From 196c261a4762d8debba69cbccc523f1563945117 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 8 Jun 2024 16:03:11 +0000 Subject: [PATCH] Auto-Update: 2024-06-08T16:00:18.552822+00:00 --- CVE-2023/CVE-2023-457xx/CVE-2023-45707.json | 43 +++++++++++ CVE-2024/CVE-2024-347xx/CVE-2024-34765.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35679.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35681.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35682.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35684.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35687.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35688.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35689.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35691.json | 59 ++++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35693.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35694.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35695.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35696.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35697.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35698.json | 55 +++++++++++++ CVE-2024/CVE-2024-356xx/CVE-2024-35699.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35701.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35702.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35703.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35704.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35705.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35706.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35707.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35708.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35709.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35710.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35711.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35713.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35714.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35715.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35718.json | 55 +++++++++++++ CVE-2024/CVE-2024-357xx/CVE-2024-35719.json | 55 +++++++++++++ CVE-2024/CVE-2024-374xx/CVE-2024-37408.json | 28 +++++++ README.md | 61 +++++++-------- _state.csv | 86 ++++++++++++++------- 36 files changed, 1925 insertions(+), 57 deletions(-) create mode 100644 CVE-2023/CVE-2023-457xx/CVE-2023-45707.json create mode 100644 CVE-2024/CVE-2024-347xx/CVE-2024-34765.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35679.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35681.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35682.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35684.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35687.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35688.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35689.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35691.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35693.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35694.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35695.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35696.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35697.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35698.json create mode 100644 CVE-2024/CVE-2024-356xx/CVE-2024-35699.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35701.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35702.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35703.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35704.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35705.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35706.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35707.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35708.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35709.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35710.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35711.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35713.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35714.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35715.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35718.json create mode 100644 CVE-2024/CVE-2024-357xx/CVE-2024-35719.json create mode 100644 CVE-2024/CVE-2024-374xx/CVE-2024-37408.json diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45707.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45707.json new file mode 100644 index 00000000000..6bcf7a0d937 --- /dev/null +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45707.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-45707", + "sourceIdentifier": "psirt@hcl.com", + "published": "2024-06-08T15:15:49.680", + "lastModified": "2024-06-08T15:15:49.680", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional attacks." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@hcl.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108427", + "source": "psirt@hcl.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-347xx/CVE-2024-34765.json b/CVE-2024/CVE-2024-347xx/CVE-2024-34765.json new file mode 100644 index 00000000000..901f1fae6a6 --- /dev/null +++ b/CVE-2024/CVE-2024-347xx/CVE-2024-34765.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-34765", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:49.900", + "lastModified": "2024-06-08T15:15:49.900", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sensei Sensei Pro (WC Paid Courses) allows Stored XSS.This issue affects Sensei Pro (WC Paid Courses): from n/a through 4.23.1.1.23.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/woothemes-sensei/wordpress-sensei-pro-wc-paid-courses-plugin-4-23-1-1-23-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35679.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35679.json new file mode 100644 index 00000000000..ee046478add --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35679.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35679", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:50.130", + "lastModified": "2024-06-08T15:15:50.130", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GiveWP allows Reflected XSS.This issue affects GiveWP: from n/a through 3.12.