admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-18T06:00:18.408608+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-18 06:03:19 +00:00
parent 5f7ead5c50
commit 1b50a4500b
21 changed files with 1241 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-100xx/CVE-2024-10014.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-10014",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:03.713",
"lastModified": "2024-10-18T05:15:03.713",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Flat UI Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's flatbtn shortcode in version 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/flat-ui-button/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ec5474ac-62d7-4431-b789-51c831dd1c20?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-100xx/CVE-2024-10040.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-10040",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:04.667",
"lastModified": "2024-10-18T05:15:04.667",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the process_ajax_edit and process_ajax_delete function. This makes it possible for unauthenticated attackers to make changes to plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/infinite-scroll/trunk/includes/presets.php#L252",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/infinite-scroll/trunk/includes/presets.php#L275",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4045575a-35f0-46e5-afb7-93eee9be3a97?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-100xx/CVE-2024-10049.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-10049",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:04.977",
"lastModified": "2024-10-18T05:15:04.977",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Edit WooCommerce Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018page\u2019 parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-edit-templates/trunk/includes/list-table-theme-templates.php#L87",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3704b365-cbdf-4c74-9619-59f0a10e3c6a?source=cve",
"source": "security@wordfence.com"
}
]
}

67
CVE-2024/CVE-2024-101xx/CVE-2024-10118.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-10118",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-10-18T04:15:03.290",
"lastModified": "2024-10-18T04:15:03.290",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SECOM WRTR-304GN-304TW-UPSC does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-8155-c1ea6-2.html",
"source": "twcert@cert.org.tw"
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-8154-69fa5-1.html",
"source": "twcert@cert.org.tw"
}
]
}

60
CVE-2024/CVE-2024-101xx/CVE-2024-10119.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-10119",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-10-18T05:15:05.200",
"lastModified": "2024-10-18T05:15:05.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/en/cp-139-8157-e0461-2.html",
"source": "twcert@cert.org.tw"
},
{
"url": "https://www.twcert.org.tw/tw/cp-132-8156-81c9d-1.html",
"source": "twcert@cert.org.tw"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8740.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8740",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:05.437",
"lastModified": "2024-10-18T05:15:05.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GetResponse Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/getresponse/tags/2.4.1/includes/eoi-subscribers.php#L353",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51d14f45-4c30-4225-998d-f4f829e09bc0?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8790.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8790",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:05.647",
