From 1561805f83c503b61b332f71e3df343f91748460 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 8 Jan 2025 09:03:43 +0000 Subject: [PATCH] Auto-Update: 2025-01-08T09:00:20.762587+00:00 --- CVE-2024/CVE-2024-116xx/CVE-2024-11613.json | 64 ++++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11635.json | 60 +++++++++ CVE-2024/CVE-2024-120xx/CVE-2024-12045.json | 60 +++++++++ CVE-2024/CVE-2024-125xx/CVE-2024-12584.json | 60 +++++++++ CVE-2024/CVE-2024-128xx/CVE-2024-12851.json | 60 +++++++++ CVE-2024/CVE-2024-128xx/CVE-2024-12852.json | 60 +++++++++ CVE-2024/CVE-2024-131xx/CVE-2024-13173.json | 78 ++++++++++++ CVE-2024/CVE-2024-80xx/CVE-2024-8001.json | 10 +- CVE-2024/CVE-2024-80xx/CVE-2024-8002.json | 133 ++++++++++++++++++++ CVE-2024/CVE-2024-96xx/CVE-2024-9673.json | 68 ++++++++++ CVE-2025/CVE-2025-222xx/CVE-2025-22215.json | 44 +++++++ README.md | 29 +++-- _state.csv | 28 +++-- 13 files changed, 729 insertions(+), 25 deletions(-) create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11613.json create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11635.json create mode 100644 CVE-2024/CVE-2024-120xx/CVE-2024-12045.json create mode 100644 CVE-2024/CVE-2024-125xx/CVE-2024-12584.json create mode 100644 CVE-2024/CVE-2024-128xx/CVE-2024-12851.json create mode 100644 CVE-2024/CVE-2024-128xx/CVE-2024-12852.json create mode 100644 CVE-2024/CVE-2024-131xx/CVE-2024-13173.json create mode 100644 CVE-2024/CVE-2024-80xx/CVE-2024-8002.json create mode 100644 CVE-2024/CVE-2024-96xx/CVE-2024-9673.json create mode 100644 CVE-2025/CVE-2025-222xx/CVE-2025-22215.json diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11613.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11613.json new file mode 100644 index 00000000000..fac81a71860 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11613.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-11613", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-08T07:15:26.407", + "lastModified": "2025-01-08T07:15:26.407", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the 'wfu_file_downloader.php' file. This is due to lack of proper sanitization of the 'source' parameter and allowing a user-defined directory path. This makes it possible for unauthenticated attackers to execute code on the server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.svn.wordpress.org/wp-file-upload/trunk/wfu_file_downloader.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3217005/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/31052fe6-a0ae-4502-b2d2-dbc3b3bf672f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11635.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11635.json new file mode 100644 index 00000000000..5eda97f5499 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11635.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-11635", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-08T08:15:24.117", + "lastModified": "2025-01-08T08:15:24.117", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.svn.wordpress.org/wp-file-upload/trunk/wfu_file_downloader.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5165f60-6515-4a2c-a124-cc88155eaf01?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-120xx/CVE-2024-12045.json b/CVE-2024/CVE-2024-120xx/CVE-2024-12045.json new file mode 100644 index 00000000000..7e5f0b95fe6 --- /dev/null +++ b/CVE-2024/CVE-2024-120xx/CVE-2024-12045.