From 1717906b77e94ff27d6b6be36cb2c95d7ff501f7 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 31 Jul 2024 08:03:12 +0000 Subject: [PATCH] Auto-Update: 2024-07-31T08:00:17.299661+00:00 --- CVE-2024/CVE-2024-423xx/CVE-2024-42381.json | 68 ++++++++++ CVE-2024/CVE-2024-61xx/CVE-2024-6165.json | 21 +++ CVE-2024/CVE-2024-62xx/CVE-2024-6272.json | 21 +++ CVE-2024/CVE-2024-64xx/CVE-2024-6408.json | 21 +++ CVE-2024/CVE-2024-64xx/CVE-2024-6412.json | 21 +++ CVE-2024/CVE-2024-66xx/CVE-2024-6695.json | 21 +++ CVE-2024/CVE-2024-67xx/CVE-2024-6770.json | 72 ++++++++++ CVE-2024/CVE-2024-69xx/CVE-2024-6980.json | 78 +++++++++++ CVE-2024/CVE-2024-72xx/CVE-2024-7205.json | 85 ++++++++++++ CVE-2024/CVE-2024-72xx/CVE-2024-7289.json | 137 +++++++++++++++++++ CVE-2024/CVE-2024-72xx/CVE-2024-7290.json | 137 +++++++++++++++++++ CVE-2024/CVE-2024-72xx/CVE-2024-7299.json | 140 ++++++++++++++++++++ CVE-2024/CVE-2024-73xx/CVE-2024-7300.json | 140 ++++++++++++++++++++ README.md | 32 ++--- _state.csv | 35 +++-- 15 files changed, 1003 insertions(+), 26 deletions(-) create mode 100644 CVE-2024/CVE-2024-423xx/CVE-2024-42381.json create mode 100644 CVE-2024/CVE-2024-61xx/CVE-2024-6165.json create mode 100644 CVE-2024/CVE-2024-62xx/CVE-2024-6272.json create mode 100644 CVE-2024/CVE-2024-64xx/CVE-2024-6408.json create mode 100644 CVE-2024/CVE-2024-64xx/CVE-2024-6412.json create mode 100644 CVE-2024/CVE-2024-66xx/CVE-2024-6695.json create mode 100644 CVE-2024/CVE-2024-67xx/CVE-2024-6770.json create mode 100644 CVE-2024/CVE-2024-69xx/CVE-2024-6980.json create mode 100644 CVE-2024/CVE-2024-72xx/CVE-2024-7205.json create mode 100644 CVE-2024/CVE-2024-72xx/CVE-2024-7289.json create mode 100644 CVE-2024/CVE-2024-72xx/CVE-2024-7290.json create mode 100644 CVE-2024/CVE-2024-72xx/CVE-2024-7299.json create mode 100644 CVE-2024/CVE-2024-73xx/CVE-2024-7300.json diff --git a/CVE-2024/CVE-2024-423xx/CVE-2024-42381.json b/CVE-2024/CVE-2024-423xx/CVE-2024-42381.json new file mode 100644 index 00000000000..13679f7b1a8 --- /dev/null +++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42381.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-42381", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-31T06:15:02.130", + "lastModified": "2024-07-31T06:15:02.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which occurs before a user would expect execution of downloaded package content. (237d1e783f7ee261beaba7d3f6bde22da7148b0a was the tested vulnerable version.)" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://blog.trailofbits.com/2024/07/30/our-audit-of-homebrew/", + "source": "cve@mitre.org" + }, + { + "url": "https://brew.sh/2024/07/30/homebrew-security-audit/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Homebrew/brew/commit/916b37388d3851a8a93a8e9b4adc38873680ead7", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Homebrew/brew/pull/17136", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Homebrew/brew/releases/tag/4.2.20", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Homebrew/brew/tree/237d1e783f7ee261beaba7d3f6bde22da7148b0a", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/trailofbits/publications/blob/master/reviews/2023-08-28-homebrew-securityreview.pdf", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6165.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6165.json new file mode 100644 index 00000000000..0b5ed8d19b7 --- /dev/null +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6165.