admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-16T04:00:17.468387+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-16 04:03:18 +00:00
parent bd1e08175e
commit 38e1eb6ae1
15 changed files with 779 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
CVE-2024/CVE-2024-100xx/CVE-2024-10018.json Normal file
View File

@ -0,0 +1,37 @@
{
"id": "CVE-2024-10018",
"sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"published": "2024-10-16T03:15:02.620",
"lastModified": "2024-10-16T03:15:02.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component."
}
],
"metrics": {},
"weaknesses": [
{
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://security.tecno.com/SRC/blogdetail/323?lang=en_US",
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
},
{
"url": "https://security.tecno.com/SRC/securityUpdates?type=SA",
"source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea"
}
]
}

4
CVE-2024/CVE-2024-382xx/CVE-2024-38202.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-38202",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-08-08T02:15:38.180",
"lastModified": "2024-09-18T00:15:06.253",
"lastModified": "2024-10-16T02:15:05.713",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Summary\nMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.\nMicrosoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE.\nThis CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs.\nDetails\nA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.\nMicrosoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now \u2013 Microsoft Security Response Center.\nMicrosoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems.\nRecommended Actions\nThe following recommendations do not mitigate the... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202"
"value": "Summary\nMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful.\nMicrosoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. **Note:**Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems.\nIf there are any further updates regarding mitigations for this vulnerability, this CVE will be updated and customers will be notified. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert if an update occurs.\nDetails\nA security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Update potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability.\nMicrosoft has developed a security update to mitigate this threat which was made available October 08, 2024 and is provided in the Security Updates table of this CVE for customers to download. **Note:**Depending on your version of Windows, additional steps may be required to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. Please refer to the FAQ section for more information. Guidance for customers who cannot immediately implement the update is provided in the Recommended Actions section of this CVE to help reduce the risks associated with this vulnerability and to protect their systems.\nIf there are any... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38202"
},
{
"lang": "es",

64
CVE-2024/CVE-2024-85xx/CVE-2024-8541.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-8541",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:06.160",
