admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-06-11T20:00:19.211894+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-06-11 20:03:10 +00:00
parent 707a9dcc9d
commit 210466cba6
52 changed files with 2289 additions and 384 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CVE-2018/CVE-2018-117xx/CVE-2018-11723.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-11723",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-06-19T21:29:00.380",
"lastModified": "2024-05-17T01:22:40.723",
"lastModified": "2024-06-11T19:16:04.210",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2018/CVE-2018-124xx/CVE-2018-12446.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-12446",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-06-20T12:29:00.273",
"lastModified": "2024-05-17T01:23:00.213",
"lastModified": "2024-06-11T19:16:04.347",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2018/CVE-2018-184xx/CVE-2018-18405.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-18405",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-04-22T18:15:10.990",
"lastModified": "2024-05-17T01:25:34.533",
"lastModified": "2024-06-11T18:15:11.780",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2018/CVE-2018-52xx/CVE-2018-5278.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-5278",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-01-08T05:29:00.697",
"lastModified": "2024-05-17T01:28:44.180",
"lastModified": "2024-06-11T19:16:04.457",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2018/CVE-2018-87xx/CVE-2018-8754.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-8754",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-03-18T03:29:00.277",
"lastModified": "2024-05-17T01:30:09.207",
"lastModified": "2024-06-11T19:16:04.573",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2019/CVE-2019-10100xx/CVE-2019-1010023.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-1010023",
"sourceIdentifier": "josh@bress.net",
"published": "2019-07-15T04:15:13.397",
"lastModified": "2024-05-17T01:30:59.093",
"lastModified": "2024-06-11T19:16:04.713",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2019/CVE-2019-121xx/CVE-2019-12105.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-12105",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-10T17:15:11.517",
"lastModified": "2024-05-17T01:32:02.120",
"lastModified": "2024-06-11T19:16:04.840",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2019/CVE-2019-143xx/CVE-2019-14352.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-14352",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-28T17:15:10.940",
"lastModified": "2024-05-17T01:33:05.980",
"lastModified": "2024-06-11T19:16:04.960",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2019/CVE-2019-174xx/CVE-2019-17449.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-17449",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-10-10T16:15:11.833",
"lastModified": "2024-05-17T01:34:38.630",
"lastModified": "2024-06-11T19:16:05.073",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2020/CVE-2020-101xx/CVE-2020-10110.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-10110",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-03-06T21:15:15.060",
"lastModified": "2024-05-17T01:40:53.050",
"lastModified": "2024-06-11T18:15:11.930",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2020/CVE-2020-139xx/CVE-2020-13978.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-13978",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-06-09T14:15:10.140",
"lastModified": "2024-05-17T01:42:43.647",
"lastModified": "2024-06-11T18:15:12.050",
"vulnStatus": "Modified",
"descriptions": [
{

6
CVE-2023/CVE-2023-513xx/CVE-2023-51380.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-51380",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:13.757",
"lastModified": "2023-12-29T19:22:36.530",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-11T19:16:05.437",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
"value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1."
},
{
"lang": "es",

2
CVE-2024/CVE-2024-09xx/CVE-2024-0948.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0948",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-26T22:15:11.413",
"lastModified": "2024-05-17T02:35:05.900",
"lastModified": "2024-06-11T18:15:12.897",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2024/CVE-2024-22xx/CVE-2024-2276.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2276",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-08T01:15:07.973",
"lastModified": "2024-05-17T02:38:08.550",
"lastModified": "2024-06-11T18:15:13.150",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{

2
CVE-2024/CVE-2024-25xx/CVE-2024-2525.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2525",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-16T18:15:07.290",
"lastModified": "2024-05-17T02:38:17.133",
"lastModified": "2024-06-11T18:15:13.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{

2
CVE-2024/CVE-2024-25xx/CVE-2024-2560.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-2560",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-03-17T11:15:06.297",
"lastModified": "2024-05-17T02:38:19.143",
"lastModified": "2024-06-11T18:15:13.387",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{

59
CVE-2024/CVE-2024-280xx/CVE-2024-28020.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28020",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2024-06-11T19:16:05.787",
"lastModified": "2024-06-11T19:16:05.787",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM\u00a0 application and server management. If exploited a malicious user \ncould use the passwords and login information to extend access on \nthe server and other services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-286"
}
]
}
],
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
},
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
}
]
}

59
CVE-2024/CVE-2024-280xx/CVE-2024-28022.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28022",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2024-06-11T19:16:06.017",
"lastModified": "2024-06-11T19:16:06.017",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that \nif exploited allows a malicious user to perform an arbitrary number \nof authentication attempts using different passwords, and \neventually gain access to the targeted account."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
},
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
}
]
}

