From 26626f3fe473693bf16d841df17c9f658b5706e0 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 21 May 2024 08:03:56 +0000 Subject: [PATCH] Auto-Update: 2024-05-21T08:01:05.489972+00:00 --- CVE-2023/CVE-2023-526xx/CVE-2023-52665.json | 21 +--- CVE-2024/CVE-2024-21xx/CVE-2024-2189.json | 20 ++++ CVE-2024/CVE-2024-269xx/CVE-2024-26904.json | 124 +------------------- CVE-2024/CVE-2024-40xx/CVE-2024-4061.json | 20 ++++ CVE-2024/CVE-2024-42xx/CVE-2024-4289.json | 20 ++++ CVE-2024/CVE-2024-42xx/CVE-2024-4290.json | 20 ++++ CVE-2024/CVE-2024-43xx/CVE-2024-4372.json | 20 ++++ CVE-2024/CVE-2024-44xx/CVE-2024-4442.json | 51 ++++++++ CVE-2024/CVE-2024-44xx/CVE-2024-4470.json | 51 ++++++++ CVE-2024/CVE-2024-47xx/CVE-2024-4710.json | 47 ++++++++ README.md | 29 ++--- _state.csv | 30 +++-- 12 files changed, 292 insertions(+), 161 deletions(-) create mode 100644 CVE-2024/CVE-2024-21xx/CVE-2024-2189.json create mode 100644 CVE-2024/CVE-2024-40xx/CVE-2024-4061.json create mode 100644 CVE-2024/CVE-2024-42xx/CVE-2024-4289.json create mode 100644 CVE-2024/CVE-2024-42xx/CVE-2024-4290.json create mode 100644 CVE-2024/CVE-2024-43xx/CVE-2024-4372.json create mode 100644 CVE-2024/CVE-2024-44xx/CVE-2024-4442.json create mode 100644 CVE-2024/CVE-2024-44xx/CVE-2024-4470.json create mode 100644 CVE-2024/CVE-2024-47xx/CVE-2024-4710.json diff --git a/CVE-2023/CVE-2023-526xx/CVE-2023-52665.json b/CVE-2023/CVE-2023-526xx/CVE-2023-52665.json index 24984c03e80..5780cf4222c 100644 --- a/CVE-2023/CVE-2023-526xx/CVE-2023-52665.json +++ b/CVE-2023/CVE-2023-526xx/CVE-2023-52665.json @@ -2,27 +2,14 @@ "id": "CVE-2023-52665", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-17T14:15:09.043", - "lastModified": "2024-05-17T18:35:35.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-05-21T07:15:08.063", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2\n\nCommit 8c5fa3b5c4df (\"powerpc/64: Make ELFv2 the default for big-endian\nbuilds\"), merged in Linux-6.5-rc1 changes the calling ABI in a way\nthat is incompatible with the current code for the PS3's LV1 hypervisor\ncalls.\n\nThis change just adds the line '# CONFIG_PPC64_BIG_ENDIAN_ELF_ABI_V2 is not set'\nto the ps3_defconfig file so that the PPC64_ELF_ABI_V1 is used.\n\nFixes run time errors like these:\n\n BUG: Kernel NULL pointer dereference at 0x00000000\n Faulting instruction address: 0xc000000000047cf0\n Oops: Kernel access of bad area, sig: 11 [#1]\n Call Trace:\n [c0000000023039e0] [c00000000100ebfc] ps3_create_spu+0xc4/0x2b0 (unreliable)\n [c000000002303ab0] [c00000000100d4c4] create_spu+0xcc/0x3c4\n [c000000002303b40] [c00000000100eae4] ps3_enumerate_spus+0xa4/0xf8" + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], "metrics": {}, - "references": [ - { - "url": "https://git.kernel.org/stable/c/482b718a84f08b6fc84879c3e90cc57dba11c115", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/d0f0780f03df54d08ced118d27834ee5008724e4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - }, - { - "url": "https://git.kernel.org/stable/c/f70557d48215b14a9284ac3a6ae7e4ee1d039f10", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" - } - ] + "references": [] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2189.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2189.json new file mode 100644 index 00000000000..92c8e58a2cd --- /dev/null +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2189.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-2189", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-05-21T06:15:08.540", + "lastModified": "2024-05-21T06:15:08.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Social Icons Widget & Block by WPZOOM WordPress plugin before 4.2.18 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/b8661fbe-78b9-4d29-90bf-5b68af468eb6/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26904.