"lastModified": "2024-10-16T02:15:06.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Discount Rules for WooCommerce \u2013 Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.6.5. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a site administrator into performing an action such as clicking on a link. Please note that this is only exploitable when the 'Leave a Review' notice is present, which occurs after 100 orders are made and disappears after a user dismisses the notice."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-discount-rules/tags/2.6.5/v2/App/Views/Admin/review-notice.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3149013/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3529044f-c3d8-4370-8ba5-9df0fb71ab3c?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2024/CVE-2024-87xx/CVE-2024-8787.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-8787",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:06.387",
"lastModified": "2024-10-16T02:15:06.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Smart Online Order for Clover plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.5.7. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/clover-online-orders/tags/1.5.7/admin/includes/class-moo-products-list.php#L572",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/clover-online-orders/tags/1.5.7/admin/moo-OnlineOrders-admin.php#L477",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3168446/clover-online-orders/tags/1.5.8/admin/includes/class-moo-products-list.php?old=3142847&old_path=clover-online-orders%2Ftags%2F1.5.7%2Fadmin%2Fincludes%2Fclass-moo-products-list.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3168446/clover-online-orders/tags/1.5.8/admin/moo-OnlineOrders-admin.php?old=3142847&old_path=clover-online-orders%2Ftags%2F1.5.7%2Fadmin%2Fmoo-OnlineOrders-admin.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/35d64d3e-b48e-4e35-ab1d-0557fcd62263?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-91xx/CVE-2024-9104.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9104",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:06.607",
"lastModified": "2024-10-16T02:15:06.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.8.3. This is due to the improper empty value check and a missing default activated value check in the 'ultimate_ai_change_pass' function. This makes it possible for unauthenticated attackers to reset the password of the first user, whose account is not yet activated or the first user who activated their account, who are subscribers."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-703"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/ultimateai-ai-enhanced-wordpress-plugin-with-saas-for-content-code-chat-and-image-generation/51201953",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3faf976d-0763-4e47-9bc3-18c791ec4487?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-91xx/CVE-2024-9105.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9105",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:06.840",
"lastModified": "2024-10-16T02:15:06.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the 'ultimate_ai_register_or_login_with_google' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/ultimateai-ai-enhanced-wordpress-plugin-with-saas-for-content-code-chat-and-image-generation/51201953",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2475643-a0b4-444a-a2c6-a5c45e90e1dd?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-93xx/CVE-2024-9305.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-9305",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:07.050",