59
CVE-2024/CVE-2024-280xx/CVE-2024-28024.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28024",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2024-06-11T19:16:06.243",
"lastModified": "2024-06-11T19:16:06.243",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is \nstored in cleartext within a resource that might be accessible to an\u0002other control sphere."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000194&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
},
{
"url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000201&languageCode=en&Preview=true",
"source": "cybersecurity@hitachienergy.com"
}
]
}

71
CVE-2024/CVE-2024-318xx/CVE-2024-31878.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-31878",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-07T14:15:10.017",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:23:27.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by a remote attacker. This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. IBM X-Force ID: 287538."
},
{
"lang": "es",
"value": "IBM i 7.2, 7.3, 7.4 y 7.5 Service Tools Server (SST) es vulnerable a la enumeraci\u00f3n de usuarios de SST por parte de un atacante remoto. Esta vulnerabilidad puede ser utilizada por un actor malintencionado para recopilar informaci\u00f3n sobre los usuarios de SST que puede ser objeto de futuros ataques. ID de IBM X-Force: 287538."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +70,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD871157-2BB3-4641-B84E-3EA13D24D35A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9A49E8C5-7967-42AE-A787-C533D24A63D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "92D03306-B6C9-403E-99A2-CE9D8DC3B482"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CCB5BF-08EF-472F-A663-5DE270234F10"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287538",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7156725",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2024/CVE-2024-344xx/CVE-2024-34405.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-34405",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-11T19:16:07.003",
"lastModified": "2024-06-11T19:16:07.003",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app."
}
],
"metrics": {},
"references": [
{
"url": "https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.mcafee.com/support/?page=shell&shell=article-view&articleId=000002403",
"source": "cve@mitre.org"
}
]
}

24
CVE-2024/CVE-2024-344xx/CVE-2024-34406.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-34406",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-11T19:16:07.090",
"lastModified": "2024-06-11T19:16:07.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper exception handling in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to cause a denial of service through the use of a malformed deep link."
}
],
"metrics": {},
"references": [
{
"url": "https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.mcafee.com/support/?page=shell&shell=article-view&articleId=000002403",
"source": "cve@mitre.org"
}
]
}

55
CVE-2024/CVE-2024-352xx/CVE-2024-35213.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-35213",
"sourceIdentifier": "secure@blackberry.com",
"published": "2024-06-11T19:16:07.230",
"lastModified": "2024-06-11T19:16:07.230",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@blackberry.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@blackberry.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://support.blackberry.com/pkb/s/article/139914",
"source": "secure@blackberry.com"
}
]
}

69
CVE-2024/CVE-2024-366xx/CVE-2024-36673.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2024-36673",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-07T13:15:49.547",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:27:20.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate validation of user inputs for the email and password parameters, allowing attackers to inject malicious SQL queries."
},
{
"lang": "es",
"value": "Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de login.php. Esta vulnerabilidad se debe a una validaci\u00f3n inadecuada de las entradas del usuario para los par\u00e1metros de correo electr\u00f3nico y contrase\u00f1a, lo que permite a los atacantes inyectar consultas SQL maliciosas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pharmacy\\/medical_store_point_of_sale_system_project:pharmacy\\/medical_store_point_of_sale_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F27B3402-54AA-4DAF-BEF4-E6E6EB9EFEC1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/CveSecLook/cve/issues/39",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

28
CVE-2024/CVE-2024-367xx/CVE-2024-36702.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-36702",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-11T19:16:07.697",
"lastModified": "2024-06-11T19:16:07.697",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c."
}
],
"metrics": {},
"references": [
{
"url": "http://libiec61850.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mz-automation/libiec61850",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mz-automation/libiec61850/issues/505",
"source": "cve@mitre.org"
}
]
}

65
CVE-2024/CVE-2024-367xx/CVE-2024-36779.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36779",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T13:15:31.590",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:14:35.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "Sourcecodester Stock Management System v1.0 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de editCategories.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stock_management_system_project:stock_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F48DAD43-EB1C-4267-B97D-63BBFF86C70F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CveSecLook/cve/issues/42",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

24
CVE-2024/CVE-2024-368xx/CVE-2024-36821.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-36821",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-11T18:15:13.927",
"lastModified": "2024-06-11T18:15:13.927",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root via a directory traversal."
}
],
"metrics": {},
"references": [
{
"url": "https://downloads.linksys.com/support/assets/releasenotes/WHW01_VLP01_1.1.13.202617_Customer_Release_Notes.txt",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/IvanGlinkin/CVE-2024-36821",
"source": "cve@mitre.org"
}
]
}