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-3-12-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35681.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35681.json new file mode 100644 index 00000000000..9cf6b1fbe93 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35681.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35681", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:50.343", + "lastModified": "2024-06-08T15:15:50.343", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wpdiscuz/wordpress-wpdiscuz-plugin-7-6-18-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35682.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35682.json new file mode 100644 index 00000000000..d8512267c21 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35682.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35682", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:50.560", + "lastModified": "2024-06-08T15:15:50.560", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/otter-pro/wordpress-otter-blocks-pro-plugin-2-6-11-authenticated-sensitive-data-exposure-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35684.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35684.json new file mode 100644 index 00000000000..155e318635f --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35684.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35684", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:50.773", + "lastModified": "2024-06-08T15:15:50.773", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects ElasticPress: from n/a through 5.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/elasticpress/wordpress-elasticpress-plugin-5-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35687.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35687.json new file mode 100644 index 00000000000..465d3cb0774 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35687.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35687", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:51.000", + "lastModified": "2024-06-08T15:15:51.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows Reflected XSS.This issue affects Link Library: from n/a through 7.6.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/link-library/wordpress-link-library-plugin-7-6-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35688.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35688.json new file mode 100644 index 00000000000..82df8696880 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35688.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35688", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:51.220", + "lastModified": "2024-06-08T15:15:51.220", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.5.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/master-addons/wordpress-master-addons-for-elementor-plugin-2-0-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35689.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35689.json new file mode 100644 index 00000000000..731be4762cb --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35689.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35689", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:51.490", + "lastModified": "2024-06-08T15:15:51.490", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-analytify/wordpress-analytify-plugin-5-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35691.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35691.json new file mode 100644 index 00000000000..fe411938451 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35691.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-35691", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:51.720", + "lastModified": "2024-06-08T15:15:51.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC Widget Options - Extended.This issue affects Widget Options - Extended: from n/a through 5.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/extended-widget-options/wordpress-widget-options-extended-plugin-5-1-0-subscriber-private-draft-post-exposure-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/extended-widget-options/wordpress-widget-options-extended-plugin-5-1-0-subscriber-user-meta-data-exposure-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35693.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35693.json new file mode 100644 index 00000000000..dcdb338f5ce --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35693.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35693", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:51.957", + "lastModified": "2024-06-08T15:15:51.957", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Code for Recovery 12 Step Meeting List allows Reflected XSS.This issue affects 12 Step Meeting List: from n/a through 3.14.33." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/12-step-meeting-list/wordpress-12-step-meeting-list-plugin-3-14-33-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35694.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35694.json new file mode 100644 index 00000000000..87f66989350 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35694.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35694", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:52.163", + "lastModified": "2024-06-08T15:15:52.163", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPMobile.App allows Reflected XSS.This issue affects WPMobile.App: from n/a through 11.41." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wpappninja/wordpress-wpmobile-app-plugin-11-41-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35695.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35695.json new file mode 100644 index 00000000000..17b54a83631 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35695.