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12045", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-08T08:15:24.683", + "lastModified": "2025-01-08T08:15:24.683", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maker title value of the Google Maps block in all versions up to, and including, 5.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3210374/essential-blocks/tags/5.1.1/src/blocks/google-map/src/marker.js", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b07f3ade-5f10-4621-99a2-18eeab993403?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-125xx/CVE-2024-12584.json b/CVE-2024/CVE-2024-125xx/CVE-2024-12584.json new file mode 100644 index 00000000000..6a0e69825c6 --- /dev/null +++ b/CVE-2024/CVE-2024-125xx/CVE-2024-12584.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12584", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-08T07:15:26.833", + "lastModified": "2025-01-08T07:15:26.833", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The 140+ Widgets | Xpro Addons For Elementor \u2013 FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6.2 via the 'duplicate' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract potentially sensitive data from draft, scheduled (future), private, and password protected posts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3212531/xpro-elementor-addons", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fa085bc0-af0b-4797-a10f-4d41b4988c02?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12851.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12851.json new file mode 100644 index 00000000000..adb78fb6067 --- /dev/null +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12851.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12851", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-08T07:15:27.027", + "lastModified": "2025-01-08T07:15:27.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom_attributes parameter of the Cookie Consent Widget in all versions up to, and including, 5.10.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3212890%40bdthemes-element-pack-lite&new=3212890%40bdthemes-element-pack-lite&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39b0af74-f773-4a56-b169-2ee11e923813?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12852.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12852.json new file mode 100644 index 00000000000..2482ad87980 --- /dev/null +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12852.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12852", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-08T07:15:27.250", + "lastModified": "2025-01-08T07:15:27.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ha_cmc_text' parameter of the Happy Mouse Cursor in all versions up to, and including, 3.15.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3212495/happy-elementor-addons/tags/3.15.2/assets/js/custom-mouse-cursor.js", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e60d4528-2ec5-4a4b-be77-0fc012c13720?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13173.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13173.json new file mode 100644 index 00000000000..e6138db17ae --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13173.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-13173", + "sourceIdentifier": "security@vivo.com", + "published": "2025-01-08T08:15:24.870", + "lastModified": "2025-01-08T08:15:24.870", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The health module has insufficient restrictions on loading URLs, which may lead to some information leakage." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@vivo.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@vivo.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://www.vivo.com/en/support/security-advisory-detail?id=14", + "source": "security@vivo.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8001.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8001.json index 3c81397d336..f612990aa11 100644 --- a/CVE-2024/CVE-2024-80xx/CVE-2024-8001.json +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8001.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8001", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-13T10:15:04.593", - "lastModified": "2024-11-19T15:41:25.973", - "vulnStatus": "Analyzed", + "lastModified": "2025-01-08T07:15:27.463", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -131,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -175,6 +175,10 @@ "tags": [ "Third Party Advisory" ] + }, + { + "url": "https://www.scip.ch/?news.20241203", + "source": "cna@vuldb.com" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-80xx/CVE-2024-8002.json b/CVE-2024/CVE-2024-80xx/CVE-2024-8002.json new file mode 100644 index 00000000000..a08332542ec --- /dev/null +++ b/CVE-2024/CVE-2024-80xx/CVE-2024-8002.json @@ -0,0 +1,133 @@ +{ + "id": "CVE-2024-8002", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-08T07:15:27.773", + "lastModified": "2025-01-08T07:15:27.773", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in VIWIS LMS 9.11 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component File Upload. The manipulation of the argument filename leads to cross site scripting. The attack can be launched remotely. Upgrading to version 9.12 is able to address this issue. It is recommended to upgrade the affected component." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.290767", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.290767", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9673.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9673.json new file mode 100644 index 00000000000..fa65440aa52 --- /dev/null +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9673.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-9673", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-08T07:15:27.980", + "lastModified": "2025-01-08T07:15:27.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Heading widget in all versions up to, and including, 2.4.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/piotnet-addons-for-elementor/trunk/assets/js/extension-pafe-tooltip.js", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3217875/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/piotnet-addons-for-elementor/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/317a0e93-fcd7-41a0-a83e-98c50bfc6be2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-222xx/CVE-2025-22215.json b/CVE-2025/CVE-2025-222xx/CVE-2025-22215.json new file mode 100644 index 00000000000..a01b1f77c67 --- /dev/null +++ b/CVE-2025/CVE-2025-222xx/CVE-2025-22215.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2025-22215", + "sourceIdentifier": "security@vmware.com", + "published": "2025-01-08T07:15:28.180", + "lastModified": "2025-01-08T07:15:28.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability.\u00a0A malicious actor with \"Organization Member\" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25312", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 598f4c72b92..1541ec41f3c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-08T07:00:20.357289+00:00 +2025-01-08T09:00:20.762587+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-08T06:15:16.160000+00:00 +2025-01-08T08:15:24.870000+00:00 ``` ### Last Data Feed Release @@ -33,27 +33,30 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -276257 +276267 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `10` -- [CVE-2024-10151](CVE-2024/CVE-2024-101xx/CVE-2024-10151.json) (`2025-01-08T06:15:14.343`) -- [CVE-2024-10585](CVE-2024/CVE-2024-105xx/CVE-2024-10585.json) (`2025-01-08T06:15:15.677`) -- [CVE-2024-11270](CVE-2024/CVE-2024-112xx/CVE-2024-11270.json) (`2025-01-08T05:15:07.783`) -- [CVE-2024-11271](CVE-2024/CVE-2024-112xx/CVE-2024-11271.json) (`2025-01-08T05:15:09.273`) -- [CVE-2024-12030](CVE-2024/CVE-2024-120xx/CVE-2024-12030.json) (`2025-01-08T05:15:09.510`) -- [CVE-2024-12205](CVE-2024/CVE-2024-122xx/CVE-2024-12205.json) (`2025-01-08T05:15:09.667`) -- [CVE-2024-12585](CVE-2024/CVE-2024-125xx/CVE-2024-12585.json) (`2025-01-08T06:15:16.160`) -- [CVE-2024-54731](CVE-2024/CVE-2024-547xx/CVE-2024-54731.json) (`2025-01-08T05:15:11.810`) +- [CVE-2024-11613](CVE-2024/CVE-2024-116xx/CVE-2024-11613.json) (`2025-01-08T07:15:26.407`) +- [CVE-2024-11635](CVE-2024/CVE-2024-116xx/CVE-2024-11635.json) (`2025-01-08T08:15:24.117`) +- [CVE-2024-12045](CVE-2024/CVE-2024-120xx/CVE-2024-12045.json) (`2025-01-08T08:15:24.683`) +- [CVE-2024-12584](CVE-2024/CVE-2024-125xx/CVE-2024-12584.json) (`2025-01-08T07:15:26.833`) +- [CVE-2024-12851](CVE-2024/CVE-2024-128xx/CVE-2024-12851.json) (`2025-01-08T07:15:27.027`) +- [CVE-2024-12852](CVE-2024/CVE-2024-128xx/CVE-2024-12852.json) (`2025-01-08T07:15:27.250`) +- [CVE-2024-13173](CVE-2024/CVE-2024-131xx/CVE-2024-13173.json) (`2025-01-08T08:15:24.870`) +- [CVE-2024-8002](CVE-2024/CVE-2024-80xx/CVE-2024-8002.json) (`2025-01-08T07:15:27.773`) +- [CVE-2024-9673](CVE-2024/CVE-2024-96xx/CVE-2024-9673.json) (`2025-01-08T07:15:27.980`) +- [CVE-2025-22215](CVE-2025/CVE-2025-222xx/CVE-2025-22215.json) (`2025-01-08T07:15:28.180`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-8001](CVE-2024/CVE-2024-80xx/CVE-2024-8001.json) (`2025-01-08T07:15:27.463`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 9727e9979ed..b469496536d 100644 --- a/_state.csv +++ b/_state.csv @@ -243306,7 +243306,7 @@ CVE-2024-10147,0,0,a56a79fe5a06b98cc0b76112510f81c153284d047893303acf550d79857bb CVE-2024-10148,0,0,db0d5db25a1f49f9ba7e42a06491994c37a2b37e9a76e3ae4cc30f2bbf70efeb,2024-11-06T16:02:22.120000 CVE-2024-1015,0,0,be928180cb003f6a5eec5ab2bae4726bcad9bf29373863ff5830478d50997929,2025-01-03T19:15:53.587000 CVE-2024-10150,0,0,fac5f7de9492af33015847edbbaf4e66b672db3781dc50dc161c61d03c3e187d,2024-11-05T17:47:35.353000 -CVE-2024-10151,1,1,c58b30b9eaa36ed1556e75c3ff47827d9c0e423cd54c22c504a4fe5e7a334d96,2025-01-08T06:15:14.343000 +CVE-2024-10151,0,0,c58b30b9eaa36ed1556e75c3ff47827d9c0e423cd54c22c504a4fe5e7a334d96,2025-01-08T06:15:14.343000 CVE-2024-10153,0,0,205337601504c6a6060c88aa213139cbdb5096813b7204f786c736b1a09bbbe9,2024-10-22T14:45:04.670000 CVE-2024-10154,0,0,8bc22a596ba6d08db60619a5118141d0b00a385670008138b09554e9c573f4a2,2024-10-22T14:44:47.807000 