72
CVE-2024/CVE-2024-371xx/CVE-2024-37160.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-37160",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-07T14:15:10.440",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:22:50.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Formwork is a flat file-based Content Management System (CMS). An attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages (except the dashboard). This vulnerability is fixed in 1.13.1."
},
{
"lang": "es",
"value": "Formwork es un sistema de gesti\u00f3n de contenidos (CMS) basado en archivos planos. Un atacante (requiere privilegios de administrador) puede ejecutar scripts web arbitrarios modificando las opciones del sitio a trav\u00e9s de /panel/options/site. Este tipo de ataque es adecuado para la persistencia y afecta a los visitantes de todas las p\u00e1ginas (excepto el panel de control). Esta vulnerabilidad se solucion\u00f3 en 1.13.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +80,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:formwork_project:formwork:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.13.1",
"matchCriteriaId": "5622884E-5303-4F87-BDDF-4390642B3841"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/getformwork/formwork/commit/9d471204f7ebb51c3c27131581c2b834315b5e0b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/getformwork/formwork/commit/f5312015a5a5e89b95ef2bd07e496f8474d579c5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/getformwork/formwork/security/advisories/GHSA-5pxr-7m4j-jjc6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-373xx/CVE-2024-37301.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-37301",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-11T19:16:07.890",
"lastModified": "2024-06-11T19:16:07.890",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the affected system. As of time of publication, no patched version exists, nor have any known workarounds been disclosed."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1336"
}
]
}
],
"references": [
{
"url": "https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2024/CVE-2024-41xx/CVE-2024-4190.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-4190",
"sourceIdentifier": "security@opentext.com",
"published": "2024-06-11T18:15:14.103",
"lastModified": "2024-06-11T18:15:14.103",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight Logger. The vulnerabilities could be remotely exploited."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.7,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000030655",
"source": "security@opentext.com"
}
]
}

66
CVE-2024/CVE-2024-44xx/CVE-2024-4451.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4451",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T07:15:46.437",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:09:15.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:extendthemes:colibri_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.277",
"matchCriteriaId": "EDAED9CE-DBB3-441A-AB33-E330F4C4A00F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3097694/colibri-page-builder/trunk/extend-builder/shortcodes/video.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0afd981e-3ae8-4450-9750-23ff6fe612dc?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-44xx/CVE-2024-4488.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4488",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T07:15:47.707",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:09:34.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.977",
"matchCriteriaId": "90047C27-8B92-41E6-A829-EE8F29D52FBC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/trunk/modules/form-builder/widgets/wpr-form-builder.php#L3238",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3097775/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cb0ac434-7e85-44d4-b21e-df462f63cd9c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-44xx/CVE-2024-4489.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4489",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T07:15:47.970",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:07:03.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.977",
"matchCriteriaId": "90047C27-8B92-41E6-A829-EE8F29D52FBC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/royal-elementor-addons/tags/1.3.973/admin/templates-kit.php#L896",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3097775/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57bf222b-5f49-46e2-be84-3e6444807096?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-46xx/CVE-2024-4610.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2024-4610",
"sourceIdentifier": "arm-security@arm.com",
"published": "2024-06-07T12:15:09.077",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:31:31.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0."
},
{
"lang": "es",
"value": "Vulnerabilidad de Use After Free en Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver permite a un usuario local sin privilegios realizar operaciones de procesamiento de memoria GPU incorrectas para obtener acceso a la memoria ya liberada. Este problema afecta al controlador Bifrost GPU Kernel: de r34p0 a trav\u00e9s de r40p0; Controlador del kernel de GPU Valhall: desde r34p0 hasta r40p0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "arm-security@arm.com",
"type": "Secondary",
@ -23,10 +60,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r34p0",
"versionEndExcluding": "r41p0",
"matchCriteriaId": "D6F180EF-C1E2-4589-97F4-03C7E2FA99DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "r34p0",
"versionEndExcluding": "r41p0",
"matchCriteriaId": "6E75A7C6-352F-45D8-8E34-E64B39D173DA"
}
]
}
]
}
],
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"source": "arm-security@arm.com"
"source": "arm-security@arm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