"lastModified": "2024-10-18T05:15:05.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Social Share With Floating Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/social-share-with-floating-bar/tags/1.0.3/inc/class-social-share-with-floating-bar-settings.php#L312",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ec35484-8561-4a8c-bf67-0a880f915fb1?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-89xx/CVE-2024-8916.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8916",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:05.857",
"lastModified": "2024-10-18T05:15:05.857",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Suki Sites Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/suki-sites-import/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c6dd146-a99e-4317-a703-de34735317c8?source=cve",
"source": "security@wordfence.com"
}
]
}

100
CVE-2024/CVE-2024-92xx/CVE-2024-9264.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-9264",
"sourceIdentifier": "security@grafana.com",
"published": "2024-10-18T04:15:04.723",
"lastModified": "2024-10-18T04:15:04.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@grafana.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "security@grafana.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@grafana.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://grafana.com/security/security-advisories/cve-2024-9264/",
"source": "security@grafana.com"
}
]
}

60
CVE-2024/CVE-2024-93xx/CVE-2024-9350.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9350",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:06.070",
"lastModified": "2024-10-18T05:15:06.070",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DPD Baltic Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_value' parameter in all versions up to, and including, 1.2.83 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-shipping-dpd-baltic/trunk/includes/class-dpd.php#L318",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6251d0f6-b536-4122-8fdf-bb77665a4f41?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-93xx/CVE-2024-9361.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9361",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:06.287",
"lastModified": "2024-10-18T05:15:06.287",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bulk images optimizer: Resize, optimize, convert to webp, rename \u2026 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configuration' function in all versions up to, and including, 2.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin options."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bulk-image-resizer/trunk/includes/class-bir-loader.php#L44",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a189e436-e8af-4379-aa6e-2d1a4a2d4bfa?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-93xx/CVE-2024-9364.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9364",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:06.513",
"lastModified": "2024-10-18T05:15:06.513",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and including, 1.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin's log files."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.svn.wordpress.org/wp-sendgrid-mailer/tags/1.4/wp-sendgrid-mailer.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-sendgrid-mailer/trunk/wp-sendgrid-mailer.php#L167",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb7d99a7-1e7d-43e1-839c-286b454c8276?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-93xx/CVE-2024-9366.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9366",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:06.733",