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26904.json index 1b9ad18077a..de41f04c997 100644 --- a/CVE-2024/CVE-2024-269xx/CVE-2024-26904.json +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26904.json @@ -2,128 +2,14 @@ "id": "CVE-2024-26904", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-17T11:15:11.113", - "lastModified": "2024-04-29T19:42:55.027", - "vulnStatus": "Analyzed", + "lastModified": "2024-05-21T07:15:08.260", + "vulnStatus": "Rejected", "descriptions": [ { "lang": "en", - "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve\n\nAt btrfs_use_block_rsv() we read the size of a block reserve without\nlocking its spinlock, which makes KCSAN complain because the size of a\nblock reserve is always updated while holding its spinlock. The report\nfrom KCSAN is the following:\n\n [653.313148] BUG: KCSAN: data-race in btrfs_update_delayed_refs_rsv [btrfs] / btrfs_use_block_rsv [btrfs]\n\n [653.314755] read to 0x000000017f5871b8 of 8 bytes by task 7519 on cpu 0:\n [653.314779] btrfs_use_block_rsv+0xe4/0x2f8 [btrfs]\n [653.315606] btrfs_alloc_tree_block+0xdc/0x998 [btrfs]\n [653.316421] btrfs_force_cow_block+0x220/0xe38 [btrfs]\n [653.317242] btrfs_cow_block+0x1ac/0x568 [btrfs]\n [653.318060] btrfs_search_slot+0xda2/0x19b8 [btrfs]\n [653.318879] btrfs_del_csums+0x1dc/0x798 [btrfs]\n [653.319702] __btrfs_free_extent.isra.0+0xc24/0x2028 [btrfs]\n [653.320538] __btrfs_run_delayed_refs+0xd3c/0x2390 [btrfs]\n [653.321340] btrfs_run_delayed_refs+0xae/0x290 [btrfs]\n [653.322140] flush_space+0x5e4/0x718 [btrfs]\n [653.322958] btrfs_preempt_reclaim_metadata_space+0x102/0x2f8 [btrfs]\n [653.323781] process_one_work+0x3b6/0x838\n [653.323800] worker_thread+0x75e/0xb10\n [653.323817] kthread+0x21a/0x230\n [653.323836] __ret_from_fork+0x6c/0xb8\n [653.323855] ret_from_fork+0xa/0x30\n\n [653.323887] write to 0x000000017f5871b8 of 8 bytes by task 576 on cpu 3:\n [653.323906] btrfs_update_delayed_refs_rsv+0x1a4/0x250 [btrfs]\n [653.324699] btrfs_add_delayed_data_ref+0x468/0x6d8 [btrfs]\n [653.325494] btrfs_free_extent+0x76/0x120 [btrfs]\n [653.326280] __btrfs_mod_ref+0x6a8/0x6b8 [btrfs]\n [653.327064] btrfs_dec_ref+0x50/0x70 [btrfs]\n [653.327849] walk_up_proc+0x236/0xa50 [btrfs]\n [653.328633] walk_up_tree+0x21c/0x448 [btrfs]\n [653.329418] btrfs_drop_snapshot+0x802/0x1328 [btrfs]\n [653.330205] btrfs_clean_one_deleted_snapshot+0x184/0x238 [btrfs]\n [653.330995] cleaner_kthread+0x2b0/0x2f0 [btrfs]\n [653.331781] kthread+0x21a/0x230\n [653.331800] __ret_from_fork+0x6c/0xb8\n [653.331818] ret_from_fork+0xa/0x30\n\nSo add a helper to get the size of a block reserve while holding the lock.\nReading the field while holding the lock instead of using the data_race()\nannotation is used in order to prevent load tearing." - }, - { - "lang": "es", - "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: corrige la carrera de datos en btrfs_use_block_rsv() al acceder a la reserva de bloque En btrfs_use_block_rsv() leemos el tama\u00f1o de una reserva de bloque sin bloquear su spinlock, lo que hace que KCSAN se queje porque el tama\u00f1o de una reserva de bloque siempre se actualiza mientras se mantiene su bloqueo de giro. El informe de KCSAN es el siguiente: [653.313148] ERROR: KCSAN: data-race en btrfs_update_delayed_refs_rsv [btrfs] / btrfs_use_block_rsv [btrfs] [653.314755] le\u00eddo en 0x000000017f5871b8 de 8 bytes por tarea 7519 en 0: [653.314779] btrfs_use_block_rsv+0xe4 /0x2f8 [btrfs] [653.315606] btrfs_alloc_tree_block+0xdc/0x998 [btrfs] [653.316421] btrfs_force_cow_block+0x220/0xe38 [btrfs] [653.317242] 8 [btrfs] [653.318060] btrfs_search_slot+0xda2/0x19b8 [btrfs] [ 653.318879] btrfs_del_csums+0x1dc/0x798 [btrfs] [653.319702] __btrfs_free_extent.isra.0+0xc24/0x2028 [btrfs] [653.320538] __btrfs_run_delayed_refs+0xd3c/0x 2390 [btrfs] [653.321340] btrfs_run_delayed_refs+0xae/0x290 [btrfs] [653.322140] flush_space+0x5e4/0x718 [btrfs] [653.322958] btrfs_preempt_reclaim_metadata_space+0x102/0x2f8 [btrfs] [653.323781] Process_one_work+0x3b6/0x838 [653.323800] trabajador_thread+0x75e/0xb1 0 [653.323817] kthread+0x21a/0x230 [653.323836] __ret_from_fork+0x6c/ 0xb8 [653.323855] ret_from_fork+0xa/0x30 [653.323887] escribe en 0x000000017f5871b8 de 8 bytes por tarea 576 en la CPU 3: [653.323906] [btrfs] [653.324699] btrfs_add_delayed_data_ref+0x468/0x6d8 [btrfs] [653.325494] btrfs_free_extent+0x76/0x120 [btrfs] [653.326280] __btrfs_mod_ref+0x6a8/0x6b8 [btrfs] [653.327064] btrfs_dec_ref+0x50/0x70 [btrfs] [653.327849] 236/0xa50 [btrfs] [653.328633] walk_up_tree+0x21c/0x448 [ btrfs] [653.329418] btrfs_drop_snapshot+0x802/0x1328 [btrfs] [653.330205] btrfs_clean_one_deleted_snapshot+0x184/0x238 [btrfs] [653.330995] clean_kthread+0x2b0/0x2f0 [ btrfs] [653.331781] kthread+0x21a/0x230 [653.331800] __ret_from_fork+0x6c/ 0xb8 [653.331818] ret_from_fork+0xa/0x30 Entonces agregue un ayudante para obtener el tama\u00f1o de una reserva de bloque mientras mantiene el bloqueo. Se utiliza la lectura del campo mientras se mantiene presionado el candado en lugar de usar la anotaci\u00f3n data_race() para evitar el desgarro de la carga." + "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ], - "metrics": { - "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 1.8, - "impactScore": 3.6 - } - ] - }, - "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-667" - } - ] - } - ], - "configurations": [ - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "5.4.273", - "matchCriteriaId": "76CFA8C9-742A-4ECA-950F-2FCCF734E1BD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.5", - "versionEndExcluding": "6.1.83", - "matchCriteriaId": "EF52B0D3-9516-4C4D-9AB8-75E2928A7691" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.2", - "versionEndExcluding": "6.6.23", - "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "6.7", - "versionEndExcluding": "6.7.11", - "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD" - } - ] - } - ] - } - ], - "references": [ - { - "url": "https://git.kernel.org/stable/c/2daa2a8e895e6dc2395f8628c011bcf1e019040d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", - "tags": [ - "Patch" - ] - }, - { - "url": "https://git.kernel.org/stable/c/7e9422d35d574b646269ca46010a835ca074b310", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", - "tags": [ - "Patch" - ] - }, - { - "url": "https://git.kernel.org/stable/c/ab1be3f1aa7799f99155488c28eacaef65eb68fb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", - "tags": [ - "Patch" - ] - }, - { - "url": "https://git.kernel.org/stable/c/c7bb26b847e5b97814f522686068c5628e2b3646", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", - "tags": [ - "Patch" - ] - }, - { - "url": "https://git.kernel.org/stable/c/f6d4d29a12655b42a13cec038c2902bb7efc50ed", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", - "tags": [ - "Patch" - ] - } - ] + "metrics": {}, + "references": [] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-40xx/CVE-2024-4061.json b/CVE-2024/CVE-2024-40xx/CVE-2024-4061.json new file mode 100644 index 00000000000..fca4d9f57b5 --- /dev/null +++ b/CVE-2024/CVE-2024-40xx/CVE-2024-4061.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-4061", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-05-21T06:15:09.247", + "lastModified": "2024-05-21T06:15:09.247", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Survey Maker WordPress plugin before 4.2.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/175a9f3a-1f8d-44d1-8a12-e037251b025d/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-42xx/CVE-2024-4289.json b/CVE-2024/CVE-2024-42xx/CVE-2024-4289.json new file mode 100644 index 00000000000..0ff802464aa --- /dev/null +++ b/CVE-2024/CVE-2024-42xx/CVE-2024-4289.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-4289", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-05-21T06:15:09.517", + "lastModified": "2024-05-21T06:15:09.517", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Sailthru Triggermail WordPress plugin through 1.1 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/072785de-0ce5-42a4-a3fd-4eb1d1a2f1be/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-42xx/CVE-2024-4290.json b/CVE-2024/CVE-2024-42xx/CVE-2024-4290.json new file mode 100644 index 00000000000..a7c8230ab83 --- /dev/null +++ b/CVE-2024/CVE-2024-42xx/CVE-2024-4290.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-4290", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-05-21T06:15:09.767", + "lastModified": "2024-05-21T06:15:09.767", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Sailthru Triggermail WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/a9a10d0f-d8f2-4f3e-92bf-94fc08416d87/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-43xx/CVE-2024-4372.json b/CVE-2024/CVE-2024-43xx/CVE-2024-4372.json new file mode 100644 index 00000000000..1e71955ab7d --- /dev/null +++ b/CVE-2024/CVE-2024-43xx/CVE-2024-4372.