admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-07T05:00:19.408614+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-07 05:03:44 +00:00
parent f5eccab7d2
commit 04c10eb364
20 changed files with 1175 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-114xx/CVE-2024-11437.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11437",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:06.150",
"lastModified": "2025-01-07T04:15:06.150",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/timeline-designer/trunk/admin/assets/admin-shortcode-list.php#L41",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12349179-e61c-42b8-b0ff-5b49fc4906c1?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-117xx/CVE-2024-11777.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-11777",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:07.200",
"lastModified": "2025-01-07T04:15:07.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sell Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sell_media_search_form_gutenberg' shortcode in all versions up to, and including, 2.5.8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/sell-media/trunk//gutenberg/blocks/sell-media-search-form/sell-media-search-form.php#L219",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/sell-media/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8a35f0bb-691f-4acf-a30d-4ddabe3b919c?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2024/CVE-2024-118xx/CVE-2024-11899.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-11899",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:07.350",
"lastModified": "2025-01-07T04:15:07.350",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Slider Pro Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sliderpro' shortcode in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/slider-pro-lite/tags/1.4.1/public/class-slider-renderer.php#L181",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/slider-pro-lite/tags/1.4.1/public/class-sliderpro.php#L310",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/slider-pro-lite/tags/1.4.1/public/class-sliderpro.php#L447",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/slider-pro-lite/tags/1.4.1/public/class-sliderpro.php#L98",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d10036de-940f-4772-9aca-13bc647548d2?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-119xx/CVE-2024-11934.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-11934",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:07.520",
"lastModified": "2025-01-07T04:15:07.520",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Formaloo Form Maker & Customer Analytics for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018address\u2019 parameter in all versions up to, and including, 2.1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/formaloo-form-builder/trunk/formaloo.php#L431",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/formaloo-form-builder/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4b7ddf44-a1d2-4042-9219-591ebc8e4250?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-120xx/CVE-2024-12022.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12022",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:07.677",
"lastModified": "2025-01-07T04:15:07.677",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Menu Image plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wmi_delete_img_menu' function in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to delete images from menus."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-menu-image/trunk/init/wmi-functions.php#L126",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e96193c0-ddde-463b-a68e-672ab6f812c7?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-120xx/CVE-2024-12098.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12098",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:07.837",
