From 3e91874454c19bf14c3c75f2c239f009126c9479 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 18 Apr 2024 12:03:28 +0000 Subject: [PATCH] Auto-Update: 2024-04-18T12:00:38.955149+00:00 --- CVE-2023/CVE-2023-36xx/CVE-2023-3675.json | 55 +++++++++++ CVE-2023/CVE-2023-478xx/CVE-2023-47843.json | 55 +++++++++++ CVE-2023/CVE-2023-497xx/CVE-2023-49768.json | 55 +++++++++++ CVE-2023/CVE-2023-508xx/CVE-2023-50885.json | 55 +++++++++++ CVE-2023/CVE-2023-68xx/CVE-2023-6892.json | 47 +++++++++ CVE-2023/CVE-2023-68xx/CVE-2023-6897.json | 47 +++++++++ CVE-2024/CVE-2024-269xx/CVE-2024-26921.json | 36 +++++++ CVE-2024/CVE-2024-28xx/CVE-2024-2833.json | 51 ++++++++++ CVE-2024/CVE-2024-290xx/CVE-2024-29003.json | 59 +++++++++++ CVE-2024/CVE-2024-312xx/CVE-2024-31229.json | 55 +++++++++++ CVE-2024/CVE-2024-321xx/CVE-2024-32126.json | 55 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32551.json | 55 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32552.json | 55 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32553.json | 55 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32554.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32556.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32558.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32559.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32560.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32561.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32562.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32563.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32564.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32565.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32566.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32567.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32568.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32569.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32570.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32571.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32572.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32573.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32574.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32575.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32576.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32577.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32578.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32579.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32580.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32581.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32582.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32583.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32584.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32585.json | 59 +++++++++++ CVE-2024/CVE-2024-325xx/CVE-2024-32586.json | 59 +++++++++++ CVE-2024/CVE-2024-326xx/CVE-2024-32600.json | 55 +++++++++++ CVE-2024/CVE-2024-326xx/CVE-2024-32602.json | 55 +++++++++++ CVE-2024/CVE-2024-326xx/CVE-2024-32604.json | 4 + CVE-2024/CVE-2024-326xx/CVE-2024-32686.json | 55 +++++++++++ CVE-2024/CVE-2024-326xx/CVE-2024-32689.json | 55 +++++++++++ CVE-2024/CVE-2024-39xx/CVE-2024-3948.json | 92 +++++++++++++++++ README.md | 63 ++++++------ _state.csv | 104 +++++++++++++++----- 53 files changed, 2988 insertions(+), 59 deletions(-) create mode 100644 CVE-2023/CVE-2023-36xx/CVE-2023-3675.json create mode 100644 CVE-2023/CVE-2023-478xx/CVE-2023-47843.json create mode 100644 CVE-2023/CVE-2023-497xx/CVE-2023-49768.json create mode 100644 CVE-2023/CVE-2023-508xx/CVE-2023-50885.json create mode 100644 CVE-2023/CVE-2023-68xx/CVE-2023-6892.json create mode 100644 CVE-2023/CVE-2023-68xx/CVE-2023-6897.json create mode 100644 CVE-2024/CVE-2024-269xx/CVE-2024-26921.json create mode 100644 CVE-2024/CVE-2024-28xx/CVE-2024-2833.json create mode 100644 CVE-2024/CVE-2024-290xx/CVE-2024-29003.json create mode 100644 CVE-2024/CVE-2024-312xx/CVE-2024-31229.json create mode 100644 CVE-2024/CVE-2024-321xx/CVE-2024-32126.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32551.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32552.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32553.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32554.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32556.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32558.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32559.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32560.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32561.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32562.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32563.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32564.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32565.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32566.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32567.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32568.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32569.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32570.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32571.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32572.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32573.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32574.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32575.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32576.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32577.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32578.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32579.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32580.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32581.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32582.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32583.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32584.