Auto-Update: 2024-12-03T05:00:25.635335+00:00

CVE-2024/CVE-2024-201xx/CVE-2024-20125.json

@@ -2,13 +2,13 @@
   "id": "CVE-2024-20125",
   "sourceIdentifier": "security@mediatek.com",
   "published": "2024-12-02T04:15:04.663",
-  "lastModified": "2024-12-02T17:15:09.543",
+  "lastModified": "2024-12-03T03:15:04.773",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728."
+      "value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728."
     },
     {
       "lang": "es",

CVE-2024/CVE-2024-450xx/CVE-2024-45068.json

@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-45068",
+  "sourceIdentifier": "hirt@hitachi.co.jp",
+  "published": "2024-12-03T03:15:04.953",
+  "lastModified": "2024-12-03T03:15:04.953",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within Hitachi Ops Center OVA.\n\n\nThis issue affects Hitachi Ops Center Common Services: from 10.9.3-00 before 11.0.3-00; Hitachi Ops Center OVA: from 10.9.3-00 before 11.0.2-01."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "hirt@hitachi.co.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "hirt@hitachi.co.jp",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1392"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-149/index.html",
+      "source": "hirt@hitachi.co.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-96xx/CVE-2024-9694.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-9694",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-12-03T03:15:05.123",
+  "lastModified": "2024-12-03T03:15:05.123",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The CMSMasters Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.14.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://docs.cmsmasters.net/cmsmasters-elementor-addon-changelog/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7eb78b64-ebe3-44e9-9061-d380693c5566?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-03T03:00:48.956016+00:00
+2024-12-03T05:00:25.635335+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-03T02:15:17.913000+00:00
+2024-12-03T03:15:05.123000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,25 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-271949
+271951
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `5`
+Recently added CVEs: `2`
 
-- [CVE-2018-9441](CVE-2018/CVE-2018-94xx/CVE-2018-9441.json) (`2024-12-03T01:15:04.697`)
-- [CVE-2018-9449](CVE-2018/CVE-2018-94xx/CVE-2018-9449.json) (`2024-12-03T01:15:04.803`)
-- [CVE-2024-8748](CVE-2024/CVE-2024-87xx/CVE-2024-8748.json) (`2024-12-03T02:15:17.620`)
-- [CVE-2024-9197](CVE-2024/CVE-2024-91xx/CVE-2024-9197.json) (`2024-12-03T02:15:17.773`)
-- [CVE-2024-9200](CVE-2024/CVE-2024-92xx/CVE-2024-9200.json) (`2024-12-03T02:15:17.913`)
+- [CVE-2024-45068](CVE-2024/CVE-2024-450xx/CVE-2024-45068.json) (`2024-12-03T03:15:04.953`)
+- [CVE-2024-9694](CVE-2024/CVE-2024-96xx/CVE-2024-9694.json) (`2024-12-03T03:15:05.123`)
 
 
 ### CVEs modified in the last Commit
 
 Recently modified CVEs: `1`
 
-- [CVE-2021-20784](CVE-2021/CVE-2021-207xx/CVE-2021-20784.json) (`2024-12-03T02:15:16.550`)
+- [CVE-2024-20125](CVE-2024/CVE-2024-201xx/CVE-2024-20125.json) (`2024-12-03T03:15:04.773`)
 