"lastModified": "2025-01-07T04:15:07.837",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ARS Affiliate Page Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'utm_keyword' parameter in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/ars-affiliate-page/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a25b2187-2ba8-4332-9f96-a003edd97ff6?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-124xx/CVE-2024-12402.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12402",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:07.990",
"lastModified": "2025-01-07T04:15:07.990",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Themes Coder \u2013 Create Android & iOS Apps For Your Woocommerce Site plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.4. This is due to the plugin not properly validating a user's identity prior to updating their password through the update_user_profile() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/tc-ecommerce/trunk/controller/app_user.php#L338",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1ec14b1e-6d1a-4451-9fce-ac064623d92f?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-124xx/CVE-2024-12416.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-12416",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:08.143",
"lastModified": "2025-01-07T04:15:08.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Live Sales Notification for Woocommerce \u2013 Woomotiv plugin for WordPress is vulnerable to SQL Injection via the 'woomotiv_seen_products_.*' cookie in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woomotiv/trunk/lib/functions.php#693",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woomotiv/trunk/lib/functions.php#L521",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woomotiv/trunk/lib/functions.php#L614",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/82016921-4efb-47b4-9a75-45cae4ad80f9?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-124xx/CVE-2024-12419.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-12419",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:08.337",
"lastModified": "2025-01-07T04:15:08.337",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The The Design for Contact Form 7 Style WordPress Plugin \u2013 CF7 WOW Styler plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. This functionality is also vulnerable to Reflected Cross-Site Scripting. Version 1.7.0 patched the Reflected XSS issue, however, the arbitrary shortcode execution issue remains."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/cf7-styler/tags/1.6.9/admin/class-cf7-customizer-admin.php#L295",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/cf7-styler/tags/1.6.9/admin/class-cf7-customizer-admin.php#L300",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/cf7-styler/tags/1.6.9/admin/class-cf7-customizer-admin.php#L405",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5d78ea71-5886-488e-a660-0dc25129a8b6?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12528.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12528",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:08.543",