66
CVE-2024/CVE-2024-47xx/CVE-2024-4703.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4703",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T08:15:32.413",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:06:31.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:horea_radu:one_page_express_companion:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.38",
"matchCriteriaId": "6264F9DD-A0D5-406F-8A60-2CDD97555C30"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3097699/one-page-express-companion",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a00a5c41-b211-45e4-acf8-01fd8e64b1c0?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-53xx/CVE-2024-5382.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-5382",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T13:15:50.273",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:27:00.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ma-template' REST API route in all versions up to, and including, 2.0.6.1. This makes it possible for unauthenticated attackers to create or modify existing Master Addons templates or make settings modifications related to these templates."
},
{
"lang": "es",
"value": "Los complementos The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor para WordPress son vulnerables a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la ruta API REST 'ma-template' en todas las versiones hasta e incluyendo, 2.0.6.1. Esto hace posible que atacantes no autenticados creen o modifiquen plantillas de Master Addons existentes o realicen modificaciones de configuraci\u00f3n relacionadas con estas plantillas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:master-addons:master_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.6.2",
"matchCriteriaId": "43BDCBAE-3BA5-4871-8AA3-0666E3E20B39"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3096299/master-addons",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3820f80-9b80-4672-b2ff-3864793d2de2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-54xx/CVE-2024-5426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5426",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T10:15:11.627",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:03:58.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,22 +58,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.24",
"matchCriteriaId": "974320E7-18AE-4738-BE29-52AF8BDA52EE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L521",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/UploadHandler.php#L542",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098798/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13436238-f14a-445b-9a9b-fbcf23b7b498?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

75
CVE-2024/CVE-2024-54xx/CVE-2024-5438.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-5438",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T13:15:50.500",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:26:45.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Tutor LMS \u2013 eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the 'attempt_delete' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Instructor-level access and above, to delete arbitrary quiz attempts."
},
{
"lang": "es",
"value": "El complemento Tutor LMS \u2013 eLearning and online course solution para WordPress es vulnerable a la referencia directa a objetos inseguros en todas las versiones hasta la 2.7.1 incluida a trav\u00e9s de la funci\u00f3n 'attempt_delete' debido a la falta de validaci\u00f3n en una clave controlada por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de instructor y superior, eliminen intentos de cuestionarios arbitrarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
@ -34,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.7.2",
"matchCriteriaId": "6F84873F-FB6C-4354-B70A-1E2B7CA481CC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/tutor/trunk/classes/Quiz.php#L1806",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098465/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/00ec14d4-d97b-40b1-b61b-05e911f49bb0?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

87
CVE-2024/CVE-2024-54xx/CVE-2024-5481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5481",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T10:15:11.827",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:00:09.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
@ -38,30 +58,79 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.24",
"matchCriteriaId": "974320E7-18AE-4738-BE29-52AF8BDA52EE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L178",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L436",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L512",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098798/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/photo-gallery/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76c38826-4d49-4204-b6b6-b01d01373fa9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2024/CVE-2024-54xx/CVE-2024-5489.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5489",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T12:15:09.227",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:15:01.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,18 +38,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wbcomdesigns:custom_font_uploader:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.0",
"matchCriteriaId": "C36B1CAE-8165-4D4B-897C-A24A2D703384"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/custom-font-uploader/trunk/inc/cfup-functions.php#L20",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3097373/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2339ebbf-2302-4e83-9743-ca79fda20f05?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-55xx/CVE-2024-5542.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-5542",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T13:15:50.730",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:25:51.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "Los complementos Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor para WordPress son vulnerables a Cross-Site Scripting Almacenado a trav\u00e9s del widget del men\u00fa de navegaci\u00f3n de la extensi\u00f3n Mega Men\u00fa del complemento en todas las versiones hasta la 2.0.6.1 incluida debido a una sanitizaci\u00f3n insuficiente de las entradas y a que la salida se escape en los atributos proporcionados por el usuario. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:master-addons:master_addons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.6.2",
"matchCriteriaId": "43BDCBAE-3BA5-4871-8AA3-0666E3E20B39"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3096299/master-addons",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5151f429-b1f3-43d4-94cf-3ff382b80190?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2024/CVE-2024-55xx/CVE-2024-5599.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-5599",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T13:15:50.943",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:24:39.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The FileOrganizer \u2013 Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizer_ajax_handler' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive information if the files have been moved to the built-in Trash folder."
},
{
"lang": "es",
"value": "El complemento FileOrganizer \u2013 Manage WordPress and Website Files para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.0.7 incluida a trav\u00e9s de la funci\u00f3n 'fileorganizer_ajax_handler'. Esto hace posible que atacantes no autenticados extraigan datos confidenciales, incluidas copias de seguridad u otra informaci\u00f3n confidencial, si los archivos se han movido a la carpeta Papelera integrada."
}
],
"metrics": {
@ -34,18 +38,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fileorganizer:fileorganizer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.8",
"matchCriteriaId": "36FC0BFA-8584-4585-A898-FCD91DFB48F6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/fileorganizer/trunk/main/ajax.php#L85",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098763/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78e7b65d-91f8-477e-b992-3148c1b65d7b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-56xx/CVE-2024-5637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5637",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-07T11:15:53.353",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:31:54.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vanyukov:market_exporter:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.20",
"matchCriteriaId": "0061413B-809C-46F3-BEDD-DF49545C4070"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/market-exporter/trunk/includes/class-restapi.php#L427",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3098360/market-exporter/trunk/includes/class-restapi.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3ea4bf9-e109-465e-890a-c2923089fb66?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