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32585.json create mode 100644 CVE-2024/CVE-2024-325xx/CVE-2024-32586.json create mode 100644 CVE-2024/CVE-2024-326xx/CVE-2024-32600.json create mode 100644 CVE-2024/CVE-2024-326xx/CVE-2024-32602.json create mode 100644 CVE-2024/CVE-2024-326xx/CVE-2024-32686.json create mode 100644 CVE-2024/CVE-2024-326xx/CVE-2024-32689.json create mode 100644 CVE-2024/CVE-2024-39xx/CVE-2024-3948.json diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3675.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3675.json new file mode 100644 index 00000000000..e406b90a407 --- /dev/null +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3675.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3675", + "sourceIdentifier": "VulnerabilityReporting@secomea.com", + "published": "2024-04-18T11:15:36.370", + "lastModified": "2024-04-18T11:15:36.370", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Secomea GateManager (Web GUI) allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "VulnerabilityReporting@secomea.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "VulnerabilityReporting@secomea.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://www.secomea.com/support/cybersecurity-advisory", + "source": "VulnerabilityReporting@secomea.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-478xx/CVE-2023-47843.json b/CVE-2023/CVE-2023-478xx/CVE-2023-47843.json new file mode 100644 index 00000000000..d9f1e55e9ff --- /dev/null +++ b/CVE-2023/CVE-2023-478xx/CVE-2023-47843.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-47843", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:36.580", + "lastModified": "2024-04-18T11:15:36.580", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/catablog/wordpress-catablog-plugin-1-7-0-arbitrary-file-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49768.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49768.json new file mode 100644 index 00000000000..141f1785043 --- /dev/null +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49768.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-49768", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:36.807", + "lastModified": "2024-04-18T11:15:36.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a through 2.0.10.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/formassembly-web-forms/wordpress-wp-formassembly-plugin-2-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50885.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50885.json new file mode 100644 index 00000000000..136a1e8c1f6 --- /dev/null +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50885.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-50885", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:37.003", + "lastModified": "2024-04-18T11:15:37.003", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AGILELOGIX Store Locator WordPress.This issue affects Store Locator WordPress: from n/a through 1.4.14.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/agile-store-locator/wordpress-store-locator-wordpress-plugin-1-4-14-arbitrary-file-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6892.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6892.json new file mode 100644 index 00000000000..207b3f88236 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6892.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6892", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-04-18T11:15:37.187", + "lastModified": "2024-04-18T11:15:37.187", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The EAN for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'alg_wc_ean_product_meta' shortcode in all versions up to, and including, 4.8.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d798406b-2b7f-4ca0-8d05-8aff4bf44dd8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6897.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6897.json new file mode 100644 index 00000000000..8d98dc26f45 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6897.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6897", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-04-18T11:15:37.350", + "lastModified": "2024-04-18T11:15:37.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-269xx/CVE-2024-26921.json b/CVE-2024/CVE-2024-269xx/CVE-2024-26921.json new file mode 100644 index 00000000000..3f87da0bfcf --- /dev/null +++ b/CVE-2024/CVE-2024-269xx/CVE-2024-26921.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2024-26921", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-04-18T10:15:07.740", + "lastModified": "2024-04-18T10:15:07.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb->sk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb->sk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead->sk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff->sk member, we must move the\noffset into the FRAG_CB, else skb->sk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won't continue past reasm engine.\n\nIn the latter case, we will steal the skb->sk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: inet: inet_defrag: evita la liberaci\u00f3n de sk mientras a\u00fan est\u00e1 en uso ip_local_out() y otras funciones pueden pasar skb->sk como argumento de funci\u00f3n. Si el skb es un fragmento y el reensamblaje ocurre antes de que regrese dicha llamada a la funci\u00f3n, el sk no debe liberarse. Esto afecta a los fragmentos de skb reensamblados mediante netfilter o m\u00f3dulos similares, por ejemplo, openvswitch o ct_act.c, cuando se ejecutan como parte de la canalizaci\u00f3n tx. Eric Dumazet hizo un an\u00e1lisis inicial de este error. Citando a Eric: Llamar a ip_defrag() en la ruta de salida tambi\u00e9n implica skb_orphan(), lo cual tiene errores porque la ruta de salida depende de que sk no desaparezca. Un parche antiguo relevante sobre el problema era: 8282f27449bf (\"inet: frag: Siempre skbs hu\u00e9rfanos dentro de ip_defrag()\") [..] net/ipv4/ip_output.c depende de que skb->sk est\u00e9 configurado, y probablemente