admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 10:10:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-30T09:00:19.449656+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-30 09:03:22 +00:00
parent 9e7fe622f1
commit 3377135bc6
17 changed files with 792 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2024/CVE-2024-101xx/CVE-2024-10108.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-10108",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-30T07:15:13.887",
"lastModified": "2024-10-30T07:15:13.887",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WPAdverts \u2013 Classifieds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's adverts_add shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3178088/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/wpadverts/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b213c3b-3907-47d9-9826-379936f15078?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-102xx/CVE-2024-10223.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-10223",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-30T07:15:15.487",
"lastModified": "2024-10-30T07:15:15.487",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Team \u2013 WordPress Team Member Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's htteamember shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3177675/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/ht-team-member/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2f5a8f5b-d67c-4c08-9f2d-1f743ffdae81?source=cve",
"source": "security@wordfence.com"
}
]
}

39
CVE-2024/CVE-2024-355xx/CVE-2024-35593.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35593",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-24T14:15:17.390",
"lastModified": "2024-05-24T18:09:20.027",
"lastModified": "2024-10-30T08:35:03.323",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de carga de archivos arbitraria en la funci\u00f3n de vista previa de archivos de Raingad IM v4.1.4 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo PDF manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/Joying-C/Cross-site-scripting-vulnerability/tree/main/Raingad-IM_Cross_site%20_scripting%20_vulnerability",

56
CVE-2024/CVE-2024-505xx/CVE-2024-50503.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50503",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:02.813",
"lastModified": "2024-10-30T08:15:02.813",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Deryck O\u00f1ate User Toolkit allows Authentication Bypass.This issue affects User Toolkit: from n/a through 1.2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/user-toolkit/wordpress-user-toolkit-plugin-1-2-3-account-takeover-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50504.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50504",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:03.077",
"lastModified": "2024-10-30T08:15:03.077",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Privilege Assignment vulnerability in Matt Whiteman Bulk Change Role allows Privilege Escalation.This issue affects Bulk Change Role: from n/a through 1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bulk-role-change/wordpress-bulk-change-role-plugin-1-1-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50506.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50506",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:03.323",