75
CVE-2024/CVE-2024-56xx/CVE-2024-5658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5658",
"sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"published": "2024-06-06T11:15:49.573",
"lastModified": "2024-06-10T18:15:38.597",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:21:52.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"type": "Secondary",
@ -50,22 +80,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:born05:two-factor_authentication:*:*:*:*:*:craftcms:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "227A8A20-30C6-44FE-ABBF-D07DAF071D0B"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/06/06/2",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a"
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/born05/craft-twofactorauthentication/releases/tag/3.3.4",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a"
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240202-02_CraftCMS_Plugin_Two-Factor_Authentication_TOTP_Valid_After_Use",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a"
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://plugins.craftcms.com/two-factor-authentication?craft4",
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a"
"source": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
"tags": [
"Product"
]
}
]
}

56
CVE-2024/CVE-2024-56xx/CVE-2024-5673.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5673",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-06-06T11:15:49.807",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:17:10.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -50,10 +80,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dulldusk:phpfilemanager:1.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B0976145-9E87-4CF4-BBE7-7EFB9D5248C7"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-php-file-manager-dulldusk",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

46
CVE-2024/CVE-2024-56xx/CVE-2024-5675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5675",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-06-06T13:15:31.713",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:14:02.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -50,10 +70,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:summar:mentor:3.83.35:*:*:*:*:*:*:*",
"matchCriteriaId": "C75F5DD4-78E1-481B-857F-A05B1F86470E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/unreliable-data-deserialization-vulnerability-mentor",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

115
CVE-2024/CVE-2024-56xx/CVE-2024-5684.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5684",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-06-06T13:15:32.027",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:13:30.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cve@asrg.io",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
},
{
"source": "cve@asrg.io",
"type": "Secondary",
@ -50,10 +80,89 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vw:id.charger_connect_firmware:spr3.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "7EC6FAEB-299C-4B80-86DC-DCF360112634"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vw:id.charger_connect_firmware:spr3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "38C5905C-1F7A-4747-8983-F40270C34A17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vw:id.charger_connect_firmware:spr3.52:*:*:*:*:*:*:*",
"matchCriteriaId": "25691151-74B1-4B0D-BFDD-AE683B5C50C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vw:id.charger_connect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96237641-90A5-4382-96DF-52A7BDAC1F81"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vw:id.charger_pro_firmware:spr3.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "1977125C-AF1C-41EF-86A1-CF4549F22EF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vw:id.charger_pro_firmware:spr3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "2F73F41A-6D43-4743-A8F2-F13A2C351AAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vw:id.charger_pro_firmware:spr3.52:*:*:*:*:*:*:*",
"matchCriteriaId": "2A391298-4342-4A2D-B16B-77AC8FDD09F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vw:id.charger_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2DBD3C1-5775-474D-BAD0-A1775DC80326"
}
]
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/vulnerability-in-id-charger-connect-and-pro-from-volkswagen-group-charging-gmbh-elli-evbox-versions-spr3-2b-spr3-51-and-spr3-52/",
"source": "cve@asrg.io"
"source": "cve@asrg.io",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-57xx/CVE-2024-5733.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-5733",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-07T12:15:09.190",
"lastModified": "2024-06-07T14:56:05.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:30:50.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been rated as critical. This issue affects some unknown processing of the file register_me.php. The manipulation of the argument eaddress leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-267407."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en itsourcecode Online Discussion Forum 1.0. Ha sido calificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo Register_me.php. La manipulaci\u00f3n del argumento eaddress conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-267407."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,22 +95,57 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_discussion_forum_project:online_discussion_forum:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "753A7DC0-ED1C-4F55-B204-582C4E09467C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kingshao0312/cve/issues/1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.267407",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.267407",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.351115",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

71
CVE-2024/CVE-2024-57xx/CVE-2024-5734.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-5734",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-07T12:15:09.463",
"lastModified": "2024-06-07T17:15:52.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T18:30:16.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. Affected is an unknown function of the file /members/poster.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-267408."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en itsourcecode Online Discussion Forum 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /members/poster.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n de la imagen del argumento conduce a una carga sin restricciones. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-267408."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,22 +95,57 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_discussion_forum_project:online_discussion_forum:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "753A7DC0-ED1C-4F55-B204-582C4E09467C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kingshao0312/cve/issues/2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.267408",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.267408",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.351116",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