"lastModified": "2025-01-07T04:15:08.543",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordPress Survey & Poll \u2013 Quiz, Survey and Poll Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsurveypoll_results' shortcode in all versions up to, and including, 1.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-survey-and-poll/trunk/wordpress-survey-and-poll.php#L146",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-survey-and-poll/trunk/wordpress-survey-and-poll.php#L49",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51cc6247-1948-4de1-b347-c7d818400777?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12538.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12538",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:08.720",
"lastModified": "2025-01-07T04:15:08.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Duplicate Post, Page and Any Custom Post plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.3 via the 'dpp_duplicate_as_draft' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract potentially sensitive data from draft, scheduled (future), private, and password protected posts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/duplicate-pp/trunk/duplicate-pp.php#L22",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f38543ff-1074-4273-be33-8142d59e904f?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12540.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12540",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:08.917",
"lastModified": "2025-01-07T04:15:08.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LDD Directory Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ldd-directory-lite/trunk/templates/frontend/edit-submit.php#L10",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/ldd-directory-lite/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f7675e1c-7194-4cfe-81fb-a78d75e0bb1e?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12541.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12541",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:09.083",
"lastModified": "2025-01-07T04:15:09.083",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Chative Live chat and Chatbot plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the add_chative_widget_action() function. This makes it possible for unauthenticated attackers to change the channel ID or organization ID via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This could lead to redirecting the live chat widget to an attacker-controlled channel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/chative-live-chat-and-chatbot/trunk/chative-plugin.php#L51",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/chative-live-chat-and-chatbot/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/61d3cb97-f12b-4480-88fc-2bdcbf4cdae3?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12557.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12557",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:09.260",
"lastModified": "2025-01-07T04:15:09.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Transporters.io plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.84. This is due to missing nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/transportersio/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2f79778c-c11a-4d98-bc26-8113c3fef630?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12559.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12559",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:09.433",