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-6165", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-07-31T06:15:03.373", + "lastModified": "2024-07-31T06:15:03.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WANotifier WordPress plugin before 2.6.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/b9e6648a-9d19-4e73-ad6c-f727802d8dd5/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6272.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6272.json new file mode 100644 index 00000000000..3855b1e583a --- /dev/null +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6272.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-6272", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-07-31T06:15:03.637", + "lastModified": "2024-07-31T06:15:03.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The SpiderContacts WordPress plugin through 1.1.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/146b94df-7fc6-4da3-9ef1-d2875ae3fa9e/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6408.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6408.json new file mode 100644 index 00000000000..83e8546550e --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6408.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-6408", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-07-31T06:15:03.913", + "lastModified": "2024-07-31T06:15:03.913", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Slider by 10Web WordPress plugin before 1.2.57 does not sanitise and escape its Slider Title, which could allow high privilege users such as editors and above to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/31aaeffb-a752-4941-9d0f-1b374fbc7abb/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-64xx/CVE-2024-6412.json b/CVE-2024/CVE-2024-64xx/CVE-2024-6412.json new file mode 100644 index 00000000000..51f94b9a4d7 --- /dev/null +++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6412.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-6412", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-07-31T06:15:04.083", + "lastModified": "2024-07-31T06:15:04.083", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/9eb0dad6-3c19-4fe4-a20d-d45b51410444/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6695.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6695.json new file mode 100644 index 00000000000..ade068c762e --- /dev/null +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6695.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-6695", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-07-31T06:15:04.237", + "lastModified": "2024-07-31T06:15:04.237", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "it's possible for an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions. This is due to improper logic flow on the user registration process." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/4afa5c85-ce27-4ca7-bba2-61fb39c53a5b/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6770.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6770.json new file mode 100644 index 00000000000..696db368a99 --- /dev/null +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6770.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-6770", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-07-31T06:15:04.407", + "lastModified": "2024-07-31T06:15:04.407", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3128079/#file56", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3128079/#file58", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3128092/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/v-form/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/61a63ba6-129a-4ce2-be40-89c2fa44a670?