92
CVE-2024/CVE-2024-58xx/CVE-2024-5851.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-5851",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-11T18:15:14.437",
"lastModified": "2024-06-11T19:16:08.300",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an unknown function of the file /index.php?app=main&inc=feature_schedule&op=list of the component SMS Schedule Handler. The manipulation of the argument name/message leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.4.8 is able to address this issue. The name of the patch is 7a88920f6b536c6a91512e739bcb4e8adefeed2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-267912. NOTE: The code maintainer was contacted early about this disclosure and was eager to prepare a fix as quickly as possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://github.com/playsms/playsms/commit/7a88920f6b536c6a91512e739bcb4e8adefeed2b",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.267912",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.267912",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.347385",
"source": "cna@vuldb.com"
}
]
}

96
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-06-11T18:00:18.524852+00:00
2024-06-11T20:00:19.211894+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-06-11T17:57:47.197000+00:00
2024-06-11T19:16:08.300000+00:00
```
### Last Data Feed Release
@ -33,69 +33,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
253547
253558
```
### CVEs added in the last Commit
Recently added CVEs: `76`
Recently added CVEs: `11`
- [CVE-2024-32146](CVE-2024/CVE-2024-321xx/CVE-2024-32146.json) (`2024-06-11T17:16:00.490`)
- [CVE-2024-34753](CVE-2024/CVE-2024-347xx/CVE-2024-34753.json) (`2024-06-11T16:15:27.760`)
- [CVE-2024-34758](CVE-2024/CVE-2024-347xx/CVE-2024-34758.json) (`2024-06-11T17:16:00.717`)
- [CVE-2024-34763](CVE-2024/CVE-2024-347xx/CVE-2024-34763.json) (`2024-06-11T17:16:00.950`)
- [CVE-2024-34768](CVE-2024/CVE-2024-347xx/CVE-2024-34768.json) (`2024-06-11T17:16:01.187`)
- [CVE-2024-34799](CVE-2024/CVE-2024-347xx/CVE-2024-34799.json) (`2024-06-11T17:16:01.430`)
- [CVE-2024-34804](CVE-2024/CVE-2024-348xx/CVE-2024-34804.json) (`2024-06-11T17:16:01.683`)
- [CVE-2024-34815](CVE-2024/CVE-2024-348xx/CVE-2024-34815.json) (`2024-06-11T17:16:01.903`)
- [CVE-2024-34819](CVE-2024/CVE-2024-348xx/CVE-2024-34819.json) (`2024-06-11T16:15:28.010`)
- [CVE-2024-34821](CVE-2024/CVE-2024-348xx/CVE-2024-34821.json) (`2024-06-11T16:15:28.280`)
- [CVE-2024-34822](CVE-2024/CVE-2024-348xx/CVE-2024-34822.json) (`2024-06-11T16:15:28.563`)
- [CVE-2024-35248](CVE-2024/CVE-2024-352xx/CVE-2024-35248.json) (`2024-06-11T17:16:02.180`)
- [CVE-2024-35249](CVE-2024/CVE-2024-352xx/CVE-2024-35249.json) (`2024-06-11T17:16:02.417`)
- [CVE-2024-35250](CVE-2024/CVE-2024-352xx/CVE-2024-35250.json) (`2024-06-11T17:16:02.650`)
- [CVE-2024-35252](CVE-2024/CVE-2024-352xx/CVE-2024-35252.json) (`2024-06-11T17:16:02.890`)
- [CVE-2024-35253](CVE-2024/CVE-2024-352xx/CVE-2024-35253.json) (`2024-06-11T17:16:03.130`)
- [CVE-2024-35254](CVE-2024/CVE-2024-352xx/CVE-2024-35254.json) (`2024-06-11T17:16:03.347`)
- [CVE-2024-35255](CVE-2024/CVE-2024-352xx/CVE-2024-35255.json) (`2024-06-11T17:16:03.550`)