 
 ## Download and Usage

_state.csv

@@ -126970,12 +126970,12 @@ CVE-2018-9436,0,0,c8a247a24c83592bc549534ae7eaaefb20fd255e25c6b61b4321b051f8f1ed
 CVE-2018-9437,0,0,2fe7c032447c4aee2d71cdb7773a63d008648862a1635a0096aea7442fa776a0,2018-12-12T21:23:38.690000
 CVE-2018-9438,0,0,9dbca74422ec533040b998a41e1e9831a0ef457b53367dc472271daa39aa9ea8,2019-10-03T00:03:26.223000
 CVE-2018-9440,0,0,5d528d97aa009b19faaf4b76b2810035a508f7ff2a656fcd3a5ea6d1c0d4ebd7,2024-11-22T21:30:26.993000
-CVE-2018-9441,1,1,64e0ca2bcf827a0c3a213e5b6d51a206424c5243615bed13cdf55ac8ff086493,2024-12-03T01:15:04.697000
+CVE-2018-9441,0,0,64e0ca2bcf827a0c3a213e5b6d51a206424c5243615bed13cdf55ac8ff086493,2024-12-03T01:15:04.697000
 CVE-2018-9444,0,0,845df1a91dbb86e10e94c2948d2846f136bb91fcf20699ed819d25cc42061c97,2019-10-03T00:03:26.223000
 CVE-2018-9445,0,0,98705da52e00a08c614b22fd78898c2cac0a1a38aa43d2cb54a22be54b025a7f,2018-12-12T21:11:21.837000
 CVE-2018-9446,0,0,aade2e9dd27e08888d7772668cb279781f71a8adf195cc015d694763f350e194,2018-12-12T21:04:55.173000
 CVE-2018-9448,0,0,6f09b1e98acf930f94a509976debb4b57f40d675d8c3078ca467fb9170d1e624,2018-12-12T21:02:17.877000
-CVE-2018-9449,1,1,3180cc976c0636dccd35b3a0144c54d1a1cf2fda607b0f3ceb51b090085bc964,2024-12-03T01:15:04.803000
+CVE-2018-9449,0,0,3180cc976c0636dccd35b3a0144c54d1a1cf2fda607b0f3ceb51b090085bc964,2024-12-03T01:15:04.803000
 CVE-2018-9450,0,0,88a5539155afc3838696edab4f8304f63eba50f73be2aafec2b62ff10c75122f,2018-12-12T20:55:12.133000
 CVE-2018-9451,0,0,129d08baf0933d3fb93461fbfc4f9a2f145f8900af6404108ecd3acb357d36b8,2018-12-12T20:48:51.673000
 CVE-2018-9452,0,0,780910fe7d2739fa64e821536152992dd248be72f6bf6989ab9ade5896bbdc38,2023-11-07T03:01:36.743000
@@ -167307,7 +167307,7 @@ CVE-2021-20780,0,0,034fd0ea3f66dffde8319d02f1f6ff59878838b144363eab428fe76a871fa
 CVE-2021-20781,0,0,e92b0356c1a59738fab9eee23481d0b7ba73842efcd8a56472874f0500673d6e,2021-07-15T23:51:26.427000
 CVE-2021-20782,0,0,055f8d7edf95bef6853a658f324088d58382e38c72033b3a5fbcd3659b4f029b,2021-07-15T23:51:01
 CVE-2021-20783,0,0,aac551605ce5443319e87b63909a740bac3c0c4e882e9f94edc19119af7e45f0,2021-08-09T17:43:09.083000
-CVE-2021-20784,0,1,2141e2a7573719e61083ea8ae8452c48c8c9eaed2f48b4ed766347876dd8fc1d,2024-12-03T02:15:16.550000
+CVE-2021-20784,0,0,2141e2a7573719e61083ea8ae8452c48c8c9eaed2f48b4ed766347876dd8fc1d,2024-12-03T02:15:16.550000
 CVE-2021-20785,0,0,1330fc10280ca640166a3fa0933d054e6e193def77f121c41dbf9a635fa44e97,2021-08-06T12:16:27.157000
 CVE-2021-20786,0,0,1c4c03ddf89e26e9068ee12848162e0793f0e13bac0f0da74f8f482cd9671373,2021-08-06T19:32:48.483000
