diff --git a/CVE-2018/CVE-2018-115xx/CVE-2018-11525.json b/CVE-2018/CVE-2018-115xx/CVE-2018-11525.json index 38f9028a71f..fa47ecd4c73 100644 --- a/CVE-2018/CVE-2018-115xx/CVE-2018-11525.json +++ b/CVE-2018/CVE-2018-115xx/CVE-2018-11525.json @@ -2,7 +2,7 @@ "id": "CVE-2018-11525", "sourceIdentifier": "cve@mitre.org", "published": "2018-06-19T19:29:00.283", - "lastModified": "2020-08-24T17:37:01.140", + "lastModified": "2024-11-20T12:45:36.293", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -85,9 +85,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:algolplus:advanced_order_export_for_woocommerce:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "1.5.4", - "matchCriteriaId": "CB2E61AF-9374-4ABE-BFE2-F8FD8E8C6C3F" + "matchCriteriaId": "0FC016AB-9CF3-4FF3-9CC1-D9D7099181C7" } ] } diff --git a/CVE-2020/CVE-2020-117xx/CVE-2020-11727.json b/CVE-2020/CVE-2020-117xx/CVE-2020-11727.json index bc9a95665bf..d367daf8f91 100644 --- a/CVE-2020/CVE-2020-117xx/CVE-2020-11727.json +++ b/CVE-2020/CVE-2020-117xx/CVE-2020-11727.json @@ -2,7 +2,7 @@ "id": "CVE-2020-11727", "sourceIdentifier": "cve@mitre.org", "published": "2020-05-06T18:15:11.683", - "lastModified": "2020-05-07T14:13:07.290", + "lastModified": "2024-11-20T12:45:36.293", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -85,8 +85,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:algolplus:advanced_order_export:3.1.3:*:*:*:*:wordpress:*:*", - "matchCriteriaId": "EA9907AA-82EA-4EB6-8591-C69EF5C98E31" + "criteria": "cpe:2.3:a:algolplus:advanced_order_export_for_woocommerce:3.1.3:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "8497EBBA-284B-4801-9ED7-11962A9ED60F" } ] } diff --git a/CVE-2021/CVE-2021-241xx/CVE-2021-24169.json b/CVE-2021/CVE-2021-241xx/CVE-2021-24169.json index 1105942b9b2..b7f148a7dd2 100644 --- a/CVE-2021/CVE-2021-241xx/CVE-2021-24169.json +++ b/CVE-2021/CVE-2021-241xx/CVE-2021-24169.json @@ -2,7 +2,7 @@ "id": "CVE-2021-24169", "sourceIdentifier": "contact@wpscan.com", "published": "2021-04-05T19:15:15.733", - "lastModified": "2021-12-03T18:27:05.857", + "lastModified": "2024-11-20T12:45:36.293", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -95,9 +95,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:algolplus:advanced_order_export_for_woocommerce:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "3.1.8", - "matchCriteriaId": "83322B10-5D7D-4A9F-8D8E-146B97599AA5" + "matchCriteriaId": "E96B8E41-9EE8-4A8D-9948-E27318FF1769" } ] } diff --git a/CVE-2021/CVE-2021-273xx/CVE-2021-27349.json b/CVE-2021/CVE-2021-273xx/CVE-2021-27349.json index e2e8cfe8109..f7ad87afd68 100644 --- a/CVE-2021/CVE-2021-273xx/CVE-2021-27349.json +++ b/CVE-2021/CVE-2021-273xx/CVE-2021-27349.json @@ -2,7 +2,7 @@ "id": "CVE-2021-27349", "sourceIdentifier": "cve@mitre.org", "published": "2021-03-31T22:15:14.460", - "lastModified": "2021-04-02T20:57:27.327", + "lastModified": "2024-11-20T12:45:36.293", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -85,9 +85,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:algolplus:advanced_order_export_for_woocommerce:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "3.1.8", - "matchCriteriaId": "83322B10-5D7D-4A9F-8D8E-146B97599AA5" + "matchCriteriaId": "E96B8E41-9EE8-4A8D-9948-E27318FF1769" } ] } diff --git a/CVE-2022/CVE-2022-352xx/CVE-2022-35275.json b/CVE-2022/CVE-2022-352xx/CVE-2022-35275.json index bba3b4449ad..bd2203ad0e7 100644 --- a/CVE-2022/CVE-2022-352xx/CVE-2022-35275.json +++ b/CVE-2022/CVE-2022-352xx/CVE-2022-35275.json @@ -2,7 +2,7 @@ "id": "CVE-2022-35275", "sourceIdentifier": "audit@patchstack.com", "published": "2022-09-09T15:15:10.287", - "lastModified": "2022-09-10T03:53:29.203", + "lastModified": "2024-11-20T12:45:36.293", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -80,9 +80,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:algolplus:advanced_order_export_for_woocommerce:*:*:*:*:*:wordpress:*:*", "versionEndIncluding": "3.3.1", - "matchCriteriaId": "98F5A2A0-53FB-4DFA-AEFA-1CB1296F46CB" + "matchCriteriaId": "6B1EB129-5882-4116-92A6-2575E8579AE3" } ] } diff --git a/CVE-2022/CVE-2022-401xx/CVE-2022-40128.json b/CVE-2022/CVE-2022-401xx/CVE-2022-40128.json index 68714b592b0..3d95a099126 100644 --- a/CVE-2022/CVE-2022-401xx/CVE-2022-40128.json +++ b/CVE-2022/CVE-2022-401xx/CVE-2022-40128.json @@ -2,7 +2,7 @@ "id": "CVE-2022-40128", "sourceIdentifier": "audit@patchstack.com", "published": "2022-11-08T19:15:13.670", - "lastModified": "2022-11-09T14:57:34.437", + "lastModified": "2024-11-20T12:45:36.293", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -90,9 +90,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:algolplus:advanced_order_export_for_woocommerce:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "3.3.3", - "matchCriteriaId": "6668C4B3-9BFA-495E-9BF1-4061A4C4A32E" + "matchCriteriaId": "3E8DF0A9-34CD-4781-BA77-10951D320E46" } ] } diff --git a/CVE-2024/CVE-2024-103xx/CVE-2024-10382.json b/CVE-2024/CVE-2024-103xx/CVE-2024-10382.json new file mode 100644 index 00000000000..79462ee0e07 --- /dev/null +++ b/CVE-2024/CVE-2024-103xx/CVE-2024-10382.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-10382", + "sourceIdentifier": "cve-coordination@google.com", + "published": "2024-11-20T11:15:04.280", + "lastModified": "2024-11-20T11:15:04.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "There exists a code execution vulnerability in the Car App Android Jetpack Library. In the CarAppService desrialization logic is used that allows for arbitrary java classes to be constructed. In combination with other gadgets, this can lead to arbitrary code execution. An attacker needs to have an app on a victims Android device that uses the CarAppService Class and the victim would need to install a malicious app alongside it. We recommend upgrading the library past version\u00a01.7.0-beta02" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:C/RE:M/U:Amber", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NEGLIGIBLE", + "automatable": "NO", + "recovery": "USER", + "valueDensity": "CONCENTRATED", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "AMBER", + "baseScore": 7.3, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://developer.android.com/jetpack/androidx/releases/car-app#1.7.0-beta03", + "source": "cve-coordination@google.