"lastModified": "2024-10-18T05:15:06.733",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Easy Menu Manager | WPZest plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/easy-menu-manager-wpzest/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f60df43a-eef3-449d-96fd-b26e28361f81?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-93xx/CVE-2024-9373.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9373",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:06.937",
"lastModified": "2024-10-18T05:15:06.937",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Elemenda plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/elemenda/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4a8ac027-f376-4f02-a085-f05f1fa749f0?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-93xx/CVE-2024-9382.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9382",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:07.170",
"lastModified": "2024-10-18T05:15:07.170",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gantry 4 Framework plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'override_id' parameter in all versions up to, and including, 4.1.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gantry/trunk/admin_functions.php#L677",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d539a066-6b59-4235-868e-f3085436e9f4?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-93xx/CVE-2024-9383.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9383",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:07.387",
"lastModified": "2024-10-18T05:15:07.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Parcel Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-parcel-pro/trunk/admin/class-parcelpro-admin.php#L274",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e8fe6f4-7e41-44d3-9980-b5e7f43aa849?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-94xx/CVE-2024-9452.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9452",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:07.607",
"lastModified": "2024-10-18T05:15:07.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/branding/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8736cf81-3fb8-4c81-a878-7d73a3e68fc2?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-98xx/CVE-2024-9848.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9848",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:07.807",
"lastModified": "2024-10-18T05:15:07.807",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/product-customizer-light/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18d1feee-347c-4f43-a01b-67b3d0a5b2d6?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-98xx/CVE-2024-9892.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9892",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-18T05:15:08.040",
"lastModified": "2024-10-18T05:15:08.040",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Add Widget After Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/add-widget-after-content/trunk/add-widget-after-content-admin.php#L320",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e02472a8-5b88-43ad-86f3-e890b49899ad?source=cve",
"source": "security@wordfence.com"