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-69xx/CVE-2024-6980.json b/CVE-2024/CVE-2024-69xx/CVE-2024-6980.json new file mode 100644 index 00000000000..f59ac7208c0 --- /dev/null +++ b/CVE-2024/CVE-2024-69xx/CVE-2024-6980.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-6980", + "sourceIdentifier": "cve-requests@bitdefender.com", + "published": "2024-07-31T07:15:02.053", + "lastModified": "2024-07-31T07:15:02.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery.\u00a0This issue only affects GravityZone Console versions before 6.38.1-5\u00a0running only on premise." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-requests@bitdefender.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 9.2, + "baseSeverity": "CRITICAL" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-requests@bitdefender.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "references": [ + { + "url": "https://www.bitdefender.com/consumer/support/support/security-advisories/verbose-error-handling-issue-in-gravityzone-update-server-proxy-service/", + "source": "cve-requests@bitdefender.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7205.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7205.json new file mode 100644 index 00000000000..37bda956959 --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7205.json @@ -0,0 +1,85 @@ +{ + "id": "CVE-2024-7205", + "sourceIdentifier": "68870bb1-d075-4169-957d-e580b18692b9", + "published": "2024-07-31T06:15:05.327", + "lastModified": "2024-07-31T06:15:05.327", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "68870bb1-d075-4169-957d-e580b18692b9", + "tags": [ + "exclusively-hosted-service" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "When the device is shared,\u00a0the homepage module are before 2.19.0 \u00a0in eWeLink Cloud Service\u00a0allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive information." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "68870bb1-d075-4169-957d-e580b18692b9", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:U/V:D/RE:L/U:Green", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "PRESENT", + "automatable": "NO", + "recovery": "USER", + "valueDensity": "DIFFUSE", + "vulnerabilityResponseEffort": "LOW", + "providerUrgency": "GREEN", + "baseScore": 9.4, + "baseSeverity": "CRITICAL" + } + } + ] + }, + "weaknesses": [ + { + "source": "68870bb1-d075-4169-957d-e580b18692b9", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-201" + } + ] + } + ], + "references": [ + { + "url": "https://ewelink.cc/security-advisory-240730/", + "source": "68870bb1-d075-4169-957d-e580b18692b9" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7289.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7289.json new file mode 100644 index 00000000000..26ab670e501 --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7289.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7289", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T06:15:06.313", + "lastModified": "2024-07-31T06:15:06.313", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /manage_payment.