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35695", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:52.387", + "lastModified": "2024-06-08T15:15:52.387", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-docs/wordpress-wp-docs-plugin-2-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35696.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35696.json new file mode 100644 index 00000000000..d96c4d888e7 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35696.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35696", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:52.607", + "lastModified": "2024-06-08T15:15:52.607", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Reflected XSS.This issue affects WP Docs: from n/a through 2.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-docs/wordpress-wp-docs-plugin-2-1-3-cross-site-scripting-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35697.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35697.json new file mode 100644 index 00000000000..348b79be2c6 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35697.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35697", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:52.837", + "lastModified": "2024-06-08T15:15:52.837", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/eduma/wordpress-eduma-theme-5-4-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35698.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35698.json new file mode 100644 index 00000000000..6b9e0b947d4 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35698.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35698", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:53.043", + "lastModified": "2024-06-08T15:15:53.043", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Tab Manager allows Stored XSS.This issue affects YITH WooCommerce Tab Manager: from n/a through 1.35.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/yith-woocommerce-tab-manager/wordpress-yith-woocommerce-tab-manager-plugin-1-35-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-356xx/CVE-2024-35699.json b/CVE-2024/CVE-2024-356xx/CVE-2024-35699.json new file mode 100644 index 00000000000..e68bca0a7f5 --- /dev/null +++ b/CVE-2024/CVE-2024-356xx/CVE-2024-35699.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35699", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:53.253", + "lastModified": "2024-06-08T15:15:53.253", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ht-instagram/wordpress-ht-feed-plugin-1-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35701.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35701.json new file mode 100644 index 00000000000..c545809ed72 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35701.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35701", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:53.460", + "lastModified": "2024-06-08T15:15:53.460", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.13." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/propertyhive/wordpress-propertyhive-plugin-2-0-13-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35702.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35702.json new file mode 100644 index 00000000000..5430442093f --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35702.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35702", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:53.680", + "lastModified": "2024-06-08T15:15:53.680", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/master-addons/wordpress-master-addons-for-elementor-plugin-2-0-6-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35703.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35703.json new file mode 100644 index 00000000000..26127f54d29 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35703.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35703", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:53.893", + "lastModified": "2024-06-08T15:15:53.893", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through 3.5.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/sina-extension-for-elementor/wordpress-sina-extension-for-elementor-plugin-3-5-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35704.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35704.json new file mode 100644 index 00000000000..60c2ab9b993 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35704.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35704", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:54.110", + "lastModified": "2024-06-08T15:15:54.110", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockArt BlockArt Blocks allows Stored XSS.This issue affects BlockArt Blocks: from n/a through 2.1.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/blockart-blocks/wordpress-blockart-blocks-plugin-2-1-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35705.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35705.json new file mode 100644 index 00000000000..862de185ff9 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35705.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35705", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:54.327", + "lastModified": "2024-06-08T15:15:54.327", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font Awesome: from n/a through 1.4.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/block-for-font-awesome/wordpress-block-for-font-awesome-plugin-1-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35706.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35706.json new file mode 100644 index 00000000000..7c52489f514 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35706.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35706", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T15:15:54.540", + "lastModified": "2024-06-08T15:15:54.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Cross-Site Scripting (XSS).This issue affects Heateor Social Login: from n/a through 1.1.32." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/heateor-social-login/wordpress-heateor-social-login-wordpress-plugin-1-1-32-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35707.