"lastModified": "2024-10-30T08:15:03.323",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Privilege Assignment vulnerability in Azexo Marketing Automation by AZEXO allows Privilege Escalation.This issue affects Marketing Automation by AZEXO: from n/a through 1.27.80."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/marketing-automation-by-azexo/wordpress-marketing-automation-by-azexo-plugin-1-27-80-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50507.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50507",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:03.533",
"lastModified": "2024-10-30T08:15:03.533",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in Daniel Schmitzer DS.DownloadList allows Object Injection.This issue affects DS.DownloadList: from n/a through 1.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dsdownloadlist/wordpress-ds-downloadlist-plugin-1-3-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50508.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50508",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:03.750",
"lastModified": "2024-10-30T08:15:03.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-product-design/wordpress-woocommerce-product-design-plugin-1-0-0-arbitrary-file-download-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50509.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50509",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:03.967",
"lastModified": "2024-10-30T08:15:03.967",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-product-design/wordpress-woocommerce-product-design-plugin-1-0-0-arbitrary-file-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50510.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50510",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:04.180",
"lastModified": "2024-10-30T08:15:04.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through 6.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ar-for-woocommerce/wordpress-ar-for-woocommerce-plugin-6-2-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50511.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50511",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:04.397",
"lastModified": "2024-10-30T08:15:04.397",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in David DONISA WP donimedia carousel allows Upload a Web Shell to a Web Server.This issue affects WP donimedia carousel: from n/a through 1.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-donimedia-carousel/wordpress-wp-donimedia-carousel-plugin-1-0-1-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-505xx/CVE-2024-50512.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-50512",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-10-30T08:15:04.610",
"lastModified": "2024-10-30T08:15:04.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti Shipping allows Retrieve Embedded Sensitive Data.This issue affects Posti Shipping: from n/a through 3.10.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/posti-shipping/wordpress-posti-shipping-plugin-3-10-2-full-path-disclosure-fpd-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