"lastModified": "2024-10-16T02:15:07.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AppPresser \u2013 Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.4. This is due to the appp_reset_password() and validate_reset_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/apppresser/tags/4.4.4/inc/AppPresser_Ajax_Extras.php#L31",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/apppresser/tags/4.4.4/inc/AppPresser_WPAPI_Mods.php#L92",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3168744%40apppresser&new=3168744%40apppresser&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45647fa6-a98d-4eb4-a287-f523e434688b?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-95xx/CVE-2024-9521.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9521",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:07.280",
"lastModified": "2024-10-16T02:15:07.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SEO Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/seo-manager/trunk/seo-manager.php?rev=2963205#L458",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17457ff2-917d-4cc4-8c5e-c80cd320cc90?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-96xx/CVE-2024-9634.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9634",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:07.487",
"lastModified": "2024-10-16T02:15:07.487",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the give_company_name parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/give/tags/3.16.2/src/Donations/Repositories/DonationRepository.php?rev=3157829",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3166836/give/tags/3.16.4/includes/process-donation.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8eb3aa9-fe60-48b6-aa24-7873dd68b47e?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-96xx/CVE-2024-9647.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9647",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:07.700",
"lastModified": "2024-10-16T02:15:07.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Kama SpamBlock plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST values in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/kama-spamblock/tags/1.8.2/Kama_Spamblock.php#L106",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3167874/kama-spamblock/tags/1.8.3/Kama_Spamblock.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7f2d3acb-5931-4629-8f03-4ab40fadf7c7?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-96xx/CVE-2024-9649.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9649",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:07.917",
"lastModified": "2024-10-16T02:15:07.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP ULike \u2013 The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7.4. This is due to missing or incorrect nonce validation on the wp_ulike_delete_history_api() function. This makes it possible for unauthenticated attackers to delete engagements via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/WordpressPluginDirectory/wp-ulike/blob/fd5eb54948cc1af9c348530a3cbd89c5a4bc68d0/wp-ulike/admin/admin-ajax.php#L78-L100",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3168233%40wp-ulike&new=3168233%40wp-ulike&sfp_email=&sfph_mail=#file0",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3fcb35f8-ed88-4440-8cdf-95c1f0028253?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-96xx/CVE-2024-9652.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9652",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:08.127",