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10520.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10520.json new file mode 100644 index 00000000000..c37702660ce --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10520.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10520", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-20T12:15:18.390", + "lastModified": "2024-11-20T12:15:18.390", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the 'check' method of the 'Create_Milestone', 'Create_Task_List', 'Create_Task', and 'Delete_Task' classes in version 2.6.14. This makes it possible for unauthenticated attackers to create milestones, create task lists, create tasks, or delete tasks in any project. NOTE: Version 2.6.14 implemented a partial fix for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3191204/wedevs-project-manager", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/497760a8-7d4a-45a0-91e4-a8ee27bcdb02?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10872.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10872.json new file mode 100644 index 00000000000..0d5c974c15f --- /dev/null +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10872.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-10872", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-20T11:15:04.927", + "lastModified": "2024-11-20T11:15:04.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `template-post-custom-field` block in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/getwid/trunk/includes/templates/template-parts/post-custom-field.php#L9", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3188812#file1", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ae0030f-af21-43fb-959a-8da04cab05bb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-114xx/CVE-2024-11404.json b/CVE-2024/CVE-2024-114xx/CVE-2024-11404.json new file mode 100644 index 00000000000..a20506449a5 --- /dev/null +++ b/CVE-2024/CVE-2024-114xx/CVE-2024-11404.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-11404", + "sourceIdentifier": "iletisim@usom.gov.tr", + "published": "2024-11-20T12:15:18.640", + "lastModified": "2024-11-20T12:15:18.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type, Improper Input Validation, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-434" + }, + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://iltosec.com/blog/post/djangocms-attributes-field-300-stored-xss-vulnerability/", + "source": "iletisim@usom.gov.tr" + }, + { + "url": "https://pypi.org/project/django-filer/", + "source": "iletisim@usom.gov.tr" + }, + { + "url": "https://www.django-cms.org/en/blog/2024/11/19/security-updates-for-django-filer-and-django-cms-attributes-field/", + "source": "iletisim@usom.gov.tr" + }, + { + "url": "https://www.usom.gov.tr/bildirim/tr-24-1864", + "source": "iletisim@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-114xx/CVE-2024-11406.json b/CVE-2024/CVE-2024-114xx/CVE-2024-11406.json new file mode 100644 index 00000000000..7d3a91ce74d --- /dev/null +++ b/CVE-2024/CVE-2024-114xx/CVE-2024-11406.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-11406", + "sourceIdentifier": "iletisim@usom.gov.tr", + "published": "2024-11-20T12:15:18.890", + "lastModified": "2024-11-20T12:15:18.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS.This issue affects django CMS Attributes Fields: before 4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/django-cms/djangocms-attributes-field/commit/fe68d29ab78db5885bc31b67cf0537f1f02b33ad", + "source": "iletisim@usom.gov.tr" + }, + { + "url": "https://iltosec.com/blog/post/djangocms-attributes-field-300-stored-xss-vulnerability/", + "source": "iletisim@usom.gov.tr" + }, + { + "url": "https://pypi.org/project/djangocms-attributes-field/#history", + "source": "iletisim@usom.gov.tr" + }, + { + "url": "https://www.django-cms.org/en/blog/2024/11/19/security-updates-for-django-filer-and-django-cms-attributes-field/", + "source": "iletisim@usom.gov.tr" + }, + { + "url": "https://www.usom.gov.tr/bildirim/tr-24-1864", + "source": "iletisim@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45689.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45689.json new file mode 100644 index 00000000000..9e7710f90ac --- /dev/null +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45689.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-45689", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2024-11-20T11:15:05.337", + "lastModified": "2024-11-20T11:15:05.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309941", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45690.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45690.json new file mode 100644 index 00000000000..bb2030e707a --- /dev/null +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45690.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-45690", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2024-11-20T11:15:05.413", + "lastModified": "2024-11-20T11:15:05.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309939", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://moodle.org/security/", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45691.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45691.json new file mode 100644 index 00000000000..b9dc5fc5fc7 --- /dev/null +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45691.