21
CVE-2024/CVE-2024-84xx/CVE-2024-8444.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-8444",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-10-30T07:15:16.060",
"lastModified": "2024-10-30T07:15:16.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Download Manager WordPress plugin before 3.3.00 doesn't sanitize some of it's shortcode parameters, leading to cross site scripting."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/bf2f5aa8-a161-43ff-a6ee-8603aaba8012/",
"source": "contact@wpscan.com"
}
]
}

60
CVE-2024/CVE-2024-96xx/CVE-2024-9632.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9632",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-10-30T08:15:04.830",
"lastModified": "2024-10-30T08:15:04.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-9632",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317233",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2024/CVE-2024-96xx/CVE-2024-9675.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-9675",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-10-09T15:15:17.837",
"lastModified": "2024-10-10T12:51:56.987",
"lastModified": "2024-10-30T07:15:16.493",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:8563",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-9675",
"source": "secalert@redhat.com"

27
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-30T07:00:20.451934+00:00
2024-10-30T09:00:19.449656+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-30T06:15:16.460000+00:00
2024-10-30T08:35:03.323000+00:00
```
### Last Data Feed Release
@ -33,21 +33,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
267623
267636
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `13`
- [CVE-2024-10399](CVE-2024/CVE-2024-103xx/CVE-2024-10399.json) (`2024-10-30T06:15:14.763`)
- [CVE-2024-8871](CVE-2024/CVE-2024-88xx/CVE-2024-8871.json) (`2024-10-30T06:15:16.460`)
- [CVE-2024-10108](CVE-2024/CVE-2024-101xx/CVE-2024-10108.json) (`2024-10-30T07:15:13.887`)
- [CVE-2024-10223](CVE-2024/CVE-2024-102xx/CVE-2024-10223.json) (`2024-10-30T07:15:15.487`)
- [CVE-2024-50503](CVE-2024/CVE-2024-505xx/CVE-2024-50503.json) (`2024-10-30T08:15:02.813`)
- [CVE-2024-50504](CVE-2024/CVE-2024-505xx/CVE-2024-50504.json) (`2024-10-30T08:15:03.077`)
- [CVE-2024-50506](CVE-2024/CVE-2024-505xx/CVE-2024-50506.json) (`2024-10-30T08:15:03.323`)
- [CVE-2024-50507](CVE-2024/CVE-2024-505xx/CVE-2024-50507.json) (`2024-10-30T08:15:03.533`)
- [CVE-2024-50508](CVE-2024/CVE-2024-505xx/CVE-2024-50508.json) (`2024-10-30T08:15:03.750`)
- [CVE-2024-50509](CVE-2024/CVE-2024-505xx/CVE-2024-50509.json) (`2024-10-30T08:15:03.967`)
- [CVE-2024-50510](CVE-2024/CVE-2024-505xx/CVE-2024-50510.json) (`2024-10-30T08:15:04.180`)
- [CVE-2024-50511](CVE-2024/CVE-2024-505xx/CVE-2024-50511.json) (`2024-10-30T08:15:04.397`)
- [CVE-2024-50512](CVE-2024/CVE-2024-505xx/CVE-2024-50512.json) (`2024-10-30T08:15:04.610`)
- [CVE-2024-8444](CVE-2024/CVE-2024-84xx/CVE-2024-8444.json) (`2024-10-30T07:15:16.060`)
- [CVE-2024-9632](CVE-2024/CVE-2024-96xx/CVE-2024-9632.json) (`2024-10-30T08:15:04.830`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `2`