"lastModified": "2025-01-07T04:15:09.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ClickDesigns plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'clickdesigns_add_api' and the 'clickdesigns_remove_api' functions in all versions up to, and including, 1.8.0. This makes it possible for unauthenticated attackers to modify or remove the plugin's API key."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/clickdesigns/tags/1.8.0/includes/clickdesigns-ajax.php#L64",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/clickdesigns/tags/1.8.0/includes/clickdesigns-ajax.php#L79",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1d19968-dbd8-4433-99a7-b973a59c4653?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12590.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12590",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:09.607",
"lastModified": "2025-01-07T04:15:09.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Youtube Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-youtube-gallery/trunk/wpyg-class.php#L87",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/wp-youtube-gallery/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0b9e6f21-4c26-4ff8-9d0f-c66cd537fdcc?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12592.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12592",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T04:15:09.783",
"lastModified": "2025-01-07T04:15:09.783",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sellsy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'testSellsy' shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/sellsy/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9fd3610c-cce4-420c-85c1-0b71679df650?source=cve",
"source": "security@wordfence.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22395.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22395",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-01-07T03:15:06.047",
"lastModified": "2025-01-07T03:15:06.047",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of service by an attacker."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-280"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000269079/dsa-2025-034-security-update-for-dell-update-package-dup-framework-vulnerability",
"source": "security_alert@emc.com"
}
]
}

30
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-07T03:00:21.769231+00:00
2025-01-07T05:00:19.408614+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-07T01:15:06.913000+00:00
2025-01-07T04:15:09.783000+00:00
```
### Last Data Feed Release
@ -33,21 +33,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
275855
275873
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `18`
- [CVE-2024-11437](CVE-2024/CVE-2024-114xx/CVE-2024-11437.json) (`2025-01-07T04:15:06.150`)
- [CVE-2024-11777](CVE-2024/CVE-2024-117xx/CVE-2024-11777.json) (`2025-01-07T04:15:07.200`)
- [CVE-2024-11899](CVE-2024/CVE-2024-118xx/CVE-2024-11899.json) (`2025-01-07T04:15:07.350`)
- [CVE-2024-11934](CVE-2024/CVE-2024-119xx/CVE-2024-11934.json) (`2025-01-07T04:15:07.520`)
- [CVE-2024-12022](CVE-2024/CVE-2024-120xx/CVE-2024-12022.json) (`2025-01-07T04:15:07.677`)
- [CVE-2024-12098](CVE-2024/CVE-2024-120xx/CVE-2024-12098.json) (`2025-01-07T04:15:07.837`)
- [CVE-2024-12402](CVE-2024/CVE-2024-124xx/CVE-2024-12402.json) (`2025-01-07T04:15:07.990`)
- [CVE-2024-12416](CVE-2024/CVE-2024-124xx/CVE-2024-12416.json) (`2025-01-07T04:15:08.143`)
- [CVE-2024-12419](CVE-2024/CVE-2024-124xx/CVE-2024-12419.json) (`2025-01-07T04:15:08.337`)
- [CVE-2024-12528](CVE-2024/CVE-2024-125xx/CVE-2024-12528.json) (`2025-01-07T04:15:08.543`)
- [CVE-2024-12538](CVE-2024/CVE-2024-125xx/CVE-2024-12538.json) (`2025-01-07T04:15:08.720`)
- [CVE-2024-12540](CVE-2024/CVE-2024-125xx/CVE-2024-12540.json) (`2025-01-07T04:15:08.917`)
