From 39c208b358e60135583cd6999d9d5d43e461eb8e Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 17 Oct 2024 12:03:23 +0000 Subject: [PATCH] Auto-Update: 2024-10-17T12:00:22.907012+00:00 --- CVE-2023/CVE-2023-455xx/CVE-2023-45593.json | 4 +- CVE-2023/CVE-2023-455xx/CVE-2023-45596.json | 4 +- CVE-2023/CVE-2023-455xx/CVE-2023-45598.json | 4 +- CVE-2024/CVE-2024-100xx/CVE-2024-10025.json | 76 +++++++++++ CVE-2024/CVE-2024-100xx/CVE-2024-10068.json | 133 ++++++++++++++++++++ CVE-2024/CVE-2024-457xx/CVE-2024-45713.json | 56 +++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49386.json | 56 +++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49389.json | 56 +++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49390.json | 56 +++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49391.json | 56 +++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49392.json | 56 +++++++++ CVE-2024/CVE-2024-89xx/CVE-2024-8920.json | 72 +++++++++++ CVE-2024/CVE-2024-91xx/CVE-2024-9184.json | 72 +++++++++++ CVE-2024/CVE-2024-98xx/CVE-2024-9898.json | 72 +++++++++++ README.md | 28 +++-- _state.csv | 25 ++-- 16 files changed, 804 insertions(+), 22 deletions(-) create mode 100644 CVE-2024/CVE-2024-100xx/CVE-2024-10025.json create mode 100644 CVE-2024/CVE-2024-100xx/CVE-2024-10068.json create mode 100644 CVE-2024/CVE-2024-457xx/CVE-2024-45713.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49386.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49389.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49390.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49391.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49392.json create mode 100644 CVE-2024/CVE-2024-89xx/CVE-2024-8920.json create mode 100644 CVE-2024/CVE-2024-91xx/CVE-2024-9184.json create mode 100644 CVE-2024/CVE-2024-98xx/CVE-2024-9898.json diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45593.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45593.json index 73136be62f7..6714d69fb78 100644 --- a/CVE-2023/CVE-2023-455xx/CVE-2023-45593.json +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45593.json @@ -2,13 +2,13 @@ "id": "CVE-2023-45593", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-03-05T12:15:46.213", - "lastModified": "2024-09-30T10:15:03.793", + "lastModified": "2024-10-17T10:15:02.323", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A CWE-693 \u201cProtection Mechanism Failure\u201d vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than \u201c http://localhost\u201d ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2." + "value": "A CWE-184 \u201cIncomplete List of Disallowed Inputs\u201d vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than \u201c http://localhost\u201d ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45596.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45596.json index 0c627199d07..18719f8182d 100644 --- a/CVE-2023/CVE-2023-455xx/CVE-2023-45596.json +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45596.json @@ -2,13 +2,13 @@ "id": "CVE-2023-45596", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-03-05T12:15:46.913", - "lastModified": "2024-09-30T10:15:03.923", + "lastModified": "2024-10-17T10:15:02.930", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A CWE-862 \u201cMissing Authorization\u201d vulnerability in the \u201cfile_configuration\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2." + "value": "A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d vulnerability in the \u201cfile_configuration\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45598.