- [CVE-2024-35263](CVE-2024/CVE-2024-352xx/CVE-2024-35263.json) (`2024-06-11T17:16:03.773`)
- [CVE-2024-35265](CVE-2024/CVE-2024-352xx/CVE-2024-35265.json) (`2024-06-11T17:16:03.997`)
- [CVE-2024-36650](CVE-2024/CVE-2024-366xx/CVE-2024-36650.json) (`2024-06-11T16:15:29.043`)
- [CVE-2024-37293](CVE-2024/CVE-2024-372xx/CVE-2024-37293.json) (`2024-06-11T17:16:04.237`)
- [CVE-2024-37325](CVE-2024/CVE-2024-373xx/CVE-2024-37325.json) (`2024-06-11T17:16:04.477`)
- [CVE-2024-5812](CVE-2024/CVE-2024-58xx/CVE-2024-5812.json) (`2024-06-11T16:15:29.207`)
- [CVE-2024-5813](CVE-2024/CVE-2024-58xx/CVE-2024-5813.json) (`2024-06-11T16:15:29.480`)
- [CVE-2024-28020](CVE-2024/CVE-2024-280xx/CVE-2024-28020.json) (`2024-06-11T19:16:05.787`)
- [CVE-2024-28022](CVE-2024/CVE-2024-280xx/CVE-2024-28022.json) (`2024-06-11T19:16:06.017`)
- [CVE-2024-28024](CVE-2024/CVE-2024-280xx/CVE-2024-28024.json) (`2024-06-11T19:16:06.243`)
- [CVE-2024-34405](CVE-2024/CVE-2024-344xx/CVE-2024-34405.json) (`2024-06-11T19:16:07.003`)
- [CVE-2024-34406](CVE-2024/CVE-2024-344xx/CVE-2024-34406.json) (`2024-06-11T19:16:07.090`)
- [CVE-2024-35213](CVE-2024/CVE-2024-352xx/CVE-2024-35213.json) (`2024-06-11T19:16:07.230`)
- [CVE-2024-36702](CVE-2024/CVE-2024-367xx/CVE-2024-36702.json) (`2024-06-11T19:16:07.697`)
- [CVE-2024-36821](CVE-2024/CVE-2024-368xx/CVE-2024-36821.json) (`2024-06-11T18:15:13.927`)
- [CVE-2024-37301](CVE-2024/CVE-2024-373xx/CVE-2024-37301.json) (`2024-06-11T19:16:07.890`)
- [CVE-2024-4190](CVE-2024/CVE-2024-41xx/CVE-2024-4190.json) (`2024-06-11T18:15:14.103`)
- [CVE-2024-5851](CVE-2024/CVE-2024-58xx/CVE-2024-5851.json) (`2024-06-11T18:15:14.437`)
### CVEs modified in the last Commit
Recently modified CVEs: `78`
Recently modified CVEs: `39`
- [CVE-2024-4886](CVE-2024/CVE-2024-48xx/CVE-2024-4886.json) (`2024-06-11T17:14:56.323`)
- [CVE-2024-4939](CVE-2024/CVE-2024-49xx/CVE-2024-4939.json) (`2024-06-11T17:08:33.350`)
- [CVE-2024-5006](CVE-2024/CVE-2024-50xx/CVE-2024-5006.json) (`2024-06-11T17:36:24.000`)
- [CVE-2024-5038](CVE-2024/CVE-2024-50xx/CVE-2024-5038.json) (`2024-06-11T17:41:37.883`)
- [CVE-2024-5188](CVE-2024/CVE-2024-51xx/CVE-2024-5188.json) (`2024-06-11T17:41:17.087`)
- [CVE-2024-5221](CVE-2024/CVE-2024-52xx/CVE-2024-5221.json) (`2024-06-11T17:45:05.337`)
- [CVE-2024-5222](CVE-2024/CVE-2024-52xx/CVE-2024-5222.json) (`2024-06-11T17:10:40.303`)
- [CVE-2024-5259](CVE-2024/CVE-2024-52xx/CVE-2024-5259.json) (`2024-06-11T17:44:42.783`)
- [CVE-2024-5262](CVE-2024/CVE-2024-52xx/CVE-2024-5262.json) (`2024-06-11T17:18:50.600`)
- [CVE-2024-5317](CVE-2024/CVE-2024-53xx/CVE-2024-5317.json) (`2024-06-11T17:22:08.007`)
- [CVE-2024-5329](CVE-2024/CVE-2024-53xx/CVE-2024-5329.json) (`2024-06-11T17:42:26.677`)
- [CVE-2024-5439](CVE-2024/CVE-2024-54xx/CVE-2024-5439.json) (`2024-06-11T17:35:43.313`)
- [CVE-2024-5453](CVE-2024/CVE-2024-54xx/CVE-2024-5453.json) (`2024-06-11T17:34:52.263`)
- [CVE-2024-5483](CVE-2024/CVE-2024-54xx/CVE-2024-5483.json) (`2024-06-11T17:19:17.143`)
- [CVE-2024-5526](CVE-2024/CVE-2024-55xx/CVE-2024-5526.json) (`2024-06-11T17:25:55.677`)
- [CVE-2024-5536](CVE-2024/CVE-2024-55xx/CVE-2024-5536.json) (`2024-06-11T17:28:37.343`)
