From 01e90a80259de0d9245bfec3162d47ba9aed9ecb Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 6 Nov 2024 15:03:50 +0000 Subject: [PATCH] Auto-Update: 2024-11-06T15:00:48.258634+00:00 --- CVE-2020/CVE-2020-118xx/CVE-2020-11859.json | 56 ++++++++ CVE-2023/CVE-2023-344xx/CVE-2023-34443.json | 59 +++++++- CVE-2023/CVE-2023-344xx/CVE-2023-34444.json | 54 ++++++- CVE-2023/CVE-2023-344xx/CVE-2023-34445.json | 64 ++++++++- CVE-2024/CVE-2024-101xx/CVE-2024-10186.json | 64 +++++++++ CVE-2024/CVE-2024-107xx/CVE-2024-10764.json | 79 ++++++++++- CVE-2024/CVE-2024-107xx/CVE-2024-10765.json | 77 +++++++++- CVE-2024/CVE-2024-107xx/CVE-2024-10766.json | 80 ++++++++++- CVE-2024/CVE-2024-109xx/CVE-2024-10914.json | 149 ++++++++++++++++++++ CVE-2024/CVE-2024-109xx/CVE-2024-10915.json | 149 ++++++++++++++++++++ CVE-2024/CVE-2024-314xx/CVE-2024-31448.json | 47 +++++- CVE-2024/CVE-2024-319xx/CVE-2024-31998.json | 47 +++++- CVE-2024/CVE-2024-442xx/CVE-2024-44258.json | 34 ++++- CVE-2024/CVE-2024-497xx/CVE-2024-49750.json | 52 ++++++- CVE-2024/CVE-2024-503xx/CVE-2024-50348.json | 54 ++++++- CVE-2024/CVE-2024-87xx/CVE-2024-8792.json | 37 ++++- CVE-2024/CVE-2024-94xx/CVE-2024-9488.json | 49 ++++++- CVE-2024/CVE-2024-98xx/CVE-2024-9846.json | 37 ++++- README.md | 32 +++-- _state.csv | 40 +++--- 20 files changed, 1171 insertions(+), 89 deletions(-) create mode 100644 CVE-2020/CVE-2020-118xx/CVE-2020-11859.json create mode 100644 CVE-2024/CVE-2024-101xx/CVE-2024-10186.json create mode 100644 CVE-2024/CVE-2024-109xx/CVE-2024-10914.json create mode 100644 CVE-2024/CVE-2024-109xx/CVE-2024-10915.json diff --git a/CVE-2020/CVE-2020-118xx/CVE-2020-11859.json b/CVE-2020/CVE-2020-118xx/CVE-2020-11859.json new file mode 100644 index 00000000000..24e5fc760c1 --- /dev/null +++ b/CVE-2020/CVE-2020-118xx/CVE-2020-11859.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2020-11859", + "sourceIdentifier": "security@opentext.com", + "published": "2024-11-06T14:15:04.963", + "lastModified": "2024-11-06T14:15:04.963", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS).\u00a0This issue affects iManager before 3.2.3" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.netiq.com/documentation/imanager-32/imanager323_releasenotes/data/imanager323_releasenotes.html", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34443.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34443.json index 6b7b125f69f..583fbd28920 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34443.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34443.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34443", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-05T00:15:03.103", - "lastModified": "2024-11-05T16:04:26.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:25:00.830", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,14 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.7.9", + "matchCriteriaId": "FA0F67ED-5CDF-43B4-80A2-44BBB56A9624" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.0.0", + "versionEndExcluding": "3.0.4", + "matchCriteriaId": "F42542C8-DEF2-45E2-983B-B161F76C8FDA" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-9mx6-pwpp-j3xx", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://huntr.dev/bounties/c230d55d-1f0e-40c3-8c7e-20587d3e54da/?token=4d1195d5a50a9f0f7ae9fc24a2b0a3bd907427edaf7ee6ac1f8f31c11d8b7a5d2c204957125e63fd7cf3a87df6d5d12a35f9c7107ba5f33b5f668fa199a36932448b9bf186daa62cb32b5635770730eb68eeeba079b8864ab00358fd0dc65fa406d986525814a14951db2025e117f0098a1f270f5a5b2c935a65b00b5106e5511b61d501c4357654cb8ea76b", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34444.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34444.json index 759a8b4ca3b..2beaca19311 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34444.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34444.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34444", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-05T00:15:03.350", - "lastModified": "2024-11-05T16:04:26.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:28:46.193", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,10 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.7.9", + "matchCriteriaId": "FA0F67ED-5CDF-43B4-80A2-44BBB56A9624" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.0.0", + "versionEndExcluding": "3.0.4", + "matchCriteriaId": "F42542C8-DEF2-45E2-983B-B161F76C8FDA" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-rwx9-rcxf-qrwv", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34445.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34445.json index 58ead0ccfd1..47a32fefefd 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34445.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34445.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34445", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-05T00:15:03.630", - "lastModified": "2024-11-05T16:04:26.