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-45691", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2024-11-20T11:15:05.490", + "lastModified": "2024-11-20T11:15:05.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to \"magic hash\" values." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309940", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://moodle.org/security/", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48899.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48899.json new file mode 100644 index 00000000000..fdb9d1a27d4 --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48899.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-48899", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2024-11-20T11:15:05.563", + "lastModified": "2024-11-20T11:15:05.563", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318819", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52437.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52437.json new file mode 100644 index 00000000000..96ab0daf471 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52437.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52437", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:19.133", + "lastModified": "2024-11-20T12:15:19.133", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System allows Privilege Escalation.This issue affects Banner System: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/banner-system/wordpress-banner-system-plugin-1-0-0-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52438.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52438.json new file mode 100644 index 00000000000..f66963d667e --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52438.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52438", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:19.390", + "lastModified": "2024-11-20T12:15:19.390", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows Privilege Escalation.This issue affects de:branding: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/debranding/wordpress-de-branding-plugin-1-0-2-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52439.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52439.json new file mode 100644 index 00000000000..f11c2a6d603 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52439.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52439", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:19.637", + "lastModified": "2024-11-20T12:15:19.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Mark O\u2019Donnell Team Rosters allows Object Injection.This issue affects Team Rosters: from n/a through 4.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/team-rosters/wordpress-team-rosters-plugin-4-6-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52440.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52440.json new file mode 100644 index 00000000000..13c7dd1cb2b --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52440.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52440", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:19.870", + "lastModified": "2024-11-20T12:15:19.870", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout allows Object Injection.This issue affects Xpresslane Fast Checkout: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/xpresslane-integration-for-woocommerce/wordpress-xpresslane-fast-checkout-plugin-1-0-0-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52441.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52441.json new file mode 100644 index 00000000000..be0d217caaa --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52441.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52441", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:20.110", + "lastModified": "2024-11-20T12:15:20.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Rajesh Thanoch Quick Learn allows Object Injection.This issue affects Quick Learn: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1321" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/quick-learn/wordpress-quick-learn-plugin-1-0-1-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52442.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52442.json new file mode 100644 index 00000000000..4b9e33446a3 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52442.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52442", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:20.370", + "lastModified": "2024-11-20T12:15:20.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Incorrect Privilege Assignment vulnerability in Userplus UserPlus allows Privilege Escalation.This issue affects UserPlus: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/userplus/wordpress-userplus-plugin-2-0-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52443.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52443.json new file mode 100644 index 00000000000..4a3afd52285 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52443.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52443", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:20.620", + "lastModified": "2024-11-20T12:15:20.620", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object Injection.This issue affects Geolocator: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/geolocator/wordpress-geolocator-plugin-1-1-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52444.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52444.json new file mode 100644 index 00000000000..9f43af2f7d3 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52444.