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45598.json index 4b76f8994a4..a1f74a8d582 100644 --- a/CVE-2023/CVE-2023-455xx/CVE-2023-45598.json +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45598.json @@ -2,13 +2,13 @@ "id": "CVE-2023-45598", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2024-03-05T12:15:47.277", - "lastModified": "2024-09-30T10:15:04.030", + "lastModified": "2024-10-17T10:15:03.030", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A CWE-862 \u201cMissing Authorization\u201d vulnerability in the \u201cmeasure\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2." + "value": "A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d vulnerability in the \u201cmeasure\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-100xx/CVE-2024-10025.json b/CVE-2024/CVE-2024-100xx/CVE-2024-10025.json new file mode 100644 index 00000000000..ca93e2b7465 --- /dev/null +++ b/CVE-2024/CVE-2024-100xx/CVE-2024-10025.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-10025", + "sourceIdentifier": "psirt@sick.de", + "published": "2024-10-17T10:15:03.127", + "lastModified": "2024-10-17T10:15:03.127", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an \u201cAuthorized Client\u201d if the customer has not changed the default password." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "references": [ + { + "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + }, + { + "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", + "source": "psirt@sick.de" + }, + { + "url": "https://www.first.org/cvss/calculator/3.1", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.json", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.pdf", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-100xx/CVE-2024-10068.json b/CVE-2024/CVE-2024-100xx/CVE-2024-10068.json new file mode 100644 index 00000000000..44b6b3d9e0d --- /dev/null +++ b/CVE-2024/CVE-2024-100xx/CVE-2024-10068.json @@ -0,0 +1,133 @@ +{ + "id": "CVE-2024-10068", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-17T11:15:10.390", + "lastModified": "2024-10-17T11:15:10.390", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.5, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 6.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 3.1, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.280716", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.280716", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.419684", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45713.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45713.json new file mode 100644 index 00000000000..00f5959d2af --- /dev/null +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45713.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-45713", + "sourceIdentifier": "psirt@solarwinds.com", + "published": "2024-10-17T11:15:10.850", + "lastModified": "2024-10-17T11:15:10.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non-default setting has been enabled for troubleshooting purposes." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@solarwinds.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@solarwinds.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "references": [ + { + "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45713", + "source": "psirt@solarwinds.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49386.