- [CVE-2024-35593](CVE-2024/CVE-2024-355xx/CVE-2024-35593.json) (`2024-10-30T08:35:03.323`)
- [CVE-2024-9675](CVE-2024/CVE-2024-96xx/CVE-2024-9675.json) (`2024-10-30T07:15:16.493`)
## Download and Usage

21
_state.csv
View File

@ -242396,6 +242396,7 @@ CVE-2024-10099,0,0,f14bdb99d2ca7956ea9400330266332303014dc510bc6e629dc22733e615a
CVE-2024-1010,0,0,b9c2292e551f86bb732084025c958f6307d4b05614efbc31206ace678efe61b8,2024-05-17T02:35:09.883000
CVE-2024-10100,0,0,551af785b2583dfc00dd65a689907bc427d5051278643ae24a3a0c57fb4f9ff3,2024-10-18T12:52:33.507000
CVE-2024-10101,0,0,1d42831444f093da17057d1135157fc2c61373ed2c6e3aa4b33071a4d1f4b2d6,2024-10-18T12:52:33.507000
CVE-2024-10108,1,1,60cf1d8a2677ff5ed5eb402c116ee733cd75eb79d94d0dc51d989dd05bb2bf47,2024-10-30T07:15:13.887000
CVE-2024-1011,0,0,a83b664837c33e7f0f4cec42868f7bdd93765cacc9e6b97b43804e8b07af65f2,2024-05-17T02:35:09.987000
CVE-2024-10112,0,0,3a01d2baa33f19e143abe5aabe181ccab32faac99effca8d7325142fe7220a64,2024-10-25T12:56:07.750000
CVE-2024-10115,0,0,2f48f8fc2fb64e7eea0f8a197e6ea039f4addb791184326175f5bf3196ca43c6,2024-10-18T19:15:13.600000
@ -242472,6 +242473,7 @@ CVE-2024-10202,0,0,bbf4778e12a2d6f664529db53cb3cf049c2b3a3bf45111e5ee15b039098bf
CVE-2024-1021,0,0,89180a6ed9705fc79d8d8a15633a1cfe9e27adac2a4a623501249d49427826d0,2024-05-17T02:35:10.970000
CVE-2024-10214,0,0,387761b00ca263850d15f9fc0085dd195781994f66bd9edc33fb8fef62fe7001,2024-10-29T14:34:50.257000
CVE-2024-1022,0,0,f42eaa1b302319f7e3148377e0522c31bf6c16d407215c446c1d3f1b55b4debd,2024-05-17T02:35:11.070000
CVE-2024-10223,1,1,cd865517b4f8a8ffc796b342e05a7bf08eca094f8bc12d9402375b35b3f2f4c9,2024-10-30T07:15:15.487000
CVE-2024-10226,0,0,5b578efa4cb98c9f5b6f02eac4f65de90209e937f40993cf9dca20324ab58f1b,2024-10-29T14:34:04.427000
CVE-2024-10227,0,0,3dd5e64d31c98828e85e7c30a2d118d04e1c9c4e3f27cb753e16556963759a42,2024-10-29T14:34:04.427000
CVE-2024-10228,0,0,ce55209329b0533b27c51280a78a7bfde62501c7788cd18c1e4ff9adf65e277d,2024-10-29T22:15:03.220000
@ -242557,7 +242559,7 @@ CVE-2024-10381,0,0,63addd0f8191b1c4cfb4d8f0e97d60f16153f091ecece1db9c0d0bcf5f835
CVE-2024-10386,0,0,2f19951219ebf285623df88c007e35e2ba1a621ceccb3eda9a0f05f4aa7fff04,2024-10-28T13:58:09.230000
CVE-2024-10387,0,0,12b5ab9fc09cd164a10e40d20079f8a9e53a7fb87af2edbf444782194d8bf238,2024-10-28T13:58:09.230000
CVE-2024-1039,0,0,823ba846a6d7c1759f085b54cf23829cdbadd28135927175e007d2b5df85a6ad,2024-02-07T14:09:47.017000
CVE-2024-10399,1,1,3c13bf7b23d522cba49f5224e24deb0565a230127f5b18eab9623dc9093a9ec0,2024-10-30T06:15:14.763000
CVE-2024-10399,0,0,3c13bf7b23d522cba49f5224e24deb0565a230127f5b18eab9623dc9093a9ec0,2024-10-30T06:15:14.763000
CVE-2024-1040,0,0,b32f85342f197693d2db41df3bf264f5b00d802b0a5fb12822762c63c498621d,2024-02-07T17:11:40.623000
CVE-2024-10402,0,0,2443718b847d5ad0a7e8e6883b9aca46725ab83d65a53ced89e927dfa1ec15f4,2024-10-28T13:58:09.230000
CVE-2024-10406,0,0,f8d1d6248605ffe4053f9b52a61613e02e78b8c0be64963fa210f6d8ad819ef9,2024-10-29T20:48:36.967000
@ -254838,7 +254840,7 @@ CVE-2024-35584,0,0,a29f46ee06a007e729a98a7d98a071b43cde1fd1d5429fad7148fb429f444
CVE-2024-3559,0,0,6795a97a10669b581ec15fc558119e6f23b6f2221caf66e80800086dfa7b2bd5,2024-06-13T18:36:09.013000
