Skip to content

Commit

Permalink
Auto-Update: 2024-12-17T05:00:31.582484+00:00
Browse files Browse the repository at this point in the history
cad-safe-bot committed Dec 17, 2024
1 parent 4f3dee0 commit 080c4b3
Showing 7 changed files with 302 additions and 11 deletions.
56 changes: 56 additions & 0 deletions CVE-2020/CVE-2020-124xx/CVE-2020-12484.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2020-12484",
"sourceIdentifier": "[email protected]",
"published": "2024-12-17T03:15:05.613",
"lastModified": "2024-12-17T03:15:05.613",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=3",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2020/CVE-2020-124xx/CVE-2020-12487.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2020-12487",
"sourceIdentifier": "[email protected]",
"published": "2024-12-17T03:15:06.453",
"lastModified": "2024-12-17T03:15:06.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.7,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=4",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2021/CVE-2021-262xx/CVE-2021-26278.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2021-26278",
"sourceIdentifier": "[email protected]",
"published": "2024-12-17T03:15:06.573",
"lastModified": "2024-12-17T03:15:06.573",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wifi module exposes the interface and has improper permission control, leaking sensitive information about the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=7",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2021/CVE-2021-262xx/CVE-2021-26279.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2021-26279",
"sourceIdentifier": "[email protected]",
"published": "2024-12-17T04:15:05.333",
"lastModified": "2024-12-17T04:15:05.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some parameters of the weather module are improperly stored, leaking some sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.vivo.com/en/support/security-advisory-detail?id=10",
"source": "[email protected]"
}
]
}
60 changes: 60 additions & 0 deletions CVE-2024/CVE-2024-122xx/CVE-2024-12239.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
{
"id": "CVE-2024-12239",
"sourceIdentifier": "[email protected]",
"published": "2024-12-17T03:15:06.710",
"lastModified": "2024-12-17T03:15:06.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the navigate parameter in all versions up to, and including, 1.3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrative user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/powerpack-addon-for-beaver-builder/trunk/includes/admin-settings-templates.php#L62",
"source": "[email protected]"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5138ed4c-3e9c-45da-917e-e8d8396a62f1?source=cve",
"source": "[email protected]"
}
]
}
18 changes: 10 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update

```plain
2024-12-17T03:00:29.987705+00:00
2024-12-17T05:00:31.582484+00:00
```

### Most recent CVE Modification Timestamp synchronized with NVD

```plain
2024-12-17T02:15:04.670000+00:00
2024-12-17T04:15:05.333000+00:00
```

### Last Data Feed Release
@@ -33,22 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs

```plain
274096
274101
```

### CVEs added in the last Commit

Recently added CVEs: `1`
Recently added CVEs: `5`

- [CVE-2024-10205](CVE-2024/CVE-2024-102xx/CVE-2024-10205.json) (`2024-12-17T02:15:04.670`)
- [CVE-2020-12484](CVE-2020/CVE-2020-124xx/CVE-2020-12484.json) (`2024-12-17T03:15:05.613`)
- [CVE-2020-12487](CVE-2020/CVE-2020-124xx/CVE-2020-12487.json) (`2024-12-17T03:15:06.453`)
- [CVE-2021-26278](CVE-2021/CVE-2021-262xx/CVE-2021-26278.json) (`2024-12-17T03:15:06.573`)
- [CVE-2021-26279](CVE-2021/CVE-2021-262xx/CVE-2021-26279.json) (`2024-12-17T04:15:05.333`)
- [CVE-2024-12239](CVE-2024/CVE-2024-122xx/CVE-2024-12239.json) (`2024-12-17T03:15:06.710`)


### CVEs modified in the last Commit

Recently modified CVEs: `2`
Recently modified CVEs: `0`

- [CVE-2024-20767](CVE-2024/CVE-2024-207xx/CVE-2024-20767.json) (`2024-12-17T02:00:02.077`)
- [CVE-2024-35250](CVE-2024/CVE-2024-352xx/CVE-2024-35250.json) (`2024-12-17T02:00:02.077`)