- [CVE-2024-5571](CVE-2024/CVE-2024-55xx/CVE-2024-5571.json) (`2024-06-11T17:29:03.277`)
- [CVE-2024-5615](CVE-2024/CVE-2024-56xx/CVE-2024-5615.json) (`2024-06-11T17:55:16.103`)
- [CVE-2024-5635](CVE-2024/CVE-2024-56xx/CVE-2024-5635.json) (`2024-06-11T16:47:04.413`)
- [CVE-2024-5636](CVE-2024/CVE-2024-56xx/CVE-2024-5636.json) (`2024-06-11T17:23:29.670`)
- [CVE-2024-5645](CVE-2024/CVE-2024-56xx/CVE-2024-5645.json) (`2024-06-11T17:57:47.197`)
- [CVE-2024-5656](CVE-2024/CVE-2024-56xx/CVE-2024-5656.json) (`2024-06-11T17:54:54.870`)
- [CVE-2024-5657](CVE-2024/CVE-2024-56xx/CVE-2024-5657.json) (`2024-06-11T17:40:47.823`)
- [CVE-2024-5665](CVE-2024/CVE-2024-56xx/CVE-2024-5665.json) (`2024-06-11T17:47:45.033`)
- [CVE-2024-5732](CVE-2024/CVE-2024-57xx/CVE-2024-5732.json) (`2024-06-11T17:57:13.767`)
- [CVE-2024-2525](CVE-2024/CVE-2024-25xx/CVE-2024-2525.json) (`2024-06-11T18:15:13.263`)
- [CVE-2024-2560](CVE-2024/CVE-2024-25xx/CVE-2024-2560.json) (`2024-06-11T18:15:13.387`)
- [CVE-2024-31878](CVE-2024/CVE-2024-318xx/CVE-2024-31878.json) (`2024-06-11T18:23:27.153`)
- [CVE-2024-36673](CVE-2024/CVE-2024-366xx/CVE-2024-36673.json) (`2024-06-11T18:27:20.950`)
- [CVE-2024-36779](CVE-2024/CVE-2024-367xx/CVE-2024-36779.json) (`2024-06-11T18:14:35.890`)
- [CVE-2024-37160](CVE-2024/CVE-2024-371xx/CVE-2024-37160.json) (`2024-06-11T18:22:50.097`)
- [CVE-2024-4451](CVE-2024/CVE-2024-44xx/CVE-2024-4451.json) (`2024-06-11T18:09:15.847`)
- [CVE-2024-4488](CVE-2024/CVE-2024-44xx/CVE-2024-4488.json) (`2024-06-11T18:09:34.110`)
- [CVE-2024-4489](CVE-2024/CVE-2024-44xx/CVE-2024-4489.json) (`2024-06-11T18:07:03.573`)
- [CVE-2024-4610](CVE-2024/CVE-2024-46xx/CVE-2024-4610.json) (`2024-06-11T18:31:31.330`)
- [CVE-2024-4703](CVE-2024/CVE-2024-47xx/CVE-2024-4703.json) (`2024-06-11T18:06:31.967`)
- [CVE-2024-5382](CVE-2024/CVE-2024-53xx/CVE-2024-5382.json) (`2024-06-11T18:27:00.427`)
- [CVE-2024-5426](CVE-2024/CVE-2024-54xx/CVE-2024-5426.json) (`2024-06-11T18:03:58.213`)
- [CVE-2024-5438](CVE-2024/CVE-2024-54xx/CVE-2024-5438.json) (`2024-06-11T18:26:45.147`)
- [CVE-2024-5481](CVE-2024/CVE-2024-54xx/CVE-2024-5481.json) (`2024-06-11T18:00:09.740`)
- [CVE-2024-5489](CVE-2024/CVE-2024-54xx/CVE-2024-5489.json) (`2024-06-11T18:15:01.617`)
- [CVE-2024-5542](CVE-2024/CVE-2024-55xx/CVE-2024-5542.json) (`2024-06-11T18:25:51.200`)
- [CVE-2024-5599](CVE-2024/CVE-2024-55xx/CVE-2024-5599.json) (`2024-06-11T18:24:39.057`)
- [CVE-2024-5637](CVE-2024/CVE-2024-56xx/CVE-2024-5637.json) (`2024-06-11T18:31:54.787`)
- [CVE-2024-5658](CVE-2024/CVE-2024-56xx/CVE-2024-5658.json) (`2024-06-11T18:21:52.377`)
- [CVE-2024-5673](CVE-2024/CVE-2024-56xx/CVE-2024-5673.json) (`2024-06-11T18:17:10.037`)
- [CVE-2024-5675](CVE-2024/CVE-2024-56xx/CVE-2024-5675.json) (`2024-06-11T18:14:02.017`)
- [CVE-2024-5684](CVE-2024/CVE-2024-56xx/CVE-2024-5684.json) (`2024-06-11T18:13:30.163`)
- [CVE-2024-5733](CVE-2024/CVE-2024-57xx/CVE-2024-5733.json) (`2024-06-11T18:30:50.690`)
- [CVE-2024-5734](CVE-2024/CVE-2024-57xx/CVE-2024-5734.json) (`2024-06-11T18:30:16.727`)
## Download and Usage

397
_state.csv
View File

File diff suppressed because it is too large Load Diff