"lastModified": "2024-10-16T02:15:08.127",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/locatoraid/trunk/happ2/modules/input/lib.php#L705",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3167512%40locatoraid&new=3167512%40locatoraid&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7821b17a-7da7-434f-8e3f-540e7d7cf6bb?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-98xx/CVE-2024-9891.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9891",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-16T02:15:08.333",
"lastModified": "2024-10-16T02:15:08.333",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7_zl_custom_handle_deactivation_plugin_form_submission() function in all versions up to, and including, 2.8.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to deactivate the plugin and send a custom reason from the site."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3169228/",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/tags/2.8.1/multiline-files-for-contact-form-7/multiline-admin.php#L410",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5cf62f45-a142-497e-9838-ce0b1b1bb3d3?source=cve",
"source": "security@wordfence.com"
}
]
}

28
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-16T02:00:18.625700+00:00
2024-10-16T04:00:17.468387+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-16T01:15:13.537000+00:00
2024-10-16T03:15:02.620000+00:00
```
### Last Data Feed Release
@ -33,24 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
265727
265739
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `12`
- [CVE-2024-49340](CVE-2024/CVE-2024-493xx/CVE-2024-49340.json) (`2024-10-16T00:15:03.100`)
- [CVE-2024-10018](CVE-2024/CVE-2024-100xx/CVE-2024-10018.json) (`2024-10-16T03:15:02.620`)
- [CVE-2024-8541](CVE-2024/CVE-2024-85xx/CVE-2024-8541.json) (`2024-10-16T02:15:06.160`)
- [CVE-2024-8787](CVE-2024/CVE-2024-87xx/CVE-2024-8787.json) (`2024-10-16T02:15:06.387`)
- [CVE-2024-9104](CVE-2024/CVE-2024-91xx/CVE-2024-9104.json) (`2024-10-16T02:15:06.607`)
- [CVE-2024-9105](CVE-2024/CVE-2024-91xx/CVE-2024-9105.json) (`2024-10-16T02:15:06.840`)
- [CVE-2024-9305](CVE-2024/CVE-2024-93xx/CVE-2024-9305.json) (`2024-10-16T02:15:07.050`)
- [CVE-2024-9521](CVE-2024/CVE-2024-95xx/CVE-2024-9521.json) (`2024-10-16T02:15:07.280`)
- [CVE-2024-9634](CVE-2024/CVE-2024-96xx/CVE-2024-9634.json) (`2024-10-16T02:15:07.487`)
- [CVE-2024-9647](CVE-2024/CVE-2024-96xx/CVE-2024-9647.json) (`2024-10-16T02:15:07.700`)
- [CVE-2024-9649](CVE-2024/CVE-2024-96xx/CVE-2024-9649.json) (`2024-10-16T02:15:07.917`)
- [CVE-2024-9652](CVE-2024/CVE-2024-96xx/CVE-2024-9652.json) (`2024-10-16T02:15:08.127`)
- [CVE-2024-9891](CVE-2024/CVE-2024-98xx/CVE-2024-9891.json) (`2024-10-16T02:15:08.333`)
### CVEs modified in the last Commit
Recently modified CVEs: `4`
Recently modified CVEs: `1`
- [CVE-2024-28987](CVE-2024/CVE-2024-289xx/CVE-2024-28987.json) (`2024-10-16T01:00:01.723`)
- [CVE-2024-30088](CVE-2024/CVE-2024-300xx/CVE-2024-30088.json) (`2024-10-16T01:00:01.723`)