## Download and Usage
11 changes: 8 additions & 3 deletions _state.csv
Original file line number Diff line number Diff line change
@@ -147523,7 +147523,9 @@ CVE-2020-12479,0,0,ec17c17b09e976e1a152c643e3819d31c36aa7665a5a00e913db3e872553d
CVE-2020-1248,0,0,13846caf4ce8e83ae09b68ddfc0a09f0e2c8b82eb7c11fce8ac89777e4b28958,2024-11-21T05:10:04.680000
CVE-2020-12480,0,0,0eb005b3147816e6714e49902149bb9b5f1f1e4f7114cad3e2c62d80cd30989b,2024-11-21T04:59:47.240000
CVE-2020-12483,0,0,077f89965a271291848319a5ac990a75c110e11b7bca84d208ce8c4f40ff051f,2024-11-21T04:59:47.377000
CVE-2020-12484,1,1,cabcdf4c18d0aeced1f122124c5e71c0ee429091bf81927dc9e3b8f3c7396d45,2024-12-17T03:15:05.613000
CVE-2020-12485,0,0,34d81bb19b71d2eb23361fb1f271047b4813b2499e1cb998e4798b107710317c,2024-11-21T04:59:47.523000
CVE-2020-12487,1,1,c82fc8bbd8e4396cdabebc006a1dbee8bd281d5be94f199f90a1f512290eb4cb,2024-12-17T03:15:06.453000
CVE-2020-12488,0,0,aa5f4d3af768dd7a35ad93f0603aebf70b7c10f6792c470bb94ed94e60611a16,2024-11-21T04:59:47.660000
CVE-2020-1249,0,0,ee0dd0717eadfbf0e10875ab0544a1bfd1f22d694690d411785027304662d187,2024-11-21T05:10:04.813000
CVE-2020-12491,0,0,f0ca1d801193be292260dc60337caae3590167cf6284edefb2b1d11a8df2c5e3,2024-11-25T10:15:04.983000
@@ -171951,6 +171953,8 @@ CVE-2021-26274,0,0,197895f44e1ae2d83cc6d85c4c4212de83f3ab926cbedcc348730f67e6324
CVE-2021-26275,0,0,c67a46870365f376d673abcd812dcccefaea6dc5f29b65664d2310b910034002,2024-11-21T05:56:01.397000
CVE-2021-26276,0,0,fe12842147a3d9597cc53ff3b852150c687cc9cccbec63feeda8fb67ff2b9400,2024-11-21T05:56:01.557000
CVE-2021-26277,0,0,0a521d9773294b67632bbd79404a9f6d2a97acd1eb8e9f9a8038e5d2b475c2ca,2024-11-21T05:56:01.737000
CVE-2021-26278,1,1,55407bd13a095819f1504458cc6585abdb858e5fd2879472762489a613345e4f,2024-12-17T03:15:06.573000
CVE-2021-26279,1,1,9dd09a10896aa30f87886cca9f28cc67fa690cc104e533c9343e07e9982338fb,2024-12-17T04:15:05.333000
CVE-2021-26291,0,0,a04873286f43d02ade91ec647e4cbb9371cd14cf2599798866ce37ea0cdaa411,2024-11-21T05:56:01.890000
CVE-2021-26293,0,0,c750cb4d2f6ab1250e05b92eab3115686dad6da9115e076093b7972b18076f46,2024-11-21T05:56:02.120000
CVE-2021-26294,0,0,c601a19fe6c9ddea2dedc80c3da8fb3ff5a80b9d3af720fefe2ace690f633037,2024-11-21T05:56:02.270000
@@ -243179,7 +243183,7 @@ CVE-2024-10201,0,0,d28f8397fef58d8ebbc3ab5219a78ce309df9376e42404e5bb217ebab8ee8
CVE-2024-10202,0,0,e24b6f6c53e1e294cbc144ab84950b92d8732523af1d88b225f6757a45ec2cd3,2024-10-24T13:55:46.110000
CVE-2024-10203,0,0,c44f09c095e5f43bcaf05ddbccb708d70c961ded60a3f26c0a4aedf8833eb1d7,2024-11-08T19:01:03.880000
CVE-2024-10204,0,0,c1aef3d759e33911bc7bc0be9dac4b362c17b81fcf2e1e72015f81b94fc1ab9d,2024-11-19T21:57:32.967000
CVE-2024-10205,1,1,b66f885e8cef7783311250f8a7eeaff136b6049ef5ec7ec57aa1b3b7bf63badd,2024-12-17T02:15:04.670000
CVE-2024-10205,0,0,b66f885e8cef7783311250f8a7eeaff136b6049ef5ec7ec57aa1b3b7bf63badd,2024-12-17T02:15:04.670000
CVE-2024-1021,0,0,56f2f9eee79bdc92dbb448a3c95eee6b8f89b4e054d4b7192e1d1c62db78aeca,2024-11-21T08:49:37.003000
CVE-2024-10214,0,0,467db0fceb73548b6a7ebc4075348a74b9e7e348b74ad43d9d19dc1d995ea230,2024-11-05T17:03:22.953000