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273158 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/topsky979/7f65e9704b8650e6bee74190f96d21e3", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273158", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273158", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.381471", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7290.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7290.json new file mode 100644 index 00000000000..f56e7acaba9 --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7290.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-7290", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T06:15:07.533", + "lastModified": "2024-07-31T06:15:07.533", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in SourceCodester Establishment Billing Management System 1.0. This affects an unknown part of the file /manage_tenant.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273159." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/topsky979/e40f691866138ea1abf3ca452c4ae3ac", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.273159", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273159", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.381487", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7299.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7299.json new file mode 100644 index 00000000000..52e515fd867 --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7299.json @@ -0,0 +1,140 @@ +{ + "id": "CVE-2024-7299", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T07:15:02.377", + "lastModified": "2024-07-31T07:15:02.377", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Bolt CMS 3.7.1. It has been rated as problematic. This issue affects some unknown processing of the file /preview/page of the component Entry Preview Handler. The manipulation of the argument body leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273167. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.273167", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273167", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.379971", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-73xx/CVE-2024-7300.json b/CVE-2024/CVE-2024-73xx/CVE-2024-7300.json new file mode 100644 index 00000000000..57fa18b5e46 --- /dev/null +++ b/CVE-2024/CVE-2024-73xx/CVE-2024-7300.json @@ -0,0 +1,140 @@ +{ + "id": "CVE-2024-7300", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-07-31T07:15:02.760", + "lastModified": "2024-07-31T07:15:02.760", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file /bolt/editcontent/showcases of the component Showcase Creation Handler. The manipulation of the argument textarea leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273168. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.273168", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.273168", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.380678", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2febe880d0a..e213297d412 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-31T06:00:17.556126+00:00 +2024-07-31T08:00:17.299661+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-31T05:15:10.247000+00:00 +2024-07-31T07:15:02.760000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -258603 +258616 