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49386.json new file mode 100644 index 00000000000..135b8de93cb --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49386.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49386", + "sourceIdentifier": "security@acronis.com", + "published": "2024-10-17T10:15:03.547", + "lastModified": "2024-10-17T10:15:03.547", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@acronis.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@acronis.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-359" + } + ] + } + ], + "references": [ + { + "url": "https://security-advisory.acronis.com/advisories/SEC-5129", + "source": "security@acronis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49389.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49389.json new file mode 100644 index 00000000000..3486794d7c5 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49389.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49389", + "sourceIdentifier": "security@acronis.com", + "published": "2024-10-17T10:15:03.813", + "lastModified": "2024-10-17T10:15:03.813", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@acronis.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@acronis.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://security-advisory.acronis.com/advisories/SEC-5319", + "source": "security@acronis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49390.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49390.json new file mode 100644 index 00000000000..65a74d00333 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49390.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49390", + "sourceIdentifier": "security@acronis.com", + "published": "2024-10-17T10:15:04.017", + "lastModified": "2024-10-17T10:15:04.017", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@acronis.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@acronis.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "references": [ + { + "url": "https://security-advisory.acronis.com/advisories/SEC-5845", + "source": "security@acronis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49391.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49391.json new file mode 100644 index 00000000000..24c57490ff3 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49391.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49391", + "sourceIdentifier": "security@acronis.com", + "published": "2024-10-17T10:15:04.193", + "lastModified": "2024-10-17T10:15:04.193", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@acronis.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@acronis.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "references": [ + { + "url": "https://security-advisory.acronis.com/advisories/SEC-7220", + "source": "security@acronis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49392.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49392.json new file mode 100644 index 00000000000..f6bd92c35a9 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49392.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49392", + "sourceIdentifier": "security@acronis.com", + "published": "2024-10-17T10:15:04.383", + "lastModified": "2024-10-17T10:15:04.383", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@acronis.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@acronis.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://security-advisory.acronis.com/advisories/SEC-7554", + "source": "security@acronis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-89xx/CVE-2024-8920.json b/CVE-2024/CVE-2024-89xx/CVE-2024-8920.json new file mode 100644 index 00000000000..021bef99f1b --- /dev/null +++ b/CVE-2024/CVE-2024-89xx/CVE-2024-8920.