CVE-2024-10155,0,0,542e5dfc2b62b1a1ca578686c2a8ae79931c9e86cdbac20993e8c86f6a9756d8,2024-10-22T14:43:42.607000 @@ -243671,7 +243671,7 @@ CVE-2024-10580,0,0,7cbec3926b1e0a5918766b8a0adb238fb5e9aded2f47a47f3fe18631e2f40 CVE-2024-10582,0,0,081ced1e3bee3a0a102c94bdff81bc48301372e830a54bd85e35429dcce93b3b,2024-11-19T21:17:53.003000 CVE-2024-10583,0,0,2dd8fa86d783214098b78ecf15207bb297f91c4a4766bbf054ba7ce346e63980,2024-12-12T07:15:05.570000 CVE-2024-10584,0,0,884bde099e6baaab8d72bf2690b23c625dcbcb424035217f134401aa3c174ba2,2024-12-24T11:15:05.670000 -CVE-2024-10585,1,1,d2c01d00826f1b53e6df968ffe207a192f82d1c91d1989f925d703c622e2e51c,2025-01-08T06:15:15.677000 +CVE-2024-10585,0,0,d2c01d00826f1b53e6df968ffe207a192f82d1c91d1989f925d703c622e2e51c,2025-01-08T06:15:15.677000 CVE-2024-10586,0,0,b69dc43541a3d4ba79cbec846432fae4b52e3fc26bdbf2ae2d19921cf034fb0f,2024-11-12T13:56:54.483000 CVE-2024-10587,0,0,d6724952982058693533d93eda32abe5adf3dfced7d03365b0a9849e1c3651d6,2024-12-04T03:15:04.037000 CVE-2024-10588,0,0,abb174590e2c3805aae308cc65206f91b43bf77d5c69f89364fb1f1e9e31b3d2,2024-11-12T13:56:24.513000 @@ -244237,8 +244237,8 @@ CVE-2024-11263,0,0,cc23e994a38bc31df951aa6a58125fc0f0777c81e47c57f81b464948cdbf2 CVE-2024-11265,0,0,cd84e375ba34be8f1d8c0a95984eed473f1b4c14b99dc4b41ab53021d7d29454,2024-11-23T06:15:18.310000 CVE-2024-11268,0,0,65d234ad05896fe7713da8af2e2cfd7055c2e949b8bf81d6b5e68616c5bf2258,2024-12-09T18:15:22.120000 CVE-2024-1127,0,0,156ab4f781dcbea8349dccaf03d8331b37e207b23f13868177d2fc6d72956211,2024-11-21T08:49:51.547000 -CVE-2024-11270,1,1,47015439a044c94deb2da0b274a280064e9d40db302e2ee440631fba0ef40f0b,2025-01-08T05:15:07.783000 -CVE-2024-11271,1,1,e32a44b08727ee63cfba76a1102837dc8cfecc53b46f96c891552d834ed12882,2025-01-08T05:15:09.273000 +CVE-2024-11270,0,0,47015439a044c94deb2da0b274a280064e9d40db302e2ee440631fba0ef40f0b,2025-01-08T05:15:07.783000 +CVE-2024-11271,0,0,e32a44b08727ee63cfba76a1102837dc8cfecc53b46f96c891552d834ed12882,2025-01-08T05:15:09.273000 CVE-2024-11274,0,0,d1342831a6abeef5bb3515b5ff94eee0e3fe5805367e12756f20bd1f3e6994e5,2024-12-12T12:15:22.267000 CVE-2024-11275,0,0,d867fdb3089eb487aba710ee3a783df90afa48402af791b20254c6cf6b05da5e,2024-12-13T09:15:04.887000 CVE-2024-11276,0,0,812b69192092bc16930f9ab3876c16990ac594a09aff786923cf483c78cda3e7,2024-12-06T09:15:05.827000 @@ -244539,6 +244539,7 @@ CVE-2024-11607,0,0,64db1cb50de786964ba95a2d2de30c3c373b3627734b2fcf18c662efd5d3b CVE-2024-11608,0,0,8ddbc230a8730b76ffe6955779ba3c4d90ea8f23edd3f564c2db516009c0d0dc,2024-12-09T18:15:22.580000 CVE-2024-1161,0,0,68cc61ca71a85d6059ad02181ec1fb4a89655dbd3db8900d271e7a26ec14fb67,2024-11-21T08:49:56.127000 CVE-2024-11612,0,0,bb444eed2bab8dc9d7d3d2707a19c782bc9311cf8cab3a2875a904169993bb7a,2024-11-22T21:15:17.387000 +CVE-2024-11613,1,1,3746b018d4d1f1fb0e968320de63f963db0e724636c6c2189025fbf55f5bc984,2025-01-08T07:15:26.407000 CVE-2024-11614,0,0,f4d6905deb81badafe3afb8c8ecb8ff0ddaff80286a809b495c2ebb2c91375ae,2024-12-18T09:15:06.660000 CVE-2024-11616,0,0,5cf2247f3b5e7ef2cbc9a5a8f08413199c8203f7939f04113ffefbe510dd1f2f,2024-12-19T10:15:13.323000 CVE-2024-11618,0,0,faa524e213716321f8f8b440fa9593fea7194f824084fdf0ccb0ec4689ef9c66,2024-11-22T19:15:05.437000 @@ -244556,6 +244557,7 @@ CVE-2024-11631,0,0,ec063b412cc8e1fc69f64e54e806f8de997f3af353f8bd5c4b78d65e3cccf CVE-2024-11632,0,0,de73f7ca209ed3887af097dcd8d60cda4bdd27816f354a861b8ba50b3a9bc56a,2024-11-25T16:50:43.257000 