en un inet socket, no uno arbitrario. Si dejamos el paquete hu\u00e9rfano en ipvlan, las cosas posteriores como el programador de paquetes FQ no funcionar\u00e1n correctamente. Necesitamos cambiar ip_defrag() para usar skb_orphan() solo cuando sea realmente necesario, es decir, siempre que se vaya a usar frag_list. Eric sugiri\u00f3 guardar sk en la cola de fragmentos e hizo un parche inicial. Sin embargo, hay un problema con esto: si skb se vuelve a fragmentar inmediatamente despu\u00e9s, ip_do_fragment() copiar\u00e1 head->sk a los nuevos fragmentos y configurar\u00e1 el destructor en sock_wfree. OIA, no tenemos m\u00e1s remedio que arreglar la contabilidad de sk_wmem para reflejar el skb completamente reensamblado; de lo contrario, wmem se desbordar\u00e1. Este cambio mueve al hu\u00e9rfano hacia el n\u00facleo, hasta el \u00faltimo momento posible. Como ip_defrag_offset tiene un alias con el miembro sk_buff->sk, debemos mover el desplazamiento a FRAG_CB; de lo contrario, skb->sk ser\u00e1 golpeado. Esto permite retrasar el hu\u00e9rfano el tiempo suficiente para saber si el skb debe estar en cola o si el skb est\u00e1 completando la cola de reasm. En el primer caso, las cosas funcionan como antes, skb queda hu\u00e9rfano. Esto es seguro porque skb se pone en cola/se roba y no contin\u00faa m\u00e1s all\u00e1 del motor de reasm. En el \u00faltimo caso, robaremos la referencia skb->sk, la volveremos a adjuntar al skb principal y arreglaremos la contabilidad de wmem cuando inet_frag infle el tama\u00f1o verdadero." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/18685451fc4e546fc0e718580d32df3c0e5c8272", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/7d0567842b78390dd9b60f00f1d8f838d540e325", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e09cbe017311508c21e0739e97198a8388b98981", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f4877225313d474659ee53150ccc3d553a978727", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-28xx/CVE-2024-2833.json b/CVE-2024/CVE-2024-28xx/CVE-2024-2833.json new file mode 100644 index 00000000000..2611693f93c --- /dev/null +++ b/CVE-2024/CVE-2024-28xx/CVE-2024-2833.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-2833", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-04-18T10:15:08.690", + "lastModified": "2024-04-18T10:15:08.690", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Jobs for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018job-search\u2019 parameter in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Jobs for WordPress para WordPress es vulnerable a Cross-site Scripting Reflejado a trav\u00e9s del par\u00e1metro 'job-search' en todas las versiones hasta la 2.7.5 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3064421/job-postings/trunk/include/shortcodes/class-job-search.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6710f53-34fe-4549-9e1a-7826be74c912?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29003.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29003.json new file mode 100644 index 00000000000..4533c34126b --- /dev/null +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29003.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-29003", + "sourceIdentifier": "psirt@solarwinds.com", + "published": "2024-04-18T10:15:08.353", + "lastModified": "2024-04-18T10:15:08.353", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction. " + }, + { + "lang": "es", + "value": "La plataforma SolarWinds era susceptible a una vulnerabilidad XSS que afecta la secci\u00f3n de mapas de la interfaz de usuario. Esta vulnerabilidad requiere autenticaci\u00f3n y requiere interacci\u00f3n del usuario." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@solarwinds.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@solarwinds.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-29003", + "source": "psirt@solarwinds.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-312xx/CVE-2024-31229.json b/CVE-2024/CVE-2024-312xx/CVE-2024-31229.json new file mode 100644 index 00000000000..464e1b8ca36 --- /dev/null +++ b/CVE-2024/CVE-2024-312xx/CVE-2024-31229.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-31229", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:37.513", + "lastModified": "2024-04-18T11:15:37.513", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This issue affects Really Simple SSL: from n/a through 7.2.3.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/really-simple-ssl/wordpress-really-simple-ssl-plugin-7-2-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-321xx/CVE-2024-32126.json b/CVE-2024/CVE-2024-321xx/CVE-2024-32126.json new file mode 100644 index 00000000000..1f779c8f259 --- /dev/null +++ b/CVE-2024/CVE-2024-321xx/CVE-2024-32126.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32126", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:37.697", + "lastModified": "2024-04-18T11:15:37.697", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Peters Navigation menu as Dropdown Widget allows Stored XSS.This issue affects Navigation menu as Dropdown Widget: from n/a through 1.3.4.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/navigation-menu-as-dropdown-widget/wordpress-navigation-menu-as-dropdown-widget-plugin-1-3-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32551.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32551.json new file mode 100644 index 00000000000..24e1a1af849 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32551.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32551", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:37.877", + "lastModified": "2024-04-18T11:15:37.877", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.71.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/sp-client-document-manager/wordpress-sp-project-document-manage-plugin-4-71-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32552.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32552.json new file mode 100644 index 00000000000..c84a27b7b3a --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32552.