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35707.json new file mode 100644 index 00000000000..b6a640edd2d --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35707.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35707", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:08.983", + "lastModified": "2024-06-08T14:15:08.983", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Stored XSS.This issue affects Heateor Social Login: from n/a through 1.1.32." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/heateor-social-login/wordpress-heateor-social-login-wordpress-plugin-1-1-32-cross-site-scripting-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35708.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35708.json new file mode 100644 index 00000000000..92bd5c26f97 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35708.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35708", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:09.223", + "lastModified": "2024-06-08T14:15:09.223", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in apollo13themes Rife Free allows Stored XSS.This issue affects Rife Free: from n/a through 2.4.19." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/rife-free/wordpress-rife-free-theme-2-4-19-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35709.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35709.json new file mode 100644 index 00000000000..ab864d81c9b --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35709.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35709", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:09.460", + "lastModified": "2024-06-08T14:15:09.460", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.5.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/the-plus-addons-for-elementor-page-builder/wordpress-the-plus-addons-for-elementor-plugin-5-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35710.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35710.json new file mode 100644 index 00000000000..a535fcab4be --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35710.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35710", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:09.690", + "lastModified": "2024-06-08T14:15:09.690", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through 5.7.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/podlove-web-player/wordpress-podlove-web-player-plugin-5-7-3-sensitive-data-exposure-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35711.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35711.json new file mode 100644 index 00000000000..d629f00fc72 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35711.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35711", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:09.930", + "lastModified": "2024-06-08T14:15:09.930", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Event allows Stored XSS.This issue affects Event: from n/a through 1.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/event/wordpress-event-theme-1-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35713.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35713.json new file mode 100644 index 00000000000..40022dc30fe --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35713.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35713", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:10.167", + "lastModified": "2024-06-08T14:15:10.167", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in UAPP GROUP Testimonial Carousel For Elementor allows Stored XSS.This issue affects Testimonial Carousel For Elementor: from n/a through 10.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/testimonials-carousel-elementor/wordpress-testimonial-carousel-for-elementor-plugin-10-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35714.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35714.json new file mode 100644 index 00000000000..423ec7ccd20 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35714.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35714", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:10.393", + "lastModified": "2024-06-08T14:15:10.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Idyllic allows Stored XSS.This issue affects Idyllic: from n/a through 1.1.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/idyllic/wordpress-idyllic-theme-1-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35715.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35715.json new file mode 100644 index 00000000000..366ffba8a50 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35715.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35715", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:10.613", + "lastModified": "2024-06-08T14:15:10.613", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Peregrine themes Bloglo allows Stored XSS.This issue affects Bloglo: from n/a through 1.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/bloglo/wordpress-bloglo-theme-1-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35718.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35718.json new file mode 100644 index 00000000000..e50d6c7cfa4 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35718.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35718", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:10.843", + "lastModified": "2024-06-08T14:15:10.843", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/newsletters-lite/wordpress-newsletters-plugin-4-9-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35719.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35719.json new file mode 100644 index 00000000000..f57c07664a4 --- /dev/null +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35719.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-35719", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-06-08T14:15:11.073", + "lastModified": "2024-06-08T14:15:11.073", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagniGenie RestroPress allows Stored XSS.This issue affects RestroPress: from n/a through 3.1.2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/restropress/wordpress-restropress-plugin-3-1-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37408.