CVE-2024-11633,0,0,a9d20014e3d27993c11ace933ac556846fd531565e17146502da93b7e86371df,2024-12-10T19:15:19.443000 CVE-2024-11634,0,0,0e2d7b37ec82ce83fed6bdfe701bc5f2686fac239cb6656f7c455143c516f3bc,2024-12-10T19:15:19.570000 +CVE-2024-11635,1,1,79551e3678bb1b6e8af2e6c56ac6d09d40e00e1be731bce08075cc39984c1b57,2025-01-08T08:15:24.117000 CVE-2024-11639,0,0,0210e46589d8e363ac9b295eb4432d5b1bb6755405d9d65212946ea82705ab83,2024-12-10T19:15:19.690000 CVE-2024-1164,0,0,ea75a9ac84fb05bc5899ed5764c236687fb5121f662769fb6e46971a20a2f34a,2024-11-21T08:49:56.530000 CVE-2024-11643,0,0,ae78ce4f54b48c77ffb4df12d001ddabc5e672affe5a377c6c988d0deb6a52af,2024-12-04T16:15:24.177000 @@ -244897,7 +244899,7 @@ CVE-2024-12026,0,0,cbdee4f4d341b218f2a9910c9db7c968e1470cd32e93684865d3bd2934d62 CVE-2024-12027,0,0,37ec4b44c0b83690aba6eca2d38a4a49f2c2ce6081a618c323d63a584206d2b7,2024-12-06T09:15:07.803000 CVE-2024-12028,0,0,1e73c6e2445828811f3920b16dca38e7a1768853994affcbd716568d4e1eb5f0,2024-12-06T09:15:07.957000 CVE-2024-1203,0,0,d1f896c2674b7d8b8ac7ccf181e7d9a7e598afaaabec693045eb0f85d52368c5,2024-11-21T08:50:01.913000 -CVE-2024-12030,1,1,4c9be3d3c771a2a84deb95e4ca1d8f81b8f40a5951ad9016519f0f2d8a48c521,2025-01-08T05:15:09.510000 +CVE-2024-12030,0,0,4c9be3d3c771a2a84deb95e4ca1d8f81b8f40a5951ad9016519f0f2d8a48c521,2025-01-08T05:15:09.510000 CVE-2024-12031,0,0,d30b745c703c186af9776c88e8d0d222bab220bbc78efc5ddb772b6e524ac88f,2024-12-24T10:15:05.580000 CVE-2024-12032,0,0,d28549d87ab7a1da8c8e60b219695b8c0bac78074e1f07aa186ddc87bdbbdb60,2024-12-25T04:15:05.497000 CVE-2024-12033,0,0,54825cf5b8066f27193c477b2f79dabfe72cf6e17be404638cb6d9b3454d4164,2025-01-07T12:15:23.900000 @@ -244905,6 +244907,7 @@ CVE-2024-12034,0,0,9c507f78158cc030dfd314ae6dde1db490ceaf3d6dfd0f8120e54566524e4 CVE-2024-1204,0,0,52c83c0f4289636bc1afd18cb37875b782729e90167239cc1a53f532e5633e12,2024-11-21T08:50:02.033000 CVE-2024-12040,0,0,82ff661fdb988bbdc555297e0b0d4a5a42a6c3fde3cb51373bdf40b4e4dd0633,2024-12-12T06:15:22.947000 CVE-2024-12042,0,0,b4111492e93c9126d488ebee36a5b9ed9603a0917a66407440ec106154a8d6d8,2024-12-13T09:15:07.370000 +CVE-2024-12045,1,1,ad54b682dce24c393ea27c2928416acab23666a9d2e518f72a3a5a322336cafa,2025-01-08T08:15:24.683000 CVE-2024-12047,0,0,b519fe3aa5ce2a0ef1dc7a25def83e3d7d75fdf22001ebe45f82c1494b6008ec,2025-01-04T08:15:06.157000 CVE-2024-12049,0,0,1681f5b0744998dc98b0ac8383ab3f305ba3143c966050706a7a972316fca8e2,2025-01-07T05:15:14.147000 CVE-2024-1205,0,0,7a555763b4ee56426377ab020ddc9dc79c7bd15b9be6f5edc39ecd5779b4ad33,2024-11-21T08:50:02.210000 @@ -245009,7 +245012,7 @@ CVE-2024-1220,0,0,9554836c8027e0b7a98d02c469b0640f37340ff8518df5c7c53c1851829f88 CVE-2024-12200,0,0,23413f89ab73dcfe4f53913520af84d44004f8074e56a4f24db9e34101f9d57a,2024-12-17T16:15:24.897000 CVE-2024-12201,0,0,24aea21415169e4ceff164eedb7fa32646ef24d523e6e014144846720c08c29c,2024-12-12T07:15:09.607000 CVE-2024-12202,0,0,de392d017a2cde554eddfd34575adabf2f2bb89cd4dcf190c1f3aa8d5126404e,2025-01-07T08:15:25.090000 -CVE-2024-12205,1,1,047d79feb29ebf288479cef73d13ee19472dab8c826e2da0e7c21592d5e5973e,2025-01-08T05:15:09.667000 +CVE-2024-12205,0,0,047d79feb29ebf288479cef73d13ee19472dab8c826e2da0e7c21592d5e5973e,2025-01-08T05:15:09.667000 CVE-2024-12207,0,0,76c8fa95f11590dc49aa5b062e9bb5af48aaa9477d134f7c1609580bb8e1c8b2,2025-01-07T05:15:16.080000 CVE-2024-12208,0,0,e03ecc3884be8ef44ef5a077ba53c4a05754ec74a94b603c1e749a21b3975365,2025-01-07T05:15:16.270000 