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-8920", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-17T10:15:04.580", + "lastModified": "2024-10-17T10:15:04.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Fonto \u2013 Custom Web Fonts Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/fonto/trunk/includes/class-fonto.php#L373", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3169936/", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3169936/#file2", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/fonto/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/358be91d-cb00-429b-a4ed-69bf81e4d19e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9184.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9184.json new file mode 100644 index 00000000000..c0b48531f9d --- /dev/null +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9184.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-9184", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-17T10:15:04.803", + "lastModified": "2024-10-17T10:15:04.803", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The SendPulse Free Web Push plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.6 due to incorrect use of the wp_kses_allowed_html function. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento SendPulse Free Web Push para WordPress es vulnerable a Cross-Site Scripting Almacenado en todas las versiones hasta la 1.3.6 incluida debido al uso incorrecto de la funci\u00f3n wp_kses_allowed_html. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/sendpulse-web-push/trunk/settings.php#L10", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3169899/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/sendpulse-web-push/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74831bf8-0a30-4758-bfe6-5a5b4ee7ec24?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9898.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9898.json new file mode 100644 index 00000000000..abe9baa548f --- /dev/null +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9898.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-9898", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-17T11:15:11.087", + "lastModified": "2024-10-17T11:15:11.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dd-parallax shortcode in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/parallax-image/trunk/assets/shortcode.php#L145", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3170176/", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3170176/#file16", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/parallax-image/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57641366-85d3-4375-8cde-041227c9f811?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f3f3a857684..9db7cea4e65 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-17T10:00:49.019799+00:00 +2024-10-17T12:00:22.907012+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-17T08:15:03.040000+00:00 +2024-10-17T11:15:11.087000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -265933 +265944 