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:29:52.467", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,10 +81,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.7.9", + "matchCriteriaId": "FA0F67ED-5CDF-43B4-80A2-44BBB56A9624" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.0.0", + "versionEndExcluding": "3.0.4", + "matchCriteriaId": "F42542C8-DEF2-45E2-983B-B161F76C8FDA" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-mm45-wh68-jpvq", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-101xx/CVE-2024-10186.json b/CVE-2024/CVE-2024-101xx/CVE-2024-10186.json new file mode 100644 index 00000000000..b6c5bcb554c --- /dev/null +++ b/CVE-2024/CVE-2024-101xx/CVE-2024-10186.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-10186", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-06T13:15:03.163", + "lastModified": "2024-11-06T13:15:03.163", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's events_cal shortcode in all versions up to, and including, 5.9.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3182549/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/event-post/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3ae1c32-18a7-4109-a7ea-dfd18fa3a8e2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10764.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10764.json index 67fc2c6db6a..ea0ce77259c 100644 --- a/CVE-2024/CVE-2024-107xx/CVE-2024-10764.json +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10764.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10764", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-04T16:15:04.497", - "lastModified": "2024-11-04T18:50:05.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:44:53.410", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects an unknown part of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Codezips Online Institute Management System 1.0. Afecta a una parte desconocida del archivo /pages/save_user.php. La manipulaci\u00f3n del argumento image permite la carga sin restricciones. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado." } ], "metrics": { @@ -57,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -106,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,22 +158,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codezips:online_institute_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "51A6CFF2-B568-4430-ACB8-C640A44A06B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xiaobsss/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.282951", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.282951", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.436477", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10765.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10765.json index 102cba920e9..47e6ceabefc 100644 --- a/CVE-2024/CVE-2024-107xx/CVE-2024-10765.json +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10765.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10765", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-04T16:15:04.890", - "lastModified": "2024-11-04T18:50:05.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:45:35.600", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument old_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": " Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Codezips Online Institute Management System up to 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /profile.php. La manipulaci\u00f3n del argumento old_image provoca una carga sin restricciones. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { @@ -57,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -105,6 +129,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -124,22 +158,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codezips:online_institute_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "51A6CFF2-B568-4430-ACB8-C640A44A06B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/hbuzs/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.282952", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.282952", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.436520", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10766.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10766.json index 31e5ede85d0..1e12ec3b918 100644 --- a/CVE-2024/CVE-2024-107xx/CVE-2024-10766.json +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10766.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10766", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-04T18:15:04.330", - "lastModified": "2024-11-04T18:50:05.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:59:34.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure contains confusing vulnerability classes and file names." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad, que se ha clasificado como cr\u00edtica, en Codezips Free Exam Hall Seating Management System 1.0. Este problema afecta a algunos procesos desconocidos del archivo /pages/save_user.php. La manipulaci\u00f3n del argumento image da lugar a una carga sin restricciones. El ataque puede iniciarse de forma remota. El exploit se ha divulgado al p\u00fablico y puede utilizarse. La divulgaci\u00f3n inicial del investigador contiene clases de vulnerabilidad y nombres de archivo confusos." } ], "metrics": { @@ -57,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -106,8 +130,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -124,22 +158,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codezips:free_exam_hall_seating_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "99C348E9-6BBF-4FC8-A2B8-3ED70BA03131" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Charlotte008/cve/issues/3", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.282953", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.282953", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?submit.436478", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10914.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10914.json new file mode 100644 index 00000000000..feaf56ee57e --- /dev/null +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10914.json @@ -0,0 +1,149 @@ +{ + "id": "CVE-2024-10914", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-06T14:15:05.310", + "lastModified": "2024-11-06T14:15:05.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument name leads to os command injection. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 9.2, + "baseSeverity": "CRITICAL" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 7.6 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 4.9, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-707" + }, + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://netsecfish.notion.site/Command-Injection-Vulnerability-in-name-parameter-for-D-Link-NAS-12d6b683e67c80c49ffcc9214c239a07?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.283309", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.283309", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.432847", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10915.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10915.json new file mode 100644 index 00000000000..81bc5c3ff15 --- /dev/null +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10915.json @@ -0,0 +1,149 @@ +{ + "id": "CVE-2024-10915", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-06T14:15:05.783", + "lastModified": "2024-11-06T14:15:05.783", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument group leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 9.2, + "baseSeverity": "CRITICAL" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 7.6 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 4.9, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-707" + }, + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://netsecfish.notion.site/Command-Injection-Vulnerability-in-group-parameter-for-D-Link-NAS-12d6b683e67c803fa1a0c0d236c9a4c5?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.283310", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.283310", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.432848", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-314xx/CVE-2024-31448.json b/CVE-2024/CVE-2024-314xx/CVE-2024-31448.json index 43e83dc9b30..9f7704e4da1 100644 --- a/CVE-2024/CVE-2024-314xx/CVE-2024-31448.json +++ b/CVE-2024/CVE-2024-314xx/CVE-2024-31448.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31448", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-05T00:15:03.860", - "lastModified": "2024-11-05T16:04:26.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:31:08.877", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.1.2", + "matchCriteriaId": "4B1E5E6E-1398-4908-9D8F-25C8C667F3D2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-776w-x6v7-vfwf", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-319xx/CVE-2024-31998.json b/CVE-2024/CVE-2024-319xx/CVE-2024-31998.json index 5c643fcf378..ba61856e754 100644 --- a/CVE-2024/CVE-2024-319xx/CVE-2024-31998.json +++ b/CVE-2024/CVE-2024-319xx/CVE-2024-31998.json @@ -2,8 +2,8 @@ "id": "CVE-2024-31998", "sourceIdentifier": "security-advisories@github.com", "published": "2024-11-05T00:15:04.083", - "lastModified": "2024-11-05T16:04:26.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:31:46.643", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.1.2", + "matchCriteriaId": "4B1E5E6E-1398-4908-9D8F-25C8C667F3D2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Combodo/iTop/security/advisories/GHSA-8cwx-q4xh-7c7r", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-442xx/CVE-2024-44258.json b/CVE-2024/CVE-2024-442xx/CVE-2024-44258.json index 852c0fce574..f29ba7c705b 100644 --- a/CVE-2024/CVE-2024-442xx/CVE-2024-44258.json +++ b/CVE-2024/CVE-2024-442xx/CVE-2024-44258.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44258", "sourceIdentifier": "product-security@apple.com", "published": "2024-10-28T21:15:07.083", - "lastModified": "2024-10-30T18:28:24.490", - "vulnStatus": "Analyzed", + "lastModified": "2024-11-06T14:35:02.583", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.2 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 } ] }, @@ -49,6 +69,16 @@ "value": "CWE-59" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-497xx/CVE-2024-49750.json b/CVE-2024/CVE-2024-497xx/CVE-2024-49750.json index f36b6881baa..a3048b6f072 100644 --- a/CVE-2024/CVE-2024-497xx/CVE-2024-49750.json +++ b/CVE-2024/CVE-2024-497xx/CVE-2024-49750.json @@ -2,8 +2,8 @@ "id": "CVE-2024-49750", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-24T22:15:04.490", - "lastModified": "2024-10-25T12:56:07.