}
]
}

32
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-18T02:00:17.711981+00:00
2024-10-18T06:00:18.408608+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-18T01:15:40.747000+00:00
2024-10-18T05:15:08.040000+00:00
```
### Last Data Feed Release
@ -33,22 +33,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
266069
266088
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `19`
- [CVE-2024-49023](CVE-2024/CVE-2024-490xx/CVE-2024-49023.json) (`2024-10-18T01:15:40.747`)
- [CVE-2024-10014](CVE-2024/CVE-2024-100xx/CVE-2024-10014.json) (`2024-10-18T05:15:03.713`)
- [CVE-2024-10040](CVE-2024/CVE-2024-100xx/CVE-2024-10040.json) (`2024-10-18T05:15:04.667`)
- [CVE-2024-10049](CVE-2024/CVE-2024-100xx/CVE-2024-10049.json) (`2024-10-18T05:15:04.977`)
- [CVE-2024-10118](CVE-2024/CVE-2024-101xx/CVE-2024-10118.json) (`2024-10-18T04:15:03.290`)
- [CVE-2024-10119](CVE-2024/CVE-2024-101xx/CVE-2024-10119.json) (`2024-10-18T05:15:05.200`)
- [CVE-2024-8740](CVE-2024/CVE-2024-87xx/CVE-2024-8740.json) (`2024-10-18T05:15:05.437`)
- [CVE-2024-8790](CVE-2024/CVE-2024-87xx/CVE-2024-8790.json) (`2024-10-18T05:15:05.647`)
- [CVE-2024-8916](CVE-2024/CVE-2024-89xx/CVE-2024-8916.json) (`2024-10-18T05:15:05.857`)
- [CVE-2024-9264](CVE-2024/CVE-2024-92xx/CVE-2024-9264.json) (`2024-10-18T04:15:04.723`)
- [CVE-2024-9350](CVE-2024/CVE-2024-93xx/CVE-2024-9350.json) (`2024-10-18T05:15:06.070`)
- [CVE-2024-9361](CVE-2024/CVE-2024-93xx/CVE-2024-9361.json) (`2024-10-18T05:15:06.287`)
- [CVE-2024-9364](CVE-2024/CVE-2024-93xx/CVE-2024-9364.json) (`2024-10-18T05:15:06.513`)
- [CVE-2024-9366](CVE-2024/CVE-2024-93xx/CVE-2024-9366.json) (`2024-10-18T05:15:06.733`)
- [CVE-2024-9373](CVE-2024/CVE-2024-93xx/CVE-2024-9373.json) (`2024-10-18T05:15:06.937`)
- [CVE-2024-9382](CVE-2024/CVE-2024-93xx/CVE-2024-9382.json) (`2024-10-18T05:15:07.170`)
- [CVE-2024-9383](CVE-2024/CVE-2024-93xx/CVE-2024-9383.json) (`2024-10-18T05:15:07.387`)
- [CVE-2024-9452](CVE-2024/CVE-2024-94xx/CVE-2024-9452.json) (`2024-10-18T05:15:07.607`)
- [CVE-2024-9848](CVE-2024/CVE-2024-98xx/CVE-2024-9848.json) (`2024-10-18T05:15:07.807`)
- [CVE-2024-9892](CVE-2024/CVE-2024-98xx/CVE-2024-9892.json) (`2024-10-18T05:15:08.040`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `0`
- [CVE-2024-40711](CVE-2024/CVE-2024-407xx/CVE-2024-40711.json) (`2024-10-18T01:00:02.590`)
- [CVE-2024-43587](CVE-2024/CVE-2024-435xx/CVE-2024-43587.json) (`2024-10-18T01:15:39.687`)
## Download and Usage

25
_state.csv
View File

@ -242217,6 +242217,7 @@ CVE-2024-0999,0,0,84034800a287889c8e66f3ba01c1d930a06538aadfe1b375cfd8893390aed6
CVE-2024-1000,0,0,60c836cbd4d96144c97b06caa16452d33dc82172b5cc2c653a7406010f53b5df,2024-05-17T02:35:08.790000
CVE-2024-10004,0,0,2b01ad1fe33b0387cc6ecf8ca605118100ba1eac830a494972582a4b13530ed3,2024-10-16T20:35:08.850000
CVE-2024-1001,0,0,481a263280d7671352a0e81cdb22876e1831937aba78d275dcb085f339a7c9b0,2024-05-17T02:35:08.903000
CVE-2024-10014,1,1,4221ff778b88adf6a125e5dd0743c7860f7266d252381c0c3ddb5d4f01d8cf5c,2024-10-18T05:15:03.713000
CVE-2024-10018,0,0,2aa14605c63d984e9b2fdfd4b3872cd3e6ce36a0ab239799435cd07454bf385f,2024-10-16T18:35:03.460000
CVE-2024-1002,0,0,da9ff0a1d838ebe2cbec1ae9defbaf7310d6b3493363163f0389be14aee69800,2024-05-17T02:35:09.013000
CVE-2024-10021,0,0,a6b17344f3b8ed69b69af1e4c8072f0ea15408a02fd5537c80b963512d6978ea,2024-10-16T16:38:14.557000
@ -242227,6 +242228,8 @@ CVE-2024-10025,0,0,a657e3a6cd20a3590296015914b590551c8ff06d45d4d15847982a0af5da7