- [CVE-2024-12541](CVE-2024/CVE-2024-125xx/CVE-2024-12541.json) (`2025-01-07T04:15:09.083`)
- [CVE-2024-12557](CVE-2024/CVE-2024-125xx/CVE-2024-12557.json) (`2025-01-07T04:15:09.260`)
- [CVE-2024-12559](CVE-2024/CVE-2024-125xx/CVE-2024-12559.json) (`2025-01-07T04:15:09.433`)
- [CVE-2024-12590](CVE-2024/CVE-2024-125xx/CVE-2024-12590.json) (`2025-01-07T04:15:09.607`)
- [CVE-2024-12592](CVE-2024/CVE-2024-125xx/CVE-2024-12592.json) (`2025-01-07T04:15:09.783`)
- [CVE-2025-22395](CVE-2025/CVE-2025-223xx/CVE-2025-22395.json) (`2025-01-07T03:15:06.047`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `0`
- [CVE-2024-24992](CVE-2024/CVE-2024-249xx/CVE-2024-24992.json) (`2025-01-07T01:15:06.780`)
- [CVE-2024-54661](CVE-2024/CVE-2024-546xx/CVE-2024-54661.json) (`2025-01-07T01:15:06.913`)
## Download and Usage

22
_state.csv
View File

@ -244350,6 +244350,7 @@ CVE-2024-11432,0,0,23ac14594d755e6c7a831370f44441d1aa2fbce3d7125bf0c721d30eaec68
CVE-2024-11433,0,0,d7d2b17ecf1f1820c7a169038fcd2102a16fa9aa18d9b8e0d8b10a268cadf048,2024-12-12T04:15:05.990000
CVE-2024-11435,0,0,1380b27cd2035f7566d8c3a22d2255debbb483bdbc16e31011480f4da4fce733,2024-11-21T13:57:24.187000
CVE-2024-11436,0,0,d9ba482fa12f5a77f1e6d71752538b4ac13c80723176e1f973fa002876475cf9,2024-12-07T02:15:17.980000
CVE-2024-11437,1,1,3b0251b583011184b79fa07b5e9f572dc3fbc9ec947d6b93edcf5e5a1fd4c171,2025-01-07T04:15:06.150000
CVE-2024-11438,0,0,f8be712e8ca0c6e2e4ec7ab8e5edf4587d3042f01694165651aa92a3bd58aa58,2024-11-21T13:57:24.187000
CVE-2024-11439,0,0,14a4773754279132bb32a6fa7230c5939b3fc3419bb20a864a23b6dac394549c,2024-12-18T03:15:24.583000
CVE-2024-1144,0,0,abce3af1982b67316bbd44c97fc519435f8a2ffe156205161918695ae799390d,2024-11-21T08:49:53.953000
@ -244644,6 +244645,7 @@ CVE-2024-11773,0,0,8f508701342909bb3125bf0e1fc423b8efe31d0b55b4e2a3bdbbc0d7a1ff1
CVE-2024-11774,0,0,2f351d61aa038a49c773ab74e882e8cd2203f9cf3f3df13c0faa462f8ee3a46b,2024-12-20T07:15:10.393000
CVE-2024-11775,0,0,0be2b5775aa12c2634dedea0534264de5c8544551afcfc7760cb6a86958e9dd8,2024-12-20T07:15:10.597000
CVE-2024-11776,0,0,db96a767ae984aa946e97339afd57034a67d2d93961a6fe48dad1a311ebfe8b3,2024-12-20T03:15:06.420000
CVE-2024-11777,1,1,3f98ebf065259973e17593034b9da476d62f4f3a8b02a7ab11c065a411f92301,2025-01-07T04:15:07.200000
CVE-2024-11779,0,0,66ab9533cf27509ff85b54c7dc6f857efc44402b9c1a2b7fc4f1c1fbd8a0b4e7,2024-12-05T10:31:39.980000
CVE-2024-1178,0,0,455b49ccf992fe53bd03a32d9f022f083f7714cf103a3dd0d2ba2a085047974c,2024-11-21T08:49:58.357000
CVE-2024-11781,0,0,c0e6be58a4f2f20ed752d41934ec31e6ef434c9b40a727cf73a45e49f6a0c1d4,2024-12-12T06:15:21.940000
@ -244746,6 +244748,7 @@ CVE-2024-11894,0,0,9e31b28fa56a41e12b82fdf98576d9a13777f5eed7b6c3fc1f71a85af109e
CVE-2024-11896,0,0,34f349ccc91bcf6d6c27bb81a454efc17924954cfa878d33ee370546a785a3f4,2024-12-24T09:15:05.663000
CVE-2024-11897,0,0,63c2369fafd5da048dd57864988be95602290ce10df0f51d423ab54c866c15e0,2024-12-04T03:15:05.380000
CVE-2024-11898,0,0,e843212abf00805a20f8b4b65b36c01f75cc2096cf65f2d0e7899f11eb517a82,2024-12-03T08:15:06.857000
CVE-2024-11899,1,1,2d9622bde30df58f2b333ce412c343551a1059bea7bd567b64028a464b5ac3e7,2025-01-07T04:15:07.350000
CVE-2024-1190,0,0,234a49a5e7705658abf0b6e88d111180ae34b962c9b1fcba39bd09bd939fee39,2024-11-21T08:49:59.993000
CVE-2024-11900,0,0,907cc46cf6ec9c4d3d9c16ef3063c98e3f05e3d3fbaf96bdac5c807705a3d6e6,2024-12-17T00:15:04.917000
CVE-2024-11901,0,0,b4f47b708bd6950d29700a0fa25685f0a500c1152f87b15c0f3253f7e0b084c7,2024-12-12T04:15:06.817000
@ -244768,6 +244771,7 @@ CVE-2024-11928,0,0,4eb81c3b991253e17b093831750d2f60d8030675796e16e7e29cc29429037