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `13` -- [CVE-2024-39944](CVE-2024/CVE-2024-399xx/CVE-2024-39944.json) (`2024-07-31T04:15:02.410`) -- [CVE-2024-39945](CVE-2024/CVE-2024-399xx/CVE-2024-39945.json) (`2024-07-31T04:15:03.077`) -- [CVE-2024-39946](CVE-2024/CVE-2024-399xx/CVE-2024-39946.json) (`2024-07-31T04:15:03.597`) -- [CVE-2024-39947](CVE-2024/CVE-2024-399xx/CVE-2024-39947.json) (`2024-07-31T04:15:04.840`) -- [CVE-2024-39948](CVE-2024/CVE-2024-399xx/CVE-2024-39948.json) (`2024-07-31T04:15:05.173`) -- [CVE-2024-39949](CVE-2024/CVE-2024-399xx/CVE-2024-39949.json) (`2024-07-31T04:15:05.503`) -- [CVE-2024-39950](CVE-2024/CVE-2024-399xx/CVE-2024-39950.json) (`2024-07-31T04:15:05.837`) -- [CVE-2024-7285](CVE-2024/CVE-2024-72xx/CVE-2024-7285.json) (`2024-07-31T04:15:06.160`) -- [CVE-2024-7286](CVE-2024/CVE-2024-72xx/CVE-2024-7286.json) (`2024-07-31T04:15:06.837`) -- [CVE-2024-7287](CVE-2024/CVE-2024-72xx/CVE-2024-7287.json) (`2024-07-31T05:15:09.907`) -- [CVE-2024-7288](CVE-2024/CVE-2024-72xx/CVE-2024-7288.json) (`2024-07-31T05:15:10.247`) +- [CVE-2024-42381](CVE-2024/CVE-2024-423xx/CVE-2024-42381.json) (`2024-07-31T06:15:02.130`) +- [CVE-2024-6165](CVE-2024/CVE-2024-61xx/CVE-2024-6165.json) (`2024-07-31T06:15:03.373`) +- [CVE-2024-6272](CVE-2024/CVE-2024-62xx/CVE-2024-6272.json) (`2024-07-31T06:15:03.637`) +- [CVE-2024-6408](CVE-2024/CVE-2024-64xx/CVE-2024-6408.json) (`2024-07-31T06:15:03.913`) +- [CVE-2024-6412](CVE-2024/CVE-2024-64xx/CVE-2024-6412.json) (`2024-07-31T06:15:04.083`) +- [CVE-2024-6695](CVE-2024/CVE-2024-66xx/CVE-2024-6695.json) (`2024-07-31T06:15:04.237`) +- [CVE-2024-6770](CVE-2024/CVE-2024-67xx/CVE-2024-6770.json) (`2024-07-31T06:15:04.407`) +- [CVE-2024-6980](CVE-2024/CVE-2024-69xx/CVE-2024-6980.json) (`2024-07-31T07:15:02.053`) +- [CVE-2024-7205](CVE-2024/CVE-2024-72xx/CVE-2024-7205.json) (`2024-07-31T06:15:05.327`) +- [CVE-2024-7289](CVE-2024/CVE-2024-72xx/CVE-2024-7289.json) (`2024-07-31T06:15:06.313`) +- [CVE-2024-7290](CVE-2024/CVE-2024-72xx/CVE-2024-7290.json) (`2024-07-31T06:15:07.533`) +- [CVE-2024-7299](CVE-2024/CVE-2024-72xx/CVE-2024-7299.json) (`2024-07-31T07:15:02.377`) +- [CVE-2024-7300](CVE-2024/CVE-2024-73xx/CVE-2024-7300.json) (`2024-07-31T07:15:02.760`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 8949aa74466..87a710cc25b 100644 --- a/_state.csv +++ b/_state.csv @@ -255595,14 +255595,14 @@ CVE-2024-39936,0,0,151737d9121a39faad5d145bce74b1ef3d7584b31944fb5416c69ce5b04a8 CVE-2024-39937,0,0,1f82f5b58ad230c732d9cc7b90ed7f292cb38d4f538cd1c141ede474ebd9d95b,2024-07-09T16:23:00.340000 CVE-2024-3994,0,0,1a9bed43f4b2f43f8d685322cd3b5005094af7345fc065cd7144b7703ac2b568,2024-04-25T13:18:02.660000 CVE-2024-39943,0,0,3de3703190bb81e39ee7c36efe8f307ccc0155c112a035e437cb302295eb462f,2024-07-08T16:42:25.603000 -CVE-2024-39944,1,1,93edab3757bf93efd75c1fed04e1a33aeb19030f2c76f4f25ff6fbb74ef290e3,2024-07-31T04:15:02.410000 -CVE-2024-39945,1,1,5acd0d76681e7381db5120f9f9fbf7a3d0ff543f4c2fc36680a4e6216789fe79,2024-07-31T04:15:03.077000 -CVE-2024-39946,1,1,7257d34c0ddc5fa77261624031794ab39a364db228c53c860177d24fca59cdb8,2024-07-31T04:15:03.597000 -CVE-2024-39947,1,1,fe2ecb78660ac16c41e93c789bc6775aa324b931676a36e59d1a8c55502bf1dd,2024-07-31T04:15:04.840000 -CVE-2024-39948,1,1,8bd7f08fa5e7d679633b026efc1a2c40405a247b7a75fe82461b2272ce6d60ef,2024-07-31T04:15:05.173000 -CVE-2024-39949,1,1,4a1ee44de87acac5e536f3a397a594a2f3f54cb5f2b39af37e5dae373c980c22,2024-07-31T04:15:05.503000 +CVE-2024-39944,0,0,93edab3757bf93efd75c1fed04e1a33aeb19030f2c76f4f25ff6fbb74ef290e3,2024-07-31T04:15:02.410000 +CVE-2024-39945,0,0,5acd0d76681e7381db5120f9f9fbf7a3d0ff543f4c2fc36680a4e6216789fe79,2024-07-31T04:15:03.077000 +CVE-2024-39946,0,0,7257d34c0ddc5fa77261624031794ab39a364db228c53c860177d24fca59cdb8,2024-07-31T04:15:03.597000 +CVE-2024-39947,0,0,fe2ecb78660ac16c41e93c789bc6775aa324b931676a36e59d1a8c55502bf1dd,2024-07-31T04:15:04.840000 +CVE-2024-39948,0,0,8bd7f08fa5e7d679633b026efc1a2c40405a247b7a75fe82461b2272ce6d60ef,2024-07-31T04:15:05.173000 +CVE-2024-39949,0,0,4a1ee44de87acac5e536f3a397a594a2f3f54cb5f2b39af37e5dae373c980c22,2024-07-31T04:15:05.503000 CVE-2024-3995,0,0,a7fe690817691037765b680c602849c2a36e767bb2849159693fe5a7864f46cb,2024-07-01T14:15:05.680000 -CVE-2024-39950,1,1,307ff2ddb1d1aa0613c71572ebb3fe919a9ff644e8d2d637eb42f6f36507d155,2024-07-31T04:15:05.837000 +CVE-2024-39950,0,0,307ff2ddb1d1aa0613c71572ebb3fe919a9ff644e8d2d637eb42f6f36507d155,2024-07-31T04:15:05.837000 CVE-2024-39962,0,0,6c21d52cd5422abdec57eada0bf64df074fa32bd83d25f0a4b4a139e98aea2bf,2024-07-22T13:00:53.287000 CVE-2024-39963,0,0,2cbb774d772bfe5ed8747fc2c2ce742df6fff01c26c72409fc57e064c4f57179,2024-07-22T13:00:53.287000 CVE-2024-3997,0,0,1f2576b07f1c26f802b0f1e551eeeee57100d1eaa419296265017e09a1456b97,2024-05-24T01:15:30.977000 @@ -256461,6 +256461,7 @@ CVE-2024-4235,0,0,f578447debade3af3e230e69e9dbc9d9ff3e97fecc115950bd6af5b863fac2 CVE-2024-4236,0,0,e2cdfe0d631cec0094aabd9e613a58fc530f718522481021cb8970e2da56a2c3,2024-06-04T19:20:32.960000 CVE-2024-4237,0,0,c38818d0c288b1eec57a9be9e655b05254cb3f3487787a1ecd91e69d9c20b38c,2024-05-17T02:40:19.580000 CVE-2024-4238,0,0,188cceccdce16b8df034bef32fee010a6dd0f801c6690e1589421c7cadfb521c,2024-06-04T19:20:33.063000 +CVE-2024-42381,1,1,39b7d8681fc25c5d7d29a0c0148b32fde4605ae198a447fe09f7a3a9c7cdd92d,2024-07-31T06:15:02.130000 CVE-2024-4239,0,0,cecc2be82896f12bf6cdae75a3b125d58c075d387f3da865cfaf565a2c454897,2024-06-04T19:20:33.163000 CVE-2024-4240,0,0,c278b752586c1bf53091999087140c7ddb924945ab9e2c19f82d090171b2b4e6,2024-06-04T19:20:33.263000 CVE-2024-4241,0,0,1e8cfaace7e8ae3194846b1351a77e14aef6cd3a07b429e780198fa55ccad7c3,2024-05-17T02:40:19.957000 @@ -258029,6 +258030,7 @@ CVE-2024-6161,0,0,4874ef369326f57ebaead3e865a12df6057ceb7ec30e698c3deb9b52e2b100 CVE-2024-6162,0,0,58e77c96a091e21bc4222c97fd6c9956f581d56d70327ff91056071a087926f0,2024-07-25T21:15:11.677000 CVE-2024-6163,0,0,a7111efd9bbca18864edd7eac6469f395d4eb81bc59fa76c3e42cc0c59bc6e2c,2024-07-08T15:49:22.437000 CVE-2024-6164,0,0,614f49d1e735bb6e3edae2e7504c9e172f5564ab53752d92c142ee3a46cadc2e,2024-07-18T12:28:43.707000 +CVE-2024-6165,1,1,dc9a41ef51e650beadc4f23f833832ed913d994bfb331e6ea282de552837f4e9,2024-07-31T06:15:03.373000 CVE-2024-6166,0,0,c93093bf8454afe95675994fb929c06931906789a59088dfba4992e2491ed4c6,2024-07-12T14:23:53.600000 CVE-2024-6167,0,0,53411719c1d4f7c7e0b31dcbc40822727b85ab3cd28b45158c4db6b81cb57664,2024-07-09T18:19:14.047000 CVE-2024-6168,0,0,a9d8b124b0d612b4817eae957707544bf3f1e74cb49f5394cfd698c29b52bb54,2024-07-09T18:19:14.047000 @@ -258105,6 +258107,7 @@ CVE-2024-6267,0,0,693665502396a8f2760ff0a194782c5c48821dd90ed508792042af1972e2ad CVE-2024-6268,0,0,e3e35d0049e774331d2151e442525bd992cba867b327c069ba368c32d8bd87bf,2024-06-26T20:15:16.893000 CVE-2024-6269,0,0,5faaf462a19676e34593dd0a0afbe0cb206ebbb8a7e70c532ba34e4117e361f3,2024-06-26T19:15:14.483000 CVE-2024-6271,0,0,d024c16fd7c4b2b04328abf7d7f44dcfe36c0053b84c0bf959b0b51a37618966,2024-07-25T15:14:33.857000 +CVE-2024-6272,1,1,9cf4a7ffd9612da301b3a0a27333739a70c68c4219c3b6a3e1a2caffc2a797aa,2024-07-31T06:15:03.637000 CVE-2024-6273,0,0,ee5202b6a0bcfc7a40a266aa2aa86d2d546d7d0a335d210650da452fe4ac0950,2024-06-25T13:15:50.403000 