- [CVE-2024-9341](CVE-2024/CVE-2024-93xx/CVE-2024-9341.json) (`2024-10-16T01:15:13.537`)
- [CVE-2024-9680](CVE-2024/CVE-2024-96xx/CVE-2024-9680.json) (`2024-10-16T01:00:01.723`)
- [CVE-2024-38202](CVE-2024/CVE-2024-382xx/CVE-2024-38202.json) (`2024-10-16T02:15:05.713`)
## Download and Usage

24
_state.csv
View File

@ -242150,6 +242150,7 @@ CVE-2024-0999,0,0,84034800a287889c8e66f3ba01c1d930a06538aadfe1b375cfd8893390aed6
CVE-2024-1000,0,0,60c836cbd4d96144c97b06caa16452d33dc82172b5cc2c653a7406010f53b5df,2024-05-17T02:35:08.790000
CVE-2024-10004,0,0,231cc5ca14331ea97625043de7a57398d2b1f74e8058a5b71a2840a63876a0a3,2024-10-15T22:15:03.197000
CVE-2024-1001,0,0,481a263280d7671352a0e81cdb22876e1831937aba78d275dcb085f339a7c9b0,2024-05-17T02:35:08.903000
CVE-2024-10018,1,1,48094474c9a835a3211b517c0339040bcffcf76ffcf2e981b9d66c0ec82efb42,2024-10-16T03:15:02.620000
CVE-2024-1002,0,0,da9ff0a1d838ebe2cbec1ae9defbaf7310d6b3493363163f0389be14aee69800,2024-05-17T02:35:09.013000
CVE-2024-1003,0,0,5577a6ad54fba7e1e984add6f75aca7e6ad73817623f9ed150fa33b583cd3fae,2024-05-17T02:35:09.147000
CVE-2024-1004,0,0,be9a3a60f238fd673f4d3f1f166af1f9400f4582d193359c16f232ef2b1c02fa,2024-05-17T02:35:09.263000
@ -249639,7 +249640,7 @@ CVE-2024-28982,0,0,a19015356d660d2e2e0aa0476b84c95e664ecbb510badb624ee4eb55091f6
CVE-2024-28983,0,0,703d0fea3e992e6c157faf14895b95484e69f73d18d43a1bdd6448ade19b1d58,2024-09-18T14:36:16.267000
CVE-2024-28984,0,0,061a156a04ab4e4c76d21331d25299f4cff837eab5762774bbd4e38e96a6350a,2024-09-18T15:22:51.163000
CVE-2024-28986,0,0,1bc724868f1fc8a3c45a5557a2e0154a8318c8e26360517fdaccaced6288454f,2024-08-16T15:04:28.150000
CVE-2024-28987,0,1,fd9407806be9984d6335ac9abd6eecc748e3ca1a4b5d0c8ad5582f580a3cab1e,2024-10-16T01:00:01.723000
CVE-2024-28987,0,0,fd9407806be9984d6335ac9abd6eecc748e3ca1a4b5d0c8ad5582f580a3cab1e,2024-10-16T01:00:01.723000
CVE-2024-2899,0,0,0be0fb50fdcc13228c9b49554460e4a306be4c6e83ee7f9bfb94b945f4f9e595,2024-05-17T02:38:36.220000
CVE-2024-28990,0,0,c552d85779f742e9eee5a53e7cb3b834247c40cd3dea313e4f856bb71772b3d4,2024-09-16T18:05:28.957000
CVE-2024-28991,0,0,f3a76278588de09c2001ab77f03da4ee20a5494ef74524c789ac890512227cb2,2024-09-16T18:06:20.037000
@ -250400,7 +250401,7 @@ CVE-2024-30084,0,0,2ff230b9f7ca79d2e13580712575b84ad5e2b5c2664fbf927cd3b01799152
CVE-2024-30085,0,0,7bcf589ad2fcfd591da16d9a82e9fed93eee502e186b3681a570437395d20843,2024-06-21T19:04:40.340000
CVE-2024-30086,0,0,f882e05c20af3aa996eda8fc685faf0f7c5bd9402acf367a3fcc83efbca59416,2024-06-21T19:05:24.723000
CVE-2024-30087,0,0,29e2979e5f743bab013bd32b6e284a6d8c8d52b45482fd4dd89773d24b210e59,2024-06-21T18:32:33.037000
CVE-2024-30088,0,1,615caa652e3da358da51c51f15135d7f6e7dd002c7c240bcf66b58eaa65c211f,2024-10-16T01:00:01.723000
CVE-2024-30088,0,0,615caa652e3da358da51c51f15135d7f6e7dd002c7c240bcf66b58eaa65c211f,2024-10-16T01:00:01.723000
CVE-2024-30089,0,0,4e43134615c92032b0bcfe7d8f16028651d0419f3008bbba71b76be12059cb5b,2024-06-20T18:29:16.590000
CVE-2024-3009,0,0,8b899c397ecfd00f1ee3f51dbae8d515d2e3bb4c62eb0c1196641a4d91245267,2024-05-17T02:39:40.367000
CVE-2024-30090,0,0,96ebf0a7f0985ae46a2d723452a41ed657ba6b4ce79af153544cf75f0eac0ea5,2024-06-20T18:29:05.917000
@ -256246,7 +256247,7 @@ CVE-2024-38199,0,0,642a12aa02f5e7b673baecdb6185f8efbceb0f3cbe1ac18a60e869ce79b2e
CVE-2024-3820,0,0,8985e7d1e7aecc5fe081b43705d723ec0ca067093ca4a65f30dd280cab84082f,2024-06-03T14:46:24.250000