CVE-2024-1193,0,0,dfff57fc9ce7a1dbebe4335de503e2f3e62619c8f53eebdea960e5ff40a71456,2024-11-21T08:50:00.427000
CVE-2024-11930,0,0,3d6f16686fbf2f10ff523adfd2c8cbb605e12592056b32937532511e03efa5aa,2025-01-04T09:15:05.880000
CVE-2024-11933,0,0,ff719b80c8b04b1955877df42e564ce90eac2c09e4f59c20e785f18a1e8804d6,2024-12-03T16:04:10.350000
CVE-2024-11934,1,1,df49356b7407c6592fac7ee78248ff2dfb17d24355b0e22b8f9a7697c9ad6729,2025-01-07T04:15:07.520000
CVE-2024-11935,0,0,f2a8d43d6f9999d38415d9b41f66ab77f7c4f7c94de5d0bc77beeed93d88f487,2024-12-04T13:15:05.910000
CVE-2024-11938,0,0,6867b7d1c50742be481431f973c83467fcdb9442488abece06649b31c7a1e61f,2024-12-21T07:15:08.453000
CVE-2024-1194,0,0,2ad6fa2abb4bb109947132f87b19e7c09219cf51535c19102f3cbbfcba6ba405,2024-11-21T08:50:00.573000
@ -244836,6 +244840,7 @@ CVE-2024-12014,0,0,d63bd7a401a8fb5ede49d9de357706a50a82cd2bae6c930cf8555bf9a9cab
CVE-2024-12015,0,0,d5a693fd232b1e3fbc53d72a834e39c83a435aa6e5ae231752c351acc22ca6db,2024-12-02T14:15:05.383000
CVE-2024-12018,0,0,593c05ac2f3dac4339301164983c309f8de674e944577becd0f305b7e0d23ef0,2024-12-12T06:15:22.737000
CVE-2024-1202,0,0,a098cbd545693e5d361995e28174ffa246c4ae019a07a45a38ebe2abdfe163e3,2024-11-21T08:50:01.790000
CVE-2024-12022,1,1,08c553a81c76cd8c361877e5f844a3ca91d6fad54d361a7829130df17ee98a64,2025-01-07T04:15:07.677000
CVE-2024-12024,0,0,653613587e608bd6caaf8de2305d76e365d1bc24ca72c717531373600ef68f49,2024-12-17T10:15:05.643000
CVE-2024-12025,0,0,48a6a81843ce463d9a84b144c8201ecb34a901e35178968cb10c7b2b1d7242fe,2024-12-18T04:15:07.347000
CVE-2024-12026,0,0,cbdee4f4d341b218f2a9910c9db7c968e1470cd32e93684865d3bd2934d626d1,2024-12-07T02:15:18.520000
@ -244871,6 +244876,7 @@ CVE-2024-12091,0,0,35c9100407a2a2f03cc09233dbdc35208e548ffdd088d484bb9b374c740b5
CVE-2024-12092,0,0,6cedbb52bdc4fd872b35781acb98ac9a9b54d520c5d29f314ba42350997260f9,2024-12-16T15:15:06.677000
CVE-2024-12094,0,0,918109c0341953bed354c9dc0c1e3bf994d002b139d0d147a6756e1d0b4180c2,2024-12-05T13:15:05.923000
CVE-2024-12096,0,0,a0b37dcc639d983cbff8481184c987ae3b7851e6c867f94b52bee5fdf38bc784,2024-12-24T17:15:07.497000
CVE-2024-12098,1,1,b63726c5152f425567a10a211b5f28fbcff6e537525be9d0cac5349c5e9b327f,2025-01-07T04:15:07.837000
CVE-2024-12099,0,0,82c97da21165b875b9d77b9a11ed031ee03fad8a14b90d2e80c74afeac6e262d,2024-12-04T04:15:04.287000
CVE-2024-1210,0,0,f5a9389cac94cbfcfa3f0d961d1ea27115bf7afa331ce2988db15dbaf2efdf76,2024-11-21T08:50:02.867000
CVE-2024-12100,0,0,5d9bee140d619efc5bcb5724e98abb1747cc29824dfdae10a66de74940256d24,2024-12-24T06:15:32.830000
@ -245047,6 +245053,7 @@ CVE-2024-12395,0,0,75ff5ef98722c35fb11d383db877ddbb73a300c7cb334e918191d763e2409
CVE-2024-12397,0,0,661288be67552f431f0a0bf144bed2d313b12b592e50cdc78451d7c1272f6fb5,2024-12-12T09:15:05.570000
CVE-2024-1240,0,0,28733ede53b96385ee0de4a7c5187b3db0d925b1e4ab6e977522dc277dee75de,2024-11-19T19:04:53.913000
CVE-2024-12401,0,0,ba741c7b51198b95eba245807f65253a1c54ea777ddd918337cd97bd144396fe,2024-12-12T09:15:05.790000
CVE-2024-12402,1,1,8e35cfc4cf7a344abb45fa7331224e766525626c55ea5686a3d8b4838a76c51f,2025-01-07T04:15:07.990000
CVE-2024-12405,0,0,631a04fc890c6ac2fbe1fd822df1e67f289f1ef7b029b11f0950a96d4993c03b,2024-12-24T06:15:33.123000
CVE-2024-12406,0,0,3a24bd925fcaee835bc0ee30f7ad38b16626ae1e5c8470fedd28227d3dd60123,2024-12-12T05:15:12.210000
CVE-2024-12408,0,0,c9a97800ebdc971055fe039c0934b7c899913355f0545cc6cb71b6253bd484f6,2024-12-21T10:15:08.067000
@ -245054,7 +245061,9 @@ CVE-2024-1241,0,0,ba82bb77c28ed45b324839e72710669d8c2af006c45eeed23dee90a28ff67e
CVE-2024-12411,0,0,fca8eab422ceda64b215d958b150a7f03625a9aa9df8afa22fe2b27e73430e47,2024-12-14T05:15:10.437000