CVE-2024-1003,0,0,5577a6ad54fba7e1e984add6f75aca7e6ad73817623f9ed150fa33b583cd3fae,2024-05-17T02:35:09.147000
CVE-2024-10033,0,0,5f5fac31bbbb873ca41babce49ba5085a90c023337e2ffcbb5946f7099ac45c0,2024-10-16T17:15:13.267000
CVE-2024-1004,0,0,be9a3a60f238fd673f4d3f1f166af1f9400f4582d193359c16f232ef2b1c02fa,2024-05-17T02:35:09.263000
CVE-2024-10040,1,1,eeddd5e2462cb89157c8d3be6b464fcfb41c6d1afab195d745d7afde26f34b76,2024-10-18T05:15:04.667000
CVE-2024-10049,1,1,48c11324d4c5b19749fdefadd69a6949746bc6c9a3ab70064428c82c35c7ac07,2024-10-18T05:15:04.977000
CVE-2024-1005,0,0,1191b4a20d5b719ff3ba58b8e13bb4278d19f2133e7221e782230a58acb2d18f,2024-05-17T02:35:09.367000
CVE-2024-1006,0,0,fe82f3d0065ffa9f2a59eb5b63e144d9442dc24b73dc23626043d548cf903e88,2024-05-17T02:35:09.467000
CVE-2024-10068,0,0,edeccdb97d27b9416725ed62091d877abbfc4b3e48df84d0f4d49ab4425c3361,2024-10-17T11:15:10.390000
@ -242244,6 +242247,8 @@ CVE-2024-1010,0,0,b9c2292e551f86bb732084025c958f6307d4b05614efbc31206ace678efe61
CVE-2024-10100,0,0,fe6acc2f945733c336761a20f7e8d3f20547183c59e8ef4ee5b2d8d7a9b03a3d,2024-10-17T19:15:21.533000
CVE-2024-10101,0,0,e2f378697b1e54486edd3f25d6f43de8d8ae0ca6e63c6d7ae3db5b57c9a3a5bd,2024-10-17T19:15:21.713000
CVE-2024-1011,0,0,a83b664837c33e7f0f4cec42868f7bdd93765cacc9e6b97b43804e8b07af65f2,2024-05-17T02:35:09.987000
CVE-2024-10118,1,1,0d6edd16bbce7e35307d057d438a4f23519f87befae3e763ca749669ef9d2293,2024-10-18T04:15:03.290000
CVE-2024-10119,1,1,6c4069848b5bb609c195691d50cdf4f5c109d91eabeeca561b0d0a052b8f5ac7,2024-10-18T05:15:05.200000
CVE-2024-1012,0,0,261f4dda24c2aefd44892a1e7cff84e275a6853943a2bba059238594bb202f50,2024-05-17T02:35:10.090000
CVE-2024-1013,0,0,0ecf415fc1e3c9674ce36da20d6e67872f02747822a72b780ad0899083ff5765,2024-03-18T12:38:25.490000
CVE-2024-1014,0,0,8e546db835ee0e62e0f6ed5b95e90d5586231fc78746cbbfef7db3d61b3c5f3d,2024-02-02T02:05:39.277000
@ -257837,7 +257842,7 @@ CVE-2024-40705,0,0,eaf406061f744f9b9d1df77f0e2bd923d25751eaa5d5e839a69fa1e668b20
CVE-2024-40709,0,0,b9cade7c7de2b7d37190896234716fcd464e3b6f075536b64a6ecace1ca81e79,2024-09-09T15:35:08.283000
CVE-2024-4071,0,0,5f6b5ae6c8e3d6e0ce3e89718b14a6bb17b22a46ae9131966ebec62404b12da9,2024-05-17T02:40:14.747000
CVE-2024-40710,0,0,e69c8c2858f2cb1ca9a0784717f7a4a629a4cef8cb6ad2ae23b5e076a46451c8,2024-09-09T17:35:04.207000
CVE-2024-40711,0,1,096ac4044d23b5e5a276bf9238b36157a243687116a9b0be7d5866fe5bf79037,2024-10-18T01:00:02.590000
CVE-2024-40711,0,0,096ac4044d23b5e5a276bf9238b36157a243687116a9b0be7d5866fe5bf79037,2024-10-18T01:00:02.590000
CVE-2024-40712,0,0,13e543cc686398f3c8419eccd56010fa5d852cb01dea206b96fd66d93750de64,2024-09-09T16:35:06.673000
CVE-2024-40713,0,0,b0004a2bd5f30f1a9576b70810c52f5ea89a7a061fd80c3935d835b3783f9659,2024-09-09T15:35:08.970000
CVE-2024-40714,0,0,f897329e6d3274f2479b6f6e44dee56074d5f4a018723070ced09d6042c2b392,2024-09-09T14:35:02.980000
@ -259794,7 +259799,7 @@ CVE-2024-43582,0,0,293f560c4e09b299c2e18ac66941327f15925f69b715064473f34607ebe9f
CVE-2024-43583,0,0,644d57ca5c0876327fd1914bed083468117306cb0e7b162159599db8c7b2795a,2024-10-16T21:36:59.847000
CVE-2024-43584,0,0,362ea5a413c7ba1c32a6fee99bf2388c9e5eb62bbecc3bdbb75267eaeaf9dea9,2024-10-16T21:38:33.867000
CVE-2024-43585,0,0,6e4f086b3b625aa729537cada88bf0b054983b8ff5768ed654837466a18e4381,2024-10-16T21:38:57.467000
CVE-2024-43587,0,1,276ca0bfcf410206d489cd57a00eceb539e4410c9681e5ff0d03e47ae1c41f1e,2024-10-18T01:15:39.687000
CVE-2024-43587,0,0,276ca0bfcf410206d489cd57a00eceb539e4410c9681e5ff0d03e47ae1c41f1e,2024-10-18T01:15:39.687000
CVE-2024-43589,0,0,78d47cc785569b349dce95fb2e6d8a34e6eeefcc81296c73c51c2f00b5575977,2024-10-10T12:56:30.817000
