From 0922310024023105ab711d87e133564a3c2e485a Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 10 Jul 2024 10:03:13 +0000 Subject: [PATCH] Auto-Update: 2024-07-10T10:00:18.827210+00:00 --- CVE-2023/CVE-2023-68xx/CVE-2023-6813.json | 48 ++++++++++++++++++ CVE-2024/CVE-2024-262xx/CVE-2024-26279.json | 10 ++-- CVE-2024/CVE-2024-394xx/CVE-2024-39488.json | 49 ++++++++++++++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39489.json | 49 ++++++++++++++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39490.json | 37 ++++++++++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39491.json | 29 +++++++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39492.json | 25 +++++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39493.json | 49 ++++++++++++++++++ CVE-2024/CVE-2024-56xx/CVE-2024-5664.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-64xx/CVE-2024-6421.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-64xx/CVE-2024-6422.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-65xx/CVE-2024-6556.json | 48 ++++++++++++++++++ README.md | 28 +++++++---- _state.csv | 25 ++++++--- 14 files changed, 544 insertions(+), 21 deletions(-) create mode 100644 CVE-2023/CVE-2023-68xx/CVE-2023-6813.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39488.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39489.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39490.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39491.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39492.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39493.json create mode 100644 CVE-2024/CVE-2024-56xx/CVE-2024-5664.json create mode 100644 CVE-2024/CVE-2024-64xx/CVE-2024-6421.json create mode 100644 CVE-2024/CVE-2024-64xx/CVE-2024-6422.json create mode 100644 CVE-2024/CVE-2024-65xx/CVE-2024-6556.json diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6813.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6813.json new file mode 100644 index 00000000000..f0e0db3399c --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6813.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2023-6813", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-07-10T08:15:10.760", + "lastModified": "2024-07-10T08:15:10.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Login by Auth0 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018wle\u2019 parameter in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3114611%40auth0&new=3114611%40auth0&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c4e0d48-fde1-45dd-8e06-4582cf677579?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26279.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26279.json index 7fdc57a278d..59ae01ec682 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26279.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26279.json @@ -2,13 +2,17 @@ "id": "CVE-2024-26279", "sourceIdentifier": "security@joomla.org", "published": "2024-07-09T17:15:15.047", - "lastModified": "2024-07-09T18:18:38.713", + "lastModified": "2024-07-10T09:15:02.400", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Inadequate content filtering leads to XSS vulnerabilities in various components." + "value": "The wrapper extensions do not correctly validate inputs, leading to XSS vectors." + }, + { + "lang": "es", + "value": "El filtrado de contenido inadecuado genera vulnerabilidades XSS en varios componentes." } ], "metrics": {}, @@ -26,7 +30,7 @@ ], "references": [ { - "url": "https://developer.joomla.org/security-centre/929-20240205-core-inadequate-content-filtering-within-the-filter-code.html", + "url": "https://developer.joomla.org/security-centre/938-20240704-core-xss-in-wrapper-extensions.html", "source": "security@joomla.org" } ] diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39488.