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:58:19.993", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,14 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:snowflake:snowflake_connector:*:*:*:*:*:python:*:*", + "versionEndExcluding": "3.12.3", + "matchCriteriaId": "EB425722-4A5A-47DB-8F1B-CE344E50CCBE" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/snowflakedb/snowflake-connector-python/commit/dbc9284a3c0382c131b971b35e8d6ab93c46f37a", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/snowflakedb/snowflake-connector-python/security/advisories/GHSA-5vvg-pvhp-hv2m", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50348.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50348.json index 60c9366139e..493a484eea6 100644 --- a/CVE-2024/CVE-2024-503xx/CVE-2024-50348.json +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50348.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50348", "sourceIdentifier": "security-advisories@github.com", "published": "2024-10-29T23:15:03.863", - "lastModified": "2024-11-01T12:57:03.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:49:46.073", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -51,14 +71,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:instantcms:instantcms:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.16.3", + "matchCriteriaId": "D502D2E1-810F-4B47-97EA-779586CB2B78" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/instantsoft/icms2/commit/e02de2fa1850bb40c9b2050b9256c838a0ea7aa3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/instantsoft/icms2/security/advisories/GHSA-f6cf-jg84-fw29", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8792.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8792.json index 98d5fc260d4..fab1edd2b35 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8792.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8792.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8792", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-30T03:15:04.583", - "lastModified": "2024-11-01T12:57:03.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:51:34.663", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,18 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:markjaquith:subscribe_to_comments:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.3", + "matchCriteriaId": "CEB85823-5700-4E15-AD69-157D2A98ECA8" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/subscribe-to-comments/trunk/subscribe-to-comments.php#L1470", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3177660%40subscribe-to-comments%2Ftrunk&old=1198281%40subscribe-to-comments%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a7566ac1-9ae2-44d2-8ad1-029957870992?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9488.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9488.json index 966d11d7918..7079ce42ab5 100644 --- a/CVE-2024/CVE-2024-94xx/CVE-2024-9488.json +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9488.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9488", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-25T06:15:13.727", - "lastModified": "2024-10-25T12:56:07.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:57:04.457", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -41,8 +41,18 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,18 +61,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gvectors:wpdiscuz:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "7.6.25", + "matchCriteriaId": "010A4D23-EB81-4895-925B-9C98ED0E79C8" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wpdiscuz/trunk/forms/wpdFormAttr/Login/SocialLogin.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3164486/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b71706a7-e101-4d50-a2da-1aeeaf07cf4b?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9846.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9846.json index 1cd2c6a2954..1712109cd5e 100644 --- a/CVE-2024/CVE-2024-98xx/CVE-2024-9846.json +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9846.json @@ -2,8 +2,8 @@ "id": "CVE-2024-9846", "sourceIdentifier": "security@wordfence.com", "published": "2024-10-30T03:15:04.820", - "lastModified": "2024-11-01T12:57:03.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-11-06T14:58:04.160", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,18 +51,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:aftabhusain:enable_shortcodes_inside_widgets\\,comments_and_experts:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.0", + "matchCriteriaId": "CCB17C76-24BE-4CE0-92C4-19D2E12700CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/enable-shortcodes-inside-widgetscomments-and-experts/trunk/enable-shortcodes-inside-widgets-comments-experts.php#L19", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://wordpress.org/plugins/enable-shortcodes-inside-widgetscomments-and-experts/#developers", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f1ac2544-f96b-4859-96de-795753a94264?