CVE-2024-12209,0,0,965d45920161ad8379a478313464ecb572a2b8b8ed1bf056a1646168e0b8105f,2024-12-08T06:15:04.823000 @@ -245261,7 +245264,8 @@ CVE-2024-1258,0,0,36d421eec5fc7cce6382fad9fd3a9a8780da80fcb6e09fc8e5e480709b2e6c CVE-2024-12581,0,0,899275a869b7c967a158446f680d5b1e6ee7fb8c13fa325a1164dc54186bea7f,2024-12-13T06:15:26.433000 CVE-2024-12582,0,0,bbfe1aae814f308a85392c13709691d46da248e6458c80cb519b63fa483aa592,2024-12-24T04:15:05.137000 CVE-2024-12583,0,0,6c1f345fbc3f1cc53302e61a1dfbebbfcc1b6c1ee5d98cc4a9e3c7ebaa7ceed3,2025-01-04T09:15:06.090000 -CVE-2024-12585,1,1,a44389499f7fdb7b317f9ae8256ecfc7d9601fe372cf4304300e62c3be638488,2025-01-08T06:15:16.160000 +CVE-2024-12584,1,1,816f60d6132b2347c9aa70129bc858e7047e308acf27028a30827ba4bb7b6af3,2025-01-08T07:15:26.833000 +CVE-2024-12585,0,0,a44389499f7fdb7b317f9ae8256ecfc7d9601fe372cf4304300e62c3be638488,2025-01-08T06:15:16.160000 CVE-2024-12588,0,0,9ef4dd85f085f6ba612688cc14a2c49d05248e20e75bd2d7bdd4aff39b5ac0f2,2024-12-21T09:15:06.233000 CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000 CVE-2024-12590,0,0,78caf08663857a2f888f89c4842ba777750ad04068c078583ff87671d3a13c4e,2025-01-07T04:15:09.607000 @@ -245398,6 +245402,8 @@ CVE-2024-12846,0,0,e4c252bde2ca9af2e00706946ce2eb14da53254be655d485961e368b0c87d CVE-2024-12849,0,0,1ec1f74cc5622df60afc70cfedb69ebca5791587da5e6e97ed85991f051e26c4,2025-01-07T06:15:17.607000 CVE-2024-1285,0,0,f377c2065ba4ae04295fe1855da43b832210575f04c4c7725642d3c9965142c4,2024-11-21T08:50:13.903000 CVE-2024-12850,0,0,075205b205303999a6a29790d3e10f6b915eaaea804fbc90dec0f08e9b7ce1f4,2024-12-24T10:15:06.033000 +CVE-2024-12851,1,1,1a1ed3a928b1f5351defaf2a6fd966f60d7691ce0326764d64f0130c2392eaf1,2025-01-08T07:15:27.027000 +CVE-2024-12852,1,1,313ac0877d12bdeba23cb1261f513c819e50243422b9728474fc9f22b61d3940,2025-01-08T07:15:27.250000 CVE-2024-12856,0,0,9babd12091bd3794c40f556b84241a138bc1e45b107552b0272431ce40e98129,2024-12-27T18:15:23.677000 CVE-2024-1286,0,0,3a37afba636befcbf537a255eb60a76fe80040636283609c3669d2692aee914a,2024-11-21T08:50:14.037000 CVE-2024-12867,0,0,732c7583e9efa2618fe2f4098930414e7eb5e8b8eea2432950087191a298a004,2024-12-20T20:15:22.740000 @@ -245613,6 +245619,7 @@ CVE-2024-13145,0,0,5293851792dc3cb6491b0cda78aca9c898b2b603a3534d53245e0430e746e CVE-2024-1315,0,0,e1f16e3b2be06db6b65befc45bb21c6efb290182d3477c01a71033b0effe0c2a,2024-11-21T08:50:18.373000 CVE-2024-1316,0,0,ec6b544cc876a8479e8de890063434d877e95d2641a1a8c864b5c959e6dbfa7d,2024-11-21T08:50:19.090000 CVE-2024-1317,0,0,a1d296c91e245cb27c998bff4f84250fb1101a61ebac429b7ce35a2ceb239c73,2024-12-31T16:57:11.080000 +CVE-2024-13173,1,1,d04d36f36e6706c83e19033ca0e6b13fb7de202bc373359e5f928d0832f0038a,2025-01-08T08:15:24.870000 CVE-2024-1318,0,0,875ffbabaf295988fe72077a5574dbe20799a2a8618e7dc53ba31731145c671a,2024-12-31T16:56:50.763000 CVE-2024-1319,0,0,e6fca38f8817c3f0a93cd5d73a5a9417a178ac65495356d684dc26f204fa5765,2024-11-21T08:50:19.530000 CVE-2024-1320,0,0,80370b3cf95d31a327dfcead0766151687bef5425baa11f9a4606b327981e1e5,2024-11-21T08:50:19.647000 @@ -271455,7 +271462,7 @@ CVE-2024-5470,0,0,b70339f8a022f56de8d4eb030bd8f5d3563ba0fc9c1634fd55ea697aee92ed CVE-2024-5471,0,0,631b7a50303d6f9a193814092037f29379ca6ca2282e0b67207306f8abcc9ba4,2024-11-21T09:47:44.903000 CVE-2024-5472,0,0,5e12957cd076edb077638ab18db3a7202837e8fd64948bba00e3365a85b54117,2024-11-21T09:47:45.027000 CVE-2024-5473,0,0,fdd6160c6121db618882f16bfc9c17f8c3a2501715cb9519638ef5a1fcd2441d,2024-11-21T09:47:45.190000 -CVE-2024-54731,1,1,2ffd034fdf35990d080b6bfc4726e5afad46fa0e5f0cc3333d57d2c77c4ac0e3,2025-01-08T05:15:11.810000 +CVE-2024-54731,0,0,2ffd034fdf35990d080b6bfc4726e5afad46fa0e5f0cc3333d57d2c77c4ac0e3,2025-01-08T05:15:11.810000 CVE-2024-5474,0,0,63893131768de13d83eb37c8075bce21b1c0f49d4d852fdf9f27e69aab8b3e48,2024-11-15T17:00:35.697000 CVE-2024-54745,0,0,fa6c31d7a2d0035c561f7b97850c2a530b0e2e38d0e9249ae4c46e230cdcbc34,2024-12-11T17:15:20.460000 CVE-2024-54747,0,0,729a898b5b652d71ca77b05e0f5d878b359cbabc11947616e9dcb0994a6487d7,2024-12-09T15:15:21.320000 @@ -274426,7 +274433,8 @@ CVE-2024-7993,0,0,10464f0bb5b3b5886d1c4ade05662ecbd193a197d0231dda4a209e16947357 CVE-2024-7994,0,0,677bb0d3a07210a7d5902c83c522b3beb4ddf65c53dfa15f4ee3e8a6eb5c8b23,2024-10-21T18:35:55.397000 CVE-2024-7995,0,0,a8b278e923ed83ab90058edd8bf9d51cbec9eb8e7e1669b64ad19e97359b7962,2024-11-06T18:17:17.287000 CVE-2024-7998,0,0,5a96b2d058d8fa22c17d15139fb41166f629052179fc1be6b8add20fbdc8bcac,2024-12-03T19:15:13.330000 -CVE-2024-8001,0,0,099cbeb980ba6e254b5d82ee8fb984f29d524f5f155db8e79ff822aa9af57953,2024-11-19T15:41:25.973000 +CVE-2024-8001,0,1,643893a29009207bc6a69d6702f1ec3a6837e111f4f1f008a7509622c221c113,2025-01-08T07:15:27.463000 +CVE-2024-8002,1,1,2d8e2db5df11b9142c8e2179821bfb509bbc8d93afac1966799b3eea1f49a88e,2025-01-08T07:15:27.773000 CVE-2024-8003,0,0,5aa308260fe84145e956f1e70aa8ca1a5bc6781410b399a8b2ed922e0ff7150a,2024-08-21T15:51:28.397000 CVE-2024-8004,0,0,1cc79fadf99fdda419b94a0109a3ce8cf40de9c6bb1186292bde6c3cc7373354,2024-09-04T14:56:46.947000 CVE-2024-8005,0,0,d3ba332f380b70ed5e4439e944d0d74b998d66da36cd7503b081045196eb6280,2024-08-21T15:49:59.470000 @@ -275765,6 +275773,7 @@ CVE-2024-9669,0,0,01f51557b08d693308fd168dc79c271cc8144ffce3e2ae9dbbb591d8bfa035 CVE-2024-9670,0,0,bfd2d3b76924bcef9fde3b4b6223f9e716f28991a60568363900e08f18fbb441,2024-10-15T12:57:46.880000 CVE-2024-9671,0,0,59553a56912e73e257b64816c627a93d97598b6693e3efb56d6b49b71420a6a7,2024-12-04T08:15:07.357000 CVE-2024-9672,0,0,061e80a15aeea3b03a12d8109775a38b18a9082ea48b25cd40a1b2c0322c9214,2024-12-10T00:15:22.893000 +CVE-2024-9673,1,1,206894f51f07ab31418b13579f4576dabbf333f66a89c5e7da0f3500e18d8efd,2025-01-08T07:15:27.980000 CVE-2024-9674,0,0,dcc152f68b1f7c703678ea1798dc92c1fa87e3588d3559438d5c688c6e83e0d4,2024-10-22T14:02:50.473000 CVE-2024-9675,0,0,e9c4b6e85b7ecac779c2e255c4d61b9639221ef958972d67d9f8fb136bf98c92,2024-12-13T18:15:22.507000 CVE-2024-9676,0,0,f274ca1f33ebade4ed690e9a2c29367dd55071e678cc70655f57d1ab479c60a8,2024-11-26T09:15:06.820000 @@ -276130,6 +276139,7 @@ CVE-2025-21624,0,0,48317da35eed5453ecdf02e6a373b353bc1bb2bc0793e255b08a0ed1235e3 CVE-2025-22132,0,0,68d348d844ec3947f7795605dbc0f9b5ea1e9ec0bb464d07ae2fd1571ba27a37,2025-01-07T22:15:31.590000 CVE-2025-22133,0,0,c3c09e89206d0579374bc72133ed0f9fade2e2e60ff10357f2761c25411f1f67,2025-01-07T22:15:31.740000 CVE-2025-22214,0,0,9f9cbba758088c6fe54f3b7aba457fa8b68f7e0bf397744585451dc526c7cea3,2025-01-02T04:15:06.277000 +CVE-2025-22215,1,1,cf0a8a8d563a13d7b4db57a4adc2aedb9e68c390c024eb96fff71ff91b9f9389,2025-01-08T07:15:28.180000 CVE-2025-22261,0,0,b64f32ab7c14edb8b70371073baa276f94f41977fffad6128d5b8c7f32ae4fb7,2025-01-07T11:15:13.290000 CVE-2025-22275,0,0,dc0905974c721b278910237158fbbf2db7a66a5bd4b529c9d9744ba0c53260f3,2025-01-03T07:15:25.297000 CVE-2025-22293,0,0,bd03641f797a3639dbea19e70261d5f3ef47716330e1253c8622562a786a5f2c,2025-01-07T11:15:13.473000