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52444", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:20.857", + "lastModified": "2024-11-20T12:15:20.857", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPOPAL Opal Woo Custom Product Variation allows Path Traversal.This issue affects Opal Woo Custom Product Variation: from n/a through 1.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/opal-woo-custom-product-variation/wordpress-opal-woo-custom-product-variation-plugin-1-1-3-arbitrary-file-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52445.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52445.json new file mode 100644 index 00000000000..fb6d9516829 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52445.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52445", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:21.093", + "lastModified": "2024-11-20T12:15:21.093", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Modeltheme QRMenu Restaurant QR Menu Lite allows Object Injection.This issue affects QRMenu Restaurant QR Menu Lite: from n/a through 1.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/qrmenu-lite/wordpress-qrmenu-restaurant-qr-menu-lite-plugin-1-0-3-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52446.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52446.json new file mode 100644 index 00000000000..658e1df5309 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52446.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52446", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:21.303", + "lastModified": "2024-11-20T12:15:21.303", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Buying Buddy Buying Buddy IDX CRM allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through 1.1.12." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/buying-buddy-idx-crm/wordpress-buying-buddy-idx-crm-plugin-1-1-12-csrf-to-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52447.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52447.json new file mode 100644 index 00000000000..091706621c4 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52447.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52447", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:21.523", + "lastModified": "2024-11-20T12:15:21.523", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through 1.6.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-35" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/contact-page-with-google-map/wordpress-contact-page-with-google-map-plugin-1-6-1-arbitrary-file-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52448.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52448.json new file mode 100644 index 00000000000..d659089a474 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52448.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52448", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:21.753", + "lastModified": "2024-11-20T12:15:21.753", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebCodingPlace Ultimate Classified Listings allows PHP Local File Inclusion.This issue affects Ultimate Classified Listings: from n/a through 1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ultimate-classified-listings/wordpress-ultimate-classified-listings-plugin-1-4-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52449.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52449.json new file mode 100644 index 00000000000..54e4a53a45d --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52449.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52449", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:21.980", + "lastModified": "2024-11-20T12:15:21.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Navneil Naicer Bootscraper allows PHP Local File Inclusion.This issue affects Bootscraper: from n/a through 2.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-bootscraper/wordpress-wordpress-bootscraper-plugin-2-1-0-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52450.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52450.json new file mode 100644 index 00000000000..13b59ed97a9 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52450.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52450", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:22.203", + "lastModified": "2024-11-20T12:15:22.203", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Official pro coders nBlocks allows PHP Local File Inclusion.This issue affects nBlocks: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/nblocks/wordpress-nblocks-plugin-1-0-2-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-524xx/CVE-2024-52451.json b/CVE-2024/CVE-2024-524xx/CVE-2024-52451.json new file mode 100644 index 00000000000..885b5e3b8b9 --- /dev/null +++ b/CVE-2024/CVE-2024-524xx/CVE-2024-52451.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52451", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-20T12:15:22.427", + "lastModified": "2024-11-20T12:15:22.427", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Aaron Robbins Post Ideas allows SQL Injection.This issue affects Post Ideas: from n/a through 2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/post-ideas/wordpress-post-ideas-plugin-2-csrf-to-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 9d9dc445cde..139d6972b48 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-20T11:00:21.071478+00:00 +2024-11-20T13:00:28.558888+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-20T10:15:05.920000+00:00 +2024-11-20T12:45:36.293000+00:00 ``` ### Last Data Feed Release @@ -33,26 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -270670 +270694 