CVE-2024-4359,0,0,14ae9b130c152b886b9b21ff0fc5d35432a1812b898a1bc13704faab705127c7,2024-08-12T13:41:36.517000
CVE-2024-43590,0,0,152277bbadbbed56789e7a47dd749f0ba30af86c181629a529a65bb7827133a9,2024-10-16T21:44:50.927000
@ -262263,7 +262268,7 @@ CVE-2024-4899,0,0,7d0ca1543842829897b22c32fd7c3ea389ea1c85b28761d045bc30da0b3544
CVE-2024-4900,0,0,2074e15c0050e8989f750822fa85e67702dc13ece861470c246a4c4acb047889,2024-06-24T12:57:36.513000
CVE-2024-4901,0,0,038977315c18c98069a655ab35eb2b501ae92d62e5deb196337fd2891dd989fe,2024-06-28T13:18:19.407000
CVE-2024-4902,0,0,7f8b77ed84307cdcb60cae6a3466b6bcba2b973c54c448794e132a0751a1718b,2024-06-07T14:56:05.647000
CVE-2024-49023,1,1,0c74479c51af1a8becdca36faa9385359736b4c474aabc12bf79b0fc16690199,2024-10-18T01:15:40.747000
CVE-2024-49023,0,0,0c74479c51af1a8becdca36faa9385359736b4c474aabc12bf79b0fc16690199,2024-10-18T01:15:40.747000
CVE-2024-4903,0,0,9834633a0ed5c23d729720f750c23f97a9d35acd2a8ef750805e2c39c4f8bfe7,2024-06-07T20:15:11.967000
CVE-2024-4904,0,0,e08155723dc24ff1bcb5adf9d2f839d33f4e022ac557667a35564764380e5202,2024-06-04T19:20:52.380000
CVE-2024-4905,0,0,acf7154e104fe12ce44ad2e90ccc9d1c19899bcc28d8f8bfc61002cc40187062,2024-06-04T19:20:52.480000
@ -265464,6 +265469,7 @@ CVE-2024-8733,0,0,2ad75c4913be224ff75684fa724a275e53b709dc0d7f918cc99544f1d75453
CVE-2024-8734,0,0,df9336f51fe9af5a1ddacc740bf3abe8991041c91d1f44bc6bec3f0ce7eaa8b2,2024-09-26T19:30:03.503000
CVE-2024-8737,0,0,a8f5a9ac08b3915d238b7b0f4fdae19f4d9de463f7b6e5257b850817c52f3420,2024-09-26T19:18:36.097000
CVE-2024-8738,0,0,8d7254f4f1af2919bab9c4b9c8e7ac85cdc1b41f46ed454e2ea854234d64d13d,2024-09-26T16:48:19.490000
CVE-2024-8740,1,1,30a1269cb7af22b9e34b5203020f35189a966196fadb58582387373bbd706ba7,2024-10-18T05:15:05.437000
CVE-2024-8741,0,0,b4e1d7f7dfc20b3d40ed40689f6d2a74196871e98895f038c49cf39f3f685863,2024-10-02T16:37:16.407000
CVE-2024-8742,0,0,22ad08a64cc55234113e83ee811bd639e6d0a7f5c2878d141833012213ce6335,2024-09-27T16:28:07.827000
CVE-2024-8743,0,0,65920323e1d664fd8f354bc76b73276103c2d19a537eecec01fa5cc8c5638d58,2024-10-07T17:48:28.117000
@ -265497,6 +265503,7 @@ CVE-2024-8784,0,0,7bc5ed86fd42122481efd27561493828acec6a50cb9d34c0b1c40453c94343
CVE-2024-8786,0,0,98535b365547eb81c56b86d17170e324effeb134cfd99a6f8a9199c7d69b6f51,2024-10-04T13:51:25.567000
CVE-2024-8787,0,0,697959dd00ebdc9b4d866bc462eeca4254ff62268820b8cc5f18a9f4531e0ed8,2024-10-16T16:38:14.557000
CVE-2024-8788,0,0,109bf9bb3aa314390f1c0b3dee4d54ea5d0e02bbb648b956ffff0a9dad06b2f6,2024-10-03T17:25:41.467000
CVE-2024-8790,1,1,694170aa3a4b6b7f610b2ab6a5b1c8d49696d4827a547e526c2bd421f4ddb137,2024-10-18T05:15:05.647000
CVE-2024-8791,0,0,fb5b0ac36efac34bc9b2b46a1f471f8bc629f8b19dafbbe4161ffb4834ecffd5,2024-09-26T16:25:34.120000
CVE-2024-8793,0,0,959b266c850b42df4ff44733c3776bf7c1d0fcf64b78d7cab419106b5de40dbb,2024-10-07T16:04:08.490000
CVE-2024-8794,0,0,71d6f226610d884ee512fa4051f8594e0cafa29b4878c9ac672c3de2ccd4c022,2024-09-26T16:23:46.740000
@ -265552,6 +265559,7 @@ CVE-2024-8912,0,0,a4286937675e049e61563468e21e8ee394eb8618a71f95672d8446231a80ed
CVE-2024-8913,0,0,fca416d77c5623788a9db07f1a3764802595b9fed9406445b458bbb4d1cd4d8c,2024-10-15T12:58:51.050000
CVE-2024-8914,0,0,c67ce2c8d24044b482c9bbb33384856203ff5bb870309850d7df3d6267c1b679,2024-09-26T13:32:02.803000
CVE-2024-8915,0,0,80988e61f2deb23ce0d3db6a9db0275f7f6c7eec9c9b53e27317ff9faa29da01,2024-10-15T12:57:46.880000
CVE-2024-8916,1,1,ac120cab94ab73f892d3f1aa76caff7ccd3f9fbe7e25a2998707cf8eed7eb61c,2024-10-18T05:15:05.857000