CVE-2024-38200,0,0,d566a27ccd0b19f8229e9b6ce0a19c6b80662cfcd111693b799cdefa30455084,2024-08-13T18:15:29.720000
CVE-2024-38201,0,0,53005100dd7a84f045f26370f955e41247a7f9394ca3dbb51556ee597d1af3a2,2024-08-15T20:30:00.737000
CVE-2024-38202,0,0,808e393d6b9bb3d7d03ff4f9fc7ce8e224eb7ebd0e2141ac0daa427a79b7e293,2024-09-18T00:15:06.253000
CVE-2024-38202,0,1,d8ddfa5317ca7a8f5c085e0bd9baf44e75fb52705e1273330d4eed88c0e41067,2024-10-16T02:15:05.713000
CVE-2024-38204,0,0,74b7a1fb8eea5c5218caf7d1f92841b17bb726055a27de15320e6275a846e80b,2024-10-15T23:15:15.860000
CVE-2024-38206,0,0,159422281702f43b217eea303b5c7354ebb2179d51ac658c6c0c018b5ec16a40,2024-08-14T00:15:08.213000
CVE-2024-38207,0,0,48fecb3171f70b225df97b5c11256a860a73d4f7fff133be4c81b71e774668c7,2024-09-19T22:15:05.710000
@ -262099,7 +262100,7 @@ CVE-2024-4931,0,0,ef61357c988a5b6da4dc964c43221d8effae72407ee13fdf99bc1e0e52699b
CVE-2024-4932,0,0,c4279e0e81804cf3f06e3c52edfd706c295877ccc3771ef54ad83261fb500b37,2024-05-17T02:40:43.357000
CVE-2024-4933,0,0,4d4c0ec531cab6a4561c767f5a9082d29f26ceefaadcc74bb08507bf05ca5d17,2024-06-04T19:20:54.643000
CVE-2024-4934,0,0,fd5d4b9709dde517f56a9aae7369c165c45ceba9bcf88bee680213c2fc56b62f,2024-08-01T13:59:37.220000
CVE-2024-49340,1,1,bbc93ab9c45be01079f3c1d658cdfc2a6eecf00268e25c02a38c47ed2703edf5,2024-10-16T00:15:03.100000
CVE-2024-49340,0,0,bbc93ab9c45be01079f3c1d658cdfc2a6eecf00268e25c02a38c47ed2703edf5,2024-10-16T00:15:03.100000
CVE-2024-4936,0,0,51b2c41822c3ce01e84bd55c02328ac3499013d52d632d2af56d406c35d5a658,2024-08-06T18:29:27.013000
CVE-2024-49382,0,0,d6d3194a27b37c7540514c4731f1be0a1c4e00dff5b6d95578bca9d91ca2adeb,2024-10-15T12:57:46.880000
CVE-2024-49383,0,0,9a79c1b14e996faf6e99c8814b1479907260de1955f2d41c586fc188ea94710f,2024-10-15T12:57:46.880000
@ -265030,6 +265031,7 @@ CVE-2024-8531,0,0,6247771452e4454422e50e876a5da9e38ac5a7aad08135621b5b288e87bf9b
CVE-2024-8533,0,0,ceba1d609043d018dd2a5c62af783c64aebd2125e63ee811ba18e8a1d6a8510b,2024-09-19T01:57:23.830000
CVE-2024-8536,0,0,a7b1e09acaf4ac1b8946f962d2bb0e6dee99d2fed00608df37ed579fb4435262,2024-10-03T18:16:17.740000
CVE-2024-8538,0,0,037a1de419d434bcf3dba0ee797a8b9a465b537393317b1c47cc2bb770ec2f49,2024-09-26T16:28:02.990000
CVE-2024-8541,1,1,d3dfb80355dd8c11b373a3297eca5f4e2106f6f1f7ae5708ecaf48ed9dd0456e,2024-10-16T02:15:06.160000
CVE-2024-8543,0,0,1827ebc325d7546f1e75a8e16ffad13bc42c9eac828d9fdcb95bbdde0c532bed,2024-09-27T16:46:26.243000
CVE-2024-8544,0,0,029a23631e96ee15c1045dd3fa22aca85d39405998de7d891aefcd30e632fd70,2024-09-27T12:57:21.617000
CVE-2024-8546,0,0,b9f8f0c879e1631762b6a7db32f84cdc2866de99652f087bf545ee5c24dd6de6,2024-10-02T18:56:40.703000
@ -265193,6 +265195,7 @@ CVE-2024-8782,0,0,ec0da4baac22ae9eceb8ce2507375e0a71b6a51926de3cc40576bcd259fd71
CVE-2024-8783,0,0,b434dfc5f50cf2811a1f5688ac574f745dec48e5af54cf5f568ce8560b0e2702,2024-09-19T01:38:57.033000
CVE-2024-8784,0,0,7bc5ed86fd42122481efd27561493828acec6a50cb9d34c0b1c40453c943431f,2024-09-19T01:38:35.177000
CVE-2024-8786,0,0,98535b365547eb81c56b86d17170e324effeb134cfd99a6f8a9199c7d69b6f51,2024-10-04T13:51:25.567000
CVE-2024-8787,1,1,58c12445e145074ec0fb6fdca6045fe51408cbbc30caf4f665a75b10d96da512,2024-10-16T02:15:06.387000
CVE-2024-8788,0,0,109bf9bb3aa314390f1c0b3dee4d54ea5d0e02bbb648b956ffff0a9dad06b2f6,2024-10-03T17:25:41.467000