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39488.json new file mode 100644 index 00000000000..3966c931402 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39488.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2024-39488", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-10T08:15:11.003", + "lastModified": "2024-07-10T08:15:11.003", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes\nto bug_table entries, and as a result the last entry in a bug table will\nbe ignored, potentially leading to an unexpected panic(). All prior\nentries in the table will be handled correctly.\n\nThe arm64 ABI requires that struct fields of up to 8 bytes are\nnaturally-aligned, with padding added within a struct such that struct\nare suitably aligned within arrays.\n\nWhen CONFIG_DEBUG_BUGVERPOSE=y, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tsigned int file_disp;\t// 4 bytes\n\t\tunsigned short line;\t\t// 2 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t}\n\n... with 12 bytes total, requiring 4-byte alignment.\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t\t< implicit padding >\t\t// 2 bytes\n\t}\n\n... with 8 bytes total, with 6 bytes of data and 2 bytes of trailing\npadding, requiring 4-byte alginment.\n\nWhen we create a bug_entry in assembly, we align the start of the entry\nto 4 bytes, which implicitly handles padding for any prior entries.\nHowever, we do not align the end of the entry, and so when\nCONFIG_DEBUG_BUGVERBOSE=n, the final entry lacks the trailing padding\nbytes.\n\nFor the main kernel image this is not a problem as find_bug() doesn't\ndepend on the trailing padding bytes when searching for entries:\n\n\tfor (bug = __start___bug_table; bug < __stop___bug_table; ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\treturn bug;\n\nHowever for modules, module_bug_finalize() depends on the trailing\nbytes when calculating the number of entries:\n\n\tmod->num_bugs = sechdrs[i].sh_size / sizeof(struct bug_entry);\n\n... and as the last bug_entry lacks the necessary padding bytes, this entry\nwill not be counted, e.g. in the case of a single entry:\n\n\tsechdrs[i].sh_size == 6\n\tsizeof(struct bug_entry) == 8;\n\n\tsechdrs[i].sh_size / sizeof(struct bug_entry) == 0;\n\nConsequently module_find_bug() will miss the last bug_entry when it does:\n\n\tfor (i = 0; i < mod->num_bugs; ++i, ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\tgoto out;\n\n... which can lead to a kenrel panic due to an unhandled bug.\n\nThis can be demonstrated with the following module:\n\n\tstatic int __init buginit(void)\n\t{\n\t\tWARN(1, \"hello\\n\");\n\t\treturn 0;\n\t}\n\n\tstatic void __exit bugexit(void)\n\t{\n\t}\n\n\tmodule_init(buginit);\n\tmodule_exit(bugexit);\n\tMODULE_LICENSE(\"GPL\");\n\n... which will trigger a kernel panic when loaded:\n\n\t------------[ cut here ]------------\n\thello\n\tUnexpected kernel BRK exception at EL1\n\tInternal error: BRK handler: 00000000f2000800 [#1] PREEMPT SMP\n\tModules linked in: hello(O+)\n\tCPU: 0 PID: 50 Comm: insmod Tainted: G O 6.9.1 #8\n\tHardware name: linux,dummy-virt (DT)\n\tpstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\tpc : buginit+0x18/0x1000 [hello]\n\tlr : buginit+0x18/0x1000 [hello]\n\tsp : ffff800080533ae0\n\tx29: ffff800080533ae0 x28: 0000000000000000 x27: 0000000000000000\n\tx26: ffffaba8c4e70510 x25: ffff800080533c30 x24: ffffaba8c4a28a58\n\tx23: 0000000000000000 x22: 0000000000000000 x21: ffff3947c0eab3c0\n\tx20: ffffaba8c4e3f000 x19: ffffaba846464000 x18: 0000000000000006\n\tx17: 0000000000000000 x16: ffffaba8c2492834 x15: 0720072007200720\n\tx14: 0720072007200720 x13: ffffaba8c49b27c8 x12: 0000000000000312\n\tx11: 0000000000000106 