337`)
- [CVE-2024-9990](CVE-2024/CVE-2024-99xx/CVE-2024-9990.json) (`2024-11-06T23:11:42.037`)
- [CVE-2024-9991](CVE-2024/CVE-2024-99xx/CVE-2024-9991.json) (`2024-10-28T13:58:09.230`)
- [CVE-2024-9996](CVE-2024/CVE-2024-99xx/CVE-2024-9996.json) (`2024-11-01T16:27:30.387`)
- [CVE-2024-9997](CVE-2024/CVE-2024-99xx/CVE-2024-9997.json) (`2024-11-01T16:27:34.960`)
- [CVE-2024-9999](CVE-2024/CVE-2024-99xx/CVE-2024-9999.json) (`2024-11-13T17:01:58.603`)
## Download and Usage

511089
_state.csv

File diff suppressed because it is too large Load Diff