CVE-2024-35591,0,0,27faac454b8155f287bc6ac35261d2d1913acb4129e9514b657e844f649215b5,2024-08-29T20:36:47.170000
CVE-2024-35592,0,0,c1fef65873ac1061d41e08db42afc69241a1ccc24e746aa460028428ca90ae7f,2024-08-20T15:35:17.980000
CVE-2024-35593,0,0,5a7a9fd646183a9cfe0e8b357ffc98e8641fa2decf7b0d864f537dba3ee77a7b,2024-05-24T18:09:20.027000
CVE-2024-35593,0,1,ce4d2143b9ee49674a749f4c7938cf03e3104bd2c6b113f577e85f4253ae74b7,2024-10-30T08:35:03.323000
CVE-2024-35595,0,0,1c0caac8b66ea50c55b6a38567b8221cce1fb5534ed6ea6fa786e54a9487b678,2024-07-03T02:01:55.937000
CVE-2024-3560,0,0,db76ccbf181e1e5da7ff674678a92955a50aac899b842cbcce7ee4c6ed92892a,2024-04-19T13:10:25.637000
CVE-2024-3561,0,0,5370e9e1ff8bffbf4ad8d0059e83fd31e423cd49fc364fad03b1f8cc26f5277c,2024-07-15T16:45:18.173000
@ -263844,7 +263846,16 @@ CVE-2024-50498,0,0,912d320d5bc70abc44f5433160c1e04f0fceafbecfd579c4c0bff65ce91ca
CVE-2024-5050,0,0,619081545361528557d824107c37f32918188d04adf33ba524a4859e2e6341a3,2024-06-04T19:20:57.457000
CVE-2024-50501,0,0,3009841a02c80bd32c281df72b6a52b29e26d99d130d3c37662482082652f337,2024-10-28T13:58:09.230000
CVE-2024-50502,0,0,b6996108031602b4520dc09d5c4426949241742b74714ef43301340cf3d6368f,2024-10-28T13:58:09.230000
CVE-2024-50503,1,1,13c77bbea684ac03d6c9bb023e29846b9a7ca81d92cfeb2c350eb96545279306,2024-10-30T08:15:02.813000
CVE-2024-50504,1,1,64e9ff9f208d92ea57b05e1aa61760bf3f7128f163c70b67451830c2c24c1ee2,2024-10-30T08:15:03.077000
CVE-2024-50506,1,1,9ed5dec08bae9cc3d4b760cfa2f2e993be26ea625e5a3d4e0a6ef704f5e10724,2024-10-30T08:15:03.323000
CVE-2024-50507,1,1,a87b3c4c07539e00d3edcded9e7bc5328323c18176a8c7a3f5626b2b98c5668e,2024-10-30T08:15:03.533000
CVE-2024-50508,1,1,225cd80948161b700d1e6d063c91852e77d3f7d687857095bedcbd61efc94264,2024-10-30T08:15:03.750000
CVE-2024-50509,1,1,fe645504bb0178a52621c212ec9bf6dfc1abdf7d2a6371ca44e2f67b9948f6ae,2024-10-30T08:15:03.967000
CVE-2024-5051,0,0,f233f4614a9daf0499b6db53ac9877312730fd59d85cfffcfb1c75738230a757,2024-06-04T19:20:57.557000
CVE-2024-50510,1,1,b217865630195402f1e348cef95a2046d24b1140d35fee00d02a8c0d721fe4f7,2024-10-30T08:15:04.180000
CVE-2024-50511,1,1,1c65aeaa4a10836e9b9b661f11e7a9c589f88e597e53220dcf4635e2c93e186a,2024-10-30T08:15:04.397000
CVE-2024-50512,1,1,fc9a03daec07d793194c989111c49ebd0b75c0666a1289dbf20ab5130c4ba9d6,2024-10-30T08:15:04.610000
CVE-2024-5052,0,0,1db4612270fc4085b1cc808dfe93eaa2dc99045707c3296716068fcb2c40c936,2024-05-17T18:35:35.070000
CVE-2024-5053,0,0,85ba036ea0ce8a641df5f4bb0e9116ce37b7603e5543e179441180f635dd17ca,2024-10-04T16:02:22.037000
CVE-2024-5055,0,0,346404cc585681a2fe5319ad3cd387f2171e7718710adaf135152ad352635ebd,2024-05-17T18:35:35.070000
@ -266690,6 +266701,7 @@ CVE-2024-8439,0,0,b4eacb6a11dc14d7212cfdbe9629a765b4f24ad00bc9c4fc2289184c4fdae5
CVE-2024-8440,0,0,8dcfa58740a8b45172e18897b2d796d55a68f35b9034374864c3da0c6b77c079,2024-09-25T19:34:19.683000
CVE-2024-8441,0,0,0efac0f95475c5b753f85a6e07784bad0c26116c06bdd47c81e7d9e5f2143687,2024-09-12T21:53:43.387000
CVE-2024-8443,0,0,17e8697863032f9317d28c5eea98e22f13f55f27fe238e6efc059b214854b50f,2024-10-01T13:15:03.110000
CVE-2024-8444,1,1,1bb806b6cedfa4ffe4ea51033bab732a775f97ca9a3076c720b0754c1a9535b0,2024-10-30T07:15:16.060000