x10: ffffaba8c4a0a7c8 x9 : ffffaba8c49b27c8\n\tx8 : 00000000ffffefff x7 : ffffaba8c4a0a7c8 x6 : 80000000fffff000\n\tx5 : 0000000000000107 x4 : 0000000000000000 x3 : 0000000000000000\n\tx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff3947c0eab3c0\n\tCall trace:\n\t buginit+0x18/0x1000 [hello]\n\t do_one_initcall+0x80/0x1c8\n\t do_init_module+0x60/0x218\n\t load_module+0x1ba4/0x1d70\n\t __do_sys_init_module+0x198/0x1d0\n\t __arm64_sys_init_module+0x1c/0x28\n\t invoke_syscall+0x48/0x114\n\t el0_svc\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/22469a0335a1a1a690349b58bcb55822457df81e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3fd487ffaa697ddb05af78a75aaaddabe71c52b0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/461a760d578b2b2c2faac3040b6b7c77baf128f8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9f2ad88f9b349554f64e4037ec185c84d7dd9c7d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c1929c041a262a4a27265db8dce3619c92aa678c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c27a2f7668e215c1ebbccd96fab27a220a93f1f7", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f221bd58db0f6ca087ac0392284f6bce21f4f8ea", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ffbf4fb9b5c12ff878a10ea17997147ea4ebea6f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39489.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39489.json new file mode 100644 index 00000000000..696f683a9e7 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39489.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2024-39489", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-10T08:15:11.110", + "lastModified": "2024-07-10T08:15:11.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix memleak in seg6_hmac_init_algo\n\nseg6_hmac_init_algo returns without cleaning up the previous allocations\nif one fails, so it's going to leak all that memory and the crypto tfms.\n\nUpdate seg6_hmac_exit to only free the memory when allocated, so we can\nreuse the code directly." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39490.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39490.json new file mode 100644 index 00000000000..8f3316b85e3 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39490.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-39490", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-10T08:15:11.203", + "lastModified": "2024-07-10T08:15:11.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix missing sk_buff release in seg6_input_core\n\nThe seg6_input() function is responsible for adding the SRH into a\npacket, delegating the operation to the seg6_input_core(). This function\nuses the skb_cow_head() to ensure that there is sufficient headroom in\nthe sk_buff for accommodating the link-layer header.\nIn the event that the skb_cow_header() function fails, the\nseg6_input_core() catches the error but it does not release the sk_buff,\nwhich will result in a memory leak.\n\nThis issue was introduced in commit af3b5158b89d (\"ipv6: sr: fix BUG due\nto headroom too small after SRH push\") and persists even after commit\n7a3f5b0de364 (\"netfilter: add netfilter hooks to SRv6 data plane\"),\nwhere the entire seg6_input() code was refactored to deal with netfilter\nhooks.\n\nThe proposed patch addresses the identified memory leak by requiring the\nseg6_input_core() function to release the sk_buff in the event that\nskb_cow_head() fails." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5447f9708d9e4c17a647b16a9cb29e9e02820bd9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8f1fc3b86eaea70be6abcae2e9aa7e7b99453864", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e8688218e38111ace457509d8f0cad75f79c1a7a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f4df8c7670a73752201cbde215254598efdf6ce8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f5fec1588642e415a3d72e02140160661b303940", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39491.