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `24` -- [CVE-2024-10126](CVE-2024/CVE-2024-101xx/CVE-2024-10126.json) (`2024-11-20T09:15:03.990`) -- [CVE-2024-10127](CVE-2024/CVE-2024-101xx/CVE-2024-10127.json) (`2024-11-20T09:15:04.313`) -- [CVE-2024-10665](CVE-2024/CVE-2024-106xx/CVE-2024-10665.json) (`2024-11-20T10:15:04.627`) -- [CVE-2024-10891](CVE-2024/CVE-2024-108xx/CVE-2024-10891.json) (`2024-11-20T10:15:05.273`) -- [CVE-2024-11176](CVE-2024/CVE-2024-111xx/CVE-2024-11176.json) (`2024-11-20T09:15:04.447`) -- [CVE-2024-11179](CVE-2024/CVE-2024-111xx/CVE-2024-11179.json) (`2024-11-20T10:15:05.640`) -- [CVE-2024-11494](CVE-2024/CVE-2024-114xx/CVE-2024-11494.json) (`2024-11-20T10:15:05.920`) +- [CVE-2024-10382](CVE-2024/CVE-2024-103xx/CVE-2024-10382.json) (`2024-11-20T11:15:04.280`) +- [CVE-2024-10520](CVE-2024/CVE-2024-105xx/CVE-2024-10520.json) (`2024-11-20T12:15:18.390`) +- [CVE-2024-10872](CVE-2024/CVE-2024-108xx/CVE-2024-10872.json) (`2024-11-20T11:15:04.927`) +- [CVE-2024-11404](CVE-2024/CVE-2024-114xx/CVE-2024-11404.json) (`2024-11-20T12:15:18.640`) +- [CVE-2024-11406](CVE-2024/CVE-2024-114xx/CVE-2024-11406.json) (`2024-11-20T12:15:18.890`) +- [CVE-2024-45689](CVE-2024/CVE-2024-456xx/CVE-2024-45689.json) (`2024-11-20T11:15:05.337`) +- [CVE-2024-45690](CVE-2024/CVE-2024-456xx/CVE-2024-45690.json) (`2024-11-20T11:15:05.413`) +- [CVE-2024-45691](CVE-2024/CVE-2024-456xx/CVE-2024-45691.json) (`2024-11-20T11:15:05.490`) +- [CVE-2024-48899](CVE-2024/CVE-2024-488xx/CVE-2024-48899.json) (`2024-11-20T11:15:05.563`) +- [CVE-2024-52437](CVE-2024/CVE-2024-524xx/CVE-2024-52437.json) (`2024-11-20T12:15:19.133`) +- [CVE-2024-52438](CVE-2024/CVE-2024-524xx/CVE-2024-52438.json) (`2024-11-20T12:15:19.390`) +- [CVE-2024-52439](CVE-2024/CVE-2024-524xx/CVE-2024-52439.json) (`2024-11-20T12:15:19.637`) +- [CVE-2024-52440](CVE-2024/CVE-2024-524xx/CVE-2024-52440.json) (`2024-11-20T12:15:19.870`) +- [CVE-2024-52441](CVE-2024/CVE-2024-524xx/CVE-2024-52441.json) (`2024-11-20T12:15:20.110`) +- [CVE-2024-52442](CVE-2024/CVE-2024-524xx/CVE-2024-52442.json) (`2024-11-20T12:15:20.370`) +- [CVE-2024-52443](CVE-2024/CVE-2024-524xx/CVE-2024-52443.json) (`2024-11-20T12:15:20.620`) +- [CVE-2024-52444](CVE-2024/CVE-2024-524xx/CVE-2024-52444.json) (`2024-11-20T12:15:20.857`) +- [CVE-2024-52445](CVE-2024/CVE-2024-524xx/CVE-2024-52445.json) (`2024-11-20T12:15:21.093`) +- [CVE-2024-52446](CVE-2024/CVE-2024-524xx/CVE-2024-52446.json) (`2024-11-20T12:15:21.303`) +- [CVE-2024-52447](CVE-2024/CVE-2024-524xx/CVE-2024-52447.json) (`2024-11-20T12:15:21.523`) +- [CVE-2024-52448](CVE-2024/CVE-2024-524xx/CVE-2024-52448.json) (`2024-11-20T12:15:21.753`) +- [CVE-2024-52449](CVE-2024/CVE-2024-524xx/CVE-2024-52449.json) (`2024-11-20T12:15:21.980`) +- [CVE-2024-52450](CVE-2024/CVE-2024-524xx/CVE-2024-52450.json) (`2024-11-20T12:15:22.203`) +- [CVE-2024-52451](CVE-2024/CVE-2024-524xx/CVE-2024-52451.json) (`2024-11-20T12:15:22.427`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `6` +- [CVE-2018-11525](CVE-2018/CVE-2018-115xx/CVE-2018-11525.json) (`2024-11-20T12:45:36.293`) +- [CVE-2020-11727](CVE-2020/CVE-2020-117xx/CVE-2020-11727.json) (`2024-11-20T12:45:36.293`) +- [CVE-2021-24169](CVE-2021/CVE-2021-241xx/CVE-2021-24169.json) (`2024-11-20T12:45:36.293`) +- [CVE-2021-27349](CVE-2021/CVE-2021-273xx/CVE-2021-27349.json) (`2024-11-20T12:45:36.293`) +- [CVE-2022-35275](CVE-2022/CVE-2022-352xx/CVE-2022-35275.json) (`2024-11-20T12:45:36.293`) +- [CVE-2022-40128](CVE-2022/CVE-2022-401xx/CVE-2022-40128.json) (`2024-11-20T12:45:36.293`) ## Download and Usage diff --git a/_state.csv b/_state.csv index a22184deb48..88cf1f4a5c9 100644 --- a/_state.csv +++ b/_state.csv @@ -112554,7 +112554,7 @@ CVE-2018-11518,0,0,28620014c01f1b73bb84113be10d0d8b542595efbcad3eb84c8dee56d8d50 CVE-2018-1152,0,0,4cd9213fa236f2e53e636ad0b8b986bd1d146488bb5196f3296e5d8252383191,2020-07-31T21:15:12.170000 CVE-2018-11522,0,0,6fd6cc029fb6c35cf86434a6720411c3ba72fea5411d6db303d8987d687fb459,2018-07-03T15:26:04.650000 CVE-2018-11523,0,0,e19222637a1afc892dca5208b57fc44d2d6889beec6077362ec1bef3e3df8bee,2018-06-29T18:04:13.867000 -CVE-2018-11525,0,0,a1c4295cf3c5183aacd72fb8ecee6e1b01421a66b55d87b0be41e956bb6c95fe,2020-08-24T17:37:01.140000 +CVE-2018-11525,0,1,1582a8fa42dd0ace5f49cf06f5b4ee173bc3266d155ab155d6eba21796d3746c,2024-11-20T12:45:36.293000 CVE-2018-11526,0,0,9943a2985a28f120c96998a78f749c2d591bfdbc654d0fbd2fd5961849ea8db7,2020-08-24T17:37:01.140000 CVE-2018-11527,0,0,cfa43309f91b9cca6c79dfbf232cb23bbeb61f86a91c15c319e96748924a4c52,2018-06-29T13:26:50.290000 CVE-2018-11528,0,0,97496262fbf9064bf512b6eb58d12583d73b8dc3d3b87c51bb82f42ee7228c8d,2018-06-28T13:23:05.870000 @@ -146782,7 +146782,7 @@ CVE-2020-11722,0,0,854500225422db3dfa44d653ad94ce36957c1f55b29b59dd9171606c59158 CVE-2020-11723,0,0,160a5bd81bae1c4467e1de4dc046ed2bf84614f1d368f483a3f904096699d565,2020-04-22T16:59:05.253000 CVE-2020-11724,0,0,0baa9b23e7980313ed19d111405cb5585663c3e5235129b20b5fc712b1b5a64b,2021-01-29T16:33:01.957000 CVE-2020-11725,0,0,485b6938757ed573e1970511976719adabbe29c5548785fc4bfdef13a398e4dc,2024-08-04T12:15:35.630000 -CVE-2020-11727,0,0,0b8e6c4591c6c0624387b848ab998dce09684e3db5274a52ebb4f435d0f954c2,2020-05-07T14:13:07.290000 +CVE-2020-11727,0,1,cd70d22e8c88f74abcead34cfc8d1f6da9e845b882488b907d97bd7f192ca90e,2024-11-20T12:45:36.293000 CVE-2020-11728,0,0,c7fc17449fde5142efc845f8b4961f509068750e19ad86f5bfb25788bac308d5,2020-09-28T18:15:18.177000 CVE-2020-11729,0,0,2c267e069a634258d2d04a3f06c624d15fc687a806e170bcd5e568e387447ff6,2020-08-18T15:05:57.953000 CVE-2020-1173,0,0,e4d15fc933b72ca184eacc719d7008abad57b29cef62e8279d513ec030d61c44,2020-05-27T16:56:44.557000 @@ -170118,7 +170118,7 @@ CVE-2021-24165,0,0,95f929fc30f7c0c2f87369e9b0554857e8b46bf94e92a9f35699ba920a4ac CVE-2021-24166,0,0,7295a9e2a303893028e33202f410f6c7a0b964cef7d31d681ad7a4bc51e78516,2021-04-09T15:22:45.803000 CVE-2021-24167,0,0,44edbe5d36cb698dc1ac178e403d937048d4424974e7e8a4291d219ac995a52e,2023-11-07T03:31:07.063000 