CVE-2024-12413,0,0,fdd057a05387c9ace72d4ba4316c6065bf29813d0f1c7f4a169e0a5a81de204b,2024-12-25T04:15:06.607000
CVE-2024-12414,0,0,ecf25a2c3f536085b4d44f95471b078e2b7cb6ad454e7c12c9e7d103ff4fa2bb,2024-12-13T09:15:08.070000
CVE-2024-12416,1,1,435759be4e4ba56188ea7f6720fc32442a546d90f18b812fdb1df1c91242e1f0,2025-01-07T04:15:08.143000
CVE-2024-12417,0,0,bd175c91ae947c344e10a61ee40da01cd87015ebf65316b1689d31a703a65c78,2024-12-13T09:15:08.353000
CVE-2024-12419,1,1,1650645ff6c9400ef0ef895584325bbd55288f83ea55cd87214a983e3f37109a,2025-01-07T04:15:08.337000
CVE-2024-1242,0,0,d730388eb7530fa29fb11ce649456e01cfb020c8a1d70e87c977d44dc1314073,2024-11-21T08:50:08.620000
CVE-2024-12420,0,0,ae8d110f5efef295dc5d542d71461638a083f9c010e00a24758178ab1b247bfd,2024-12-13T09:15:08.627000
CVE-2024-12421,0,0,d0800edd844bf37ccee00fc76da3ec64bb2b51e717430e725122892ee39e78eb,2024-12-13T09:15:08.870000
@ -245111,17 +245120,23 @@ CVE-2024-12518,0,0,e836e2bda2de8df1c322fb96b28c258a6308fb3f7a0cbb3b5a146ac83d3fa
CVE-2024-1252,0,0,d03beb126367df5b21be601ec7e2ecf5f48cece91d0754af14f589827736f3cf,2024-11-21T08:50:09.700000
CVE-2024-12523,0,0,185a41d328f0e130d8ed17ada12f64a855433449910369cbbb025fff8ce0f4d8,2024-12-14T05:15:11.640000
CVE-2024-12526,0,0,b192d6e45212a3c6d09a8a6cd2198d071bb3ba4da94a4e2bf151be7ad2c18324,2024-12-12T05:15:13.577000
CVE-2024-12528,1,1,b542d57e01c0c48ad9564b0890e0d12d29edb2156a8c53246e86bf7139add551,2025-01-07T04:15:08.543000
CVE-2024-1253,0,0,a598e10fa6d530af6148de164d99995412d597f7142ead42d62b85e905a98949,2024-11-21T08:50:09.843000
CVE-2024-12536,0,0,a925f1a48eff74b537962fd623796390384e9d276d37e7a9cb0d9ba10f9464b0,2024-12-13T17:14:44.007000
CVE-2024-12538,1,1,b01ad61b9334acc7635ec3132a042fbc3171b4976dc799538cae1899a313c7bf,2025-01-07T04:15:08.720000
CVE-2024-12539,0,0,bf2bc8684b4967ec9692452689aaa296f660969c9ab0dd0ec9b638e64908ab0d,2024-12-17T21:15:07.183000
CVE-2024-1254,0,0,44df8e919ae544d26fc82110d33f6e7af1fff88011a3bcb100ca7209bc278c91,2024-11-21T08:50:09.993000
CVE-2024-12540,1,1,adba74440c12054a2b4aeaae92390c7293233c635a45305f713e588bc7755fb5,2025-01-07T04:15:08.917000
CVE-2024-12541,1,1,95de6c00a67fad2bff3a8f0a88abf7af44dc43fdcd8e0d9d6ce67499f6d10f94,2025-01-07T04:15:09.083000
CVE-2024-12545,0,0,5409af2cc867f9cbfaa0048cd65660c930731d490c0e60928807d15814cab2e6,2025-01-04T08:15:06.363000
CVE-2024-1255,0,0,5935182eb4eb024c7cf7e3cda464e0c74472c4e58bc0030bb090a2a8f708b72f,2024-11-21T08:50:10.150000
CVE-2024-12552,0,0,8443c6d0851e2c1de6fc0e2780c54c711d712f43dce29b5a9fc2e07cff55adf4,2024-12-13T23:15:05.553000
CVE-2024-12553,0,0,cd61f311646d40093b2eea8b09f233e945a3d877e60c1a1abbe43e2cfcd9ea6a,2024-12-13T23:15:06.310000
CVE-2024-12554,0,0,03325541f88792da1f6e44f52ff0851958b98ec9e3aa0b4c7708f85287495a8a,2024-12-18T10:15:08.493000
CVE-2024-12555,0,0,2e017ff0ee33b0c8a472113c693bd6d33089424aa43829233098413c47eb605b,2024-12-14T05:15:11.827000
CVE-2024-12557,1,1,c9c6d6d60fa1e63d0c31dc33ceb551ab46ad22cb114705bc0dfb08def0caa40b,2025-01-07T04:15:09.260000
CVE-2024-12558,0,0,ff1dd3178bf5e061322cf2e1a359f721c0d270a183cd44116b64f362a8103982,2024-12-21T10:15:08.600000
CVE-2024-12559,1,1,f54cf3f9991327e38603b9f68b85ad1beb15e578526394c2a7bc1915ca2539bc,2025-01-07T04:15:09.433000
CVE-2024-1256,0,0,ea8829298a5ced036094d7fead955f33827bc36bbc0a7f87a81ee1f95b95b282,2024-11-21T08:50:10.293000
CVE-2024-12560,0,0,d33290fc3e54f51dd78cb0afaf9a18e8538f72db9dd0f598ab5a68b55bfe89a1,2024-12-19T07:15:13.507000
CVE-2024-12564,0,0,0abcb221861e5fc99f1edf43c59fea9ce50a3b4bd68b4b9a5961d76741772172,2024-12-12T15:15:12.097000