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 28518fcef9c..161060a52c9 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-06T13:00:19.432269+00:00 +2024-11-06T15:00:48.258634+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-06T12:15:03.950000+00:00 +2024-11-06T14:59:34.303000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -268434 +268438 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `4` -- [CVE-2024-10168](CVE-2024/CVE-2024-101xx/CVE-2024-10168.json) (`2024-11-06T12:15:03.400`) -- [CVE-2024-10715](CVE-2024/CVE-2024-107xx/CVE-2024-10715.json) (`2024-11-06T11:15:03.353`) -- [CVE-2024-8323](CVE-2024/CVE-2024-83xx/CVE-2024-8323.json) (`2024-11-06T12:15:03.950`) +- [CVE-2020-11859](CVE-2020/CVE-2020-118xx/CVE-2020-11859.json) (`2024-11-06T14:15:04.963`) +- [CVE-2024-10186](CVE-2024/CVE-2024-101xx/CVE-2024-10186.json) (`2024-11-06T13:15:03.163`) +- [CVE-2024-10914](CVE-2024/CVE-2024-109xx/CVE-2024-10914.json) (`2024-11-06T14:15:05.310`) +- [CVE-2024-10915](CVE-2024/CVE-2024-109xx/CVE-2024-10915.json) (`2024-11-06T14:15:05.783`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `14` -- [CVE-2024-52043](CVE-2024/CVE-2024-520xx/CVE-2024-52043.json) (`2024-11-06T11:15:04.140`) +- [CVE-2023-34443](CVE-2023/CVE-2023-344xx/CVE-2023-34443.json) (`2024-11-06T14:25:00.830`) +- [CVE-2023-34444](CVE-2023/CVE-2023-344xx/CVE-2023-34444.json) (`2024-11-06T14:28:46.193`) +- [CVE-2023-34445](CVE-2023/CVE-2023-344xx/CVE-2023-34445.json) (`2024-11-06T14:29:52.467`) +- [CVE-2024-10764](CVE-2024/CVE-2024-107xx/CVE-2024-10764.json) (`2024-11-06T14:44:53.410`) +- [CVE-2024-10765](CVE-2024/CVE-2024-107xx/CVE-2024-10765.json) (`2024-11-06T14:45:35.600`) +- [CVE-2024-10766](CVE-2024/CVE-2024-107xx/CVE-2024-10766.json) (`2024-11-06T14:59:34.303`) +- [CVE-2024-31448](CVE-2024/CVE-2024-314xx/CVE-2024-31448.json) (`2024-11-06T14:31:08.877`) +- [CVE-2024-31998](CVE-2024/CVE-2024-319xx/CVE-2024-31998.json) (`2024-11-06T14:31:46.643`) +- [CVE-2024-44258](CVE-2024/CVE-2024-442xx/CVE-2024-44258.json) (`2024-11-06T14:35:02.583`) +- [CVE-2024-49750](CVE-2024/CVE-2024-497xx/CVE-2024-49750.json) (`2024-11-06T14:58:19.993`) +- [CVE-2024-50348](CVE-2024/CVE-2024-503xx/CVE-2024-50348.json) (`2024-11-06T14:49:46.073`) +- [CVE-2024-8792](CVE-2024/CVE-2024-87xx/CVE-2024-8792.json) (`2024-11-06T14:51:34.663`) +- [CVE-2024-9488](CVE-2024/CVE-2024-94xx/CVE-2024-9488.json) (`2024-11-06T14:57:04.457`) +- [CVE-2024-9846](CVE-2024/CVE-2024-98xx/CVE-2024-9846.json) (`2024-11-06T14:58:04.160`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 95a8a12e6d3..cdef684da13 100644 --- a/_state.csv +++ b/_state.csv @@ -146853,6 +146853,7 @@ CVE-2020-11855,0,0,e14561753ea7476ef1a46ad2271a2d7705e48957ee839066d428855f0813a CVE-2020-11856,0,0,5abea0f5863e425aba8da9037a573c7a3b4f3f117b19f6f108ddeefc546a6311,2023-11-07T03:15:13.060000 CVE-2020-11857,0,0,cfe4b29cbd7705754d8ff7c436f360e01cc84f49a7da178c74183fbb0fdce6b5,2023-11-07T03:15:13.327000 CVE-2020-11858,0,0,f1a7878dcbe39fb75e66ba015f3e0a8c37bed95690a925f034528dceb4a78f9a,2023-11-07T03:15:13.613000 +CVE-2020-11859,1,1,c6463e65a47b733c143ba1012ce4867d704a396d64748d0f657e0f2a5a3f62b8,2024-11-06T14:15:04.963000 CVE-2020-1186,0,0,1eefdf7a8e33c4c2cd4bfb01e3572e05bdae937974ad739d1b8791b6b68c2142,2021-07-21T11:39:23.747000 CVE-2020-11860,0,0,5ff0fb781acc00bd8736fa43437c501792b5b28d4b3cd41269e4609dde6edb4d,2023-11-07T03:15:13.847000 CVE-2020-11861,0,0,4131e0ca5ed9aa3ac9d2a10890f2f261f9722b9905d29a15f5ba8b6d4694ee13,2023-11-07T03:15:14.130000 @@ -226353,9 +226354,9 @@ CVE-2023-34439,0,0,eed747f391d4f39511edced7f0f7d24266444a66d5c5ae933e2c617b0f8ad CVE-2023-3444,0,0,bb17c1dbdd4ed7c8eb9d7ed0dea1940f5de4a2d452400c13a5a21e52322126d5,2024-10-08T19:16:10.620000 CVE-2023-34441,0,0,211d0b94e4b29dd576f0f1e507c4e789d07f15ca6b53d68f9ed82c048ecd21c8,2023-10-25T14:14:16.710000 CVE-2023-34442,0,0,817374305a61193f31cd22c20a8504631518f3522242c523fd4d418072d39ccc,2023-07-17T18:35:59.380000 -CVE-2023-34443,0,0,08c69dcaadfcc7e985049bbbddace38f60d952e3345ce8b366e0609ce8eb85ab,2024-11-05T16:04:26.053000 -CVE-2023-34444,0,0,0cc0032d6be06c375498f7b8d64b654472599ea66684bd68d1e30065b44bf135,2024-11-05T16:04:26.053000 -CVE-2023-34445,0,0,6705a9c0f488d89c5625d20aef6dfd0db2cdda6fa4bd7eb3f1e686fbda1e80aa,2024-11-05T16:04:26.053000 +CVE-2023-34443,0,1,c8eee3839b8b2cf8f4122afe0ba565ba03d08709f77e6254dc2fd94ef33de818,2024-11-06T14:25:00.830000 +CVE-2023-34444,0,1,774fe5f97b48d93e24c83617d9b7b190782b553d0dc6fa796fad513f37c5decc,2024-11-06T14:28:46.193000 +CVE-2023-34445,0,1,7bc77a3b0fd9a85b36c5768eb2846bc94b4e76be54b1a57dc04dbdde8eecaf81,2024-11-06T14:29:52.467000 CVE-2023-34446,0,0,13fc39dc24b167cd0215a46ed05da10983c5a16a33defe3a92b35d1f745923ff,2023-10-31T15:19:32.367000 CVE-2023-34447,0,0,e1c225059a88e3b6725968bb4602d5d5fd1c3200872c9f7a506f740e2fff4f74,2023-10-31T15:21:59.647000 