CVE-2021-24168,0,0,9ffd1d11393e7892f78db2bbcdbbdf91a3fb185fcfbdf7421b2d6645e97b37a3,2021-04-09T14:56:56.993000 -CVE-2021-24169,0,0,6d24c44a0b8500fb71b5bf9211949ebf008ea341a0178d76641f335b4bb7cdaf,2021-12-03T18:27:05.857000 +CVE-2021-24169,0,1,677a62b1d06271f40840aeab51c5c0422799e65298f12bbbeb4e792f2dcdcb9f,2024-11-20T12:45:36.293000 CVE-2021-2417,0,0,e64e51808263b781ee5f2732a8dd7f73478d6d7a77a36de892782836dc00cab8,2021-07-26T17:32:02.827000 CVE-2021-24170,0,0,e9b9a25144017b8f8b095e0ea80aa86cf42dc21bde9e6f79b6b176f26edb6841,2021-04-09T19:34:59.337000 CVE-2021-24171,0,0,e70ce2cc69da6df5d1dcc971c230874a8172e79495d937703f0b55a7dcd0f3e5,2022-10-24T17:15:39.613000 @@ -172602,7 +172602,7 @@ CVE-2021-27342,0,0,090c125ac182d70b49035ec07ef9ea7721468eb72cf15d87f2bd57dac7662 CVE-2021-27343,0,0,832bb7fee5c0f9e3a0dc509e410e958411deb12dcf3f989bf4b854e893609ee1,2022-12-08T18:55:41.790000 CVE-2021-27345,0,0,87e104d2d8df80dad4ab089d59e41459174e2badd76249afa3216a7da22b893a,2022-04-27T17:06:54.547000 CVE-2021-27347,0,0,b58aedc650ac8f0f6e67ef65b090cdcc4557c7027b4e81d071a53ac20b25bd5b,2022-04-27T17:12:53.903000 -CVE-2021-27349,0,0,d99287ca84f21ecef394aff04713cbdcdfd8790406f889886a2d84b78eeb7713,2021-04-02T20:57:27.327000 +CVE-2021-27349,0,1,e035ab3c6a9ce22468f04974f2aba515c7affee3cd75e3e409d9fc2c2a18dcba,2024-11-20T12:45:36.293000 CVE-2021-27351,0,0,8a485d9b4386c04a50a028e5fdce8921fa7ff42a756440d276d0393b01f75a67,2022-05-23T22:18:15.767000 CVE-2021-27352,0,0,b9c6127899b298e03829981a6389a711a604aa172678ed911487e80bfa43e4d0,2021-06-03T18:12:04.617000 CVE-2021-27357,0,0,87e6e41ae512ffc574a36aa4fe2c1f00c7f24cbd187d4f8cd1529124f6a724aa,2021-04-09T18:07:44.027000 @@ -202513,7 +202513,7 @@ CVE-2022-35270,0,0,df06261f24c2cc206e99c7c44ac9e5d32870e52931b225863c7ecf37ac923 CVE-2022-35271,0,0,c73a07d2a58e05e39ba42f01369acf058797efa2084aa1b79c237e67c21a206d,2023-02-23T23:49:35.503000 CVE-2022-35272,0,0,28b3688ffc8c77c3dd43cbca4557e62bb2e32081a0a7b05a07d439aca2fdf445,2022-08-10T19:18:49.673000 CVE-2022-35273,0,0,37e0a67be41d4d57ea0eea6547e501ee02bbba1978cbedd77b0555aa44749e24,2022-09-13T15:04:09.180000 -CVE-2022-35275,0,0,e7644631b1303091fc9ccf2ed7d76134af124e88b746a5c29fbaa65761cf6114,2022-09-10T03:53:29.203000 +CVE-2022-35275,0,1,ba59134f035965387423088d6daecdf57cfe01345b3f2820fe6f6e5715291841,2024-11-20T12:45:36.293000 CVE-2022-35276,0,0,c3e73246a4694a0727af64865f51d28e6ce7f443989746283615dba0643e09a7,2022-11-16T18:56:08.900000 CVE-2022-35277,0,0,6b43c06f34da2a896add35c50bba3f8c3b4c87cfec10480067878619bd017121,2022-09-10T03:53:19.877000 CVE-2022-35278,0,0,f9369402514282d91fdc9732a8cbf568356c121282738727e30dacd4d696de97,2022-12-13T01:59:50.587000 @@ -206205,7 +206205,7 @@ CVE-2022-40122,0,0,53231e7d91e0446b0935a46bdb5502c1efa214bcbca5603169e444690ad0f CVE-2022-40123,0,0,684ee396689269c179d4f6c66838bb4407bda2f68fedf332bb39e4b625234fdd,2022-10-05T13:01:36.207000 CVE-2022-40126,0,0,fe2b273ee374dda35683011bfd4579f22913fcf68241239318c68fea8e40081b,2022-10-04T12:30:35.917000 CVE-2022-40127,0,0,504ee37f555a1bf4ee6aeffa6178b0666198cf0c51659d5c35d10c5317e1c93d,2022-11-16T18:53:05.167000 -CVE-2022-40128,0,0,9b67164a1c8e8aaafb3ddef659703299f9c89033d8beda8c1d359fa0735f8041,2022-11-09T14:57:34.437000 +CVE-2022-40128,0,1,dc6a79b61d3400cacd8f4d55c7fcd4ac275837c95a0b39f6aafddfb933b615bc,2024-11-20T12:45:36.293000 CVE-2022-40129,0,0,04aa07e2375aebbe2fd10962bf0301de5356355838fab707b7d882417361e77e,2022-11-22T01:07:11.007000 CVE-2022-4013,0,0,803366dcbb2b4bdf5190bb86cd2d8bb83c3f3d4414b49440a4c72173780e7391,2023-11-07T03:56:41.073000 CVE-2022-40130,0,0,24eec0c61128a0766ccd1a906df7b967fcde3babef1e2a57e55c6c9466b78684,2022-11-21T01:17:26.170000 @@ -242656,8 +242656,8 @@ CVE-2024-10121,0,0,4fac6e713d174c782f95945b8314e41c0820946450664e88d069ef79a5b04 CVE-2024-10122,0,0,4e5f619ae1411af7ba6427863c46c2d3289b70e0f0b6031ee87ce9e9971de5c8,2024-11-06T22:05:23.700000 CVE-2024-10123,0,0,e122097599e5662b16a80366258ebdfd607e11805ffbed77bafc707b3aec8a81,2024-10-28T16:06:53.747000 CVE-2024-10125,0,0,57aa34408f8260c656e1d34a999469d8529d9afe80be211b41d76ddc0eb4278d,2024-10-23T21:15:14.510000 -CVE-2024-10126,1,1,0992bc010ec680006516853e829e857db5122df9b6fbf3cf6ac0a663fd15a96e,2024-11-20T09:15:03.990000 -CVE-2024-10127,1,1,90599899be4029cb24281b9d431b4f49666a231fdb7cf753db125f3a6522db7c,2024-11-20T09:15:04.313000 +CVE-2024-10126,0,0,0992bc010ec680006516853e829e857db5122df9b6fbf3cf6ac0a663fd15a96e,2024-11-20T09:15:03.990000 +CVE-2024-10127,0,0,90599899be4029cb24281b9d431b4f49666a231fdb7cf753db125f3a6522db7c,2024-11-20T09:15:04.313000 CVE-2024-10128,0,0,f4621c94fde2e2c994e30c7fb126f4e421d19f40a100d08f3cba9307c37673b9,2024-10-30T20:31:33.213000 CVE-2024-10129,0,0,a3923f562a8796d1f42f1efc6d440df5c6f0b86035f7ff1e5e23cdedf20d0d79,2024-10-30T21:15:29.877000 CVE-2024-1013,0,0,0ecf415fc1e3c9674ce36da20d6e67872f02747822a72b780ad0899083ff5765,2024-03-18T12:38:25.490000 @@ -242844,6 +242844,7 @@ CVE-2024-10379,0,0,214be4d491421db3527c631a39011912a259f53e90e222f386f0e0be59c25 CVE-2024-1038,0,0,c7b47d6608546def6f3304631405edc76ac6151bae95644217fe0b19e7498b5e,2024-03-13T18:16:18.563000 CVE-2024-10380,0,0,251c7695ebdffe14f2a561bb3be22f7946019d2ec5c5cf9081e853969f1037dd,2024-11-01T16:11:00.217000 CVE-2024-10381,0,0,c0308fe75631e6e478c4bb91d489e96b1c2dde80a7b938a5a315dee1135c5bea,2024-11-14T21:44:53.280000 +CVE-2024-10382,1,1,93ad4e5d158f8a5b418f3ca0d0badac34bde469f4309d8aa47291799d978870e,2024-11-20T11:15:04.280000 CVE-2024-10386,0,0,92094aeb70b25026044a453c13f522af4eb391b2229044481dc021518acdc439,2024-11-05T20:07:59.487000 CVE-2024-10387,0,0,5a1f42d28f618e614b5301c0b94be55a535432bf7194e0692256ccf6aa332018,2024-11-05T20:05:55.323000 CVE-2024-10388,0,0,baa860af3611995aa3b48c2ac11975f858a05164ea5f5d56cfe1775a5d194758,2024-11-19T21:57:32.967000 @@ -242944,6 +242945,7 @@ CVE-2024-10509,0,0,a9d05e50f1563ceed5339878fa8c2329eea9e28284f4c0c86984d14b77803 