CVE-2024-8445,0,0,a7f7ba812fc058686a7ce9617c544a5ef0aa1db28a47ee616a0e4041709a6c78,2024-10-01T06:15:02.650000
CVE-2024-8448,0,0,ae18a026c0067b7078869d24f3685b0421255cde0e4de17dbd7702d3e9741f7f,2024-10-04T15:07:22.160000
CVE-2024-8449,0,0,a8e7eabde222d61aae43a8862e23d72e8db76b0b518b635548832e684fcc6091,2024-10-04T15:08:22.733000
@ -266972,7 +266984,7 @@ CVE-2024-8867,0,0,379e34cf940a9b1358241a2155237c1f9d3d38d48143e1ed89b8af75caf7d4
CVE-2024-8868,0,0,90fb6fa23c2a5505d69614ac49fd1c537f25b76ba9e82d49d07e437e4df1c667,2024-09-17T10:59:28.233000
CVE-2024-8869,0,0,eaa7c70f03f38bcd808caaf5c9917ef912247cecdfb7f5fef4110fc2bf4de330,2024-09-20T16:59:22.560000
CVE-2024-8870,0,0,a8ca41609dd570e7dbf6ada5503a957f6d86f9197ffc9ad53e763e24ea54852d,2024-10-28T13:58:09.230000
CVE-2024-8871,1,1,fb3102ceadcef4987d1e6484ac512d8d56bf2e3ec83fdb9e09fe731dcc4cf594,2024-10-30T06:15:16.460000
CVE-2024-8871,0,0,fb3102ceadcef4987d1e6484ac512d8d56bf2e3ec83fdb9e09fe731dcc4cf594,2024-10-30T06:15:16.460000
CVE-2024-8872,0,0,a59fbf98e5a02680c9463d07c5c7731b213fd42229816cc8689de00fdc1cc0eb,2024-10-01T13:42:57.860000
CVE-2024-8875,0,0,285b537766851a72a752adea85efa81abdeba3e4c5af2afdcf8485ecb658237e,2024-09-20T22:44:16.077000
CVE-2024-8876,0,0,adf401fb4b8b2c24f06ac7d28fd2360497bd835317abc655be39e3ccb04a97b8,2024-09-20T16:58:24.333000
@ -267445,6 +267457,7 @@ CVE-2024-9627,0,0,2b255751ca76c819864c389a91dcfc3f65321be83e43cc5abce958b149b5f5
CVE-2024-9628,0,0,61a27472b9da741357728e2747c61581a42641370f854cfe14defa2dd6861d0b,2024-10-25T16:15:10.160000
CVE-2024-9629,0,0,31c72e7d62d8dbf8ba1681676a61a2f04680ade1749c367b775242f4864b6d17,2024-10-29T14:34:50.257000
CVE-2024-9630,0,0,95cf42fc9d833aab63558caaeb38c94fd9570f2d1a1e45300ec7feb07db9cd04,2024-10-25T12:56:07.750000
CVE-2024-9632,1,1,ed390500d64d28144352bd51532046d99e58de965fb58088f03e235e81497f9a,2024-10-30T08:15:04.830000
CVE-2024-9634,0,0,d64c376a2cd176bba19f7a8121026bf8ac88c7cb95243ab4e56bfc5d5fa1c1d3,2024-10-16T16:38:14.557000
CVE-2024-9637,0,0,bfd23401e1c5bf70ae99ee491fd04ce8ab223b8247ed87e78ca84ed9446a1b72,2024-10-28T13:58:09.230000
CVE-2024-9642,0,0,647a46d1d1e49bfca6a77d0bd6bf95c53250c168d1d2756cdcd405ced420913f,2024-10-28T13:58:09.230000
@ -267456,7 +267469,7 @@ CVE-2024-9656,0,0,0baa2843f7043c4ebd829d23f2741f972b762b755442a0f0f83539eb776103
CVE-2024-9670,0,0,f306c0fbbcbde1e6a65006fd3bdd50d366f02be816ff2a6f00ef3348b3b76328,2024-10-15T12:57:46.880000
CVE-2024-9671,0,0,421f1b0ad6825ff096efd81ac122f33bafcdf7b21693a85f65613389bca55f89,2024-10-10T12:51:56.987000
CVE-2024-9674,0,0,99b8206db3c3741ff50725aa3969c36280edf4a37082b6473da1336e00a39d59,2024-10-22T14:02:50.473000
CVE-2024-9675,0,0,cd830de46e01fce71654106f4dc61863debb474230c2cb4969fc123764df58c7,2024-10-10T12:51:56.987000
CVE-2024-9675,0,1,eeea36cc8b9f2954bb20129c787b2558ad2679a2c1fb2ba959a00f3259f50e8c,2024-10-30T07:15:16.493000
CVE-2024-9676,0,0,d31717e3bcb8586d94edf5a821882c847af5c510cf5d1e8e5ea8ab53ee1286ab,2024-10-16T16:38:43.170000
CVE-2024-9677,0,0,944e049c847e061867c66e6b586a0cd99260b04bc2e2059d736567bf47cae00c,2024-10-23T15:12:34.673000
CVE-2024-9680,0,0,db0e4e19e09673238ffe3dfbb8e95974e9346a75b4fd6d9319c03e5970bb644e,2024-10-16T15:07:36.123000

Can't render this file because it is too large.