CVE-2024-8791,0,0,fb5b0ac36efac34bc9b2b46a1f471f8bc629f8b19dafbbe4161ffb4834ecffd5,2024-09-26T16:25:34.120000
CVE-2024-8793,0,0,959b266c850b42df4ff44733c3776bf7c1d0fcf64b78d7cab419106b5de40dbb,2024-10-07T16:04:08.490000
@ -265360,6 +265363,8 @@ CVE-2024-9092,0,0,1c2c646de9ea2ba79bd5c01f3c6adbd97c309ff9880a784404443eb5dc670a
CVE-2024-9093,0,0,9c381a723dcd5a5c3a6becb1e39558bfddcf6d2d39bab32327672c3bb7182479,2024-09-27T16:26:27.163000
CVE-2024-9094,0,0,0e308d006c94a8d09d0a4caea6001ec02d11744a78c5f3fdfc5f94ed1a0ea22c,2024-09-27T15:54:09.463000
CVE-2024-9100,0,0,924a5aba3fc99fbce138eba1426a3a9c3986ee11f31aca57d0fb8c713d5d9b99,2024-10-04T13:50:43.727000
CVE-2024-9104,1,1,eb74bb3ad6d2932bc7c5b13ee3f8f51c6c138849d59aebc2ba234162ed963fbd,2024-10-16T02:15:06.607000
CVE-2024-9105,1,1,5ccf4395fa31f933120664969d37478aabbaa9e62d9b0518101f51ecac2aed29,2024-10-16T02:15:06.840000
CVE-2024-9106,0,0,e27db71c396a4ccaf2c72a333395893b81bc19abafa7c4f380f448da576e2d26,2024-10-04T13:51:25.567000
CVE-2024-9108,0,0,a5bd0d20b10740e2633e894f79cde5eedf60bb1d894cbb8ab0abf2750035a6b9,2024-10-04T13:51:25.567000
CVE-2024-9115,0,0,1c4e70138ee9590ca65c2e328b29e5a87d064a3f49c7286913d14c3952d00fc4,2024-10-01T13:47:25.403000
@ -265456,6 +265461,7 @@ CVE-2024-9299,0,0,0e06149ad72b9bceed8023fce5d46e4c2d87e230ca1e26b3a70118742de53d
CVE-2024-9300,0,0,8cf4fd8be1a68079d9b09593a267df47fb69eec7140ede32d9eeb623680961c8,2024-10-01T13:34:58.760000
CVE-2024-9301,0,0,8bd5a6d252ad4356c723578db918b42e690d26a3308bebd8024d27b2807bcd16,2024-10-07T13:12:48.953000
CVE-2024-9304,0,0,f4e2b697051bb54ba85260a74446cf2ab04e7ed5a9a99551a585b1547839152d,2024-10-04T13:51:25.567000
CVE-2024-9305,1,1,d3150efab92fd2df23697a0fd126b812dffda030d8f4c6e407fcf4d281185363,2024-10-16T02:15:07.050000
CVE-2024-9306,0,0,ac26ad903bb36889edec0c6ea9a2822945801fec7c4fdd4634c75606f4fc1bfd,2024-10-08T16:25:29.877000
CVE-2024-9312,0,0,65fdcc0be3189c3ff0a528696e09ee6d93e5e818e1f4d380b9150324071206f9,2024-10-15T12:58:51.050000
CVE-2024-9313,0,0,8eab8e6a12fcb7dddda62f8c34fd34d547229d6ef4cec2e38f61189642da0e5f,2024-10-04T13:50:43.727000
@ -265476,7 +265482,7 @@ CVE-2024-9327,0,0,9bb62fae114b1c29588ad2672d640859a17a9f3af7375a799fc34e218e9d39
CVE-2024-9328,0,0,a5f7378f6f2f1cd502f7cde1b5f6090c2d79ebec3e3af2aa2eaafb1f04d0c325,2024-10-01T11:34:57.773000
CVE-2024-9329,0,0,45383f73609cef2d97bbcc2a37f0da26902c147f00f71a92dd725b6696a1e709,2024-10-07T15:52:47.267000
CVE-2024-9333,0,0,29d3d497691b594c7c49948d48e229bbe8c23108f2eef552b2f92cd89acf1f06,2024-10-04T13:50:43.727000
CVE-2024-9341,0,1,73c457dae504bd6d2ce3664dbe78931543af91dddd466bb5fc955e7dbfca4948,2024-10-16T01:15:13.537000
CVE-2024-9341,0,0,73c457dae504bd6d2ce3664dbe78931543af91dddd466bb5fc955e7dbfca4948,2024-10-16T01:15:13.537000
CVE-2024-9344,0,0,d870e129ed50c7683cdbbee07d60a73dcd8b852b9805e9d5932c8a41008c379e,2024-10-08T15:06:57.470000
CVE-2024-9345,0,0,b08be38bdc65e7df784af6af5cf36510583fc49f8a0ab62bc24aed87f83f55d0,2024-10-08T16:10:17.567000
CVE-2024-9346,0,0,62d32d35d45fd426e51a0ed8886468a70178025d3407ee17aee209be78f55958,2024-10-15T12:58:51.050000
@ -265552,6 +265558,7 @@ CVE-2024-9515,0,0,b319f60f83e92c55aa0a25714009b76d6e0da4210ce3c744b2eab53a0f6a8b
CVE-2024-9518,0,0,f447c904357b5163990d2137b373a895756d6633f7b2422e2f067d90be1f5d20,2024-10-15T14:25:58.540000
CVE-2024-9519,0,0,2bb44dd736fdc130a04995624f7dece0b5eecdbbfca83c65536d849a586e0473,2024-10-15T14:26:26.417000