CVE-2024-1051,0,0,301df872c002365b13eaea34d02a8084366516306d472e0b862c9b6067f5d33d,2024-04-01T01:12:59.077000 CVE-2024-10515,0,0,95b093829d5f65eddf31cc2d74b4687e2e05262ee824501db195970644d9d2ed,2024-11-20T06:15:15.777000 CVE-2024-1052,0,0,2826dc83bebd9032f48348a63ffd25025c2a6126abd483892ed79004a77aef0f,2024-02-15T18:49:40.180000 +CVE-2024-10520,1,1,5acdd0c5659959d9ac18fb296c8b0ca775c2f72b2836f5d69fce1935ac3f49b0,2024-11-20T12:15:18.390000 CVE-2024-10523,0,0,a761a52195ca091ecc100fefe31fd4eadda4d831fe94860e2a159923b6d0d68d,2024-11-08T15:14:30.070000 CVE-2024-10524,0,0,d6a77c8f99978db429152e8948353f8166b552c9c91594d95f4a0f83de9c3b77,2024-11-19T21:57:32.967000 CVE-2024-10525,0,0,cfad79154f466fe96736eabfa65cac8f6409e21deb7f07d79c02c68ee3f19eb2,2024-11-01T12:57:03.417000 @@ -243032,7 +243034,7 @@ CVE-2024-1066,0,0,7cd919bef6acbf4a1ab59632c47efb8ac6efc2d2c9f422a5fc3bf23611a0e2 CVE-2024-10660,0,0,f525208ea29c8266cde1476239eda59ff1f0ab9a3e7bdbee9dd171ceb2cef109,2024-11-05T17:04:45.093000 CVE-2024-10661,0,0,3a8f12267875f9e533b9d9d2b244a0cfff287128b133c964cf1107af67490bfa,2024-11-05T14:30:37.787000 CVE-2024-10662,0,0,7f193b35faecba25eb69b45c896888a79d54755e1824e8384db4944270b09c04,2024-11-05T14:30:16.847000 -CVE-2024-10665,1,1,c459412fd1578af7223b09f026120261b8e30ea805de1cd1f35345a53fdbc421,2024-11-20T10:15:04.627000 +CVE-2024-10665,0,0,c459412fd1578af7223b09f026120261b8e30ea805de1cd1f35345a53fdbc421,2024-11-20T10:15:04.627000 CVE-2024-10667,0,0,8c3b4c9a2974763bbe2a826956e8c92748c65fd783dec0a85476416fcfdde1dc,2024-11-12T13:56:24.513000 CVE-2024-10668,0,0,ad6a1e988aa7f35451b56c605706e2e8d28df7ceaf4537d00be5d4d05186782b,2024-11-08T19:01:03.880000 CVE-2024-10669,0,0,23093ef05e499c533c3a2d4bc80a20165a28e5f349ac3746239f8d0e4e64a94d,2024-11-12T13:56:24.513000 @@ -243158,6 +243160,7 @@ CVE-2024-1086,0,0,3e819e2fff80149e3f377751fd1fb28a52f8791d9e5d08990c549613b15214 CVE-2024-10861,0,0,0e475116cbc916b1684eb819921303de89576e8768786550a96cf2c67b7dbecb,2024-11-18T17:11:17.393000 CVE-2024-1087,0,0,9751a2fe52b8f14e0fc1c9d86ee656c42465ba61ef03201895b6c1868f5679fd,2024-01-31T13:15:11.030000 CVE-2024-10871,0,0,68bab79b21893b436f4ab4e6d9a6ec3633c42e31b376d40213e506317551e1bb,2024-11-12T13:56:24.513000 +CVE-2024-10872,1,1,8405e7ff84d6b1dadb55fb727cbebd904b1c5b7b5d08d6be546207b2803f1c61,2024-11-20T11:15:04.927000 CVE-2024-10875,0,0,f25d99b636c46f59305dd89e678091362bb421c122afe8c605690d8f28fedaa5,2024-11-18T17:11:17.393000 CVE-2024-10876,0,0,bbf9ae62b029e2f20c90d639924bd19ca16772574bbaf6f19776b0310de3890f,2024-11-12T13:56:24.513000 CVE-2024-10877,0,0,301531ad65e2e5f16ea91c20f67a17c0b37faac5d5c530e39dd36f416491799c,2024-11-19T15:52:44.487000 @@ -243167,7 +243170,7 @@ CVE-2024-10883,0,0,591fb34dd03e0d1e5f0e5dcf7a5df450cfd7ed4e0c6fa74361f3a75f2590a CVE-2024-10884,0,0,af8d0f69b33cc9c8b5f395f0e60a6b7ec1fd0ec15994d8ada3cc1ff2f49e0e48,2024-11-18T17:11:17.393000 CVE-2024-10887,0,0,6f1c620112f0531885feb58bf605da1bdf3e2be3ee69e7f92d5d01d446076f44,2024-11-13T17:01:16.850000 CVE-2024-1089,0,0,9442709e929187c1b992d082c3eaeec9226480f80fc28198e3a73f4a684640d5,2024-02-29T13:49:29.390000 -CVE-2024-10891,1,1,75368c42ada2eff64310eb4f2bf04c277030b9ed62814601df628d2e55a629ad,2024-11-20T10:15:05.273000 +CVE-2024-10891,0,0,75368c42ada2eff64310eb4f2bf04c277030b9ed62814601df628d2e55a629ad,2024-11-20T10:15:05.273000 CVE-2024-10897,0,0,a06583b49e979e6c2e08d66a731da16126991a206b79119172b9152aecec155d,2024-11-15T13:58:08.913000 CVE-2024-10899,0,0,4368cb3772d2f8c2a1f35ff550289018215916506b0b69e65d8983cd35dad906,2024-11-20T07:15:08.260000 CVE-2024-1090,0,0,2d0b80c82d6d153c4e0b5412c3fcf892da86ac73a72da4cbf84bfbb064bdcb0c,2024-02-29T13:49:29.390000 @@ -243328,8 +243331,8 @@ CVE-2024-11165,0,0,95fe2b7c203ba5cc9c6e4fb2522e665475ea40e75b68e18a56b9dddf3a00f CVE-2024-11168,0,0,5e610ba56b770f0c45b8e5f1da8a18409af80ecc6fd32d397017d56ba5ace8ac,2024-11-13T17:01:16.850000 CVE-2024-1117,0,0,0eff4d8f06fdd3645727772834638be79e19128758cbe94b2a8e7a297167b8d0,2024-05-17T02:35:15.090000 CVE-2024-11175,0,0,a70e7384355b41e57dbae42f60548787ddcd5e64369094201d6e3104c030e304,2024-11-15T22:50:48.817000 -CVE-2024-11176,1,1,43e0b836ac427f00f128c5bd48d6743fd191b6efbf5ad7ecd847f5f279d2ce59,2024-11-20T09:15:04.447000 -CVE-2024-11179,1,1,7f2d8fb781b4394903ecc6ce342e58d860ba1367a8bdd83857040d509aff9b21,2024-11-20T10:15:05.640000 +CVE-2024-11176,0,0,43e0b836ac427f00f128c5bd48d6743fd191b6efbf5ad7ecd847f5f279d2ce59,2024-11-20T09:15:04.447000 +CVE-2024-11179,0,0,7f2d8fb781b4394903ecc6ce342e58d860ba1367a8bdd83857040d509aff9b21,2024-11-20T10:15:05.640000 CVE-2024-1118,0,0,6c399aaded9e96cfac900ecbd30e202d5a6a42d5625667c3de9725b65dc62fc3,2024-02-10T04:13:01.030000 CVE-2024-11182,0,0,550276b9543adbab2608aeeaeb156b493c7ea7fcd794d8e2722b73a2104ac612,2024-11-19T19:08:15.657000 CVE-2024-1119,0,0,5426bc48e63724893c52e881a8535fb7954cf4e6383fc287bdb9896410f7d3a0,2024-03-20T13:00:16.367000 @@ -243408,6 +243411,8 @@ CVE-2024-1139,0,0,3dc684f5c9c2296003368c61d669c2f327953a7aefcd4f9a72abdc4b058cbe CVE-2024-11395,0,0,e97b88024677a483ae4a42afe9a8440978faa48e4e721bb1c822953f8252b946,2024-11-19T21:56:45.533000 CVE-2024-1140,0,0,346c2ed0aaabc419b4aefe2cf8513b81b972566618f29982168bc7166c832ab2,2024-02-27T19:17:32.253000 CVE-2024-11400,0,0,68517feb9a17e8334cb49d2e9635846cb9ffcbcacaf62470ee1bd79105ecd1d9,2024-11-19T22:15:19.740000 +CVE-2024-11404,1,1,91a6a83594728f7d9ab87a97157e934bf45f5ea8491058deca799f43b765f939,2024-11-20T12:15:18.640000 +CVE-2024-11406,1,1,d4abbee85b1f77460ba170fa7cbcf81435244eeb65babfc1772879a68307a74f,2024-11-20T12:15:18.890000 CVE-2024-1141,0,0,31012446f41a8e14cd01fac5beb57c8618f6593d63d8f6abd3fca30a025146cd,2024-05-22T22:15:08.627000 CVE-2024-1142,0,0,444665e5d63ad8c810b6738875a9c2a9c27bc01781467ef31bed70fec17787e6,2024-03-21T12:58:51.093000 CVE-2024-1143,0,0,b8d0c26da5a42e6a02317cbe9672f530b65f02168ce7a3fde71211ebe1a9550d,2024-02-09T19:08:27.423000 @@ -243417,7 +243422,7 @@ CVE-2024-1146,0,0,c681ac136637104b7d43e23a49d30f381f11dad3f3f7ec48919504256a9e5b CVE-2024-1147,0,0,5da69e40e8a720c3c3c366cde1a8363ffbcff6346e82168cfd4c7602d33328bd,2024-03-21T12:58:51.093000 CVE-2024-1148,0,0,55b3cfe72144d3f21629750ac052bc7072169844e3b194a6a00d557d611fa424,2024-03-21T12:58:51.093000 CVE-2024-1149,0,0,b02f2ba30bfd9b077afbf478cdb43cc9b464ca358abc4a5e9f7416d9d1b2fcff,2024-02-15T17:52:08.970000 -CVE-2024-11494,1,1,5890d4fb88df3d8f55b6792aa5c18e107344b1b8b9d64b1485bac263c175d055,2024-11-20T10:15:05.920000 +CVE-2024-11494,0,0,5890d4fb88df3d8f55b6792aa5c18e107344b1b8b9d64b1485bac263c175d055,2024-11-20T10:15:05.920000 CVE-2024-1150,0,0,b47a3c09b3a331a50594ab70df2061c7818f30992462806b6f5b7a310a00b60b,2024-02-15T17:42:08.113000 CVE-2024-1151,0,0,7121c04433e319cadf01da487c5bbfa2040f1a20de12a9b96c3c123bdd1e595e,2024-11-12T16:15:21.213000 CVE-2024-1153,0,0,ef044a07a9d08d9e4b985a54be5b7192d28514cd606cdbcd1ece01d4ab3f4a43,2024-09-16T17:39:45.023000 @@ -262887,7 +262892,10 @@ CVE-2024-45678,0,0,a1fda46a16546e5971e32d47cf6c55c6e5adf9e7e7bc6498d2c3cdc35ca99 CVE-2024-45679,0,0,b98f85803530a208de6f955471a00fda8462357bfd07c53d204959dc086af47d,2024-09-20T12:30:51.220000 CVE-2024-4568,0,0,950b62937f2f303cb16f164d002be64527131317e5dfff26daecb96b6bec4236,2024-05-07T13:39:32.710000 CVE-2024-45682,0,0,8584442aa3e66ef486ff4d0e65e36dc65b16a5528e312d936a157a665ef44302,2024-09-27T18:54:51.820000 +CVE-2024-45689,1,1,c7e979f31e1bde92d5b4da5387428b58120f1325596ab42847b6eba43ff3aeb7,2024-11-20T11:15:05.337000 CVE-2024-4569,0,0,2e4b27b05be8561bd3f260b3ccf0eed0d11ea74483878f5df5227737faa1c038,2024-06-28T13:10:05.153000 +CVE-2024-45690,1,1,74454f7c531bfb80a37c3fdc1f763db2a09dcbe2ca0c5bb3597e3500efe2f820,2024-11-20T11:15:05.413000 +CVE-2024-45691,1,1,ca4f55343dfa025487a6d3aee03385fc29227f8ef98bfe91847acc674bc2317b,2024-11-20T11:15:05.490000 CVE-2024-45692,0,0,281ed60ed9431c734132a4f1fca034600bdda2bdb5b83bc44745bc26a826447d,2024-09-05T21:35:14.337000 CVE-2024-45693,0,0,8326a6a6c02d5129a5009d67c10554cd90e2c8aefe000e24bf1668842bfb6519,2024-10-17T20:21:11.913000 CVE-2024-45694,0,0,6df0853247a969905230185a9047d7f0b5d3157f1a7bc76614dde5322218c3ae,2024-09-17T18:40:07.243000 @@ -264671,6 +264679,7 @@ CVE-2024-48895,0,0,11f1b544314db3e7a2e2f0ae6118cf9681d6a4928b5a8a68633e1e42e5369 CVE-2024-48896,0,0,b992316378dc674c4f86c74292b7b1938dedf579a456c4b81377a2d803cc86e3,2024-11-18T17:11:17.393000 CVE-2024-48897,0,0,fb7520e1e59589ecdc201007a2560e0bbe0080044e959003906b061ba053cf71,2024-11-19T15:35:09.867000 CVE-2024-48898,0,0,8529d519dd40a302fbe6ba08ef52420551e621ec79dd55c48ad2c7b84db09711,2024-11-18T17:11:17.393000 +CVE-2024-48899,1,1,0d8ef23611eada8fc0fc63454f34a97709861b32b5e14032cbff7c3fb2b15ca3,2024-11-20T11:15:05.563000 CVE-2024-4890,0,0,ee7720239380ab5c638f0803999a779457a74687c16e858d2acf0798605f57a2,2024-10-10T20:11:44.610000 CVE-2024-48900,0,0,2b3a5e56342c363922328f10e6f3d06b5c266c3768636276b8919e3a3cee88b7,2024-11-13T17:01:16.850000 CVE-2024-48901,0,0,d55eab1e1ed71395f22d7b632d754e2124bf5bf64f441bf3db31551da986d202,2024-11-18T17:11:17.393000 @@ -266815,8 +266824,23 @@ CVE-2024-52433,0,0,7af8352b850dc6bbe5e7c25336ff4f6146705481d29b93e916a52482d7bff CVE-2024-52434,0,0,4c32114cc1ffe7fa4eb0add4d2567f663664a8d84321168452bc394f84e5e4d1,2024-11-18T17:11:17.393000 CVE-2024-52435,0,0,1f9ab96c0d2886426dd4cb517eb16222ad8517fb43cb5d699370815204faf867,2024-11-18T17:11:17.393000 CVE-2024-52436,0,0,371b1a4e00d4cd9b234014c0116bb9bfcf6e0ca82600c4ebf1e4512134bffa8b,2024-11-18T17:11:17.393000 +CVE-2024-52437,1,1,919f311130b57eebb1d1dd68fdcabc4aced488ca04d6d661b5497a46423dde5f,2024-11-20T12:15:19.133000 +CVE-2024-52438,1,1,7cbfd43b78eb199a9384650d6e0ae42f64cd4f7239f83b963194d5c836b70846,2024-11-20T12:15:19.390000 +CVE-2024-52439,1,1,6d190c01571ed430526e0001854eecb6d513a994b9acb9f04b30037c5db18ae6,2024-11-20T12:15:19.637000 CVE-2024-5244,0,0,3de36675ae2f0b5e30ad70179a948c0cef684a516575b6f4510d379552ecc6bb,2024-05-24T01:15:30.977000 +CVE-2024-52440,1,1,c141409e3e457d18e6d0ffb1b705918854a92b812667b34c8e1a3a47af488008,2024-11-20T12:15:19.870000 +CVE-2024-52441,1,1,72ee951bedebbcbba59663bb2fd7a9cd7c5858c354badf6a2f74aa939df79f61,2024-11-20T12:15:20.110000 +CVE-2024-52442,1,1,4ca917fff479c5bbc724330c9b438f190b2db6ac6129c8eeb6127a11a23827cb,2024-11-20T12:15:20.370000 +CVE-2024-52443,1,1,a595a5f1f2d92564d08157befe48b5c8eb375e631a641e9843ddb74d30bd3467,2024-11-20T12:15:20.620000 +CVE-2024-52444,1,1,4ecd826f113e281302ec6f3be47f92c3d3f4cf00b4b29f65a35a8d30498e7a1d,2024-11-20T12:15:20.857000 +CVE-2024-52445,1,1,1696328045fcd63ab1e10bd80450254fd76ed39b87b620daf65a946d19fa2d24,2024-11-20T12:15:21.093000 +CVE-2024-52446,1,1,e2e88ed5a96a71dedd7966b0603094e0b8ae64302c883b7ca0e8f4429cc899cd,2024-11-20T12:15:21.303000 +CVE-2024-52447,1,1,f08507ad0b51b6897e689d22236e737fb0dbba9475b46ca0407da7f65de6fb00,2024-11-20T12:15:21.523000 +CVE-2024-52448,1,1,6979d3133fe019c3078442e46701f2a78bdc8422772f47efa8563f2df9f74a9f,2024-11-20T12:15:21.753000 +CVE-2024-52449,1,1,ce90d5d55e8436b94a304efc19163b49c2f5473c38f99b1a35c1d69e333131c0,2024-11-20T12:15:21.980000 CVE-2024-5245,0,0,8367cc316d7fd622697ed020483e2edc6264aea8aa776978b7228518baa31702,2024-05-24T01:15:30.977000 +CVE-2024-52450,1,1,002d848f8b202503bc5f349083e6360328b5ca35b8e488d4cb20477667418239,2024-11-20T12:15:22.203000 +CVE-2024-52451,1,1,c4dda19ad903fd6f4cd91db91be4b7e0b1f40513a3624be5b88bb657ca6869ae,2024-11-20T12:15:22.427000 CVE-2024-5246,0,0,481ebf23b779dd3e32e9e0cda77aaee7d0bfc9eca82266cde6c77415f4c9c730,2024-07-03T02:08:44.767000 CVE-2024-5247,0,0,fdfe6c1388c42f602cdcb0ffda38b56b5f1ed960e60bfada435f42d294b2956e,2024-05-24T01:15:30.977000 CVE-2024-5248,0,0,6cfa5cec6de457c13d7096887dc7c2d8bd99f0e898238886822e69d1ee66037e,2024-11-03T17:15:14.860000