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `11` -- [CVE-2024-3184](CVE-2024/CVE-2024-31xx/CVE-2024-3184.json) (`2024-10-17T08:15:01.950`) -- [CVE-2024-3186](CVE-2024/CVE-2024-31xx/CVE-2024-3186.json) (`2024-10-17T08:15:02.453`) -- [CVE-2024-3187](CVE-2024/CVE-2024-31xx/CVE-2024-3187.json) (`2024-10-17T08:15:02.760`) -- [CVE-2024-9951](CVE-2024/CVE-2024-99xx/CVE-2024-9951.json) (`2024-10-17T08:15:03.040`) +- [CVE-2024-10025](CVE-2024/CVE-2024-100xx/CVE-2024-10025.json) (`2024-10-17T10:15:03.127`) +- [CVE-2024-10068](CVE-2024/CVE-2024-100xx/CVE-2024-10068.json) (`2024-10-17T11:15:10.390`) +- [CVE-2024-45713](CVE-2024/CVE-2024-457xx/CVE-2024-45713.json) (`2024-10-17T11:15:10.850`) +- [CVE-2024-49386](CVE-2024/CVE-2024-493xx/CVE-2024-49386.json) (`2024-10-17T10:15:03.547`) +- [CVE-2024-49389](CVE-2024/CVE-2024-493xx/CVE-2024-49389.json) (`2024-10-17T10:15:03.813`) +- [CVE-2024-49390](CVE-2024/CVE-2024-493xx/CVE-2024-49390.json) (`2024-10-17T10:15:04.017`) +- [CVE-2024-49391](CVE-2024/CVE-2024-493xx/CVE-2024-49391.json) (`2024-10-17T10:15:04.193`) +- [CVE-2024-49392](CVE-2024/CVE-2024-493xx/CVE-2024-49392.json) (`2024-10-17T10:15:04.383`) +- [CVE-2024-8920](CVE-2024/CVE-2024-89xx/CVE-2024-8920.json) (`2024-10-17T10:15:04.580`) +- [CVE-2024-9184](CVE-2024/CVE-2024-91xx/CVE-2024-9184.json) (`2024-10-17T10:15:04.803`) +- [CVE-2024-9898](CVE-2024/CVE-2024-98xx/CVE-2024-9898.json) (`2024-10-17T11:15:11.087`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `3` +- [CVE-2023-45593](CVE-2023/CVE-2023-455xx/CVE-2023-45593.json) (`2024-10-17T10:15:02.323`) +- [CVE-2023-45596](CVE-2023/CVE-2023-455xx/CVE-2023-45596.json) (`2024-10-17T10:15:02.930`) +- [CVE-2023-45598](CVE-2023/CVE-2023-455xx/CVE-2023-45598.json) (`2024-10-17T10:15:03.030`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 26aa5bd884a..7d5c5756b74 100644 --- a/_state.csv +++ b/_state.csv @@ -234177,12 +234177,12 @@ CVE-2023-4559,0,0,72279ca2cfab6cd57c9fd704465552b3f96b18e016e80ed280e6b57992704f CVE-2023-45590,0,0,395cef5e7face59cb12e60aa86968e30b836e974c0902f8b616a140e25f389c2,2024-04-10T13:24:22.187000 CVE-2023-45591,0,0,cf9e6a9dffe366c3a101b8946fe672bc4bfd64f91dde328a27c0abc9ecef2a60,2024-03-05T13:41:01.900000 CVE-2023-45592,0,0,d0d9e890692c9d2f672638432172eb4b39935c3ec25ecd02679746861a491ed7,2024-03-05T13:41:01.900000 -CVE-2023-45593,0,0,9b3e59ac8fb9b9515ab4b530a69031ffe74aed1a142eccdbc0f09f9eb0dd95b9,2024-09-30T10:15:03.793000 +CVE-2023-45593,0,1,4d4014bf7cebebe595c19fcbec3e75beba48073c1a59cb12555bbefc25c19dcc,2024-10-17T10:15:02.323000 CVE-2023-45594,0,0,b0393b56950f0e428e7f32464ae14b00c9d8d573fb1c945ee040adcbe0cae423,2024-03-05T13:41:01.900000 CVE-2023-45595,0,0,97fdab9361adba6ff516a722307aaf80ac25532bbb8a65ce7e8016865b5b4335,2024-03-05T13:41:01.900000 -CVE-2023-45596,0,0,e469222c135c33756911c57612712f77eded7e56fab79dfb44e37b40da9f4170,2024-09-30T10:15:03.923000 +CVE-2023-45596,0,1,f6526d811f59ab1f5d8bf8e0687a80028582194ee2678ff2d3ad4995f8faec8c,2024-10-17T10:15:02.930000 CVE-2023-45597,0,0,6eda7e849c9a4bdd69829985d8c92fa15c239c694799c3f0f4136c981201e30d,2024-03-05T13:41:01.900000 -CVE-2023-45598,0,0,faaa3ca0d423a0062557b3f3c3cd9eff1a811c4f45ca838ddb9c58dd5acf6198,2024-09-30T10:15:04.030000 +CVE-2023-45598,0,1,0b54371329cc3f857f4923966c54422f03169d9844a43c0912713bacc27d1d05,2024-10-17T10:15:03.030000 CVE-2023-45599,0,0,a63a7d7517b98ea5bbcba86a530677f32fda9d14b1e6ff868e28e88d7ec0b249,2024-03-05T13:41:01.900000 CVE-2023-4560,0,0,c374d73c6512c9198ae07844b4a0a2f3fca9714a1a09bfcdc42777875b8a378f,2023-08-29T16:26:23.543000 CVE-2023-45600,0,0,fd93772078d54879fff3d7d0b2d712b79d029619c10d19ec9c5685e5f21f76db,2024-03-05T13:41:01.900000 @@ -242217,11 +242217,13 @@ CVE-2024-10021,0,0,a6b17344f3b8ed69b69af1e4c8072f0ea15408a02fd5537c80b963512d697 