NVD Sync 2024-09-20 10:02

cve/2023/CVE-2023-36268.json

@@ -1 +1 @@
-{"cve": {"id": "CVE-2023-36268", "sourceIdentifier": "[email protected]", "published": "2024-04-30T18:15:19.730", "lastModified": "2024-07-03T01:40:25.423", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in The Document Foundation Libreoffice v.7.4.7 allows a remote attacker to cause a denial of service via a crafted .ppt file."}, {"lang": "es", "value": "Un problema en The Document Foundation Libreoffice v.7.4.7 permite que un atacante remoto provoque una denegaci\u00f3n de servicio a trav\u00e9s de un archivo .ppt manipulado."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 2.1, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-405"}]}], "references": [{"url": "https://github.com/kfx-N/test1", "source": "[email protected]"}]}}
+{"cve": {"id": "CVE-2023-36268", "sourceIdentifier": "[email protected]", "published": "2024-04-30T18:15:19.730", "lastModified": "2024-09-20T09:15:02.363", "vulnStatus": "Rejected", "cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: DoS issues, or unexploitable crashes, are out of scope for vulnerabilities."}], "metrics": {}, "references": []}}

cve/2024/CVE-2024-41721.json

@@ -0,0 +1 @@
+{"cve": {"id": "CVE-2024-41721", "sourceIdentifier": "[email protected]", "published": "2024-09-20T08:15:11.323", "lastModified": "2024-09-20T08:15:11.323", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution."}, {"lang": "es", "value": "Una validaci\u00f3n de los l\u00edmites insuficiente en el c\u00f3digo USB podr\u00eda provocar una lectura fuera de los l\u00edmites en el mont\u00f3n, lo que potencialmente podr\u00eda generar una escritura arbitraria y la ejecuci\u00f3n remota de c\u00f3digo."}], "metrics": {}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-125"}]}], "references": [{"url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:15.bhyve.asc", "source": "[email protected]"}]}}

cve/2024/CVE-2024-8853.json

@@ -0,0 +1 @@
+{"cve": {"id": "CVE-2024-8853", "sourceIdentifier": "[email protected]", "published": "2024-09-20T08:15:11.493", "lastModified": "2024-09-20T08:15:11.493", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a username that contains '-wfuser'."}, {"lang": "es", "value": "El complemento Webo-facto para WordPress es vulnerable a la escalada de privilegios en versiones hasta la 1.40 incluida debido a una restricci\u00f3n insuficiente en la funci\u00f3n 'doSsoAuthentification'. Esto hace posible que atacantes no autenticados se conviertan en administradores registr\u00e1ndose con un nombre de usuario que contenga '-wfuser'."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-269"}]}], "references": [{"url": "https://plugins.trac.wordpress.org/browser/webo-facto-connector/tags/1.40/WeboFacto/Sso.php#L78", "source": "[email protected]"}, {"url": "https://plugins.trac.wordpress.org/changeset/3153062/webo-facto-connector", "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1280ceb-9ce8-47fc-8fd3-6af80015dea9?source=cve", "source": "[email protected]"}]}}

syncdate.json

@@ -1 +1 @@
-{"lastModStartDate": "2024-09-20T06:02:43.830444+00:00", "lastModEndDate": "2024-09-20T08:02:30.140995+00:00"}
+{"lastModStartDate": "2024-09-20T08:02:30.140995+00:00", "lastModEndDate": "2024-09-20T10:02:30.384857+00:00"}