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-4372", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-05-21T06:15:10.000", + "lastModified": "2024-05-21T06:15:10.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Carousel Slider WordPress plugin before 2.2.11 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/13dcfd8a-e378-44b4-af6f-940bc41539a4/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4442.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4442.json new file mode 100644 index 00000000000..c47719793e5 --- /dev/null +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4442.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-4442", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T07:15:08.460", + "lastModified": "2024-05-21T07:15:08.460", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Salon booking system plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 9.8. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/tags/9.8/src/SLN/Action/Ajax/RemoveUploadedFile.php#L5", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3088196/salon-booking-system#file14", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eaafeadd-f44c-49b1-b900-ef40800c629e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4470.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4470.json new file mode 100644 index 00000000000..afab1d1bc8e --- /dev/null +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4470.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-4470", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T07:15:08.810", + "lastModified": "2024-05-21T07:15:08.810", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Master Slider \u2013 Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_slide_info' shortcode in all versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied 'tag_name' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/master-slider/tags/3.9.9/includes/msp-shortcodes.php#L1078", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3084860/#file2", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd59bee7-5de5-406d-8c1b-654306d68ab8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-47xx/CVE-2024-4710.json b/CVE-2024/CVE-2024-47xx/CVE-2024-4710.json new file mode 100644 index 00000000000..becd7099375 --- /dev/null +++ b/CVE-2024/CVE-2024-47xx/CVE-2024-4710.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-4710", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T07:15:09.087", + "lastModified": "2024-05-21T07:15:09.087", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The UberMenu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ubermenu-col, ubermenu_mobile_close_button, ubermenu_toggle, ubermenu-search shortcodes in all versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://codecanyon.net/item/ubermenu-wordpress-mega-menu-plugin/154703", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96161594-9513-49f7-91ab-9ad05b900a81?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 791256f0fdb..875b51b3a89 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-05-21T06:00:29.462053+00:00 +2024-05-21T08:01:05.489972+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-05-21T05:15:50.890000+00:00 +2024-05-21T07:15:09.087000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -250883 +250891 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `8` +- [CVE-2024-2189](CVE-2024/CVE-2024-21xx/CVE-2024-2189.json) (`2024-05-21T06:15:08.540`) +- [CVE-2024-4061](CVE-2024/CVE-2024-40xx/CVE-2024-4061.json) (`2024-05-21T06:15:09.247`) +- [CVE-2024-4289](CVE-2024/CVE-2024-42xx/CVE-2024-4289.json) (`2024-05-21T06:15:09.517`) +- [CVE-2024-4290](CVE-2024/CVE-2024-42xx/CVE-2024-4290.json) (`2024-05-21T06:15:09.767`) +- [CVE-2024-4372](CVE-2024/CVE-2024-43xx/CVE-2024-4372.json) (`2024-05-21T06:15:10.000`) +- [CVE-2024-4442](CVE-2024/CVE-2024-44xx/CVE-2024-4442.json) (`2024-05-21T07:15:08.460`) +- [CVE-2024-4470](CVE-2024/CVE-2024-44xx/CVE-2024-4470.json) (`2024-05-21T07:15:08.810`) +- [CVE-2024-4710](CVE-2024/CVE-2024-47xx/CVE-2024-4710.json) (`2024-05-21T07:15:09.087`) ### CVEs modified in the last Commit -Recently modified CVEs: `9` +Recently modified CVEs: `2` -- [CVE-2020-8899](CVE-2020/CVE-2020-88xx/CVE-2020-8899.json) (`2024-05-21T05:15:49.330`) -- [CVE-2020-8903](CVE-2020/CVE-2020-89xx/CVE-2020-8903.json) (`2024-05-21T05:15:50.443`) -- [CVE-2020-8907](CVE-2020/CVE-2020-89xx/CVE-2020-8907.json) (`2024-05-21T05:15:50.703`) -- [CVE-2020-8933](CVE-2020/CVE-2020-89xx/CVE-2020-8933.json) (`2024-05-21T05:15:50.890`) -- [CVE-2022-1055](CVE-2022/CVE-2022-10xx/CVE-2022-1055.json) (`2024-05-21T04:15:09.060`) -- [CVE-2022-3474](CVE-2022/CVE-2022-34xx/CVE-2022-3474.json) (`2024-05-21T04:15:10.420`) -- [CVE-2023-2163](CVE-2023/CVE-2023-21xx/CVE-2023-2163.json) (`2024-05-21T04:15:11.240`) -- [CVE-2023-2626](CVE-2023/CVE-2023-26xx/CVE-2023-2626.json) (`2024-05-21T04:15:11.727`) -- [CVE-2023-5072](CVE-2023/CVE-2023-50xx/CVE-2023-5072.json) (`2024-05-21T04:15:12.290`) +- [CVE-2023-52665](CVE-2023/CVE-2023-526xx/CVE-2023-52665.json) (`2024-05-21T07:15:08.063`) +- [CVE-2024-26904](CVE-2024/CVE-2024-269xx/CVE-2024-26904.json) (`2024-05-21T07:15:08.260`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 4695bf43b67..22f16d31088 100644 --- a/_state.csv +++ b/_state.csv @@ -163629,12 +163629,12 @@ CVE-2020-8894,0,0,0bcce76061e5c59e81f5faf12852642fda4afac8645cc72a56d5d3b5bc74fc CVE-2020-8895,0,0,bc4c760118325f8fa11ae4ca8eb4e613087aae2bf2dcc457a674d8bfddd3e888,2022-10-07T00:02:14.750000 CVE-2020-8896,0,0,6e3b82a35aede1cecc960ed6845d2f52cceb3854f831707bf612ab2a90307ab5,2020-05-08T15:45:03.023000 CVE-2020-8897,0,0,db4de5457dfe139182662fe8fd71d2ad19f69bd4d2c22aceb6c20e6c480067e9,2020-12-02T16:06:24.447000 -CVE-2020-8899,0,1,817da2894cc2edeed1b9eb46b6dc797c15bda9914c28582ab92dce68c65d6e06,2024-05-21T05:15:49.330000 +CVE-2020-8899,0,0,817da2894cc2edeed1b9eb46b6dc797c15bda9914c28582ab92dce68c65d6e06,2024-05-21T05:15:49.330000 CVE-2020-8902,0,0,0cc102d719df50f0f93116d4ab05ea27fdc9bf05a349a9511dc40fc92f3b62a5,2023-11-07T03:26:47.017000 -CVE-2020-8903,0,1,eb67c6b18bf03ef073e14ae4dc35711fd60e5e7a77e4fa4f8f8b940365e1c4f7,2024-05-21T05:15:50.443000 +CVE-2020-8903,0,0,eb67c6b18bf03ef073e14ae4dc35711fd60e5e7a77e4fa4f8f8b940365e1c4f7,2024-05-21T05:15:50.443000 CVE-2020-8904,0,0,ade53225dbf99d10e403dd652ac180d01c7b6c84fb33cbdb4855de509f772188,2020-08-13T14:42:09.253000 CVE-2020-8905,0,0,01cb05a21ef61078698372884b11520fc379c70c0a5c9b6cc97e353b75c9806c,2020-08-13T14:40:49.783000 -CVE-2020-8907,0,1,771f359481d6a4a8e9abce2a76e1f88580002a0edb01aded21d20be89b12d00e,2024-05-21T05:15:50.703000 +CVE-2020-8907,0,0,771f359481d6a4a8e9abce2a76e1f88580002a0edb01aded21d20be89b12d00e,2024-05-21T05:15:50.703000 CVE-2020-8908,0,0,173c4a907125d6d30c3f3e03f34fa18e732f76e477a3032631e9885182fa7402,2023-08-02T17:30:47.580000 CVE-2020-8910,0,0,ad6c8658c7d1e42f367e3fd55fed7d12f65ad6e38070b01136b31e41da9d2027,2023-11-07T03:26:47.340000 CVE-2020-8911,0,0,1e169422ec39446c10d4bd774b7b4122fc25de7b38b3c783e3aaba6bdf215dc7,2020-08-18T13:37:59.087000 @@ -163647,7 +163647,7 @@ CVE-2020-8920,0,0,0d31757f0a7de3837ce6faac2081159671e57878bc3fb90b8989ed7bf4b35a CVE-2020-8923,0,0,ff53c73ee99000c3946da298ec4b7682709b55d5153e5dd7a962769c83166e72,2020-03-31T19:52:02.183000 CVE-2020-8927,0,0,f034efcc1184b949f8b0bafc6411595358504c341a4cf93d297f6363e02b52ad,2023-11-07T03:26:47.563000 CVE-2020-8929,0,0,a0f5bd264069337d2c100f916b3dd9f568e90546431aff9eec7b1ee530d8f28d,2020-10-29T22:16:48.257000 -CVE-2020-8933,0,1,11302bcb3702f81bf272f2169c601bfc07b6d75bf99d16bb8d3dbe834e680c5e,2024-05-21T05:15:50.890000 +CVE-2020-8933,0,0,11302bcb3702f81bf272f2169c601bfc07b6d75bf99d16bb8d3dbe834e680c5e,2024-05-21T05:15:50.890000 CVE-2020-8934,0,0,c0396f8d01e15577b2f15f6698313eff9dfc0a2aaf1265786270dbd02511da46,2023-07-14T15:00:16.533000 CVE-2020-8935,0,0,44518579775c401fd8c95a644736fef08fe7e34a7e02a998de89da597712d12c,2021-07-21T11:39:23.747000 CVE-2020-8936,0,0,de4191c9191ec31f58dd3480d306aa786160cb3948e458b228bc60d25ecbf47d,2020-12-18T02:49:22.687000 @@ -187970,7 +187970,7 @@ CVE-2022-1051,0,0,174fa370c05793ef485d972a483810dbea83091cdc31ca33ebffb8ed8e5a1a CVE-2022-1052,0,0,c8cb19b410eb94e1d3aaea3fb2d2738790a6bcc94378c33d559c69500032f4e2,2023-06-27T16:39:05.690000 CVE-2022-1053,0,0,f2b092f9803213a4177b953ab6becc202f2cbd003d8a8be7db97d789c4934d93,2023-11-07T03:41:43.507000 CVE-2022-1054,0,0,cce0260a33cc9dcee7f50f9d779ac8b033a8c38f783949fc8323d6954740e3e9,2022-04-27T02:07:23.160000 -CVE-2022-1055,0,1,cf6a3ee54b8ce6e3a7bd0d7bb68b96e3ed0bd9b893d5eee67ce2f01325366435,2024-05-21T04:15:09.060000 +CVE-2022-1055,0,0,cf6a3ee54b8ce6e3a7bd0d7bb68b96e3ed0bd9b893d5eee67ce2f01325366435,2024-05-21T04:15:09.060000 CVE-2022-1056,0,0,e205ce12c8c561e8048f0dabbb6304b8372f4a0e07a3daac8fc058ad7c6d9a56,2023-02-22T17:35:18.037000 CVE-2022-1057,0,0,7ba63e8cb77dfe3811a22580397fe70bf1e2084e5c9871556fa024ec667eb5b3,2022-07-15T18:02:53.573000 CVE-2022-1058,0,0,c47fc37a78914dea951e4b42b2f6b6d3719ffae8b4a80ff52b24faf58643925b,2022-03-29T15:40:49.950000 @@ -201307,7 +201307,7 @@ CVE-2022-34736,0,0,73da7cd226d9d2383cb0180406d517f950dbffe4fb76f4c88430e5227eddc CVE-2022-34737,0,0,0d3e0b503a60b4c9eed901fa0fd5ac0bba68916fc48be1407250e0f4146d3c00,2022-07-19T12:23:31.947000 CVE-2022-34738,0,0,23cf207a597574d8cf14fbd058823df3ef32c7d3213b1365d7191228e33bd0c8,2022-07-19T12:42:40.837000 CVE-2022-34739,0,0,cfa06cd5ddde7d2d3578eb8c19011378255a38803f096935ee99a074886fdab5,2022-07-19T12:47:45.723000 -CVE-2022-3474,0,1,2d6ef6a66a9a65a7325836bfb10f7849a0c9b7bdf753be15b5a3e298d9a8f0e8,2024-05-21T04:15:10.420000 +CVE-2022-3474,0,0,2d6ef6a66a9a65a7325836bfb10f7849a0c9b7bdf753be15b5a3e298d9a8f0e8,2024-05-21T04:15:10.420000 CVE-2022-34740,0,0,d84c016e2900a06b0f2ec1fefbb8b956f1f829768ca2218b2adbae8fd935f845,2022-07-19T14:08:05.747000 CVE-2022-34741,0,0,0a2699de28a32aea5d364a0885af37bde7f952f40470eadbb9d89ad55c922bd7,2022-07-19T14:10:47.477000 CVE-2022-34742,0,0,d19291dfade75795566e1e104296b16935c2a67ae9d510719054e75b7c697441,2022-12-12T21:08:43.917000 @@ -215041,7 +215041,7 @@ CVE-2023-21626,0,0,49c042f8bac625f0cecc8b67579954c80ba38465ecb6bdf33b617f1e82f4a CVE-2023-21627,0,0,d33723c546818331eabecb40100b41129cf8888ac0d482897901dbda5bd24df9,2024-04-12T17:16:41.997000 CVE-2023-21628,0,0,a7415a8457a9078a80d132dc94809c79c206a6bfea8794477d046b7f2ddb63e2,2024-04-12T17:16:42.293000 CVE-2023-21629,0,0,66770bc7dd193ee161ae9ede90aa5b6db156b22df30c56fd98f1429e03ffdcda,2024-04-12T17:16:42.710000 -CVE-2023-2163,0,1,7c6e6234334e187e569d62d8fc299bf6e736436c4d57d573de255d8fe15760d4,2024-05-21T04:15:11.240000 +CVE-2023-2163,0,0,7c6e6234334e187e569d62d8fc299bf6e736436c4d57d573de255d8fe15760d4,2024-05-21T04:15:11.240000 CVE-2023-21630,0,0,0c912866e7d2e169c39f12ffc5485078bf9227d84ec6a43be9297890afbf293b,2024-04-12T17:16:43.033000 CVE-2023-21631,0,0,a5f3ef7f4b77c605b2700becdfced0ef95614635f32db8da6a10c7a1a3f37a6e,2024-04-12T17:16:43.190000 CVE-2023-21632,0,0,014032078b5df9c364ce43f23ffec30662dc876ad78f79be7d0cf305fba14136,2024-04-12T17:16:43.513000 @@ -218813,7 +218813,7 @@ CVE-2023-26255,0,0,9c7123b0b30f3ce8e980726364ec7fd48b6b286d9d48d3a140cd07d55b289 CVE-2023-26256,0,0,b29518a0f1559cb1fa167949dbc59b14132d16961c9393df0555753538f75801,2023-03-07T22:58:26.567000 CVE-2023-26257,0,0,db01f524f014c94c147baf0fbc6af715fd3394f5705e32b76322495da727d1ef,2023-03-07T22:53:47.927000 CVE-2023-26258,0,0,4b017cd71b53542eefbc24d3ff2340413e912821f50bda37c125f12842ae6e56,2023-07-12T21:15:08.920000 -CVE-2023-2626,0,1,59f2cbe9e785529f5e3d4fc162c4436ec4a813ab20817558708b7b5a8a95e054,2024-05-21T04:15:11.727000 +CVE-2023-2626,0,0,59f2cbe9e785529f5e3d4fc162c4436ec4a813ab20817558708b7b5a8a95e054,2024-05-21T04:15:11.727000 CVE-2023-26260,0,0,ec55f4081a5f337dd8ac5d732c0d12b76db5e43461f242e060195d0690810b64,2023-04-19T19:12:33.547000 CVE-2023-26261,0,0,79cfa84b82c711e0d682b08bc2520c8408247cb71535b525f16e6b33b34f2377,2023-03-15T13:43:29.197000 CVE-2023-26262,0,0,a31fe1c9af1b6bf6116b1b0670620a6747d1334756f7f7020cac142e0fbf2327,2023-04-10T17:39:03.540000 @@ -236415,7 +236415,7 @@ CVE-2023-50716,0,0,7f39077ad2af4133b40e47d36aab0a4154ee5877205bead32804781c4b734 CVE-2023-50717,0,0,715aaaec9f45d730defa1f11b8fdd865d73db300bb369144ebeb1a93ccbc7fae,2024-05-14T16:13:02.773000 CVE-2023-50718,0,0,716e3d6db5d35e97dea366795cd9077bbeaac911e9b7d241cf843b5f1605f64c,2024-05-14T16:13:02.773000 CVE-2023-50719,0,0,538860cc8e15ed6210693df494215b730c49fa875e8cf119a2d1b3b8766ad148,2023-12-19T20:51:50.893000 -CVE-2023-5072,0,1,ab68c4813722ba9d07b481ee128bed9ead525d57e9865a47299648bcbcbe5468,2024-05-21T04:15:12.290000 +CVE-2023-5072,0,0,ab68c4813722ba9d07b481ee128bed9ead525d57e9865a47299648bcbcbe5468,2024-05-21T04:15:12.290000 CVE-2023-50720,0,0,697c3daf21f00f26f45245575a8cbf1a339e3f846d71e526d206b539e30356fe,2023-12-19T20:52:05.350000 