CVE-2023-34448,0,0,8b22b0996aad81d33846f4fa0736e3396099aa9304c682c88935844e494aa7cd,2023-06-22T16:31:47.377000 @@ -242473,7 +242474,7 @@ CVE-2024-10163,0,0,26289a38ca28d6fbf3697cebc7b8e78d717fbaa250d69c3062759b06a1925 CVE-2024-10165,0,0,5e96b8bac045d76007a8a1ccaf66b23094bbe577806718f5c39b95850bfcb648,2024-10-21T21:35:06.987000 CVE-2024-10166,0,0,d38e0eaedffd343f532bd4c1abf13dec4f7eece79809104c00c35d23c5bd77f6,2024-10-21T21:34:52.430000 CVE-2024-10167,0,0,e7ee4350c0d87b98f4009c350ce488d1222a8473f5eed0163be4fcf02375526f,2024-10-21T21:34:25.810000 -CVE-2024-10168,1,1,a16f3a0a04d9c48b4fad3fd0fbb393d0f9afb00a27bf1e0807ad26442e6357ad,2024-11-06T12:15:03.400000 +CVE-2024-10168,0,0,a16f3a0a04d9c48b4fad3fd0fbb393d0f9afb00a27bf1e0807ad26442e6357ad,2024-11-06T12:15:03.400000 CVE-2024-10169,0,0,1db0b82161d097e04e0d9142501d34c98067446995af0ad4d8dda4cff4f3006d,2024-10-23T15:01:58.987000 CVE-2024-1017,0,0,50b68641acb97d381e6a65107328f0dab0fccf027bea27ef0f379cc058119760,2024-05-17T02:35:10.627000 CVE-2024-10170,0,0,43858dc94e553ea996e2f62171c2a07580bf4384f9d10283ecd355d244289e84,2024-10-21T21:33:49.663000 @@ -242486,6 +242487,7 @@ CVE-2024-10181,0,0,e508d85fb29127dc9615d55a59c4f686aa113b77b39ab8d7dcfaa4fd4cd2c CVE-2024-10183,0,0,120f83031d6b056b9464662cc23a397a8370d5b6b85b4ebf16896e12042e7ae6,2024-10-23T15:12:34.673000 CVE-2024-10184,0,0,82e323cdb696d7fc911e7053501b005fcd00bb282537fcf739cadb894187d0e9,2024-10-29T14:34:04.427000 CVE-2024-10185,0,0,ca6dfd9088b0219f97894c0990b4ec594d404f7f2fe7b73023fa5dc239e3eb40,2024-10-29T14:34:04.427000 +CVE-2024-10186,1,1,8d98d00d5e4317f317623daa0bf76a7d2697352eb8a7e00af128c76c07c6a29c,2024-11-06T13:15:03.163000 CVE-2024-10189,0,0,44ab01729f421efaf03808ae973a9923c5f8c6b41f07f8511cb89b2ff9a7419b,2024-10-29T15:27:55.550000 CVE-2024-1019,0,0,9d34fb91efb6a448073ac765944da7eab7ec7fd07c6fef378639c859599f6841,2024-02-20T02:15:49.973000 CVE-2024-10191,0,0,4ecd88c27c34e37b94ed56c347924bf6837bbfb39d55fba1c828925d6337ab29,2024-10-22T14:33:12.313000 @@ -242759,7 +242761,7 @@ CVE-2024-10701,0,0,53baafb789e17d3adca0638e17c429a583b20f9faed929ac230c13977cad3 CVE-2024-10702,0,0,1494650cf24141bf55e997b208eb307166b880baeab6c7ba81f17c35396d74f0,2024-11-05T16:52:11.193000 CVE-2024-1071,0,0,203dd69d50b387b330a57560d4e66e827311506680b4f1e4c4b62b6aa394169c,2024-03-13T18:16:18.563000 CVE-2024-10711,0,0,55dbe18df8608d9e1c1242fc894dfe0ff26164cf1194299faf792f0956a2b568,2024-11-05T16:04:26.053000 -CVE-2024-10715,1,1,9809bc782fb4a0fd3afaa8b64512d1c6468f3bc71edbb0e07ae09e5e05503d2a,2024-11-06T11:15:03.353000 +CVE-2024-10715,0,0,9809bc782fb4a0fd3afaa8b64512d1c6468f3bc71edbb0e07ae09e5e05503d2a,2024-11-06T11:15:03.353000 CVE-2024-1072,0,0,d1340477909607c729b87fb4231ec3eb5b83c947dd2f9537edfb72049dfc44f6,2024-02-13T19:44:28.620000 CVE-2024-1073,0,0,39b7dc528198b2afbafa91161478b052efb2c858a3c417cf6368bfe809460c5d,2024-02-07T20:56:30.313000 CVE-2024-10730,0,0,8808b0788cc1226811ed98f049f4208abdd990eebdc310df0fd93dc6dcaba5d0,2024-11-04T16:42:33.607000 @@ -242797,9 +242799,9 @@ CVE-2024-10759,0,0,c8109478aa1f8c3301ee32308076a58e7071300f78ad806d58694decfd727 CVE-2024-1076,0,0,1eec5a2aed6def26ca78a00c90cdc2a9e26a823100b6419a30b16c630a915a03,2024-08-30T13:15:12.257000 CVE-2024-10760,0,0,80b31d15ce40c1796f7a31332b7a00ce5c18086643bde5a0e039d2a809d12494,2024-11-05T19:45:47.893000 CVE-2024-10761,0,0,e55627ca0aefeb59987656a92ae2fe0920723534c3676e4833cbe2ebfab1f89e,2024-11-04T18:50:05.607000 -CVE-2024-10764,0,0,ec3f49d125cf2e2f9f040e77955c901db8d4fc081c2a5a3c578e4d10b68b11ee,2024-11-04T18:50:05.607000 -CVE-2024-10765,0,0,f94f39587334d404980a388e9dfd9fb9115fae8b2ac1d9ff2a13bbe026583b18,2024-11-04T18:50:05.607000 -CVE-2024-10766,0,0,1b1319bb6e0bee622c046653104b00240692805524f9a93d49c4c9f821fef751,2024-11-04T18:50:05.607000 +CVE-2024-10764,0,1,2019ff7f0926975749df288d065dd4ef04b45307a383083c9552413c9cfb56bf,2024-11-06T14:44:53.410000 +CVE-2024-10765,0,1,ff207dbaed362f27d141d8f991437f9efb859b44cbbeb5f387917f93fd11e23b,2024-11-06T14:45:35.600000 +CVE-2024-10766,0,1,e35f492b9f66f3ec904d31d42b260648e53321433ee2cae35a4e477e4ef293a0,2024-11-06T14:59:34.303000 CVE-2024-10768,0,0,fcd4ee0d6eff55471dbda97bd83141f17ad16c6dfb7f0d919b3fd3abb2322ddc,2024-11-05T16:04:26.053000 CVE-2024-1077,0,0,9052c519c4a7de5cf3516fc923116c25b788d5b36a137a2e416fb3d37403344d,2024-07-03T01:44:58.330000 CVE-2024-1078,0,0,88568fa2f20f5ea8de25fda48576808429bbc616448df571a879f056db565620,2024-02-14T18:39:51.437000 @@ -242828,6 +242830,8 @@ CVE-2024-1088,0,0,7487e11aa2518f6cc93d89dd95a39f5c8d6e4a1b2567cf073eed09f7df7825 CVE-2024-1089,0,0,9442709e929187c1b992d082c3eaeec9226480f80fc28198e3a73f4a684640d5,2024-02-29T13:49:29.390000 CVE-2024-1090,0,0,2d0b80c82d6d153c4e0b5412c3fcf892da86ac73a72da4cbf84bfbb064bdcb0c,2024-02-29T13:49:29.390000 CVE-2024-1091,0,0,54ee7e9ca708166212a73aaa10e4715176fe17b55fbce1ee0ea8f95d289d46a5,2024-02-29T13:49:29.390000 +CVE-2024-10914,1,1,9e1b2f0777286d0cb8a602e804700d0b7a218386d359fac5ed22841e73f8a57a,2024-11-06T14:15:05.310000 +CVE-2024-10915,1,1,cfa7f586c14b166c26e02501db4fae7d71ff693eadbe58fa1137bf847b5f82bf,2024-11-06T14:15:05.783000 CVE-2024-1092,0,0,4e514cbeb8cbdb0016fe4cb374f3dffe448e95b35a82b13ed7cb7be1b7fe61c2,2024-02-13T19:43:06.247000 