CVE-2024-10216,0,0,3b33d4ace8102c37cd94e685981da92ecdd510dbca3a990bc771780d9758061a,2024-11-23T04:15:07.523000
@@ -244658,6 +244662,7 @@ CVE-2024-12233,0,0,d89c9263a4f22f201b1dce8be51578aec307181a11a72f57d5d6a093a5589
CVE-2024-12234,0,0,25d3aa7d45ccf0539b66121de3bcd155bbef1f8925f8aad4f69521eed8a998f2,2024-12-10T23:25:36.387000
CVE-2024-12235,0,0,92689efaa37165c78224efb1efe409523be7fb3f3558d4576511504eb96aac91,2024-12-05T18:15:21.660000
CVE-2024-12236,0,0,390d11985338138a2913d618c1818ae388b2b2c32249174c40691687eabfe343,2024-12-10T15:15:07.147000
CVE-2024-12239,1,1,7e14d3325d4b147176649ece8dc2b0064f40f6c3be58ca9c730b210c8ac8ed58,2024-12-17T03:15:06.710000
CVE-2024-1224,0,0,cbfbaa5b4f0e1c410530412d727d5bf58dfe126bd3d740f330bf5c6e93a0658e,2024-11-21T08:50:05.487000
CVE-2024-12247,0,0,ad117a7da5529073984608210b9ebf0c8357341e47d0f7a47c01f4275cf4ac25,2024-12-05T16:15:25.243000
CVE-2024-1225,0,0,1335eabc5dc5752fbd7f31a11bdeda2f1be9be2c21abaca809140eabb8940f2a,2024-11-21T08:50:05.673000
@@ -246105,7 +246110,7 @@ CVE-2024-20763,0,0,85e3d365bd8f70bb83e697510efbc0c1af98cc029e70ebe9045e9cb8471b8
CVE-2024-20764,0,0,a080d634ce17b8cdbb85357fca6cda5d794fe7d9539aa4c5f46ce35e5c1cac27,2024-12-04T15:15:25.463000
CVE-2024-20765,0,0,40964bb8beca999330ba180c774b93466f325f8731cc914b7b9cd58d9c2d050c,2024-11-21T08:53:06.653000
CVE-2024-20766,0,0,95ac04a20504881d574a50944d27c002096349013c0a37ca7842a8653794b342,2024-12-05T15:18:04.873000
CVE-2024-20767,0,1,ae66121e62e6acd691604b5a21c1e50b45baacd384bdb97fe32d5d6340bf6c84,2024-12-17T02:00:02.077000
CVE-2024-20767,0,0,ae66121e62e6acd691604b5a21c1e50b45baacd384bdb97fe32d5d6340bf6c84,2024-12-17T02:00:02.077000
CVE-2024-20768,0,0,5cfbec6f58ac0ddaff40efa6f7a3cd9811b930452273e0862a7b84351ebbd04e,2024-12-03T21:46:08.623000
CVE-2024-20769,0,0,6f13dc6481e3cb8cd025c6fbd6c6e0274141093e081dce88926d28d6a572c19b,2024-11-21T08:53:07.133000
CVE-2024-2077,0,0,d186f54d9f8a90379d391459b9a5cb9d8307f4f1713a18aa8bf99e9d56318c5c,2024-12-09T22:39:42.837000
@@ -257004,7 +257009,7 @@ CVE-2024-35247,0,0,dda0cd3411fcd13059f9606bedd08c571900aa945b233a955dbeca9ed9ce9
CVE-2024-35248,0,0,7c3ed5cb016eeae24ebeb7d52be404adf38788725c5e83b5d27391e0dc1d9bf7,2024-11-21T09:20:00.980000
CVE-2024-35249,0,0,302b7c8906e51cdc971703773787e3153a88d65789ad0641a56c6ae0bd42570d,2024-11-21T09:20:01.130000
CVE-2024-3525,0,0,8b2c6a8c265bd120a4ae62349e50b9dc4f071348306abdc8eba422a9675a5ff1,2024-11-21T09:29:46.930000
CVE-2024-35250,0,1,ce6a53f3c0a8dfa3764b939943deaf8e7659c0859ad9a03dafbf3ef57b7b7d43,2024-12-17T02:00:02.077000
CVE-2024-35250,0,0,ce6a53f3c0a8dfa3764b939943deaf8e7659c0859ad9a03dafbf3ef57b7b7d43,2024-12-17T02:00:02.077000
CVE-2024-35252,0,0,0f8cf4ca91d191378f3442941d01f34b6bf05c200f0024f0bb3474e02f2e50d7,2024-11-21T09:20:01.453000
CVE-2024-35253,0,0,bee685c773d8375872a8fd41de235ce0377b714b15d51115236139dd0a8b700c,2024-11-21T09:20:01.607000
CVE-2024-35254,0,0,0973352a78955e1008d161d71b8515ce181d81658087521aabcddd672b8cbfcc,2024-11-21T09:20:01.750000

0 comments on commit 080c4b3

Please sign in to comment.