CVE-2023-50721,0,0,6231695b177e6f3520fa140c4dd7867fe38e8e8294ce5baebb673b3d6eab49b2,2023-12-19T20:52:23.670000 CVE-2023-50722,0,0,fbd1cced3be8f08f72fd640e7299d2239764c6a12913a16fc9db72aecedbeeb2,2023-12-19T20:33:20.713000 @@ -237785,7 +237785,7 @@ CVE-2023-52661,0,0,1dbeccb9eacb34c302d3ddff035870c695ace80916461a042d1f30d95acfc CVE-2023-52662,0,0,bdd6bda2d726799fa055af169dff2cfa2e72783f1701a8915299c214f51384dc,2024-05-17T18:35:35.070000 CVE-2023-52663,0,0,6fdf9bf74f5520bdc3a90c3b513231be758b3dcd7c10d063b14d1ce36d3f7627,2024-05-17T18:35:35.070000 CVE-2023-52664,0,0,82b193593b6298a24a9d99379e99c4f58e9e94981325ba063f9758c035e411df,2024-05-17T18:35:35.070000 -CVE-2023-52665,0,0,f96d8cc0af73c31f4c9c239170fe81a9fbe715059d9b929ff41b52185649b053,2024-05-17T18:35:35.070000 +CVE-2023-52665,0,1,223587f9b020dfc4f7c6c14abdecbb69d6296e17f8cbe2aa66f58a9b6fd27643,2024-05-21T07:15:08.063000 CVE-2023-52666,0,0,8135c2458930f054da0899f143918918c17c28a63600afcafe11b48cf5834a46,2024-05-17T18:35:35.070000 CVE-2023-52667,0,0,3c80102722df023325b9acfadeda6f8602f7ecd95b96730db1f409c15c00075f,2024-05-17T18:35:35.070000 CVE-2023-52668,0,0,5c13c0b847e48d9b126324f274bc3bcccec8abe254d046eaafb879efe19c95ea,2024-05-17T18:35:35.070000 @@ -242293,6 +242293,7 @@ CVE-2024-21885,0,0,3a8555aba848a763891301ea45be2dc447cf6e91c8980c7f8fb662d07f448 CVE-2024-21886,0,0,51c64b750a7fa30c4151f47347eefcb19a07d8afc937f6dd2165654f59623a1b,2024-04-30T14:15:14.867000 CVE-2024-21887,0,0,27308d07d43795d3f4289d79a64af5933e89a71cf679d41be9d0c5a30a308379,2024-01-22T17:15:09.523000 CVE-2024-21888,0,0,9de3f75608c2ffa998f0bcfa0dcc7f6af68bb755862afa34798392c7baa192b3,2024-01-31T19:53:06.303000 +CVE-2024-2189,1,1,7e013d10d951078be3a093b0dc0856b42b1454039adc893485a99f1726b0b4fc,2024-05-21T06:15:08.540000 CVE-2024-21890,0,0,a23e39bf178457ea1a62055175acdccf21db560a2e161d84f67585a3aec660a5,2024-05-01T18:15:13.430000 CVE-2024-21891,0,0,a2485cf665b74852ec579d22867079892dab474f76b17a713a8f19b29fc1374c,2024-05-01T18:15:13.500000 CVE-2024-21892,0,0,0a2d4c2722cd9d0c5169a54525f85c8a3a71dec229f64a884ec45af2c9ceefca,2024-05-01T18:15:13.610000 @@ -245299,7 +245300,7 @@ CVE-2024-26900,0,0,7d396e2f9d436e2b737a24c012d00c80957fc0ed041765143888d895b983c CVE-2024-26901,0,0,0b69a2bddc7a89f4a9274440cdd8336560c75256cb438cb50cf8b2c1d8036b52,2024-04-29T19:38:34.730000 CVE-2024-26902,0,0,79dd09d64774289a294bba37c7616f62083466aaf39eb549f12f6f728e6a3fa4,2024-04-29T19:40:05.897000 CVE-2024-26903,0,0,21a53434b791da4ce02d5af7f605d1d70b522d70f04ff414b8e2a7f15b1fa47a,2024-04-29T19:41:09.400000 -CVE-2024-26904,0,0,b15bec250224e48b922f5edb75915d33fc9d65baf24cf748a4caf3c8472640eb,2024-04-29T19:42:55.027000 +CVE-2024-26904,0,1,37626f6bc581b325e48f53fe8a5b21da44d9f414e15eb9fb0721d0de3e45a169,2024-05-21T07:15:08.260000 CVE-2024-26905,0,0,b2eb4233229c7ebf6d1f823188c91f6d5ec6f202c5b26a0cfddc918598c98c54,2024-04-17T12:48:07.510000 CVE-2024-26906,0,0,ab0559b52d04a535dceb9e9c10280e22d32dc74dd6f462f3401a818acc49de6b,2024-04-17T12:48:07.510000 CVE-2024-26907,0,0,2f67b26b0d30d6258d15eaffbdba785264c13510ac97fa56a9a1d2c082244bfa,2024-04-29T19:44:18.727000 @@ -250315,6 +250316,7 @@ CVE-2024-4056,0,0,8d2872a63b61af99b314442fa34c585e616ec707e8d3b58da8a6d93a2f4a48 CVE-2024-4058,0,0,89d601f0a6556a83c3f1ddb11302d59200b53d35574245a735ec02b677ca6a2a,2024-05-03T03:16:29.387000 CVE-2024-4059,0,0,f7356d83fe5fccf2c54f421bb90f2c15bd9bf33edb756392f4236a5836d7af45,2024-05-03T03:16:29.430000 CVE-2024-4060,0,0,e73d48dba8d4867b445df561ca35c4a253ea1abc6b1746f05e1e8b87e0d0ee8e,2024-05-03T04:15:09.620000 +CVE-2024-4061,1,1,971d0b947b761785e23526b244f19a8746f5586888ed97e319384f6d771167a6,2024-05-21T06:15:09.247000 CVE-2024-4062,0,0,88e0189a903dc491d969324b51281f72bfa6b01ddae9db1a05c8c0b817ed3796,2024-05-17T02:40:14.040000 CVE-2024-4063,0,0,18284e200045179ad5ce0dcd8451273a1895c48566173aa3752f335ebb5e339d,2024-05-17T02:40:14.133000 CVE-2024-4064,0,0,0a357968458dd966b7a4969f86556627b0af0220edbb91249e767e6972ab2a17,2024-05-17T02:40:14.223000 @@ -250448,6 +250450,8 @@ CVE-2024-4281,0,0,f2f6c94941e4ed7f1c98ab6351686f1d868a8657bf9b3ff2bb73d7d016e69d CVE-2024-4284,0,0,6b0486c923019958d1c20328f9a4263f9ca3aa289165b466591abb7c0e677c17,2024-05-20T13:00:04.957000 