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39491.json new file mode 100644 index 00000000000..66ff011b654 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39491.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-39491", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-10T08:15:11.287", + "lastModified": "2024-07-10T08:15:11.287", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: cs35l56: Fix lifetime of cs_dsp instance\n\nThe cs_dsp instance is initialized in the driver probe() so it\nshould be freed in the driver remove(). Also fix a missing call\nto cs_dsp_remove() in the error path of cs35l56_hda_common_probe().\n\nThe call to cs_dsp_remove() was being done in the component unbind\ncallback cs35l56_hda_unbind(). This meant that if the driver was\nunbound and then re-bound it would be using an uninitialized cs_dsp\ninstance.\n\nIt is best to initialize the cs_dsp instance in probe() so that it\ncan return an error if it fails. The component binding API doesn't\nhave any error handling so there's no way to handle a failure if\ncs_dsp was initialized in the bind." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/60d5e087e5f334475b032ad7e6ad849fb998f303", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9054c474f9c219e58a441e401c0e6e38fe713ff1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d344873c4cbde249b7152d36a273bcc45864001e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39492.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39492.json new file mode 100644 index 00000000000..106edd72ea5 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39492.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-39492", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-10T08:15:11.360", + "lastModified": "2024-07-10T08:15:11.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: mtk-cmdq: Fix pm_runtime_get_sync() warning in mbox shutdown\n\nThe return value of pm_runtime_get_sync() in cmdq_mbox_shutdown()\nwill return 1 when pm runtime state is active, and we don't want to\nget the warning message in this case.\n\nSo we change the return value < 0 for WARN_ON()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2d42a37a4518478f075ccf848242b4a50e313a46", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/747a69a119c469121385543f21c2d08562968ccc", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39493.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39493.json new file mode 100644 index 00000000000..501ee0735e0 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39493.json @@ -0,0 +1,49 @@ +{ + "id": "CVE-2024-39493", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-07-10T08:15:11.427", + "lastModified": "2024-07-10T08:15:11.427", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - Fix ADF_DEV_RESET_SYNC memory leak\n\nUsing completion_done to determine whether the caller has gone\naway only works after a complete call. Furthermore it's still\npossible that the caller has not yet called wait_for_completion,\nresulting in another potential UAF.\n\nFix this by making the caller use cancel_work_sync and then freeing\nthe memory safely." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0ce5964b82f212f4df6a9813f09a0b5de15bd9c8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/3fb4601e0db10d4fe25e46f3fa308d40d37366bd", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/6396b33e98c096bff9c253ed49c008247963492a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a718b6d2a329e069b27d9049a71be5931e71d960", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c2d443aa1ae3175c13a665f3a24b8acd759ce9c3", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d0fd124972724cce0d48b9865ce3e273ef69e246", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d3b17c6d9dddc2db3670bc9be628b122416a3d26", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e7428e7e3fe94a5089dc12ffe5bc31574d2315ad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5664.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5664.json new file mode 100644 index 00000000000..31d20014e9d --- /dev/null +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5664.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-5664", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-07-10T08:15:11.507", + "lastModified": "2024-07-10T08:15:11.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute within the plugin's sonaar_audioplayer shortcode in all versions up to, and including, 5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.4.0.2/includes/class-sonaar-music-widget.php#L1853", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3115110/mp3-music-player-by-sonaar/trunk/includes/class-sonaar-music-widget.php", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/mp3-music-player-by-sonaar/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c14783d3-68de-49c6-9c54-eb7fc4a7bf94?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6421.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6421.json new file mode 100644 index 00000000000..f5187b97d42 --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6421.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6421", + "sourceIdentifier": "info@cert.vde.com", + "published": "2024-07-10T08:15:11.720", + "lastModified": "2024-07-10T08:15:11.720", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-038", + "source": "info@cert.vde.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6422.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6422.json new file mode 100644 index 00000000000..e6d2757e54d --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6422.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6422", + "sourceIdentifier": "info@cert.vde.com", + "published": "2024-07-10T08:15:11.970", + "lastModified": "2024-07-10T08:15:11.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://cert.vde.com/en/advisories/VDE-2024-038", + "source": "info@cert.vde.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6556.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6556.json new file mode 100644 index 00000000000..7fb79cb0a2a --- /dev/null +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6556.json @@ -0,0 +1,48 @@ +{ + "id": "CVE-2024-6556", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-07-10T09:15:02.747", + "lastModified": "2024-07-10T09:15:02.747", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3115079%40smartcrawl-seo&new=3115079%40smartcrawl-seo&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d357096-25da-4cbf-9c6c-261bf1b29a9f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8046c2294d7..16912df3a6a 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-10T08:00:18.916916+00:00 +2024-07-10T10:00:18.827210+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-10T07:15:03.317000+00:00 +2024-07-10T09:15:02.747000+00:00 ``` ### Last Data Feed Release @@ -33,25 +33,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -256545 +256556 