CVE-2024-6274,0,0,5445e5244574eb35dee4d3a86757e63aa764a2dd3baf93da96725400aa49bff7,2024-06-24T12:57:36.513000 CVE-2024-6275,0,0,34263dcde8e1b5222af573d3152e1f6b3c783b399a6e9b4a2a7c05be9cba88fa,2024-06-25T16:15:25.923000 @@ -258195,9 +258198,11 @@ CVE-2024-6402,0,0,795485c4534407e246daec51c1daaa33b95f6651688fed743a8fb9054cdaed CVE-2024-6403,0,0,e44b9cfa8d9ae367e624a8cdf179ef52ea1e98c2115d7a956299d17747a6a56b,2024-07-01T12:37:24.220000 CVE-2024-6405,0,0,aeb7997c4465363fb3b56142b10f471ded7e1b160c931780f90562328efb5a26,2024-07-01T12:37:24.220000 CVE-2024-6407,0,0,12314028e09ddfd135bb748e0530e9ce4aee25dcaa6c2bae62524650d54b655f,2024-07-12T16:36:34.747000 +CVE-2024-6408,1,1,44922d0fb7ae368f84301005293b965a2490041021d6efd5896ed6b40c396d6b,2024-07-31T06:15:03.913000 CVE-2024-6409,0,0,40730f06fb7ebb7f1a7924edcad135a5b2e86e4e96c3650a4afd0b819bc01ed7,2024-07-24T21:15:12.700000 CVE-2024-6410,0,0,9db961a9e1824a35ea4ea0ac1b25800d120aafac2e5d4caf32d46e6051ad19d3,2024-07-11T13:05:54.930000 CVE-2024-6411,0,0,47c8df8c850420fccb0a9ac1089e4a10bdc49d8ecc38cd5ac33a449b2082a491,2024-07-11T13:05:54.930000 +CVE-2024-6412,1,1,a3a5ef3ddc3f9c2cd76069f9f7c6fde060858900aca0711426983fd1f3456ed9,2024-07-31T06:15:04.083000 CVE-2024-6414,0,0,ae0d661be5f3239fdfe6f0d08030fef27c03212dc1e12675bcf532fd90369002,2024-07-01T12:37:24.220000 CVE-2024-6415,0,0,2d930efbf55d72578aa6f6117194938fd91dbe48efc49659be82131c011d6129,2024-07-01T12:37:24.220000 CVE-2024-6416,0,0,1d3038bca30e2041aec4c6f6e9ac2c7cb38b0b032dbc11dcdc7f3d31ad18d01f,2024-07-01T12:37:24.220000 @@ -258353,6 +258358,7 @@ CVE-2024-6680,0,0,131299d0989a76f846afb0c8ae15f4692f1a0fdd9931fad30c165660cd1232 CVE-2024-6681,0,0,fd87484dafd740c0f788720b14149eb40f6b6d8ce371416d0e039ce9acf82071,2024-07-11T18:09:58.777000 CVE-2024-6689,0,0,d40d4a6e022419e83ed34bb3a74eb0d24556e6d76f7b0a592f90775a9d52873c,2024-07-16T13:43:58.773000 CVE-2024-6694,0,0,7d61bbb6e4266a8c90354c9d0cb6da1ede156f667671ed3e7d5507b5e685e063,2024-07-22T13:00:53.287000 +CVE-2024-6695,1,1,b65bf0f51d53701881bdf7ea532778cd4f7f9a1652928966be35adc88301abd3,2024-07-31T06:15:04.237000 CVE-2024-6699,0,0,6e43517d823543b1bfe29f11155aa061b1b3007e0c0d0141333897dcac3700cf,2024-07-30T13:32:45.943000 CVE-2024-6703,0,0,58688b231f5fc6deacad90c54b9ce0876a71daf3ee0061b5562a2bcbb8052bf3,2024-07-29T14:12:08.783000 CVE-2024-6705,0,0,1e166467558902cf3ff2211f8b1aa347feb308f999c65053186e5a13806e8368,2024-07-18T12:28:43.707000 @@ -258391,6 +258397,7 @@ CVE-2024-6755,0,0,ab1b630d4d60f43a14793abf6a91e747f24cf32e85dd2f18d0c7fae990d484 CVE-2024-6756,0,0,f587e50343ba8d4d9984018181e54a04ca58befeaa1fc8ceb12c6bae56622e09,2024-07-24T12:55:13.223000 CVE-2024-6761,0,0,f38b3ccdc89aa0093bd659ba31741817a9ff74cb3bee1ce8404957bf0a35b578,2024-07-29T11:15:10.140000 CVE-2024-6765,0,0,582116fb1612a7c43e0b570dc3dd773f185a6bed827d147d00793764d2f2774e,2024-07-17T14:15:04.327000 +CVE-2024-6770,1,1,5c962fa499fe4c0fae45c84b2833e72c8518d2de49afe5528aef0631bfa0abcc,2024-07-31T06:15:04.407000 CVE-2024-6772,0,0,cc08723700878586fe2b2cb702b9aeb8e7ff85837a231851739a99e842cb1c05,2024-07-17T13:34:20.520000 CVE-2024-6773,0,0,a5867869124c1a4b8949c923d047a73abaebfa5c6d8b0baadecd79e09f60d48f,2024-07-17T13:34:20.520000 CVE-2024-6774,0,0,b9aa3de8036d2e47ab5a62ba9fb48c855950418547b1d3607a9791164435ed5d,2024-07-17T13:34:20.520000 @@ -258480,6 +258487,7 @@ CVE-2024-6968,0,0,57675d10d151b515d8654e4a2d23336a097aabe29c179fc0cfbb72272365b2 CVE-2024-6969,0,0,2345a97b06e5d388bdf778f25c67289987f0f6d0622466c7c196f2cd07649113,2024-07-25T15:38:51.787000 