CVE-2024-1093,0,0,de7ad9b72d87a55cf339c2dc774b7bea1d33bb68e3b932a439fb6fd6a0ef5b53,2024-03-05T13:41:01.900000 CVE-2024-1094,0,0,e9e492360318e20689e515fe6138ed3b8630e834f4abf2efeafd987f7e7b2dc6,2024-06-17T12:42:04.623000 @@ -252198,7 +252202,7 @@ CVE-2024-31444,0,0,2b583a6a275e0a983bbebac5216edfacb732dc16a37d3f15cde47373ee16d CVE-2024-31445,0,0,1604b599d9536c57c531cce60053ad45df054d57149c0036714972b15538613e,2024-06-10T17:16:26.097000 CVE-2024-31446,0,0,373eeef72a0a9c99dbd4ccd220f1667bb1c1a5f0b64e2b8d303c3d0e34eb6da6,2024-04-17T12:48:31.863000 CVE-2024-31447,0,0,e739a8fffd9f497d895f96e5d958e90722f45e9f390061e76a7ad752c9634400,2024-04-08T18:48:40.217000 -CVE-2024-31448,0,0,9f1ba0bb711d7f3f12913c5e8da265cccc471cc8e01cb7b2c843d63df722f3b5,2024-11-05T16:04:26.053000 +CVE-2024-31448,0,1,6f2d5d8b103c415093a36690b6f5ea0753fa42a31495dd66506a1da4fb576ca4,2024-11-06T14:31:08.877000 CVE-2024-31449,0,0,6e4665430092cd3a38c7f968c5e4cd78352ce1f6e160f934606d38ec1f765ad5,2024-10-10T12:57:21.987000 CVE-2024-3145,0,0,21fbcfc8d4b596ded088fde63ea9f1f1353c43d1f912006c785433adb5bef364,2024-05-17T02:39:44.947000 CVE-2024-31450,0,0,ab5f0ef1f93c0f0e56281a7055daaa2ff51bdf34c67fe22e312d60de3e8693fa,2024-04-22T13:28:50.310000 @@ -252533,7 +252537,7 @@ CVE-2024-31994,0,0,b6431ba9eb98a129f7ea944227dac9ddb97bf9b9d2004f094a695efb8594f CVE-2024-31995,0,0,602bd03775c89a6cb4e10470ceb1298f833e8948d6090002643943868c01e068,2024-04-11T12:47:44.137000 CVE-2024-31996,0,0,d4a1c5956655b3691b734adb2cb789f7840abf7ea392691d056f3eeb40cd8aea,2024-04-11T12:47:44.137000 CVE-2024-31997,0,0,e22174bdf45016db847f83f67a9d66c204301d7e1d4c9d7c29d7666820ceb71c,2024-04-11T12:47:44.137000 -CVE-2024-31998,0,0,60e2d96ad2e90d6fbdb01ee3d87b7e1f2d2d2d899533697d8857d47ec16d44d9,2024-11-05T16:04:26.053000 +CVE-2024-31998,0,1,2663bab8defba2ad9cfa06bffd78762e4d806e7b465353fa59687f2701864b85,2024-11-06T14:31:46.643000 CVE-2024-31999,0,0,8be6bae45bf69469fba4d6938377c3d617d76ac22b2f250c9dbb7045c4892896,2024-04-11T12:47:44.137000 CVE-2024-3200,0,0,8eda8c8c32d34e129031e44c1a51e83d6c696c49d22ac2d1d4831571c411eace,2024-06-03T14:46:24.250000 CVE-2024-32000,0,0,25e808883afb30085bd2c5527f7ffcb33df5f281d7490db268ce63ab1545a321,2024-04-15T13:15:31.997000 @@ -261184,7 +261188,7 @@ CVE-2024-44254,0,0,b932471c7b72b296626acaae1c1c1c65f96f253ebe16cc5535f9abf466bf2 CVE-2024-44255,0,0,89e692fbabe1ac868aa1386f1241f7c919e5ed3a9076044380cfc36ec3d5e720,2024-10-30T18:26:03.767000 CVE-2024-44256,0,0,17aa03a2ed4c3fc9cc6050efee4584273e8e878058b24cc398dd2574b5d0db34,2024-10-29T20:35:29.053000 CVE-2024-44257,0,0,fbfaa04f8cbb781c7b5c9b4d7e31917aa6b40ea53153adf50b1bee22b30132a9,2024-10-29T20:35:29.240000 -CVE-2024-44258,0,0,91308a1547f18fc4e41f208855ec5d4256762f382e547d5702ebf3ed7d38e066,2024-10-30T18:28:24.490000 +CVE-2024-44258,0,1,8ab03e966a595d486d0092627a33702077a9f3d63331ec096ff5f3f8ee57fb7b,2024-11-06T14:35:02.583000 CVE-2024-44259,0,0,34e000c43f89f1c6e41f971ae05cc2648b135b80ff70f0cd9cdfe5676f091511,2024-10-29T23:15:03.663000 CVE-2024-4426,0,0,438c7e77bba5537169c045ba2dc210873849174945e68052d5a8bbbd94b93b11,2024-05-30T13:15:41.297000 CVE-2024-44260,0,0,5a4143b47f6bb680997cf416c6ec19c71d6b161de490b20adc7ab8ee10998409,2024-10-29T21:35:17.343000 @@ -263948,7 +263952,7 @@ CVE-2024-4972,0,0,aca3b401df5f0f8efa87796dd64789aa2cecbea8af4c356f93adc161f1e5b5 CVE-2024-4973,0,0,c8cb9b832f42f8b36963a1241c53cb5d648196ebedc5ede632c88d17792d2e61,2024-06-04T19:20:56.140000 CVE-2024-4974,0,0,29381f582adec4042105cf6b841ea7b6d4575f99995b9ea6ba695d777207b6ba,2024-06-04T19:20:56.237000 CVE-2024-4975,0,0,d684ecfff12b84901405d8ee54394b9595e6fb8a06328936509cd0d9c152070c,2024-06-04T19:20:56.337000 -CVE-2024-49750,0,0,a7e8b2a926889afed7f90910ab6e5ec3cbfd5fe1c3a7f940d8c01d024ee8d1a6,2024-10-25T12:56:07.750000 +CVE-2024-49750,0,1,a4d8c273c7d01e1dcb69ab54945d9fa3ef0aafd14a5615789a19e3567d7b1d64,2024-11-06T14:58:19.993000 CVE-2024-49751,0,0,ff7d052700c88a06f3721dad1b8cfae38c2356a33cba16eba3e8bf2b6f89cf9e,2024-10-25T12:56:36.827000 CVE-2024-49753,0,0,e48f997c3307c7149c72669441f9343576b6be2cbdb15b89775e89497816dbec,2024-10-28T13:58:09.230000 CVE-2024-49755,0,0,b1c1713e62d1c6cff006bddd32caeacb7a00a5abd98bfdd4887a4a4fcdb0308a,2024-10-29T14:34:50.257000 @@ -264305,7 +264309,7 @@ CVE-2024-5034,0,0,ecc1ebd0e8a7a2aea01c9ce5ac07669525947175e7e55790f4a8e8a0b317ba CVE-2024-50344,0,0,01bf6c563fd2a47d8f1655926ebf620cef86a1d975ff50e33bcc2ca54db6ff27,2024-11-01T12:57:03.417000 CVE-2024-50346,0,0,fb25cbb7b8a23f8bc4a8f048afe511d7d942fe5a9bb027a602dbfa956ec82a3d,2024-11-05T16:04:26.053000 CVE-2024-50347,0,0,09b35c9108a453337442f172c0c30bea977424cb455f7f1c26e8c5268b8f2c51,2024-11-01T12:57:03.417000 -CVE-2024-50348,0,0,a2f7dd4541b70b31a296cb052041997e29eba359a31633491ab548fa5e708765,2024-11-01T12:57:03.417000 +CVE-2024-50348,0,1,fa8a8e9e48d227df1afdc378e4ee00ffda2dd051bb15c8b477e290549096cb45,2024-11-06T14:49:46.073000 CVE-2024-5035,0,0,592ce94ebba91d65c9cac29085dbc465d14be23d13ac08f1e0101f9ce552a856,2024-05-29T05:16:08.793000 CVE-2024-50353,0,0,c270322657a2173bb388f1746e651fd5c3e3613c7dc6a2e8967074d0cc432797,2024-11-01T12:57:03.417000 