CVE-2024-10022,0,0,0168cd514401d1be0e849bc27c7e2e366e37ce97ce04620f3f8d342cf2b43281,2024-10-16T16:38:14.557000 CVE-2024-10023,0,0,db54ebd532d797f8c44fbc00efc10b60040113385b1a36843228c76d3987b972,2024-10-16T16:38:14.557000 CVE-2024-10024,0,0,011fb00487d29d1b355fb7ab9e71d1875a267d231fe8021bcbf0d20089aa0bde,2024-10-16T16:38:14.557000 +CVE-2024-10025,1,1,a657e3a6cd20a3590296015914b590551c8ff06d45d4d15847982a0af5da7204,2024-10-17T10:15:03.127000 CVE-2024-1003,0,0,5577a6ad54fba7e1e984add6f75aca7e6ad73817623f9ed150fa33b583cd3fae,2024-05-17T02:35:09.147000 CVE-2024-10033,0,0,5f5fac31bbbb873ca41babce49ba5085a90c023337e2ffcbb5946f7099ac45c0,2024-10-16T17:15:13.267000 CVE-2024-1004,0,0,be9a3a60f238fd673f4d3f1f166af1f9400f4582d193359c16f232ef2b1c02fa,2024-05-17T02:35:09.263000 CVE-2024-1005,0,0,1191b4a20d5b719ff3ba58b8e13bb4278d19f2133e7221e782230a58acb2d18f,2024-05-17T02:35:09.367000 CVE-2024-1006,0,0,fe82f3d0065ffa9f2a59eb5b63e144d9442dc24b73dc23626043d548cf903e88,2024-05-17T02:35:09.467000 +CVE-2024-10068,1,1,edeccdb97d27b9416725ed62091d877abbfc4b3e48df84d0f4d49ab4425c3361,2024-10-17T11:15:10.390000 CVE-2024-1007,0,0,bb97efced7fb486712fbb95488bae5086c8742bff2dc7feb7593b966188b1cd7,2024-05-17T02:35:09.577000 CVE-2024-1008,0,0,a9b7d9e2e828ed74dc3f97aef993fcfdb7b13561fd219152455ff7524c8067cd,2024-05-17T02:35:09.680000 CVE-2024-1009,0,0,97af4237278897e4de60a52c929ac5642d8b709167b278dc1af6a70d4d177e3b,2024-05-17T02:35:09.780000 @@ -251751,7 +251753,7 @@ CVE-2024-3183,0,0,0492ca93cdfb91fe06164185f64dfd6e79760054d26b360873216c2809fc0f CVE-2024-31835,0,0,58e83917145b00ad31bbd42e3b16abd2000b8d2042437957db54dd413137311c,2024-10-07T18:55:10.790000 CVE-2024-31837,0,0,d4b11924eb0f296c66c4011d26e3c8d35fd7f17f46fa8fcc1ff3c6feb008909a,2024-04-30T13:11:16.690000 CVE-2024-31839,0,0,245f03de749181e8cafb68397f015c580f5b17ce16f6f34c9de9bdd347018299,2024-07-08T14:18:26.223000 -CVE-2024-3184,1,1,109839adb9080b787f52e62639b70d959f7b4b5a0f7f3eb18e5cd02422d32db8,2024-10-17T08:15:01.950000 +CVE-2024-3184,0,0,109839adb9080b787f52e62639b70d959f7b4b5a0f7f3eb18e5cd02422d32db8,2024-10-17T08:15:01.950000 CVE-2024-31840,0,0,2a239ae6429f1e619b6ab41616165b617110dec5fa8e072accfd9e1f9e2b5f58,2024-07-26T19:12:02.190000 CVE-2024-31841,0,0,122a5c411034bfc4d48419a4ff14723715ac5ca83b5477dbeb8228548b367d99,2024-07-03T01:55:27.077000 CVE-2024-31842,0,0,04e10fa9b560356ffd7bccf7ebe292e92dabaedcaa77c700f62b5c2b3a2314dd,2024-09-13T14:05:23.367000 @@ -251769,7 +251771,7 @@ CVE-2024-31852,0,0,05df9e5d1e1855c684901a0f2256bf744f516ff5583847e1514009f87c86b CVE-2024-31856,0,0,5b17ff56b891e28d61d399fcd31dbd56e16c04a63e50007a8b07a5f126fa07a3,2024-05-16T13:03:05.353000 CVE-2024-31857,0,0,b57daea1515042b1254b11fea9a109934d9eaeaf743c5e6b1d4482216f0f52dd,2024-07-03T01:55:30.363000 CVE-2024-31859,0,0,c7e4bf86d17f8d38f3b896e8ada50cd27745133fc837be8a4aeca253b15d0e96,2024-05-28T12:39:42.673000 -CVE-2024-3186,1,1,ba13138a8f95a5ecef796c7a07709d40e27e3fd3db33895cdb5491ee46f632c2,2024-10-17T08:15:02.453000 +CVE-2024-3186,0,0,ba13138a8f95a5ecef796c7a07709d40e27e3fd3db33895cdb5491ee46f632c2,2024-10-17T08:15:02.453000 CVE-2024-31860,0,0,0c85f33d3dadfb2fd0d5a6f2d0ed9d9d75da9aaa685f77a3492d74d36fbf93e1,2024-07-03T01:55:31.267000 CVE-2024-31861,0,0,7e520905222b40b184cd37e76ba3749bb6aceca828ca7e9efda91954bb808b66,2024-06-21T10:15:11.757000 CVE-2024-31862,0,0,3f16a6d9612f966306ce7a67b229ce3867519147d68464f4271e3881457a5a98,2024-08-21T15:35:07.937000 @@ -251780,7 +251782,7 @@ CVE-2024-31866,0,0,4d372d14b7807ced8e821f43a5c883c03fa5dbca9edfba0af795f01513fe3 