CVE-2024-4287,0,0,ae556e7173c21b1abf7f9026eca2cea8416285aae89182bc9ebe9e9352811522,2024-05-20T15:17:54.513000 CVE-2024-4288,0,0,9367649ffe77365cb201f95bc69986ffb5e481ba50542c3f0953c5f2e0eb0d2a,2024-05-16T13:03:05.353000 +CVE-2024-4289,1,1,743c81dfd0948c5a441dfd6c68fb612b58ac65c0714ecdd8156eaeba6a723b90,2024-05-21T06:15:09.517000 +CVE-2024-4290,1,1,feb53fe3af2bcf551731520a6da077d2bdc3155342f2e3fa22ef573f55b0a911,2024-05-21T06:15:09.767000 CVE-2024-4291,0,0,dcab47edda64598994b6d35eea1a5bae28c719351e51b2665b279255f64e7970,2024-05-17T02:40:21.667000 CVE-2024-4292,0,0,3a853b90a84b704f0ceeeca9f33221358bfd4e7e30200ef38bb21c91a07a856b,2024-05-17T02:40:21.770000 CVE-2024-4293,0,0,84e742f5c5d4f4e3db1209335ece4a5ada2a411ffdf91576a76a726027b3c6ab,2024-05-17T02:40:21.860000 @@ -250498,6 +250502,7 @@ CVE-2024-4367,0,0,10c9ba4e2375d81f02eb3145704f99e298b4c446473517eea4810baa65f2c6 CVE-2024-4368,0,0,0ee02ebde276d817508f5495294b3429c463a1f4241660388e0c329992e72be6,2024-05-04T02:15:06.853000 CVE-2024-4369,0,0,ab5992320463150d25768d540495632f3cea0e672e96fca10ae18e5fed17e7b3,2024-05-02T03:15:15.027000 CVE-2024-4370,0,0,069da1b0ae5c656e192af67776d4fb05a1e574a802cd3af79b4e6cc7490b0dbc,2024-05-15T16:40:19.330000 +CVE-2024-4372,1,1,53a93c7dc9a8f67c8ad9cabf8ceb14d3171505144d5a455fc191f7b0213c33ca,2024-05-21T06:15:10 CVE-2024-4373,0,0,f38def9014d5248f107e6bba87e0f735d485b9410ddb561204173488b0ad462b,2024-05-15T16:40:19.330000 CVE-2024-4374,0,0,6250e338d545ce81ee79d41df4e92db6c03dfd1d9083685761485050a6001f35,2024-05-20T13:00:34.807000 CVE-2024-4383,0,0,71e35b2278aca455b2ce46e7157369face569e9a329ff0e3436aa90a5b256792,2024-05-14T16:11:39.510000 @@ -250528,6 +250533,7 @@ CVE-2024-4438,0,0,93ceea5f04a92ff8a47d298b7349cd99931c0f6ebe6d5712d64fba3d2e18a7 CVE-2024-4439,0,0,d4904ab7f03492cebfcab113d16c9db0e8589fc24c413d994223fa5d5b94f71f,2024-05-03T12:48:41.067000 CVE-2024-4440,0,0,51dabd0ed14011a33ac13484b9ff25988940854e7446055f86986b74eaffda88,2024-05-14T19:17:55.627000 CVE-2024-4441,0,0,21bddaae6271b56b94db02a08e641400bfc943be91594296c54fd13926b71ef2,2024-05-14T16:11:39.510000 +CVE-2024-4442,1,1,8981bfe18557018c10f106a9c8a8f9cc8f8ea47fe462fbf345d0482f1efb0b49,2024-05-21T07:15:08.460000 CVE-2024-4444,0,0,76481c90a9c81b157f25a6ad93f33f71969c6509d3c28850adb0a1bd3cfa3281,2024-05-14T16:11:39.510000 CVE-2024-4445,0,0,42f5f65e0ec1a0527ed0ebe136ff3e505384e30728c0f33fdcc95acd928f2f50,2024-05-14T19:17:55.627000 CVE-2024-4446,0,0,c1a78a1d4c0d05d17b6cead174a683289ca018fac3b1c104ff2e5b23dbf06e48,2024-05-14T16:11:39.510000 @@ -250537,6 +250543,7 @@ CVE-2024-4456,0,0,43bdd543de001702ca45614b4a3579c52bfa7b188e5cb3e6b81f25f610f74e CVE-2024-4461,0,0,ad05f4e37257e33f27f784f842f8dfa34f685ff06dd273bc6842a04c51c93bf6,2024-05-03T12:48:41.067000 CVE-2024-4463,0,0,aaa5b32073fcbc7160927d348961b4790302ca7b8c414e16cdb6cacefbfd98b3,2024-05-14T16:11:39.510000 CVE-2024-4466,0,0,d6c981370b54d7938faad670495d8ca5b736025a1a2ded921b62354a18385ccc,2024-05-03T12:48:41.067000 +CVE-2024-4470,1,1,0cce68e99689f24a95161cb241f1136b781bbe6d1f0b9316e16ae32d6f56f073,2024-05-21T07:15:08.810000 CVE-2024-4473,0,0,be8deb42c9d1905b301c3bfbae608b1551ce9395ac2fbbb337038c3a7eb347fa,2024-05-14T19:17:55.627000 CVE-2024-4478,0,0,31a4a4c48861c0c170c939e3aa0b10661ec97e9653465707919926dbd3595183,2024-05-16T13:03:05.353000 CVE-2024-4481,0,0,7ecf88f2a22a659849266bdc0bd40c464d195e3dafdf490c58869a301c87572b,2024-05-14T16:11:39.510000 @@ -250670,6 +250677,7 @@ CVE-2024-4699,0,0,21634a770b960d22aa24dc1f0ea343763012f9507287610a68f53780612049 CVE-2024-4701,0,0,31c0f40927cc6a1a9aece611ec4491a5435df4e5c3a9daffc9dfb7710658ca96,2024-05-14T16:11:39.510000 CVE-2024-4702,0,0,391d02c5718dd442c026ca8f3973c4fe10894f8eeb54175158dc44cd7ef50d4a,2024-05-15T16:40:19.330000 CVE-2024-4709,0,0,383dbf3a5b128343c77c07c63d6b9081028427dd357dd94a114eb158c69d030d,2024-05-20T13:00:34.807000 +CVE-2024-4710,1,1,608aa390af8e84e2c9fa201d024990a01f6045b0e7eb161424a2ea87e1078294,2024-05-21T07:15:09.087000 CVE-2024-4712,0,0,f79d5936efdb7279077ea6da35ae307312c55a147f3075b5570853347f8017b9,2024-05-14T16:11:39.510000 CVE-2024-4713,0,0,63c8fe02e071c01e10e60f543cd0776ed83adea75c2d063179e2f75e75c30c3b,2024-05-17T02:40:33.880000 CVE-2024-4714,0,0,4e7ff77f8284c93c8758bb989744763ec5c4cb8551eeb8d726beabface4981b3,2024-05-17T02:40:33.983000