CVE-2024-8917,0,0,32a69b030ac61cd4e144a233fc55362cc6115ccb6ecca5ec236644320a2aecf1,2024-09-30T14:30:38.687000
CVE-2024-8918,0,0,adf87d72fe8bb71bb4e84db31b9473b9ff815dc1f43bef94a15bce0226f2d2fa,2024-10-17T18:25:46.967000
CVE-2024-8919,0,0,e01b61fd584c4fffdfd8e5db7a09e1be1033f5c7df5b5418d10948726a2bc540,2024-09-30T15:08:14.077000
@ -265738,6 +265746,7 @@ CVE-2024-9240,0,0,4957c23d20d67499999c250023f1d9b46ac77ce58f84def54c120240a9ec6d
CVE-2024-9241,0,0,6c5cc70c23164aeead7a2ffa985d7e69869a7cd0428a8503a9e9f624c0c87b24,2024-10-07T18:51:20.950000
CVE-2024-9242,0,0,2931ce38d642cfa320383051a5a41609f3e037ff0fe51760f16b233825fad051,2024-10-08T16:26:06.147000
CVE-2024-9263,0,0,4b758f54449054a3e4eb5e8c8e2a4bd1baa45c95fc22c858a0cbf1493070e0f4,2024-10-17T04:15:05.517000
CVE-2024-9264,1,1,be237012b1d2a2d17182664f72986c44f571aafb3c94423a6108d8e522739fdd,2024-10-18T04:15:04.723000
CVE-2024-9265,0,0,370ae511e2a3bdf95824ac5c42b3e844c54d5bb7a6631dfac66939ebcd808076,2024-10-07T18:48:15.380000
CVE-2024-9266,0,0,9897e7bd01e8f0fea686bbe0969277eb0e59373ffc16090ed1770b5ca7125283,2024-10-04T13:50:43.727000
CVE-2024-9267,0,0,e1783d6d7b8ba5585243c45fe350fa65068fd1659c19369f548dec592743f878,2024-10-04T13:51:25.567000
@ -265799,6 +265808,7 @@ CVE-2024-9346,0,0,62d32d35d45fd426e51a0ed8886468a70178025d3407ee17aee209be78f559
CVE-2024-9347,0,0,74bedc9c85924073092b0131f3055344b2cbf70d557cb0d4328c8dd2303c0960,2024-10-17T04:15:05.810000
CVE-2024-9348,0,0,17fd5c434e6353e0ea23dd1fe0baa28897cc37ae9e8a1286efead4e96834cb80,2024-10-16T16:38:14.557000
CVE-2024-9349,0,0,7fb570a958bfb5f024d701411e107c7a9174d92283208cc2689922c41cd2d99b,2024-10-10T20:25:57.580000
CVE-2024-9350,1,1,e2f774ad3d1b296c231784fbd33bf600adef69cb27c1cf437ce0e92dd3b5097b,2024-10-18T05:15:06.070000
CVE-2024-9351,0,0,b7847a01935c7c84b8091c333f79f93591ecc18cd0bae85d22aafd412b7f23b8,2024-10-17T06:15:03.433000
CVE-2024-9352,0,0,caee573a0db0b1c7cc7f25a700043b0afc881efdd8be48dfca05df4faa25adf0,2024-10-17T06:15:03.850000
CVE-2024-9353,0,0,64ddffc3239a0d67e3b79e48af9889b2f8d89027aa9c53de3cc5595dbd6f2fd7,2024-10-08T18:50:51.357000
@ -265806,14 +265816,20 @@ CVE-2024-9355,0,0,2335659835f921193e44d10d2f6efb8c86e6209b896584e38b7b031dda2058
CVE-2024-9358,0,0,ad1311c8435fb7ce092ff9c8b7c1abe83209465bc92e72b7b733a8ea9fa4bf3c,2024-10-04T13:51:25.567000
CVE-2024-9359,0,0,c3e20cb7feaf9e2d5c48c39f4d484e16226f28d5df197104e70b6a5f0b84dc00,2024-10-04T18:54:12.417000
CVE-2024-9360,0,0,9328fb4e6135929e3835e5c835fd869b8491fb46bae32eb4c5f02c6fc86a7446,2024-10-04T18:53:58.020000
CVE-2024-9361,1,1,353c03c3da6042ffc730f6341cb5f647a546b858177ca73b428c1c37bac02e30,2024-10-18T05:15:06.287000
CVE-2024-9364,1,1,77e69937e8c64755b8ea49050300675cee26705c6f45fee4c905e02afc6cef25,2024-10-18T05:15:06.513000
CVE-2024-9366,1,1,b10b592a0b348f525cd7c50f192bf157a0ecbaf5e330d7de22a44d9fbad8a3e2,2024-10-18T05:15:06.733000
CVE-2024-9368,0,0,9f09034d1cef896f0488110242b0920a28a4e3f8f0b6f56c7b8ec3c63941f7cb,2024-10-10T20:30:51.240000
CVE-2024-9372,0,0,8dacc1340b523e83cb4764d42eea980a95a68aef0cadf900c3f45471ba3dc7ad,2024-10-10T20:36:28.020000
CVE-2024-9373,1,1,a9e016ffa5b27a1dd1080cf2ca192d3a896f44c3703bbe33296f1f7f1546d411,2024-10-18T05:15:06.937000
CVE-2024-9375,0,0,232ace92ca49be5c1a33c93abd9a6f17ed5ee21ca74aacf34cd6b513a369ea2a,2024-10-10T20:44:02.900000
CVE-2024-9377,0,0,3c01b2152e67b0ec56dfdcb67187215bc3a0a790ca5dfe0c8b3edfb9194a5eaf,2024-10-15T14:18:12.483000
CVE-2024-9378,0,0,ced37e1766b174eaa8afe905f70c6bc3776421764713e21471018e4984150c99,2024-10-07T20:15:08.697000