 CVE-2021-20787,0,0,5305ab0160b3f29fefae35c8de5fd2e7e93d96a3a48ee42ce17906bbe967ca73,2021-08-06T12:42:19.363000
@@ -244797,7 +244797,7 @@ CVE-2024-20121,0,0,4938115c914642adef5ea2985a500e819409d2c7aa3a5388330765c060ef6
 CVE-2024-20122,0,0,744b016dd77bf1d3925336cb7504cc81d1bda83c1655bf764225b09f6b0227e4,2024-11-05T08:35:19.593000
 CVE-2024-20123,0,0,bdf62a4af5c1c1ed58a1e235ea3a69d58e2afa0181d5f68baf40f699c0511aac,2024-11-04T18:50:05.607000
 CVE-2024-20124,0,0,1799547edf556e9de06685a9fcdc4c8ef9057ff40c9829ccf5d3b3aa46605f16,2024-11-04T18:50:05.607000
-CVE-2024-20125,0,0,a95592121d0de2a82283637e180f978c8268829ce83449ebef9c55894c24ce6b,2024-12-02T17:15:09.543000
+CVE-2024-20125,0,1,003a0c3a3b9ddf38da99a8b47462e79051bcf123de4fe606a156f4ac1ec32978,2024-12-03T03:15:04.773000
 CVE-2024-20127,0,0,4f5b6e07f1cf122950dbcd8b116d02726448a35cafe00d3cdacf295c0739e6cf,2024-12-02T17:15:09.827000
 CVE-2024-20128,0,0,25052607e0f79bd84aa97e3e9edbd33f6226d229c08168150d2c97b326e4867f,2024-12-02T17:15:10.230000
 CVE-2024-20129,0,0,671726aba2b1095472532326d37fd302eed94fd6211ea01542506d4087187d34,2024-12-02T04:15:05.073000
@@ -263076,6 +263076,7 @@ CVE-2024-4506,0,0,ddf6bfe33c9fb68b792eae19c37cbcf6030ec7e8a9a0c1f6ead94d2f62170a
 CVE-2024-45060,0,0,83a57138238cb06a814cf1f01df1fffbe4a9e82af20e4c1164e77ac214e2dd35,2024-10-17T14:14:11.230000
 CVE-2024-45063,0,0,33e08634550506363c06b675c8eebdf6582cbbe73548148f8e40aee753dad000,2024-09-06T17:35:18.370000
 CVE-2024-45066,0,0,a454e9ceebd31b55929c2c0a2d42869872cfc6fb29fa46b222f3049d82b952e2,2024-10-01T16:18:10.680000
+CVE-2024-45068,1,1,7e652a033d343abc25cd431e58639bbaae748880797efa8e70f1792976c7a726,2024-12-03T03:15:04.953000
 CVE-2024-4507,0,0,feffcf27ced8e6be5fca9d21b321343c494624929485135b513ee1c93a346051,2024-06-04T19:20:40.250000
 CVE-2024-45071,0,0,3bfe93752746c249962746373671b28be950445a9667f67fa10fa73cbdbe89bf,2024-10-21T13:41:29.383000
 CVE-2024-45072,0,0,b27748da4d45b977847cef15e3110281ca75cc3297ba880f9183987a9db911b5,2024-10-21T13:41:20.463000
@@ -270991,7 +270992,7 @@ CVE-2024-8742,0,0,22ad08a64cc55234113e83ee811bd639e6d0a7f5c2878d141833012213ce63
 CVE-2024-8743,0,0,65920323e1d664fd8f354bc76b73276103c2d19a537eecec01fa5cc8c5638d58,2024-10-07T17:48:28.117000
 CVE-2024-8746,0,0,9b12bf69372f6b3575fc1d522f2243a86d48c59565605043b626c3c9ab06c3c5,2024-10-17T18:22:18.277000
 CVE-2024-8747,0,0,c8071dd8d89406610db13dc6a04dbbb98461ebd7257641ae31a11de6b1ad5c9f,2024-09-26T19:23:12.477000
-CVE-2024-8748,1,1,7e9a9661b345923000c3e16436413f72dc529d15366faac99b1e5d2458a88011,2024-12-03T02:15:17.620000
+CVE-2024-8748,0,0,7e9a9661b345923000c3e16436413f72dc529d15366faac99b1e5d2458a88011,2024-12-03T02:15:17.620000