CVE-2024-31867,0,0,7c90191082994197ce09c1b6019992176f2d76072856e8d65beb1a7b6ded7916,2024-05-01T18:15:23.740000 CVE-2024-31868,0,0,703c16597751f17fba32c3b61a2e58921496411599e95e2472502f1bbb33ada3,2024-10-03T13:15:14.833000 CVE-2024-31869,0,0,683e8c771fda682074fc448ea32be7db8fcec1e782121eb87243bff930796032,2024-05-01T18:15:23.843000 -CVE-2024-3187,1,1,674e932e3a00f5d068b48c0c107492550abc02c54a93c15ad68d0170342445b3,2024-10-17T08:15:02.760000 +CVE-2024-3187,0,0,674e932e3a00f5d068b48c0c107492550abc02c54a93c15ad68d0170342445b3,2024-10-17T08:15:02.760000 CVE-2024-31870,0,0,089cc53c4c4bda98698ee28fa3173d546c896f43008726ca3e29a627fc47e14b,2024-08-01T20:37:52.127000 CVE-2024-31871,0,0,e284e485f6f33109f328b7bdefb50066e4ae8d799f85dfa5af29de93c8e9ffe1,2024-04-10T19:49:51.183000 CVE-2024-31872,0,0,3db97c936d679b09f7c0cbcf4407389ec3057292bdc2f2624578bc78bf289dfb,2024-09-20T20:15:05.120000 @@ -260910,6 +260912,7 @@ CVE-2024-4570,0,0,c1cc5ae154200d1c8cbc554d2bd91b7f0d0e2fb1c25faf550303ad23eb2c10 CVE-2024-4571,0,0,76823bb120333d1d68e24e57a18868a62bd826931cb118db3f1630877d1250ae,2024-05-14T15:44:05.750000 CVE-2024-45710,0,0,48beaeb67d0c1d06dc62433cdcd6c44cd533da6f6df2eea2b2bc23988485e966,2024-10-16T16:38:14.557000 CVE-2024-45711,0,0,19c54833e15f093148fee6da8fb4f01e4e5c3f6c0710fc303f880a75fe725a5f,2024-10-16T16:38:14.557000 +CVE-2024-45713,1,1,73d370cf3c5f1b6458f547b408d00ac34dfd405116e79a0b7e6a15b32bb06e53,2024-10-17T11:15:10.850000 CVE-2024-45714,0,0,05df79781d57cb807340d58e5fdb395e7ff3d312e0246779106a95480e9b6b3d,2024-10-16T16:38:14.557000 CVE-2024-45715,0,0,6eeb77978f0221f2d797c4955663560bb5f3c3e2030f7e99dea779f5ed5a3be9,2024-10-16T16:38:14.557000 CVE-2024-4572,0,0,6754f54e88e479a744a4367c8d1d2577fd697a90d0783dabcb9fc508df61090e,2024-05-14T15:44:06.153000 @@ -262264,9 +262267,14 @@ CVE-2024-4936,0,0,51b2c41822c3ce01e84bd55c02328ac3499013d52d632d2af56d406c35d5a6 CVE-2024-49382,0,0,cd14c2989a948ff9829f4d119b31d603af2c2c459b5f5d9afd11a73e5c1e5fec,2024-10-16T13:53:45.860000 CVE-2024-49383,0,0,8836e7d175d405b86f6d0105b03c4862827296be5b39fe5cde78189dfe892bb0,2024-10-16T13:53:04.380000 CVE-2024-49384,0,0,3ee9c94c4e7d62f73d98e9003a41428dea707c45ee737dda67404986a9c936b6,2024-10-16T13:52:19.317000 +CVE-2024-49386,1,1,88d9ef750dafb5b0f1e1bf92226ed563cc54a08fee3c6b0ca6a1a098368c9965,2024-10-17T10:15:03.547000 CVE-2024-49387,0,0,e70e4e295fee330a123c323f35cb15d527d316ee3f5221af871424ea3c5d431e,2024-10-16T13:58:39.297000 CVE-2024-49388,0,0,5d13081edde105848217330e8cc20460dfb42c426e8875787362e8bb17013386,2024-10-16T13:57:58.383000 +CVE-2024-49389,1,1,e83feddbdc89b6405989836b09f90867e5ac56892252dc8494b48677a3312aec,2024-10-17T10:15:03.813000 CVE-2024-4939,0,0,02ebdbdecbb04fb797cb0e62af7790a7212959b717e5fa68d9d371341b4150c3,2024-06-11T17:08:33.350000 +CVE-2024-49390,1,1,6baca18107f5cc533462346f5acbf1d2e9fe0404228790e24f98327c0b77b783,2024-10-17T10:15:04.017000 +CVE-2024-49391,1,1,3d70f3e9114e855c995af50156d159f84f68373950b34c51d590b42839188113,2024-10-17T10:15:04.193000 +CVE-2024-49392,1,1,d968d38be803f577b28f3ec92283081c0c3e6e79ceb6cb184c7b99e1105fe4a8,2024-10-17T10:15:04.383000 CVE-2024-4940,0,0,4accffc853c801fe14d0f801549945291e8d9583e559383dea39b767fc7e6ff0,2024-06-24T12:57:36.513000 CVE-2024-4941,0,0,4a44b53eeef21b9bcc4a70f0f12e019011a282ac818fbf5410cd9bce445ce09d,2024-10-09T16:24:24.433000 CVE-2024-4942,0,0,ec40ecb2c6f2c92030124cf4a899658443926a41ec90982de736f0fdfba6bcb7,2024-07-23T21:09:15.900000 @@ -265424,6 +265432,7 @@ CVE-2024-8915,0,0,80988e61f2deb23ce0d3db6a9db0275f7f6c7eec9c9b53e27317ff9faa29da