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `11` -- [CVE-2024-36450](CVE-2024/CVE-2024-364xx/CVE-2024-36450.json) (`2024-07-10T07:15:02.893`) -- [CVE-2024-36451](CVE-2024/CVE-2024-364xx/CVE-2024-36451.json) (`2024-07-10T07:15:03.040`) -- [CVE-2024-36452](CVE-2024/CVE-2024-364xx/CVE-2024-36452.json) (`2024-07-10T07:15:03.103`) -- [CVE-2024-36453](CVE-2024/CVE-2024-364xx/CVE-2024-36453.json) (`2024-07-10T07:15:03.177`) -- [CVE-2024-39886](CVE-2024/CVE-2024-398xx/CVE-2024-39886.json) (`2024-07-10T07:15:03.247`) -- [CVE-2024-39927](CVE-2024/CVE-2024-399xx/CVE-2024-39927.json) (`2024-07-10T07:15:03.317`) +- [CVE-2023-6813](CVE-2023/CVE-2023-68xx/CVE-2023-6813.json) (`2024-07-10T08:15:10.760`) +- [CVE-2024-39488](CVE-2024/CVE-2024-394xx/CVE-2024-39488.json) (`2024-07-10T08:15:11.003`) +- [CVE-2024-39489](CVE-2024/CVE-2024-394xx/CVE-2024-39489.json) (`2024-07-10T08:15:11.110`) +- [CVE-2024-39490](CVE-2024/CVE-2024-394xx/CVE-2024-39490.json) (`2024-07-10T08:15:11.203`) +- [CVE-2024-39491](CVE-2024/CVE-2024-394xx/CVE-2024-39491.json) (`2024-07-10T08:15:11.287`) +- [CVE-2024-39492](CVE-2024/CVE-2024-394xx/CVE-2024-39492.json) (`2024-07-10T08:15:11.360`) +- [CVE-2024-39493](CVE-2024/CVE-2024-394xx/CVE-2024-39493.json) (`2024-07-10T08:15:11.427`) +- [CVE-2024-5664](CVE-2024/CVE-2024-56xx/CVE-2024-5664.json) (`2024-07-10T08:15:11.507`) +- [CVE-2024-6421](CVE-2024/CVE-2024-64xx/CVE-2024-6421.json) (`2024-07-10T08:15:11.720`) +- [CVE-2024-6422](CVE-2024/CVE-2024-64xx/CVE-2024-6422.json) (`2024-07-10T08:15:11.970`) +- [CVE-2024-6556](CVE-2024/CVE-2024-65xx/CVE-2024-6556.json) (`2024-07-10T09:15:02.747`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-26279](CVE-2024/CVE-2024-262xx/CVE-2024-26279.json) (`2024-07-10T09:15:02.400`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 7f3f88ae0e9..e7142f104af 100644 --- a/_state.csv +++ b/_state.csv @@ -240290,6 +240290,7 @@ CVE-2023-6809,0,0,da849ebc66bf4be9594f5a16c6489da06b73ea4d1114ad0ea42cbcbd1d5557 CVE-2023-6810,0,0,3101b378ed04a5c8247ef1debed918ebc9eb8103dd1b234528b91dafd5921a75,2024-05-07T13:39:32.710000 CVE-2023-6811,0,0,0ae434dca3175548a9ca9dc42c6f8d10f94870a185713460da5dc58ca1a03a92,2024-04-11T12:47:44.137000 CVE-2023-6812,0,0,1361f65d99954b70532606b17569527f5effc0868c2105952fcff6b7c6c97e71,2024-05-14T19:18:31.490000 +CVE-2023-6813,1,1,35e6e83ae306cde57ed354c43ffc3830381e1b47b76395d07f3d192a286cc390,2024-07-10T08:15:10.760000 CVE-2023-6814,0,0,f914980738323f0d89710adfa1af6d51adf8e3bc868f5019d57b30c5b4448cc4,2024-04-16T03:15:06.230000 CVE-2023-6815,0,0,2907a8b4ff24102c477c46109fb1fabfce42d3c6fd03f18fcb9bbd39f14ee3a0,2024-02-14T04:15:08.497000 CVE-2023-6816,0,0,cca41eda4debf1a60ab4b1843bc845963914c04ca252d62c2bb38527b5d55418,2024-05-22T17:16:09.970000 @@ -246471,7 +246472,7 @@ CVE-2024-26275,0,0,a8dddbae7b22d48aedb9f8490428c277edf739c267986dae35b653016096b CVE-2024-26276,0,0,ebaa4df659ae506807515f6f8e27db4e0be919eedbd9a6cec30771898d5d94b8,2024-06-11T12:15:14.153000 CVE-2024-26277,0,0,c804494b992b99c1c40050703fb804ba44997edf7736c67dd07771e0c8850ad9,2024-06-11T12:15:14.273000 CVE-2024-26278,0,0,b4f30c0206435462f938eb0aa6ce4486df14c46a6e06f78aebcebb1f84e4c17d,2024-07-09T18:18:38.713000 -CVE-2024-26279,0,0,c4bff815edfd814e00fe609d743e5381326d6b9a8eaa1af2ba2c2661f06cf980,2024-07-09T18:18:38.713000 +CVE-2024-26279,0,1,5bb6c47fa83d2cfe0b536ce92f13c6139ec1adf5e91efd22c3f866b53c3e15df,2024-07-10T09:15:02.400000 CVE-2024-2628,0,0,74f1b0a8f98a3a2a42e54dd1de06ce591c355dd248224902ad7ba323d1c0caa6,2024-04-01T15:23:07.793000 CVE-2024-26280,0,0,38ddaacb3fe8b7d89a935c9bba67b29e4cb635c7acf4968449143e2fc6e9c2ce,2024-05-01T18:15:15.537000 CVE-2024-26281,0,0,d398cdbeaa123e10721276d9f64c2d88a8b8d78292a048222ab02485f2a77624,2024-02-22T19:07:27.197000 @@ -253265,10 +253266,10 @@ CVE-2024-36428,0,0,34ee364c5a9075f639864e5b9724315f875ffecaf1e3b09c0e9021977a7b8 CVE-2024-3643,0,0,52bab63bfc91b1f0b9d75e6e14dccb142e0861ecbf55c57479143676f8644d3b,2024-05-16T13:03:05.353000 CVE-2024-3644,0,0,4e49052df3e8a0f31e3394cce710c4ef728e2bd6bf109b57603d53a5d48d8bab,2024-05-16T13:03:05.353000 