@ -245139,7 +245154,9 @@ CVE-2024-12582,0,0,bbfe1aae814f308a85392c13709691d46da248e6458c80cb519b63fa483aa
CVE-2024-12583,0,0,6c1f345fbc3f1cc53302e61a1dfbebbfcc1b6c1ee5d98cc4a9e3c7ebaa7ceed3,2025-01-04T09:15:06.090000
CVE-2024-12588,0,0,9ef4dd85f085f6ba612688cc14a2c49d05248e20e75bd2d7bdd4aff39b5ac0f2,2024-12-21T09:15:06.233000
CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000
CVE-2024-12590,1,1,78caf08663857a2f888f89c4842ba777750ad04068c078583ff87671d3a13c4e,2025-01-07T04:15:09.607000
CVE-2024-12591,0,0,ab3753b6008fbe3e6034e40f9f857196cd212596c7c67b4ab270eba30c140899,2024-12-21T10:15:09.177000
CVE-2024-12592,1,1,f7078feab8fa5eead0a6efa9f90d4e3b58439abfb00aa0f348c4b0049b74503e,2025-01-07T04:15:09.783000
CVE-2024-12594,0,0,594b37b561926a174996b6f220ac2c193da316e698a771fbe44cfee2e4625e76,2024-12-24T06:15:33.297000
CVE-2024-12595,0,0,d10767ce84f7e81d5a6ad487503289a59f4d01b86cd7eb0b224ee74e49237f41,2025-01-06T21:15:14.003000
CVE-2024-12596,0,0,5fc66f30988060a8b7bb1a593c82bd6c3fc2c995268e617c35d93ef410dc9a09,2024-12-18T04:15:08.253000
@ -250003,7 +250020,7 @@ CVE-2024-24989,0,0,47235b2a829b48983692a66465ee23949950254e8806e809055cb12909af6
CVE-2024-2499,0,0,58df8167ded63ef11aaf8fbfc99b0704fcf662a903d318b087b95eac1c8b0467,2024-11-21T09:09:53.297000
CVE-2024-24990,0,0,2e71c7b065f4e6a1008eadb9235e495f55c4b8557060386a7a771ac2cc1951ab,2024-11-21T09:00:05.750000
CVE-2024-24991,0,0,ab571423a1a6309b0495c9db088adb19784d1783badb8b28c84a771e894ba6a8,2024-11-21T09:00:05.867000
CVE-2024-24992,0,1,7e6c184fe11d55e75cf8acbe2688410429d81c016034216dd125188eaae17636,2025-01-07T01:15:06.780000
CVE-2024-24992,0,0,7e6c184fe11d55e75cf8acbe2688410429d81c016034216dd125188eaae17636,2025-01-07T01:15:06.780000
CVE-2024-24993,0,0,705a08374da6010fc88afad1a4ae031351a7f03de838c5465f09adbda3ac0c72,2024-11-21T09:00:06.103000
CVE-2024-24994,0,0,d5fa27d8c94a2d607fb5891b23235d287f859792d3db8dfcbd3aad8f2c8f6749,2024-11-21T09:00:06.213000
CVE-2024-24995,0,0,bd458f0919161b900cd48d7020c00c84097b82150d627380f7837bd5ffd2aba0,2024-11-21T09:00:06.323000
@ -271255,7 +271272,7 @@ CVE-2024-5463,0,0,357d166209285de4e8f9b5c7c2d63d7eb415952b3a9d1476d831eb91162afa
CVE-2024-5464,0,0,255f781a5f94f0faf95d7c73d6b2015838426915e8e0274a4b6257e37377ce5d,2024-11-21T09:47:43.990000
CVE-2024-5465,0,0,d854caa252ac359088449fa3628f1e50a198f1dced6d951af90835f292847339,2024-11-21T09:47:44.140000
CVE-2024-5466,0,0,bd8eca91ebf8acc552049523b9652cf94021fa13aaf76627ede5f76950f6758d,2024-12-19T20:21:12.243000
CVE-2024-54661,0,1,13e4cca9a8df33a1723e5327d2d34e809c611fe62aeebc75663d0c80abb5d0eb,2025-01-07T01:15:06.913000
CVE-2024-54661,0,0,13e4cca9a8df33a1723e5327d2d34e809c611fe62aeebc75663d0c80abb5d0eb,2025-01-07T01:15:06.913000
CVE-2024-54662,0,0,40063869c5984ddcfcaf82116b2fa9ee6b8ef71c24c68deda4080eb1ea805f5c,2024-12-18T16:15:14.220000
CVE-2024-54663,0,0,f5353753ee157eb79c3a456bcb90fa176ea7107dfe149747714f2e06d4f48033,2024-12-31T19:15:47.500000
CVE-2024-54664,0,0,d20f70ea69f653338f16a7f1cc2d57f70600da4ca2ed7cb633c4eef98563304e,2024-12-04T15:15:18.093000
@ -275854,3 +275871,4 @@ CVE-2025-22387,0,0,9dd5c36f62757a631fb5a2b118d56ec31778a4d5c7b66059ba094bd093cfa
CVE-2025-22388,0,0,7b76724cf59a9c67f325da6bd673f3f15746ba083c4bc35be8117d11c0a0d8b4,2025-01-06T15:15:16.307000
CVE-2025-22389,0,0,50d6eaab20c8259cde700c821ce2570def076c6cb2eb277d3379fa3f59f6550e,2025-01-04T03:15:07.580000
CVE-2025-22390,0,0,36805a833480d9f50dee34ab32e5ed9b2707017fd5287eb5a8abd68b1059bfbf,2025-01-06T17:15:48.170000
CVE-2025-22395,1,1,ac5db0ebc696fbb0c57e43b4ad48f0832ef7eb798546a738d8afe72cc61eda1e,2025-01-07T03:15:06.047000

Can't render this file because it is too large.