CVE-2024-8917,0,0,32a69b030ac61cd4e144a233fc55362cc6115ccb6ecca5ec236644320a2aecf1,2024-09-30T14:30:38.687000 CVE-2024-8918,0,0,a139fa98c762213efbc8dcac6978c26e1be1ed82aa4c6eeed1f671b900ced8c7,2024-10-16T16:38:14.557000 CVE-2024-8919,0,0,e01b61fd584c4fffdfd8e5db7a09e1be1033f5c7df5b5418d10948726a2bc540,2024-09-30T15:08:14.077000 +CVE-2024-8920,1,1,53c655c6d8a52f85bf37b964563db2a6df3b60cec3ba9d6a8f0ac48ff6d579c7,2024-10-17T10:15:04.580000 CVE-2024-8921,0,0,284c01e369230b6750ee6b9940d65eaadc6d5f92caf4598fee3000ae2f72d29e,2024-10-16T16:38:14.557000 CVE-2024-8922,0,0,8e0e34187cf2453e3fbc920fc9b2ec5c27a6978605c90cb2daa5d0ef90213fbe,2024-10-04T19:11:47.217000 CVE-2024-8925,0,0,7b6e4b4e016d861119aaef8d6752703732a07441653d2fc6f49b309099d5a5d4,2024-10-16T18:53:39.957000 @@ -265575,6 +265584,7 @@ CVE-2024-9173,0,0,35b89a81311ca677fe554b85f50232d9274c2631e7208ee1d074802a8dbdb5 CVE-2024-9174,0,0,70fba8b83f62f6c4709cde03a07baa90e2b7205b145527e48fd4fbdcbf5b21e3,2024-10-04T13:50:43.727000 CVE-2024-9177,0,0,c4277901c0a37ba57d19438c33c0231133f774b6681a96af5a3a31a338af68ef,2024-10-03T14:32:46.150000 CVE-2024-9180,0,0,f5e0821b2debc3c255056411f9bf179456f8a11955388738e100a69bfcad1cdd,2024-10-15T12:58:51.050000 +CVE-2024-9184,1,1,4a2eda2c8bf304ed9e2d3075b2ede5c625318482c442536cd4f36538a0766de8,2024-10-17T10:15:04.803000 CVE-2024-9187,0,0,ec7d5f1d630d180582cea6b34ef03e6ee8cc268d8686e0a61f71186e80a87f38,2024-10-15T12:57:46.880000 CVE-2024-9189,0,0,589dc859bd1b4dfe4aefe62d286159acb6f430185a125dd81b1568310ee1bb88,2024-10-03T17:26:19.397000 CVE-2024-9194,0,0,94d0f5f267ad180c0cf40bc9b87cc59bf3002f59241057e5b89ba1ec25bacf82,2024-10-04T13:51:25.567000 @@ -265873,6 +265883,7 @@ CVE-2024-9891,0,0,53ec4da3ba927732190105b9993cdfaefd46788f3c82dc582d229482b0eb1f CVE-2024-9893,0,0,426d02de035749f6abb2956fee210a61cbcd97da25fe8818e92240a83b0a6b07,2024-10-16T16:38:14.557000 CVE-2024-9894,0,0,32055c4142b72d0a3f9c19293b700e4df1192ff16d337368689045e8c50a9c33,2024-10-16T22:13:05.583000 CVE-2024-9895,0,0,1804aadc601cefc0a637c4245324ad03665b7298686ff057930daf35aa0b9bfa,2024-10-15T12:57:46.880000 +CVE-2024-9898,1,1,9484ae257cdb78184616cef75f952c665b82cb2cde3794687ff2c931e23eb0ff,2024-10-17T11:15:11.087000 CVE-2024-9903,0,0,244e0ad624c75743e190bc7da6a1b45fe195aaf738d59f8decfde97c8722448f,2024-10-15T12:57:46.880000 CVE-2024-9904,0,0,b8f5bdf1fde920247f061f9c3939c42469f53e3148abd589ac11ba36d4728079,2024-10-15T12:57:46.880000 CVE-2024-9905,0,0,09e20420cf063b331c2f2444287faaf461bdb42e483d150bc77bc6c327c543d3,2024-10-16T22:12:18.153000 @@ -265898,7 +265909,7 @@ CVE-2024-9936,0,0,9b9410743fe1ca2f5a844c24ad20043ec989ced54414fa626e93bdc74b6425 CVE-2024-9937,0,0,4e7ae54d6a9c5099857ac0a66ba44c96220fc2ab3e1844c918c371d4dbb6d38d,2024-10-16T16:38:14.557000 CVE-2024-9940,0,0,d6ec2db27c79428c0b61a7eba13119ff5d712fa59873c17ed6834010233d53cd,2024-10-17T02:15:04.277000 CVE-2024-9944,0,0,0105315be1482473acf9cccf2807cd53dd651f41a7a3739bca8c3d692de03102,2024-10-15T12:57:46.880000 -CVE-2024-9951,1,1,a8e084c90c7829b035c1b8ccb80cd348cc4d499d46375422f822d891bba697ef,2024-10-17T08:15:03.040000 +CVE-2024-9951,0,0,a8e084c90c7829b035c1b8ccb80cd348cc4d499d46375422f822d891bba697ef,2024-10-17T08:15:03.040000 CVE-2024-9952,0,0,d5c643eb1b76a39b13753ce231704557bf9fa9c82efce6d96f1e313e65eab479,2024-10-16T15:05:13.467000 CVE-2024-9953,0,0,d4420057cd6ff540e58057e827a120bd402b45b9e9ab6580a72e462bb02065ee,2024-10-15T15:15:13.660000 CVE-2024-9954,0,0,0aceca2bdabed823c6b0aded99883effe44fb9f2c345d4baec5c14dedba32864,2024-10-16T16:38:14.557000