CVE-2024-50354,0,0,71c165210065e28f3056b772ab098428406844612dc3279d15bcac1af858ffbc,2024-11-01T12:57:03.417000 @@ -264772,7 +264776,7 @@ CVE-2024-52029,0,0,6604d73dfa925d8021d81d835bc825971fe44d6336112cf5acceb9e667d92 CVE-2024-5203,0,0,e867d44b31fa735ecaef1844aba382841138e742c9b7e957e6089969316cab00,2024-09-13T11:15:10.197000 CVE-2024-52030,0,0,f299083111a88bfbb33be7c61ad60009afd7ae12eaace08cfe4a696ed0f18397,2024-11-05T16:35:58.320000 CVE-2024-5204,0,0,87eb5b753d379a1bd1ef79b260f2b73c84b7ff9a4b79082cf351323e04c98a6d,2024-05-29T13:02:09.280000 -CVE-2024-52043,0,1,859d4f4abcedc8c9ef85b33b2c7674856fa86630e56c2d00d7aba51640447ec1,2024-11-06T11:15:04.140000 +CVE-2024-52043,0,0,859d4f4abcedc8c9ef85b33b2c7674856fa86630e56c2d00d7aba51640447ec1,2024-11-06T11:15:04.140000 CVE-2024-5205,0,0,4921ed356d4f56252ffbf3c608cb3301846a77ee8cc9c08ec7f0a543467e385d,2024-05-24T13:03:11.993000 CVE-2024-5206,0,0,b3f524211e1d68f8da056248f629dbe7f435bd9f6a2b4ba4133bd7fb2ec50998,2024-10-24T19:48:31.637000 CVE-2024-5207,0,0,181dd5a561a1ca6cee33a4a5369908472f122edb94b0d0fa7d6cd5b5e2958e5a,2024-05-30T13:15:41.297000 @@ -267374,7 +267378,7 @@ CVE-2024-8319,0,0,19bee7e43deb1719502aef7eb4c05b0fb28cffea0ae04999821f01ddbcc0e2 CVE-2024-8320,0,0,67cff6908a40f6de0a5d55f45cee63784fe7b54f56159b5877dcd792142b0c2f,2024-09-12T21:51:58.960000 CVE-2024-8321,0,0,595129502821252825346a9a34e636ff1fd5806e1274bb50a0e529e9f41ab2d6,2024-09-12T21:53:22.677000 CVE-2024-8322,0,0,b55b95a67ef7974aa4139f663f04b216243350777f41a8ecf84d71c9fac2a097,2024-09-12T21:56:43.673000 -CVE-2024-8323,1,1,0a66f0e3aab58990309e48663c03dc2633a4a535de200e9eda5e5207e3256957,2024-11-06T12:15:03.950000 +CVE-2024-8323,0,0,0a66f0e3aab58990309e48663c03dc2633a4a535de200e9eda5e5207e3256957,2024-11-06T12:15:03.950000 CVE-2024-8324,0,0,6518d473c1aa4b475f6dfda0657752435a4222117c73b6cdc744a1f3e192bfb0,2024-10-04T13:51:25.567000 CVE-2024-8325,0,0,7621afb4d5f72b3f894f792bb62b31b3ae60fff1ef7fb199ef11a396c0bd3fb4,2024-10-07T12:37:58.740000 CVE-2024-8327,0,0,6596679653e59e232d9a636653bb7ef76ebcd0b7674f3704360634000a96dff3,2024-09-04T17:11:23.533000 @@ -267726,7 +267730,7 @@ CVE-2024-8787,0,0,697959dd00ebdc9b4d866bc462eeca4254ff62268820b8cc5f18a9f4531e0e CVE-2024-8788,0,0,109bf9bb3aa314390f1c0b3dee4d54ea5d0e02bbb648b956ffff0a9dad06b2f6,2024-10-03T17:25:41.467000 CVE-2024-8790,0,0,c35e20798e104d347809d26eec2137cb82ecdc52b92a3f74d2215cdbc40f5b61,2024-10-29T14:44:59.497000 CVE-2024-8791,0,0,fb5b0ac36efac34bc9b2b46a1f471f8bc629f8b19dafbbe4161ffb4834ecffd5,2024-09-26T16:25:34.120000 -CVE-2024-8792,0,0,e7f8aff638f10f3549ed8940a7a7008d474e5ba05f37e2e34c5dada696d056c9,2024-11-01T12:57:03.417000 +CVE-2024-8792,0,1,89f1f24cb56565041f5aa9d556286cbfa5c9d7b538901968ffc871d22e50cd87,2024-11-06T14:51:34.663000 CVE-2024-8793,0,0,959b266c850b42df4ff44733c3776bf7c1d0fcf64b78d7cab419106b5de40dbb,2024-10-07T16:04:08.490000 CVE-2024-8794,0,0,71d6f226610d884ee512fa4051f8594e0cafa29b4878c9ac672c3de2ccd4c022,2024-09-26T16:23:46.740000 CVE-2024-8795,0,0,f7b3fc89482c22947a1a26e63d2f04d7dee1f77ad827021897b332709b04072d,2024-09-26T16:46:55.587000 @@ -268148,7 +268152,7 @@ CVE-2024-9483,0,0,6a9a1cfe421d679c621a2969a64278be9b39bdca7774e9b4a3235c5640b635 CVE-2024-9484,0,0,3f1e4bdc376cc95b97b5c0150a8d7b1a17051d92adc32b058eb06edb62f443eb,2024-10-04T13:50:43.727000 CVE-2024-9486,0,0,1369350ab2629110ffa188dbd15b41ead2245f88a49115aa36147be3bd87c74e,2024-10-16T16:38:14.557000 CVE-2024-9487,0,0,e3a385658c66fc500363f16f3c27f6fce25e7b265fffe42414ebb85b7cd7e9a7,2024-10-15T12:58:51.050000 -CVE-2024-9488,0,0,3154f25401247f46098357ebd2d84fe95bb2164e861af1c275743e022d6c3976,2024-10-25T12:56:07.750000 +CVE-2024-9488,0,1,7160e6226507ff679fbcba733953e2a0c67fe3c2a8e1dee05991bd941a40e8b2,2024-11-06T14:57:04.457000 CVE-2024-9489,0,0,da9917eda81b5ad40f78c98d3cdcfaa2ce360118ba030bb2ddb2e149e55b8a8e,2024-11-01T16:27:25.937000 CVE-2024-9501,0,0,d7be73289096f59e8614142ae5f23da8d3cd042d0cbe3c76d9c725d64a67b604,2024-10-28T13:58:09.230000 CVE-2024-9505,0,0,134fdf0964e1ec52ef4b47c0af3083cd4691e60ed884fd2512ddc6dbb615a8df,2024-10-31T16:39:41.193000 @@ -268321,7 +268325,7 @@ CVE-2024-9826,0,0,c03e2e0710a5712915ae2341fa5030e5bd74d5917743f7fdf85c043b115b92 CVE-2024-9827,0,0,c5e7676b9d011eef0934f8d1e51cd92697f77495088547784042162cb4944824,2024-11-01T16:17:07.187000 CVE-2024-9829,0,0,ea980a1e481fc86407edeb6f0040d6f4a6ff2d17edcbe8d18dd95381292ad49b,2024-10-25T16:30:44.520000 CVE-2024-9837,0,0,bb6af129df538114e71c369a037f26903d10504dcd81ada4fc7f4b05786c12dd,2024-10-15T12:57:46.880000 -CVE-2024-9846,0,0,7644f2fa32130ead06ade64ae6a493e411607d75c38a603491e302093a4e9ecb,2024-11-01T12:57:03.417000 +CVE-2024-9846,0,1,173656afdffd3fc8df737b5cdb277d7e27d47fc010c3df17216e30b52661a1bb,2024-11-06T14:58:04.160000 CVE-2024-9848,0,0,b402d34d635014e43cf3d9b875728458bb9e45308a715285ac01e2036b42d252,2024-10-22T16:42:25.867000 CVE-2024-9853,0,0,b003ea260222d309866f9bc6bcac4c0549c1930cf36d8d49eac92c8d99d9053c,2024-10-28T13:58:09.230000 CVE-2024-9855,0,0,f4067d5f9739a4a46f27ed071acd023bca1d9a27db9968d98f329af2e8d70e8b,2024-10-15T12:58:51.050000