 CVE-2024-8749,0,0,dc7dd50ec6adedb45c385a82f706a7ab45f55e506e70a64a626b0d8f521f6289,2024-09-18T18:53:54.860000
 CVE-2024-8750,0,0,6aa000b45a0c694359dda91e7e992492dcd4e93d6e7b8c131ee0a86fa36b5620,2024-09-18T20:38:42.123000
 CVE-2024-8751,0,0,dd4f77422f5dc981129a2e765da3e243ee86648b85be15172cd0c4e6601f992a,2024-09-13T14:06:04.777000
@@ -271330,10 +271331,10 @@ CVE-2024-9189,0,0,589dc859bd1b4dfe4aefe62d286159acb6f430185a125dd81b1568310ee1bb
 CVE-2024-9191,0,0,ee6dfe1b0c94de0c4973c32fd9b929e1fce6c45c7ed6900711a578d548548d42,2024-11-05T17:06:41.363000
 CVE-2024-9192,0,0,6b4f5a1acbf9a7dc210d7032de22d145ff71455a06b1f810943596d74d74ef04,2024-11-18T17:11:17.393000
 CVE-2024-9194,0,0,94d0f5f267ad180c0cf40bc9b87cc59bf3002f59241057e5b89ba1ec25bacf82,2024-10-04T13:51:25.567000
-CVE-2024-9197,1,1,2dd7b024fb584d944b0189015d8405b30144aa1b82f47648a2753c31c3accff7,2024-12-03T02:15:17.773000
+CVE-2024-9197,0,0,2dd7b024fb584d944b0189015d8405b30144aa1b82f47648a2753c31c3accff7,2024-12-03T02:15:17.773000
 CVE-2024-9198,0,0,f43e7cbf5ad8264654a856d8df5069cea0145a66becd85052219123b3f2b7d6c,2024-10-02T14:33:52.780000
 CVE-2024-9199,0,0,0d70434db3b8e5067294d8da03c36e695141f2bf7d8322fbb68a3bc3177abf45,2024-10-02T14:33:54.607000
-CVE-2024-9200,1,1,81943866d94dfb8fa311510c35ffc3da0ab252799cab24090b4d96c4fbcc2d6f,2024-12-03T02:15:17.913000
+CVE-2024-9200,0,0,81943866d94dfb8fa311510c35ffc3da0ab252799cab24090b4d96c4fbcc2d6f,2024-12-03T02:15:17.913000
 CVE-2024-9201,0,0,043f6236f1ae15d80746e8fc0b7abf34a1eabf9fc134bbb1f48cfb27d8617ff9,2024-10-16T16:55:44.817000
 CVE-2024-9202,0,0,808b8091e3582386849f2f7767feb40805cba585b6581ba135c1d621ab219188,2024-09-30T12:46:20.237000
 CVE-2024-9203,0,0,e6eb6874bd83da6550f594261cd60c3d082a0ed5dbc17d4c1b083dd114dee5d8,2024-09-30T12:46:20.237000
@@ -271699,6 +271700,7 @@ CVE-2024-9687,0,0,ae8c4791dae243694c67044fa0088a221548cce6d43bc08144a537d590a79f
 CVE-2024-9689,0,0,8f8c579186810d2b61eae71f3a64a7543fcf1895acd4679afad8157c388bec86,2024-11-07T20:35:16.807000
 CVE-2024-9692,0,0,6637a78c6a5a322d069f0f0384d674a49925fbfbbf719ba95a3af042d35fdc19,2024-10-25T12:56:07.750000
 CVE-2024-9693,0,0,c232ba5fb9bd3328aba53f248efeb2d2aeaf79f5188ca1b239af2b4114f223f9,2024-11-26T01:57:19.427000
+CVE-2024-9694,1,1,ea2e5d7c269ebde131c67b83b8ab722d57d5f4b4e1e7a5354b571ebf2abe431b,2024-12-03T03:15:05.123000
 CVE-2024-9696,0,0,d30db32e6e91542491621f64f323265f1c350c675c770ec19d03f3299ae1a70c,2024-11-25T20:42:32.327000
 CVE-2024-9700,0,0,44ec8c5b1c72b9ea93133516d058ebd0146b084de37af1e6b9ed3d48584cc0ad,2024-11-25T19:57:41.387000
 CVE-2024-9703,0,0,dd5db55cccdddcc3b58f6b494a8ef777447f72688cd0a2c60dac8e42fee7b6a9,2024-10-22T15:25:27.887000