CVE-2024-6970,0,0,4194a84f3c5724b9bace97395e0f8e6456cd70a8d0cf3d46afccc165b27983cb,2024-07-25T15:36:44.567000 CVE-2024-6972,0,0,136930c91bb85ebbdb27bc99dae627302f90363fa18ab987405ebabe27d12e99,2024-07-25T12:36:39.947000 +CVE-2024-6980,1,1,da7b35a3c988b3a672618fb6bd094d48c0a05a571e09ce34c6a2116355033259,2024-07-31T07:15:02.053000 CVE-2024-6984,0,0,5e471e68c1f9c8af4cd4126a693da97e089cde1a0fe72eca9e017c53446a32dc,2024-07-29T16:21:52.517000 CVE-2024-7007,0,0,d661b80f381c5e5a20762050cd26d7cdbc7442dd5816d04953c75c3bb9a2e0ae,2024-07-26T12:38:41.683000 CVE-2024-7014,0,0,bf4bcb57365a86d29a45ebd019245eec542daaec8aac5d2bd790565f954bcfee,2024-07-24T12:55:13.223000 @@ -258563,6 +258571,7 @@ CVE-2024-7199,0,0,1c38ae71600e9c4c0d209d192fce66196ad6d1d1454dfe95d9b268bf29c6a5 CVE-2024-7200,0,0,d21a4dd541acbc0094d3b150aee5dc57732e3b43b8983d68802bfc40bea446f0,2024-07-29T14:12:08.783000 CVE-2024-7201,0,0,ada84f4b903b0c95dc45be4013db2022612c9fdb66b840b2138f16a8a9061fa8,2024-07-29T14:12:08.783000 CVE-2024-7202,0,0,47ee30ff0ebecde915aadd7cf1bd702d0bebf04cac4786411e427c0fde39b1f2,2024-07-29T14:12:08.783000 +CVE-2024-7205,1,1,055498b07fc29043cccb0168311bdce18c0cf0dcb2b61aff57ef98d24231779b,2024-07-31T06:15:05.327000 CVE-2024-7208,0,0,46953efa12a5d662fff94e2c99734c2e20fbdfcfc741cd26c9caf517aab8eea2,2024-07-30T17:15:14.360000 CVE-2024-7209,0,0,981807f81ce86beb4f096cbcdb19b49a40a39636a3c8cf91886492003874ebb8,2024-07-30T17:15:14.450000 CVE-2024-7212,0,0,f6bebad6ae53838fdfc46656ae8fba28c66f127a824bd527778b34c8dcd63e65,2024-07-30T13:32:45.943000 @@ -258597,8 +258606,12 @@ CVE-2024-7281,0,0,676d1b9e7bcccbcb069164d1bcaec87b1dc9371ca1fbee7ffc498218cfafe5 CVE-2024-7282,0,0,7797b406ddf95b8e988943463cde846d366babe4ed5dae75abf66003603a2084,2024-07-31T02:15:02.383000 CVE-2024-7283,0,0,1b35177bdcadf8cdc7f98d9acbd93b20649d9a7033c518185cf6161ff6887a9a,2024-07-31T03:15:01.717000 CVE-2024-7284,0,0,e1014e43ca27a628ad7859621a872bc394d97960e71dd6aa9a3b021fefd88e18,2024-07-31T03:15:02.077000 -CVE-2024-7285,1,1,dd41b1f5c45d708684103eb69e9ab9a39ef93e06ce8a773d78ed87c7d0c27130,2024-07-31T04:15:06.160000 -CVE-2024-7286,1,1,75f9876d47bbc461c22d83d829119e4ab85c9a27350e6baf6739c29b6ccac3c1,2024-07-31T04:15:06.837000 -CVE-2024-7287,1,1,fbf7278acad0e96391559d6b15176dbbecb92e7788388ae658b5935c2ce9765e,2024-07-31T05:15:09.907000 -CVE-2024-7288,1,1,a889d279b031c21fcc987793ad11e995397744f85cd99d55b4cb4602b6fc049c,2024-07-31T05:15:10.247000 +CVE-2024-7285,0,0,dd41b1f5c45d708684103eb69e9ab9a39ef93e06ce8a773d78ed87c7d0c27130,2024-07-31T04:15:06.160000 +CVE-2024-7286,0,0,75f9876d47bbc461c22d83d829119e4ab85c9a27350e6baf6739c29b6ccac3c1,2024-07-31T04:15:06.837000 +CVE-2024-7287,0,0,fbf7278acad0e96391559d6b15176dbbecb92e7788388ae658b5935c2ce9765e,2024-07-31T05:15:09.907000 +CVE-2024-7288,0,0,a889d279b031c21fcc987793ad11e995397744f85cd99d55b4cb4602b6fc049c,2024-07-31T05:15:10.247000 +CVE-2024-7289,1,1,8162b46fee11e705c6d94b9177ff2c74cce16ddbc6b3feb9c7afadf13ca77bbf,2024-07-31T06:15:06.313000 +CVE-2024-7290,1,1,41a29a0d813db2af8fdad631964ebbfbd0ee10ee38dc78556ef5b78449870de5,2024-07-31T06:15:07.533000 CVE-2024-7297,0,0,2e874bfba57ad5ec5745065eab38f5876ea9fcd7307b48661cf2daf7f9f6b574,2024-07-30T17:15:14.513000 +CVE-2024-7299,1,1,3fb9f1bd94c66594f63b2cacff046186fb38c633caa0ac8386bda97d4dfe5638,2024-07-31T07:15:02.377000 +CVE-2024-7300,1,1,b3c7cdd075745bcb332425558cf2231190c9514333b35c605f4a02a71ba6cf2c,2024-07-31T07:15:02.760000