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37408.json new file mode 100644 index 00000000000..1119d85c431 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37408.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-37408", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-08T14:15:11.307", + "lastModified": "2024-06-08T14:15:11.307", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by \"auth sufficient pam_fprintd.so\" for Sudo." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/libfprint/fprintd/-/releases", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.freedesktop.org/archives/fprint/2024-May/001231.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2024/05/30/3", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f2b5eef88fb..46aa7d53416 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-06-08T14:00:18.731960+00:00 +2024-06-08T16:00:18.552822+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-06-08T13:15:58.337000+00:00 +2024-06-08T15:15:54.540000+00:00 ``` ### Last Data Feed Release @@ -33,45 +33,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -253054 +253088 ``` ### CVEs added in the last Commit -Recently added CVEs: `21` +Recently added CVEs: `34` -- [CVE-2024-35730](CVE-2024/CVE-2024-357xx/CVE-2024-35730.json) (`2024-06-08T13:15:54.667`) -- [CVE-2024-35731](CVE-2024/CVE-2024-357xx/CVE-2024-35731.json) (`2024-06-08T13:15:54.917`) -- [CVE-2024-35732](CVE-2024/CVE-2024-357xx/CVE-2024-35732.json) (`2024-06-08T13:15:55.150`) -- [CVE-2024-35733](CVE-2024/CVE-2024-357xx/CVE-2024-35733.json) (`2024-06-08T13:15:55.410`) -- [CVE-2024-35734](CVE-2024/CVE-2024-357xx/CVE-2024-35734.json) (`2024-06-08T13:15:55.647`) -- [CVE-2024-35736](CVE-2024/CVE-2024-357xx/CVE-2024-35736.json) (`2024-06-08T13:15:55.897`) -- [CVE-2024-35737](CVE-2024/CVE-2024-357xx/CVE-2024-35737.json) (`2024-06-08T13:15:56.140`) -- [CVE-2024-35738](CVE-2024/CVE-2024-357xx/CVE-2024-35738.json) (`2024-06-08T13:15:56.430`) -- [CVE-2024-35739](CVE-2024/CVE-2024-357xx/CVE-2024-35739.json) (`2024-06-08T13:15:56.660`) -- [CVE-2024-35740](CVE-2024/CVE-2024-357xx/CVE-2024-35740.json) (`2024-06-08T13:15:56.910`) -- [CVE-2024-35750](CVE-2024/CVE-2024-357xx/CVE-2024-35750.json) (`2024-06-08T13:15:57.137`) -- [CVE-2024-35751](CVE-2024/CVE-2024-357xx/CVE-2024-35751.json) (`2024-06-08T13:15:57.370`) -- [CVE-2024-35752](CVE-2024/CVE-2024-357xx/CVE-2024-35752.json) (`2024-06-08T13:15:57.607`) -- [CVE-2024-36965](CVE-2024/CVE-2024-369xx/CVE-2024-36965.json) (`2024-06-08T13:15:57.820`) -- [CVE-2024-36966](CVE-2024/CVE-2024-369xx/CVE-2024-36966.json) (`2024-06-08T13:15:57.917`) -- [CVE-2024-36967](CVE-2024/CVE-2024-369xx/CVE-2024-36967.json) (`2024-06-08T13:15:58.000`) -- [CVE-2024-36968](CVE-2024/CVE-2024-369xx/CVE-2024-36968.json) (`2024-06-08T13:15:58.093`) -- [CVE-2024-36969](CVE-2024/CVE-2024-369xx/CVE-2024-36969.json) (`2024-06-08T13:15:58.170`) -- [CVE-2024-36970](CVE-2024/CVE-2024-369xx/CVE-2024-36970.json) (`2024-06-08T13:15:58.260`) -- [CVE-2024-37407](CVE-2024/CVE-2024-374xx/CVE-2024-37407.json) (`2024-06-08T13:15:58.337`) -- [CVE-2024-5766](CVE-2024/CVE-2024-57xx/CVE-2024-5766.json) (`2024-06-08T12:15:10.117`) +- [CVE-2024-35691](CVE-2024/CVE-2024-356xx/CVE-2024-35691.json) (`2024-06-08T15:15:51.720`) +- [CVE-2024-35693](CVE-2024/CVE-2024-356xx/CVE-2024-35693.json) (`2024-06-08T15:15:51.957`) +- [CVE-2024-35694](CVE-2024/CVE-2024-356xx/CVE-2024-35694.json) (`2024-06-08T15:15:52.163`) +- [CVE-2024-35695](CVE-2024/CVE-2024-356xx/CVE-2024-35695.json) (`2024-06-08T15:15:52.387`) +- [CVE-2024-35696](CVE-2024/CVE-2024-356xx/CVE-2024-35696.json) (`2024-06-08T15:15:52.607`) +- [CVE-2024-35697](CVE-2024/CVE-2024-356xx/CVE-2024-35697.json) (`2024-06-08T15:15:52.837`) +- [CVE-2024-35698](CVE-2024/CVE-2024-356xx/CVE-2024-35698.json) (`2024-06-08T15:15:53.043`) +- [CVE-2024-35699](CVE-2024/CVE-2024-356xx/CVE-2024-35699.json) (`2024-06-08T15:15:53.253`) +- [CVE-2024-35701](CVE-2024/CVE-2024-357xx/CVE-2024-35701.json) (`2024-06-08T15:15:53.460`) +- [CVE-2024-35702](CVE-2024/CVE-2024-357xx/CVE-2024-35702.json) (`2024-06-08T15:15:53.680`) +- [CVE-2024-35703](CVE-2024/CVE-2024-357xx/CVE-2024-35703.json) (`2024-06-08T15:15:53.893`) +- [CVE-2024-35704](CVE-2024/CVE-2024-357xx/CVE-2024-35704.json) (`2024-06-08T15:15:54.110`) +- [CVE-2024-35705](CVE-2024/CVE-2024-357xx/CVE-2024-35705.json) (`2024-06-08T15:15:54.327`) +- [CVE-2024-35706](CVE-2024/CVE-2024-357xx/CVE-2024-35706.json) (`2024-06-08T15:15:54.540`) +- [CVE-2024-35707](CVE-2024/CVE-2024-357xx/CVE-2024-35707.json) (`2024-06-08T14:15:08.983`) +- [CVE-2024-35708](CVE-2024/CVE-2024-357xx/CVE-2024-35708.json) (`2024-06-08T14:15:09.223`) +- [CVE-2024-35709](CVE-2024/CVE-2024-357xx/CVE-2024-35709.json) (`2024-06-08T14:15:09.460`) +- [CVE-2024-35710](CVE-2024/CVE-2024-357xx/CVE-2024-35710.json) (`2024-06-08T14:15:09.690`) +- [CVE-2024-35711](CVE-2024/CVE-2024-357xx/CVE-2024-35711.json) (`2024-06-08T14:15:09.930`) +- [CVE-2024-35713](CVE-2024/CVE-2024-357xx/CVE-2024-35713.json) (`2024-06-08T14:15:10.167`) +- [CVE-2024-35714](CVE-2024/CVE-2024-357xx/CVE-2024-35714.json) (`2024-06-08T14:15:10.393`) +- [CVE-2024-35715](CVE-2024/CVE-2024-357xx/CVE-2024-35715.json) (`2024-06-08T14:15:10.613`) +- [CVE-2024-35718](CVE-2024/CVE-2024-357xx/CVE-2024-35718.json) (`2024-06-08T14:15:10.843`) +- [CVE-2024-35719](CVE-2024/CVE-2024-357xx/CVE-2024-35719.json) (`2024-06-08T14:15:11.073`) +- [CVE-2024-37408](CVE-2024/CVE-2024-374xx/CVE-2024-37408.json) (`2024-06-08T14:15:11.307`) ### CVEs modified in the last Commit -Recently modified CVEs: `5` +Recently modified CVEs: `0` -- [CVE-2023-52756](CVE-2023/CVE-2023-527xx/CVE-2023-52756.json) (`2024-06-08T12:15:09.513`) -- [CVE-2023-52802](CVE-2023/CVE-2023-528xx/CVE-2023-52802.json) (`2024-06-08T12:15:09.783`) -- [CVE-2024-20696](CVE-2024/CVE-2024-206xx/CVE-2024-20696.json) (`2024-06-08T13:15:54.193`) -- [CVE-2024-20697](CVE-2024/CVE-2024-206xx/CVE-2024-20697.json) (`2024-06-08T13:15:54.397`) -- [CVE-2024-26256](CVE-2024/CVE-2024-262xx/CVE-2024-26256.json) (`2024-06-08T13:15:54.527`) ## Download