chore: generate CVEs metadata 🤖

2026-01-31 15:53:33 +08:00 · 2025-11-06 06:09:51 +00:00
parent 16b628ac02
commit 81d5e21f31
2 changed files with 2 additions and 1 deletions
--- a/cves.json
+++ b/cves.json
@@ -2760,6 +2760,7 @@
 {"ID":"CVE-2024-0593","Info":{"Name":"WordPress Simple Job Board - Unauthorized Data Access","Severity":"medium","Description":"The Simple Job Board plugin for WordPress is vulnerable to unauthorized data access due to insufficient authorization checking in the fetch_quick_job() function in all versions up to and including 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be password protected or private and contain sensitive information.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-0593.yaml"}
 {"ID":"CVE-2024-0692","Info":{"Name":"SolarWinds Security Event Manager - Unauthenticated RCE","Severity":"high","Description":"The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2024/CVE-2024-0692.yaml"}
 {"ID":"CVE-2024-0713","Info":{"Name":"Monitorr Services Configuration - Arbitrary File Upload","Severity":"high","Description":"A vulnerability was found in Monitorr 1.7.6m. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assets/php/upload.php of the component Services Configuration. The manipulation of the argument fileToUpload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251539. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2024/CVE-2024-0713.yaml"}
 {"ID":"CVE-2024-0799","Info":{"Name":"Arcserve Unified Data Protection - Authentication Bypass","Severity":"critical","Description":"An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin() function within wizardLogin.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0799.yaml"}
 {"ID":"CVE-2024-0801","Info":{"Name":"Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll","Severity":"high","Description":"A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-0801.yaml"}
 {"ID":"CVE-2024-0881","Info":{"Name":"Combo Blocks \u003c 2.2.76 - Improper Access Control","Severity":"medium","Description":"The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel WordPress plugin before 2.2.76 does not prevent password protected posts from being displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-0881.yaml"}
 {"ID":"CVE-2024-0939","Info":{"Name":"Smart S210 Management Platform - Arbitary File Upload","Severity":"critical","Description":"A vulnerability has been found in Byzoro Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0939.yaml"}
--- a/cves.json-checksum.txt
+++ b/cves.json-checksum.txt
@@ -1 +1 @@
-fdd57777ff8e4aefc0422fb2fd716f7a
+04825279d81a90757969be8bbeccd5b4
`@@ -1 +1 @@`
	`fdd57777ff8e4aefc0422fb2fd716f7a`	`04825279d81a90757969be8bbeccd5b4`