CVE-2024-3645,0,0,9bfaa42192c6fa49951fba1d7645fb7975d3a2b4cd9bcc55a7dd9ceef33e077c,2024-04-22T19:24:12.920000 -CVE-2024-36450,1,1,ea1236f7b5970f4dfffbf3131c2b81689a3c3e0a16e1c39da011c68b844c67e2,2024-07-10T07:15:02.893000 -CVE-2024-36451,1,1,3136df486a657ff87b4fd86607abf4dc838632d3519b091388d1599234550ab5,2024-07-10T07:15:03.040000 -CVE-2024-36452,1,1,7550f8b11a9c9103a2bf10e7dfc87b4d6aa9599c64ed3f3d2418e8d98bd6a4d1,2024-07-10T07:15:03.103000 -CVE-2024-36453,1,1,d340fb019cb2123311b824ba06de47c9a664efe85812ca5b2754e78c59e411bf,2024-07-10T07:15:03.177000 +CVE-2024-36450,0,0,ea1236f7b5970f4dfffbf3131c2b81689a3c3e0a16e1c39da011c68b844c67e2,2024-07-10T07:15:02.893000 +CVE-2024-36451,0,0,3136df486a657ff87b4fd86607abf4dc838632d3519b091388d1599234550ab5,2024-07-10T07:15:03.040000 +CVE-2024-36452,0,0,7550f8b11a9c9103a2bf10e7dfc87b4d6aa9599c64ed3f3d2418e8d98bd6a4d1,2024-07-10T07:15:03.103000 +CVE-2024-36453,0,0,d340fb019cb2123311b824ba06de47c9a664efe85812ca5b2754e78c59e411bf,2024-07-10T07:15:03.177000 CVE-2024-36454,0,0,119ecbd34abcc47a263eca5a7b8a20f07f9103015a4c85c0f4c832e1c8eae2d9,2024-06-13T18:36:09.013000 CVE-2024-36459,0,0,474bfa332c926d073eec1319c6b0bf17fa1f15902b9a2385d1d4aa60eeefb843,2024-07-03T02:03:12.833000 CVE-2024-3646,0,0,f1ba7615d07aeacaca9371aa5a68bf3033db9a231eaf2716a6cbfd3f340bcd58,2024-04-19T16:19:49.043000 @@ -254590,6 +254591,12 @@ CVE-2024-39484,0,0,a445c76503df3c2b08ea3e5bff9e0551e6280c35730c3d8354635c9d4c9c0 CVE-2024-39485,0,0,eeb489cc81d629e25edf2846d080f2d16c82c1a5d4e00cda1329db48257433c1,2024-07-08T15:36:56.127000 CVE-2024-39486,0,0,77cff8922a497e9f5f3a2c54a76728f0d6b7e7d5f3ffc0649161a58f4b404b51,2024-07-08T15:49:22.437000 CVE-2024-39487,0,0,a753ee835b7e39ba050c96e915c7182f4ab084e4115de59996f349f1dcc33193,2024-07-09T18:19:14.047000 +CVE-2024-39488,1,1,5528072f79027aec596d55ae054a3c32e53d1c5f9a9349fde5e1ffd130a4a2d0,2024-07-10T08:15:11.003000 +CVE-2024-39489,1,1,fac48583d60e545805163545e2f78ff6020483e55541f3ad6505407d5c0db51d,2024-07-10T08:15:11.110000 +CVE-2024-39490,1,1,a138bbf39d3622fed998081d841300f303ecee2f2a9a14db866018dc5e2ec056,2024-07-10T08:15:11.203000 +CVE-2024-39491,1,1,d2975a109e73a4d679d1de3277f449b0b59355c75959a87b79fec0fa339af23b,2024-07-10T08:15:11.287000 +CVE-2024-39492,1,1,936737ac4a5aa51c6dd2775e7e8ab10104463739019f0e5149175b556e6d42ae,2024-07-10T08:15:11.360000 +CVE-2024-39493,1,1,95ca26deac88a48a13f8b40620d0ff25df1c825b903366bd7b44a58ddff0741b,2024-07-10T08:15:11.427000 CVE-2024-3951,0,0,d1eb572088193a792816003caae4c8900ea1808fb70b3f34eb162771a0d73b1e,2024-05-08T17:05:24.083000 CVE-2024-3952,0,0,92f1da274771947c3cb4a43546670c1af8a997980dc361a71cd2fb07f162ad15,2024-05-14T16:11:39.510000 CVE-2024-3954,0,0,45f1b348fcace6f84e3157e2d0f8a54fc4228bb396d26e03c9556cd235947f43,2024-05-14T16:11:39.510000 @@ -254679,7 +254686,7 @@ CVE-2024-39881,0,0,734513e1501cebcc0b72850eeaf6e0bc214e2c47aa69f9960687fba8aa685 CVE-2024-39882,0,0,de74431e089ea50d9da8480de9f2d8563918e552efcd6f778b16f5d9b2937c6a,2024-07-09T22:15:03.013000 CVE-2024-39883,0,0,f36e36507d993b385a0e1d9e126d2aed8a05ae37b677fab5d0df65c7316e4203,2024-07-09T22:15:03.133000 CVE-2024-39884,0,0,0d647612824271b037e4243e01d89c11015b35b838940d0c376081ca2e2ed0c1,2024-07-05T12:55:51.367000 -CVE-2024-39886,1,1,a8ebbd552e2557e3b745298dbe6cc7303e3378e0473bc13e7712dfa68942ae03,2024-07-10T07:15:03.247000 +CVE-2024-39886,0,0,a8ebbd552e2557e3b745298dbe6cc7303e3378e0473bc13e7712dfa68942ae03,2024-07-10T07:15:03.247000 CVE-2024-39888,0,0,f7637ae0feee5d9d70653d284f2ffea6d3641a46c662eba72b67bcab442feb69,2024-07-09T18:19:14.047000 CVE-2024-3989,0,0,41a6b1dcae0354fb8cba40366dc7ed1eeb84d6a6a33689c35123198fe63c8f01,2024-05-14T16:11:39.510000 CVE-2024-39891,0,0,f05a058a4cf741da51f47b19ea162b25ce262cdb61fb36618eb53dc7411c00e3,2024-07-03T22:15:02.923000 @@ -254694,7 +254701,7 @@ CVE-2024-39901,0,0,c52004d7010f12153b157c9d2835723dc79ee8ac7d5742198f350aec78b1b CVE-2024-3991,0,0,f4b27e31b2ebe06401478accd9d85264142bf207d27ef139c240399354705c4f,2024-05-02T18:00:37.360000 CVE-2024-3992,0,0,ff644523dcb07d662c2bf53b9e125872cf5c9b9df16e03b5f8dec25363b303ae,2024-06-17T12:42:04.623000 CVE-2024-39920,0,0,8281f1288058876e172a78a04b7e10123b671826d2c29ba249d059d614d38347,2024-07-03T12:53:24.977000 -CVE-2024-39927,1,1,e79f294dfea2ee535551bc3b55d35cb8ea6554ac331aeb3da0347edbd4b02f2a,2024-07-10T07:15:03.317000 +CVE-2024-39927,0,0,e79f294dfea2ee535551bc3b55d35cb8ea6554ac331aeb3da0347edbd4b02f2a,2024-07-10T07:15:03.317000 CVE-2024-39929,0,0,a101bb24f7d63f090f20192946a102f9a39a1df49f06f499eb77157966db47ea,2024-07-09T16:22:58.760000 CVE-2024-3993,0,0,a2f94f13d02cfe8603a71433706e6cc2c5ad0c0e3e2fd5d51c299cf3fc301a73,2024-07-03T02:06:58.160000 CVE-2024-39930,0,0,17eb00e73f46631dbd6316a3ab19a74b1e7ba74e9179cfe94efb0d39751660c6,2024-07-05T12:55:51.367000 @@ -256064,6 +256071,7 @@ CVE-2024-5659,0,0,dbb598e16e86b9c719d485b541188ff6e8ea72d57c8ec148ee2290d2bb1f42 CVE-2024-5661,0,0,64c610f4ac197974e4a9f4370e828aefe9bbaabb0bf444795d194a1356128a89,2024-07-02T14:43:40.460000 CVE-2024-5662,0,0,c30bff5b2d503274ccfb42c77a6a2f90af33779b4134c5919fad644e092eec26,2024-06-28T10:27:00.920000 CVE-2024-5663,0,0,e65ed9bd668d6456ce5b39954ddd0ae3860f1cde2bd069c4d43e4b5601627808,2024-06-10T02:52:08.267000 +CVE-2024-5664,1,1,06615a3a1b1ddca8cbcc97e7c80b71572a07e55905da8641263f5e1cbe246170,2024-07-10T08:15:11.507000 CVE-2024-5665,0,0,cf98b8118d31a45b868938fcf4b0239a4be77d7cb3995f06e552251067a9cecd,2024-06-11T17:47:45.033000 CVE-2024-5666,0,0,c2cb648af5be31cc7b97e094a0871dd39fea80d2d3a0f373e615f5ae502553a5,2024-07-01T12:37:24.220000 CVE-2024-5669,0,0,ddd7772a6277d903bcf1d89da44667af6e9a3df4fd3440e71ca75c5d1aad7a37,2024-07-09T18:19:14.047000 @@ -256491,6 +256499,8 @@ CVE-2024-6416,0,0,1d3038bca30e2041aec4c6f6e9ac2c7cb38b0b032dbc11dcdc7f3d31ad18d0 CVE-2024-6417,0,0,29f9a4ce41522fa0140910babecf0fc99e85f4d49ac0eb1b6a99dc830b0f22e3,2024-07-01T12:37:24.220000 CVE-2024-6418,0,0,b63bb78bc20fc7c9074df0590cf44ede2aa2ea9145f7e2ea976342cbbc9ede3c,2024-07-01T12:37:24.220000 CVE-2024-6419,0,0,e1f22570d75c49fa5726171947ce4e56ea60b543707fecfaebe18f84b2ff48d5,2024-07-01T12:37:24.220000 +CVE-2024-6421,1,1,db7bd9971338615d215f1e7b8e7fa087aaa5719e2acb0c0a97901e85c2169ff5,2024-07-10T08:15:11.720000 +CVE-2024-6422,1,1,191366e016b6dbb4ac4d53079d948b79aacc8ec4f54058704bb848c7c583085e,2024-07-10T08:15:11.970000 CVE-2024-6424,0,0,8d5a2fd0dee2ac07d57032a1c81c2c412cad276a027b89c1b7d3574f7c28481d,2024-07-01T16:37:39.040000 CVE-2024-6425,0,0,adbfecb8c3cc947ec785870957655621e37e6a4ecfa332482b1b765f471fc897,2024-07-01T16:37:39.040000 CVE-2024-6426,0,0,f8400a1dd26a0192767404ca5f7752c12cf287ce03e2990002fc305f7bc08efa,2024-07-05T17:10:26.683000 @@ -256524,6 +256534,7 @@ CVE-2024-6526,0,0,0395771cb83da3c31d3258df800a7adc493a41c6b23cd6248bbb973fb8ab4b CVE-2024-6527,0,0,2c04959f5b432bf9c2410a6022a228031cfde40b22a03fde53771eb44766b4c1,2024-07-09T18:19:14.047000 CVE-2024-6539,0,0,af7a9107d7b462a59e1314d81ee0ea249c00edb3c899ac73079834fee3e5a982,2024-07-08T15:49:22.437000 CVE-2024-6550,0,0,5d1ac2302fccc411850552add6961beebffbcf8502b1c5101339eaaf0570c4d7,2024-07-10T04:15:04.290000 +CVE-2024-6556,1,1,f6995563a669d24a1da43c211041cfd8dccd356df79a3a4ff9fed43fe7bef50f,2024-07-10T09:15:02.747000 CVE-2024-6563,0,0,1b4d88909a8afd884220e1df693026407578c717bcca7ba5cdd4e0bbbf29fb3c,2024-07-09T14:19:19.300000 CVE-2024-6564,0,0,b381c943e4dc87d72df0560a8008d835d4542fba3e8b6a3b21a1beca0e3a3fa5,2024-07-09T14:19:14.760000 CVE-2024-6580,0,0,d43dfa58651574c4447e8f323f3cb1f6a00d6bdef0613d5834aefccecf968c5d,2024-07-09T18:19:14.047000