and Usage diff --git a/_state.csv b/_state.csv index e8973aa7544..28cbcdf7c8f 100644 --- a/_state.csv +++ b/_state.csv @@ -233493,6 +233493,7 @@ CVE-2023-45702,0,0,de5d102699bd8c10fd8f0316a6585254fb134a2ff0d9938ccb0037068e910 CVE-2023-45703,0,0,dea19aa7d6a8a6afd2ee4037f85223b782d0f4c3a590d34c9d227990e4e23cff,2024-01-02T16:18:39.287000 CVE-2023-45705,0,0,08c5362f863babc2c1eaf45f307c5df7bbcd696a92fe782bb3c50b132fd68c74,2024-03-28T16:07:30.893000 CVE-2023-45706,0,0,e0385697c332dc3ef5d217fc3035264af0d1f8faaf7ecfd441572d04148ca310,2024-03-28T16:07:30.893000 +CVE-2023-45707,1,1,3a6e1ea9ecf69296b6aa28f697c6dd833b8b42c1860a6a049d073e3ac393e76c,2024-06-08T15:15:49.680000 CVE-2023-4571,0,0,a5446c6fc7ea19a5021097a5b731baab9b76b99d147937c6f0c007231d2c5858,2024-04-10T01:15:17.183000 CVE-2023-45715,0,0,ee88768f0065e790f1c75fc2a7a8c50b52683fce9b06dae4e814cd4daafca29c,2024-03-28T16:07:30.893000 CVE-2023-45716,0,0,0a00a1625e10fd10c315dd94d684f341e834c086570f2f1b11bcfdbaa4c3a720,2024-02-26T21:22:54.537000 @@ -238401,7 +238402,7 @@ CVE-2023-52752,0,0,25de89af3d4053d37f8f8e8a25e68095a261521025a1fab0bcc59aaf799f0 CVE-2023-52753,0,0,01ad314fc21f348a08f59b0508c438f15217c5b77323cc27c5533e8fcf19711c,2024-05-24T01:12:46.227000 CVE-2023-52754,0,0,6c3f909df442358f10009af2374d307a27574624f35992cb0e89815656c4ead5,2024-05-21T16:53:56.550000 CVE-2023-52755,0,0,363ad3830894b1997ea949ce826bd999a8f15d7d0e03a2a28cfadc8e6277ff11,2024-05-21T16:53:56.550000 -CVE-2023-52756,0,1,4f335ff0b69403bd52d52b8d688ec5d5010d82211d565f520b78606f8596b3dc,2024-06-08T12:15:09.513000 +CVE-2023-52756,0,0,4f335ff0b69403bd52d52b8d688ec5d5010d82211d565f520b78606f8596b3dc,2024-06-08T12:15:09.513000 CVE-2023-52757,0,0,a3f7e9b496d7a1b0e1a086720f61d4780919b8bc433816b11c05419d90c92177,2024-05-21T16:53:56.550000 CVE-2023-52758,0,0,697a841d5c4c62a9a5e867a3f36ba9059087126e2106f7ec3783d08e037de4b7,2024-05-24T16:15:09.010000 CVE-2023-52759,0,0,cdacf0be4399f4a8784d1dc753dc6263170b989ec3a6e49dda949f8349b098c5,2024-05-21T16:53:56.550000 @@ -238452,7 +238453,7 @@ CVE-2023-52799,0,0,cde34f1c080e291d19b6bead7c097c43ba74339851e793355ab446b5c7779 CVE-2023-5280,0,0,05e6a37f5f9bd5a1bc94abc6e2d70e08893d7b367c610c9b600bbd1ae1bd72af,2024-06-04T19:18:10.060000 CVE-2023-52800,0,0,6094ca9eec86821482714021ea5ff6a4ed14e109d9b84ed733b5609c4c4727b4,2024-05-21T16:53:56.550000 CVE-2023-52801,0,0,b535c81deacc001cc55809f26279fcc8f943e4b47f03e1d38835d1eabced2661,2024-05-21T16:53:56.550000 -CVE-2023-52802,0,1,7a66c54da530bf46ad265c5d3722bf29ac68c9be9672cf77b5fe3d0070a86e8a,2024-06-08T12:15:09.783000 +CVE-2023-52802,0,0,7a66c54da530bf46ad265c5d3722bf29ac68c9be9672cf77b5fe3d0070a86e8a,2024-06-08T12:15:09.783000 CVE-2023-52803,0,0,d97cd26a8945749301c75b128288d9947cc059912546c7832626e8b531842222,2024-05-21T16:53:56.550000 CVE-2023-52804,0,0,42b607e83ed9029b8db30ea60d460b5ef07801a80958b4f415168da424d1d25d,2024-05-21T16:53:56.550000 CVE-2023-52805,0,0,423ff2bb4d16a7d3d99ff6cde998a0081fe09b7559dc9abf0978f00ee5d7aaf4,2024-05-21T16:53:56.550000 @@ -242263,8 +242264,8 @@ CVE-2024-20692,0,0,87d7a3ce2bf78c3580f3f4d77627a76351b0ace1cefed56e8e3a1b65ff225 CVE-2024-20693,0,0,58b2c5f69bf7013e2db66a3ca1c15a7c56f3eeb06bade8eb94e849e9cb18c8ff,2024-04-10T13:24:00.070000 CVE-2024-20694,0,0,24a71f7a33d32ecc1a00f3d25b396148c2e2497db58724f92d99f85897c07226,2024-05-29T00:15:15.630000 CVE-2024-20695,0,0,3140b865165e7a1476184c26b052bdb37f127b446790c95987e7bbb86f6ca050,2024-05-29T00:15:15.823000 -CVE-2024-20696,0,1,d1cacd6fe0ea80f1a077841d88f8ad5ef184f1bf8e5f953666653fe05e6d5ae3,2024-06-08T13:15:54.193000 -CVE-2024-20697,0,1,471a66ffb07ee7b7a0c1045b5cef7af1394de5ad3426d872d8cee1e05666475f,2024-06-08T13:15:54.397000 +CVE-2024-20696,0,0,d1cacd6fe0ea80f1a077841d88f8ad5ef184f1bf8e5f953666653fe05e6d5ae3,2024-06-08T13:15:54.193000 +CVE-2024-20697,0,0,471a66ffb07ee7b7a0c1045b5cef7af1394de5ad3426d872d8cee1e05666475f,2024-06-08T13:15:54.397000 CVE-2024-20698,0,0,c87681a712debff74de386c4bd26867a56e17e9c3f279b52fd0c11e97aa17c64,2024-05-29T00:15:16.343000 CVE-2024-20699,0,0,a5a67c53871242abe30e37856eae34909fef80235b80c02497150a284066de22,2024-01-14T21:57:27.553000 CVE-2024-2070,0,0,96e6b267a155e30e7af56a9cf12a74717d1ea58df3f9d2000eda21f3b659ea73,2024-05-17T02:38:01.770000 @@ -245714,7 +245715,7 @@ CVE-2024-26252,0,0,df562f5c83abdc407ed37aaf1c1c037cf6f8550dbd77ed7347471880b8672 CVE-2024-26253,0,0,34481f020a86a742b6ced94cd3663067ce41019d1907c6b06ed17f950058a134,2024-04-10T13:24:00.070000 CVE-2024-26254,0,0,07a4b81b26bc3f1c97cbd450d7200968eabb824affdc4e125ab1428b8b376be4,2024-04-10T13:24:00.070000 CVE-2024-26255,0,0,85638effedfaf37162394543c2ea8be3fea3cadc51d4bb0413585c9f3e228970,2024-04-10T13:24:00.070000 -CVE-2024-26256,0,1,3a8423bb6f4da4b0932feee1ae95deeb529afc0cf7244e4ee4334e89a457e1d6,2024-06-08T13:15:54.527000 +CVE-2024-26256,0,0,3a8423bb6f4da4b0932feee1ae95deeb529afc0cf7244e4ee4334e89a457e1d6,2024-06-08T13:15:54.527000 CVE-2024-26257,0,0,05a28d03660a848990668904555214fae6f00026d23d1677e03b07f5dc8dee4e,2024-04-10T13:24:00.070000 CVE-2024-26258,0,0,e2948ebecdedd5be931de1508231bfb7181246b38ce20c139f19e68ae9750f3d,2024-04-04T12:48:41.700000 CVE-2024-2626,0,0,0f82bfcd678adfe2206a7b49362dbece30aa00242a9c52e3ba26851c15f6dba3,2024-04-01T15:22:37.883000 @@ -250793,6 +250794,7 @@ CVE-2024-34759,0,0,1e0e2c67aeb37ee2fee8b44ea3cd39e479d17142c7e3b68f34ae10189749e CVE-2024-3476,0,0,8d55e08f53225fd62245e2332fbccfcb740f72480e60e1d515618aab26b24582,2024-05-02T13:27:25.103000 CVE-2024-34760,0,0,82a83a3179457fac7a33034fd056c2efc13c1726662f893ecd6b003877ae591a,2024-05-17T18:36:31.297000 CVE-2024-34764,0,0,4a062b2d355bca216e61eea89a3143fd70d17f9d23f9dff7fe6c4cca332731a1,2024-06-03T14:46:24.250000 +CVE-2024-34765,1,1,87976e885c9ec9876fc9a89f53fe77e1a1eb14862cdb26a188cc86f7176dce7c,2024-06-08T15:15:49.900000 CVE-2024-34766,0,0,22c387d44c55a71d31b88c20dd6d65754704e9027fdf30a05382b01813ba8a61,2024-06-03T14:46:24.250000 CVE-2024-34767,0,0,6f5ea6195ddd625783e4c87a3b2ae39b2737a655a57bd059a5c57172141b2a9e,2024-06-03T14:46:24.250000 CVE-2024-34769,0,0,0bbf8d289bb37a8c03efb2ca6ae81bbeb7528a00dc16321c8a204ebffecfc117,2024-06-03T14:46:24.250000 @@ -251148,28 +251150,59 @@ CVE-2024-35670,0,0,73750f9851edcb4e69a614add6516a80303684a17d124f9c4de5d312adb90 CVE-2024-35672,0,0,55d6b261119374cd3faa4eaa39d96a050af2ec6d719a35d44d5d1508f743f033,2024-06-05T12:53:50.240000 CVE-2024-35673,0,0,b2fbe24f0db2be82a21d56e6af9fa939a75372c8c56128cfd1a449a3505ad62c,2024-06-06T14:17:35.017000 CVE-2024-35674,0,0,61cb77c7b559c0aea326b97e0a24dca407c217fd649698447cd12a1a2e660866,2024-06-06T14:17:35.017000 +CVE-2024-35679,1,1,c2537b8bfee1e87793a14a7eb60805fe43149544cc87e07ecc93e7765f611d08,2024-06-08T15:15:50.130000 CVE-2024-3568,0,0,573133d2a7191a46b0975280ef7162f7787321191e0ad33f2c4c70c7e8d9c3f5,2024-04-10T19:49:51.183000 +CVE-2024-35681,1,1,83766e7ea9a4d320afc194ec01aa03dfe48354cc5e68bcbddc913c40511474f5,2024-06-08T15:15:50.343000 +CVE-2024-35682,1,1,c2454c279f191301aa7e112794e0bba1ffb44b1570c50743716b06d8fafff7fd,2024-06-08T15:15:50.560000 +CVE-2024-35684,1,1,6aa69210eebde3a202e32759c1c02813ecb4fed85099e33b0c4ff92681c455b2,2024-06-08T15:15:50.773000 +CVE-2024-35687,1,1,0ec19681e1d87342fbadc5f42887f511d4309988f67e9f39a564c94fceaae2d9,2024-06-08T15:15:51 +CVE-2024-35688,1,1,ad59f3be17e462c83bb1ef69b863d81f3377a01c3f1f7777cb6b951a26c80286,2024-06-08T15:15:51.220000 +CVE-2024-35689,1,1,6edac38f23f1c5b930db422ed5a88616fd4bd81dce59599ccd79610cddde1249,2024-06-08T15:15:51.490000 CVE-2024-3569,0,0,1713859ca5226d02b2325e4195882c2c405d5fa4ce56952eae5e58bc3dad6bde,2024-04-10T19:49:51.183000 +CVE-2024-35691,1,1,0d5a2872ad08057ac0a26e720ad0f68345ec76ea8528d1b1c030c2bbab1dfbae,2024-06-08T15:15:51.720000 +CVE-2024-35693,1,1,3c21be5962ae0c089d7d572884590bcfdb2b68c769fd5e88f78257647c9b2960,2024-06-08T15:15:51.957000 +CVE-2024-35694,1,1,9feef0d96bd15fd9853cb28918fa02b67bf9ee0c802022096d676fe0b040173c,2024-06-08T15:15:52.163000 +CVE-2024-35695,1,1,df819d2719537591ec70be3368ae00d5aa4f1445a9b24e77f873e5f5da582000,2024-06-08T15:15:52.387000 +CVE-2024-35696,1,1,ec4c2b725789ff9685dcd96a105270ac9c747d9e2bc781e9cc976fbc553d549d,2024-06-08T15:15:52.607000 +CVE-2024-35697,1,1,55de2f9220664ef4f979e45ed9f3e1986fe2be45956604d8d73c71b66bdb2a81,2024-06-08T15:15:52.837000 +CVE-2024-35698,1,1,8018d88ad432f2ac149f02b40091757516b50110f8690066a19eea63ac21cad9,2024-06-08T15:15:53.043000 +CVE-2024-35699,1,1,928f2025ef10f32236093de27a05de1b7f5bdc15a28f2787c442ba84f620a45f,2024-06-08T15:15:53.253000 CVE-2024-3570,0,0,df44050a6262c2969e286478660750960763247b24187b06070fe7dd6b9e3002,2024-04-10T19:49:51.183000 CVE-2024-35700,0,0,beeb20b759af9a32a69313385147a7395fc3bf7cb0ca31c5082e011236ebc275,2024-06-05T19:50:49.063000 +CVE-2024-35701,1,1,fa40bf379a0ade90007b8d8ea747a9a03a77294ebd55ef4104a69926ab2e6724,2024-06-08T15:15:53.460000 +CVE-2024-35702,1,1,b54ea3eea04efe7ece4bcf06bed4431fa76103d58a468244d0d0002ee2e040e9,2024-06-08T15:15:53.680000 +CVE-2024-35703,1,1,1be43e4e61cefb585d1a36b0eafe4e7fb6d73bef864d1cacaa39b054db9e9a7c,2024-06-08T15:15:53.893000 +CVE-2024-35704,1,1,dc82a03f2913d5cfeb5f37ca95c59912f2bc0b44836970f89ef21848090769a6,2024-06-08T15:15:54.110000 +CVE-2024-35705,1,1,84675207f5cc239a2fe48df12f648e46c82be13c9707b1454cfbe9e9ba33e974,2024-06-08T15:15:54.327000 +CVE-2024-35706,1,1,5c23de19308a3a78ba6bb77c148289ab9dcea075c3ec4a868e6e592b24c3442e,2024-06-08T15:15:54.540000 +CVE-2024-35707,1,1,25b9ba39c0b18af3efa2b304a3271d752553683f8b9430d9145ddedcadd62496,2024-06-08T14:15:08.983000 +CVE-2024-35708,1,1,dca4ee1d18ff430aa35f63d2382217bebe1958020e1fb41e53f4e35ed3d52110,2024-06-08T14:15:09.223000 +CVE-2024-35709,1,1,0ab5a36d24ad816d7850ad6ad8eac568170a28796947805150106513f07b43c9,2024-06-08T14:15:09.460000 CVE-2024-3571,0,0,69cf6aaba9ed550ce2e1f492d0ecd149e8d5cd4d3ef343f36ac06a714698dced,2024-04-16T13:24:07.103000 +CVE-2024-35710,1,1,1444451f0e644a6c1831faa672f9e37a6fc4430cf4f3b300d94faa2ec98eef50,2024-06-08T14:15:09.690000 +CVE-2024-35711,1,1,395f120c4042dbe48f0e437212a3a0fea0d57055973c18daaa3557d935545ad1,2024-06-08T14:15:09.930000 +CVE-2024-35713,1,1,bf74debd7acfcee228176298af64f4445896d0567e377ad0eb899b6098ef9b73,2024-06-08T14:15:10.167000 +CVE-2024-35714,1,1,3f9568157b2ba2c15cc415af1f068cc9293add7c679d7e54a8b6cc98a7ca79d8,2024-06-08T14:15:10.393000 +CVE-2024-35715,1,1,75d640d4f8c87a0a7309657a486e8b16c6e67b5680b19ba0613ae1a76e000697,2024-06-08T14:15:10.613000 +CVE-2024-35718,1,1,d00a1082adf43490631521bff46920aef17dc0aee5463e6343296ceb02994fb2,2024-06-08T14:15:10.843000 +CVE-2024-35719,1,1,ac319bb32f732d402a00350cf702c2609a459bcd284d710393a4640a4391090a,2024-06-08T14:15:11.073000 CVE-2024-3572,0,0,fac7085e464e1d98d017bfc9635e53b969d9f55d28ae04030a557f0ab1b04301,2024-04-16T13:24:07.103000 CVE-2024-3573,0,0,f978306925f93ca64332932b6f5a09fb648fa8e8ad9d4b00bd427fd81ec82478,2024-04-16T13:24:07.103000 -CVE-2024-35730,1,1,eda07e2bd0d745309a6da01e7276a1bd86c8bc3eb422555836a242da6bf2a60a,2024-06-08T13:15:54.667000 -CVE-2024-35731,1,1,8d1d7136224b5d7fadee4c3c9c2319df59bb7e710875d72bc165453e3395f2be,2024-06-08T13:15:54.917000 -CVE-2024-35732,1,1,8fc2b3495232e544d0c8db1d44c16532da7dd6cbf29f7a361eb183f184d2a351,2024-06-08T13:15:55.150000 -CVE-2024-35733,1,1,1a802e37ee2b847870487f1a16cc3a51c709fdef74fc8cbde0d3b34ca0ec35f5,2024-06-08T13:15:55.410000 -CVE-2024-35734,1,1,ce67a2cac4d0667b36f5dcbb596f57fc2ddc4c6a0053674a2ac3e1b5c5a5aae5,2024-06-08T13:15:55.647000 -CVE-2024-35736,1,1,f9fe86674ece14ed800ec3f44fbfd4b28c9f905a0aa5aec19f85950b5001f53a,2024-06-08T13:15:55.897000 -CVE-2024-35737,1,1,bc38fc059694157c279b9b404dd18a66da63390f365f7cafe1cc34bd040318b5,2024-06-08T13:15:56.140000 -CVE-2024-35738,1,1,50eb27decedbd60f4bf188c7d2a7e54e8c272287c5228ed771c42f560d1c0e95,2024-06-08T13:15:56.430000 -CVE-2024-35739,1,1,707dc0e914a581dde6c79562ece05de14b7ccaace04c87e048564f44c169d6cc,2024-06-08T13:15:56.660000 +CVE-2024-35730,0,0,eda07e2bd0d745309a6da01e7276a1bd86c8bc3eb422555836a242da6bf2a60a,2024-06-08T13:15:54.667000 +CVE-2024-35731,0,0,8d1d7136224b5d7fadee4c3c9c2319df59bb7e710875d72bc165453e3395f2be,2024-06-08T13:15:54.917000 +CVE-2024-35732,0,0,8fc2b3495232e544d0c8db1d44c16532da7dd6cbf29f7a361eb183f184d2a351,2024-06-08T13:15:55.150000 +CVE-2024-35733,0,0,1a802e37ee2b847870487f1a16cc3a51c709fdef74fc8cbde0d3b34ca0ec35f5,2024-06-08T13:15:55.410000 +CVE-2024-35734,0,0,ce67a2cac4d0667b36f5dcbb596f57fc2ddc4c6a0053674a2ac3e1b5c5a5aae5,2024-06-08T13:15:55.647000 +CVE-2024-35736,0,0,f9fe86674ece14ed800ec3f44fbfd4b28c9f905a0aa5aec19f85950b5001f53a,2024-06-08T13:15:55.897000 +CVE-2024-35737,0,0,bc38fc059694157c279b9b404dd18a66da63390f365f7cafe1cc34bd040318b5,2024-06-08T13:15:56.140000 +CVE-2024-35738,0,0,50eb27decedbd60f4bf188c7d2a7e54e8c272287c5228ed771c42f560d1c0e95,2024-06-08T13:15:56.430000 +CVE-2024-35739,0,0,707dc0e914a581dde6c79562ece05de14b7ccaace04c87e048564f44c169d6cc,2024-06-08T13:15:56.660000 CVE-2024-3574,0,0,a6cc99c8a389ea7db1c37fe05b40106752b73810cdac85caab18aeb26d6bc576,2024-04-16T13:24:07.103000 -CVE-2024-35740,1,1,c7b15495ca75021a0f3ae856348840f0df6e7628338c252bbcb913e6f43d990d,2024-06-08T13:15:56.910000 +CVE-2024-35740,0,0,c7b15495ca75021a0f3ae856348840f0df6e7628338c252bbcb913e6f43d990d,2024-06-08T13:15:56.910000 CVE-2024-3575,0,0,59be73eca5c53cbbcf99414bd65c6b74b4dff22ff5983c2d091439c46f610b22,2024-04-16T13:24:07.103000 -CVE-2024-35750,1,1,18b23d32a06a11540e6102be3499b0c8e2e94e7d4a2cd6a0e378b9c4e0f6c3f1,2024-06-08T13:15:57.137000 -CVE-2024-35751,1,1,a592cf7a13db9e1979a7c2b43c01d3c996c69c3852da1c78eb5ab8dce059226e,2024-06-08T13:15:57.370000 -CVE-2024-35752,1,1,9893ef32892c1556c2a03a37e153b4fa116ddafd2b9e66701b63d71cf975d37f,2024-06-08T13:15:57.607000 +CVE-2024-35750,0,0,18b23d32a06a11540e6102be3499b0c8e2e94e7d4a2cd6a0e378b9c4e0f6c3f1,2024-06-08T13:15:57.137000 +CVE-2024-35751,0,0,a592cf7a13db9e1979a7c2b43c01d3c996c69c3852da1c78eb5ab8dce059226e,2024-06-08T13:15:57.370000 +CVE-2024-35752,0,0,9893ef32892c1556c2a03a37e153b4fa116ddafd2b9e66701b63d71cf975d37f,2024-06-08T13:15:57.607000 CVE-2024-35753,0,0,d8ea54bb3de63681c830d87a5e3ae966e236ec4d04a6e569c34a9674aca5ed2f,2024-06-08T11:15:49.193000 CVE-2024-35755,0,0,b90d8dbe1381b90363531c9931c16e892b0f999eba27224314b1b64f103dc4bc,2024-06-08T11:15:49.780000 CVE-2024-35756,0,0,784141ebe086abedbfa21727ba51d60c64e728f0df0555f711b70d06e1a7fa25,2024-06-08T11:15:50.007000 @@ -251724,13 +251757,13 @@ CVE-2024-36961,0,0,23b0844a9529f3ecfd6285bf875a287ce67af9417a3eb4ff1001834e83635 CVE-2024-36962,0,0,5fce798c0bb35579e13c17bb9f54632747360d5004ae06492f537a1e1919292d,2024-06-03T14:46:24.250000 CVE-2024-36963,0,0,603c4aee8277db74a501815fd4789e2662e4b99b616454a415c4c767068ca598,2024-06-03T14:46:24.250000 CVE-2024-36964,0,0,1e5a2c376d4fab926c22a070cc2c21ccc7f01422382c5ba38368e087bbce6bb0,2024-06-03T14:46:24.250000 -CVE-2024-36965,1,1,94dcb7e91e830000be79e09336cbf7f744ab863403db239e529a62fef5daf756,2024-06-08T13:15:57.820000 -CVE-2024-36966,1,1,89402698bbbfe61c3e2a0023f1ae17d9f7ec0b194220c81b2d5bd5be1dfb7789,2024-06-08T13:15:57.917000 -CVE-2024-36967,1,1,dc91eadb83cf22db3586cf512e4a10ed364661cc740bcd8e6e00f47cca5bb5ce,2024-06-08T13:15:58 -CVE-2024-36968,1,1,6ed8313f772c804655ce95bdc810f04c7ad3261c63e2491fadbfd02afd28d42d,2024-06-08T13:15:58.093000 -CVE-2024-36969,1,1,93df68a3d756525f62d08a7306769992595636d28de5356e33ffbc6477480270,2024-06-08T13:15:58.170000 +CVE-2024-36965,0,0,94dcb7e91e830000be79e09336cbf7f744ab863403db239e529a62fef5daf756,2024-06-08T13:15:57.820000 +CVE-2024-36966,0,0,89402698bbbfe61c3e2a0023f1ae17d9f7ec0b194220c81b2d5bd5be1dfb7789,2024-06-08T13:15:57.917000 +CVE-2024-36967,0,0,dc91eadb83cf22db3586cf512e4a10ed364661cc740bcd8e6e00f47cca5bb5ce,2024-06-08T13:15:58 +CVE-2024-36968,0,0,6ed8313f772c804655ce95bdc810f04c7ad3261c63e2491fadbfd02afd28d42d,2024-06-08T13:15:58.093000 +CVE-2024-36969,0,0,93df68a3d756525f62d08a7306769992595636d28de5356e33ffbc6477480270,2024-06-08T13:15:58.170000 CVE-2024-3697,0,0,600d9314ffac8217c56b5ddb9a6dd8f383edc3a52ae15aefe26cd04d9d92b65a,2024-06-04T19:20:23.323000 -CVE-2024-36970,1,1,7d534aaf513e3ce951bbff7c723742de5e9980b05c8986370391e5e0c6fe2f73,2024-06-08T13:15:58.260000 +CVE-2024-36970,0,0,7d534aaf513e3ce951bbff7c723742de5e9980b05c8986370391e5e0c6fe2f73,2024-06-08T13:15:58.260000 CVE-2024-3698,0,0,13b4029eb6179dbe788598788e16556a1995d850ddfc4af1ee0c4e86961a3a21,2024-05-17T02:40:04.800000 CVE-2024-3701,0,0,d78f52a76181001272debccb095fb5971bb478ebc111313d9ff2994f4ec0598f,2024-04-15T13:15:31.997000 CVE-2024-37017,0,0,44054da22aca73b93b60ec210b10224ee227f383aaf683a683cb33e0b77e6e79,2024-05-31T13:01:46.727000 @@ -251799,7 +251832,8 @@ CVE-2024-37385,0,0,ab67b8a0f073ce7f5c28ca11584627dbf70b59e11b1337a1068ce1887aeb0 CVE-2024-37388,0,0,4bb786bca42a11ef8edd07a6799bb4caedfa95038e4371ae55f637f2792eab26,2024-06-07T19:24:09.243000 CVE-2024-3739,0,0,18ca969c974b63c6d16494fbcc2d63756747cacc5947332fefb20d9c592537e4,2024-05-17T02:40:06.067000 CVE-2024-3740,0,0,1025f598f3437296a5a18526d2723c88eb3b5b46ea06c50b765dc694c6a0bd1a,2024-05-17T02:40:06.170000 -CVE-2024-37407,1,1,bdd62b1a60b2f9e74c2506449b022f66f37f10b9b76c2c27ea7d4196ce5e4faf,2024-06-08T13:15:58.337000 +CVE-2024-37407,0,0,bdd62b1a60b2f9e74c2506449b022f66f37f10b9b76c2c27ea7d4196ce5e4faf,2024-06-08T13:15:58.337000 +CVE-2024-37408,1,1,104b66246c185a9eb594155893708fdec4196c95d252fe8317279271dcc56dee,2024-06-08T14:15:11.307000 CVE-2024-3741,0,0,a12bddc029cd8ca7f24831417695630babe629dc15b981c15e3d0a9ffa405fdc,2024-05-28T17:15:11.327000 CVE-2024-3742,0,0,78c61e704f37a9137f7f9be10f02b0ed07c0bef31d61c3d6452a359112382921,2024-05-28T17:15:11.450000 CVE-2024-3743,0,0,a066d49023268d129172d910e0990b3a457ebf914ca5a08a9f020fc0da48a3af,2024-05-02T18:00:37.360000 @@ -253051,5 +253085,5 @@ CVE-2024-5734,0,0,6c2e32afe9f36cd041d920f75c3584a92a72063480e933c9394a66845b5726 CVE-2024-5745,0,0,8788b99580d43fd9eb900afb700ee157c954d289b603d58451eabd57873852f0,2024-06-08T04:15:10.027000 CVE-2024-5758,0,0,256bdf36325369b4c0dc6f8fe6e02f8840c37558f437c19f80b9b4e84e6dc39b,2024-06-08T07:15:08.630000 CVE-2024-5761,0,0,e0022a8d80317cd3941058bae14b514f68707790a5051038049a1d552ba8de69,2024-06-07T19:15:24.467000 -CVE-2024-5766,1,1,b382821a65eefd874d3990e716beed64ed6e05799058a5dbfa1ab76c832644a2,2024-06-08T12:15:10.117000 +CVE-2024-5766,0,0,b382821a65eefd874d3990e716beed64ed6e05799058a5dbfa1ab76c832644a2,2024-06-08T12:15:10.117000 CVE-2024-5770,0,0,fe310be1d952d0455f64ae72c485c582bcaeef4aad88d85c194ca59111d07deb,2024-06-08T05:15:40.320000