CVE-2024-9520,0,0,043b00f2bf4932488b29ee05bd55762d90704159cb97bf4c710160da6d129691,2024-10-15T14:34:59.660000
CVE-2024-9521,1,1,1dc559d16c273006c07148f4f1657ef31c627943d0d20f9d1c3482b437f98bc5,2024-10-16T02:15:07.280000
CVE-2024-9522,0,0,884c9004d667a145fae3b3526c4cb56c9d9a1365bd2a57b2af580c0e3b9c19a1,2024-10-15T14:27:41.553000
CVE-2024-9528,0,0,ad76266403ba94311c1f58d7258b765d914c39ddcd1148706c2e05f82ca92e87,2024-10-07T17:48:28.117000
CVE-2024-9532,0,0,b7f2aba05edad35ecf41f43ec9640effe332d3189a3ed38d97f2bf49866ac50d,2024-10-09T11:18:49.027000
@ -265608,12 +265615,16 @@ CVE-2024-9620,0,0,6bab3b47a8124e2f6e45a39c3f1a067698db02be0764fadf48434470b2bdf7
CVE-2024-9621,0,0,9e376b0f3dfa34027ae088e771a22694180917eee238e690ac2f4896caf46a6b,2024-10-10T12:56:30.817000
CVE-2024-9622,0,0,616f2c897f0ea8915fa743288697302d927eccd4a4b981ffaaf2224bd032869d,2024-10-10T12:56:30.817000
CVE-2024-9623,0,0,3386578fca7f2c1b9b8b4f00f8a9cc0d38eb476692ac8c36aa3c531d95d34930,2024-10-10T12:51:56.987000
CVE-2024-9634,1,1,89a33e850410bb005426359622dc78d62b7625b5becf8143e6512ef9d4a33292,2024-10-16T02:15:07.487000
CVE-2024-9647,1,1,3a4ce7742091d4f0971c78ba090d78cdf24b9a54c0008524d96a2f20d0e833ef,2024-10-16T02:15:07.700000
CVE-2024-9649,1,1,6fb828613fd3bd2abc31be584c62fc00afcca3740be7617b3b899ee3d94c482b,2024-10-16T02:15:07.917000
CVE-2024-9652,1,1,2021eedac404bb4807ddc263072fea35f312e1387d7bf135a81969fbe0c79d1e,2024-10-16T02:15:08.127000
CVE-2024-9656,0,0,0baa2843f7043c4ebd829d23f2741f972b762b755442a0f0f83539eb7761035b,2024-10-15T12:57:46.880000
CVE-2024-9670,0,0,f306c0fbbcbde1e6a65006fd3bdd50d366f02be816ff2a6f00ef3348b3b76328,2024-10-15T12:57:46.880000
CVE-2024-9671,0,0,421f1b0ad6825ff096efd81ac122f33bafcdf7b21693a85f65613389bca55f89,2024-10-10T12:51:56.987000
CVE-2024-9675,0,0,cd830de46e01fce71654106f4dc61863debb474230c2cb4969fc123764df58c7,2024-10-10T12:51:56.987000
CVE-2024-9676,0,0,903e6d5f02c4a43f5c3ca99775f28e93c82e9a2cb492044d1a2fbd884a874cfd,2024-10-15T21:15:11.990000
CVE-2024-9680,0,1,48f354d378a329e6afc954413a712707f008b827be10450a941140c974afcab5,2024-10-16T01:00:01.723000
CVE-2024-9680,0,0,48f354d378a329e6afc954413a712707f008b827be10450a941140c974afcab5,2024-10-16T01:00:01.723000
CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000
CVE-2024-9687,0,0,892b3ec492b9f76dc48c1c64fed3d122004a3f16f1ff48bd4dbf12570db9abe9,2024-10-15T12:57:46.880000
CVE-2024-9696,0,0,78e7cb06b620e1544d9c6811ae0c44cf981cc195d0067b351c711666292c356e,2024-10-15T12:57:46.880000
@ -265668,6 +265679,7 @@ CVE-2024-9856,0,0,531963d8959dcaa0b68edaa5a63ce972541a941d9ad2303b1c288946d989ee
CVE-2024-9859,0,0,144046db89cc7a1614c278bf90f5b4cc56b3ffdbde195acab46c61c2bc1b4092,2024-10-15T19:35:46.273000
CVE-2024-9860,0,0,5146b7a0224d680f933516d3f319e5a1a7abd782ae32358fb855e1c62c4df555,2024-10-15T12:57:46.880000
CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000
CVE-2024-9891,1,1,4c8a9a58887e98726942bc0a2fd35c0c88241c217c7fd52663f3ef69115d2406,2024-10-16T02:15:08.333000
CVE-2024-9894,0,0,14c1a187244ef98f70dad85c66b4e9e50b1523e45b13c684f05d8920a1d43b87,2024-10-15T12:57:46.880000
CVE-2024-9895,0,0,1804aadc601cefc0a637c4245324ad03665b7298686ff057930daf35aa0b9bfa,2024-10-15T12:57:46.880000
CVE-2024-9903,0,0,244e0ad624c75743e190bc7da6a1b45fe195aaf738d59f8decfde97c8722448f,2024-10-15T12:57:46.880000

Can't render this file because it is too large.