CVE-2024-9379,0,0,516d40ef4e4e63b36e39f0d7901bfa51f0ecb87ed03e2b9d356905dfde91b2d7,2024-10-10T15:53:20.427000
CVE-2024-9380,0,0,1da17b0a78e38ec2972a0d60b36042927447aa25979eb58f6d07718527ed157b,2024-10-10T15:50:03.240000
CVE-2024-9381,0,0,b7ffa8189ba636e7b223831995cd87655bb323db0a8ce57a0037b68bd6c82df8,2024-10-16T13:30:34.740000
CVE-2024-9382,1,1,91b5650cee0191585564472a906a8816bcff6dac0eacb9830e6ecc7663bab7a2,2024-10-18T05:15:07.170000
CVE-2024-9383,1,1,cb40e8dcda9a8d43ccb74804098d217b983c23f4fb038e52850e19e0a28502be,2024-10-18T05:15:07.387000
CVE-2024-9384,0,0,a6a408c481cce62ffd2afe76e175a7a94a46c764ed46cc8221ec17248ad3b62d,2024-10-10T20:52:33.333000
CVE-2024-9385,0,0,0d2e28a3f2481a04ce784fbf885d088010920135683d5ffb6adf8001c8688dc2,2024-10-07T17:48:28.117000
CVE-2024-9391,0,0,7d6eba489d698d80c25274418cf61f043b91561cc903d053b7833bff789db601,2024-10-04T13:51:25.567000
@ -265847,6 +265863,7 @@ CVE-2024-9444,0,0,5871ece6e08e2e034d7a3616fcef31689e8667809591fe9662a10d21d3c836
CVE-2024-9445,0,0,8f3ba5381bff25a0e78ae3572f156125ecb8ba69b50a9e6b24cc0100c7b0aa9b,2024-10-10T20:58:04.907000
CVE-2024-9449,0,0,cfb15c20f0e2d2639784936ce05b9d4995f794dc20e1235b71d532f9a502b8fe,2024-10-10T12:51:56.987000
CVE-2024-9451,0,0,bfba756188c29e076bb119887d9bdf6d3874c705a9d59100000802c164b86caa,2024-10-10T12:51:56.987000
CVE-2024-9452,1,1,a4f175991856fbd01b608f0a0ac83f616c9f3beb1391df62ef90f55b8a61d646,2024-10-18T05:15:07.607000
CVE-2024-9455,0,0,70bc73495623b6fab8931499505a6be70a8937392cffccc260a57663b280a262,2024-10-07T17:48:28.117000
CVE-2024-9457,0,0,9e423d4cda70891a0b74c4852459db88bd5163f875d32e19ac8dac4b758e8eeb,2024-10-15T14:23:57.307000
CVE-2024-9460,0,0,d6ff22c922d7573d861145a9f9c7a3aa2a44b6806bef76282f2615732b02479a,2024-10-08T14:33:42.703000
@ -265993,6 +266010,7 @@ CVE-2024-9822,0,0,3245ced109c1c371c55834b9b14d881a9e8b7fd7c32c19b6e9a742506d7d4c
CVE-2024-9823,0,0,918595934cb9b43f50abc93ebc9bbb9148088fae18c39570ebc344ac634d3e40,2024-10-15T12:57:46.880000
CVE-2024-9824,0,0,0b6b46e52b34b071e6f48e5304d76a541526a4368e490338503476fca424894a,2024-10-15T12:57:46.880000
CVE-2024-9837,0,0,bb8fbc31e530027dfddbaf6dae2f5d1b4333d91b7cafcea32a3d82a1ea54dea9,2024-10-15T12:57:46.880000
CVE-2024-9848,1,1,277c42f6ee1fae99a276722365821dfa0a295c2330488cb4ba42d6614c1c3b81,2024-10-18T05:15:07.807000
CVE-2024-9855,0,0,f4067d5f9739a4a46f27ed071acd023bca1d9a27db9968d98f329af2e8d70e8b,2024-10-15T12:58:51.050000
CVE-2024-9856,0,0,531963d8959dcaa0b68edaa5a63ce972541a941d9ad2303b1c288946d989ee89,2024-10-15T12:58:51.050000
CVE-2024-9858,0,0,bef02c0d9ed07a4afa527340189d49e60d5c238f08809a01d4eade734c583a54,2024-10-16T17:35:08.130000
@ -266005,6 +266023,7 @@ CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1
CVE-2024-9873,0,0,54e1b937a83aa8c512a9ce3ab381594073150b73716fb01cf60c5f6e4db0c415,2024-10-16T16:38:14.557000
CVE-2024-9888,0,0,de5de1e3177c72ea1d0a5d19aa48b1693390bd1baf1f85524c962ffa2c18433f,2024-10-16T16:38:14.557000
CVE-2024-9891,0,0,53ec4da3ba927732190105b9993cdfaefd46788f3c82dc582d229482b0eb1fcc,2024-10-16T16:38:14.557000
CVE-2024-9892,1,1,19b78f96e4b1e258062df5eedffc4dcd09835ab80dcc63552e9aef97b07312da,2024-10-18T05:15:08.040000
CVE-2024-9893,0,0,426d02de035749f6abb2956fee210a61cbcd97da25fe8818e92240a83b0a6b07,2024-10-16T16:38:14.557000
CVE-2024-9894,0,0,32055c4142b72d0a3f9c19293b700e4df1192ff16d337368689045e8c50a9c33,2024-10-16T22:13:05.583000
CVE-2024-9895,0,0,9f4575888232de3c29cfc8d0d4e2d5d892b3f5ec9e574dd895cb53771a8a3d74,2024-10-17T20:50:03.503000

Can't render this file because it is too large.