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32552", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:38.063", + "lastModified": "2024-04-18T11:15:38.063", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/taggbox-widget/wordpress-tagbox-ugc-galleries-social-media-widgets-user-reviews-analytics-plugin-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32553.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32553.json new file mode 100644 index 00000000000..b9831367686 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32553.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32553", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:38.243", + "lastModified": "2024-04-18T11:15:38.243", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in looks_awesome Superfly Menu allows Stored XSS.This issue affects Superfly Menu: from n/a through 5.0.25.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/superfly-menu/wordpress-superfly-menu-plugin-5-0-25-subscriber-site-wide-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32554.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32554.json new file mode 100644 index 00000000000..90d67bbe172 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32554.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32554", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:08.857", + "lastModified": "2024-04-18T10:15:08.857", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Knight Lab Knight Lab Timeline permite almacenar XSS. Este problema afecta a Knight Lab Timeline: desde n/a hasta 3.9.3.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/knight-lab-timelinejs/wordpress-knight-lab-timeline-plugin-3-9-3-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32556.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32556.json new file mode 100644 index 00000000000..a58e6bc04d1 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32556.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32556", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:09.053", + "lastModified": "2024-04-18T10:15:09.053", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nabil Lemsieh HurryTimer allows Stored XSS.This issue affects HurryTimer: from n/a through 2.9.2.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Nabil Lemsieh HurryTimer permite almacenar XSS. Este problema afecta a HurryTimer: desde n/a hasta 2.9.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/hurrytimer/wordpress-hurrytimer-plugin-2-9-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32558.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32558.json new file mode 100644 index 00000000000..0b063683873 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32558.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32558", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:09.233", + "lastModified": "2024-04-18T10:15:09.233", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog allows Reflected XSS.This issue affects eCommerce Product Catalog: from n/a through 3.3.32.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en impleCode eCommerce Product Catalog permite el XSS reflejado. Este problema afecta el cat\u00e1logo de productos de comercio electr\u00f3nico: desde n/a hasta 3.3.32." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ecommerce-product-catalog/wordpress-ecommerce-product-catalog-plugin-3-3-32-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32559.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32559.json new file mode 100644 index 00000000000..8eee5cd8282 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32559.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32559", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:09.420", + "lastModified": "2024-04-18T10:15:09.420", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post allows Reflected XSS.This issue affects WP 404 Auto Redirect to Similar Post: from n/a through 1.0.4.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (\"Cross-site Scripting\") en hwk-fr WP 404 Auto Redirect to Similar Post permite el XSS reflejado. Este problema afecta a WP 404 Auto Redirect to Similar Post: desde n/a hasta 1.0. 4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-404-auto-redirect-to-similar-post/wordpress-wp-404-auto-redirect-to-similar-post-plugin-1-0-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32560.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32560.json new file mode 100644 index 00000000000..31d03d50258 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32560.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32560", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:09.610", + "lastModified": "2024-04-18T10:15:09.610", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sharabindu QR Code Composer allows Stored XSS.This issue affects QR Code Composer: from n/a through 2.0.3.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Sharabindu QR Code Composer permite almacenar XSS. Este problema afecta a QR Code Composer: desde n/a hasta 2.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/qr-code-composer/wordpress-qr-code-composer-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32561.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32561.json new file mode 100644 index 00000000000..f2adfb58123 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32561.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32561", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:09.790", + "lastModified": "2024-04-18T10:15:09.790", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Tagembed permite almacenar XSS. Este problema afecta a Tagembed: desde n/a hasta 4.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/tagembed-widget/wordpress-tagembed-plugin-4-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32562.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32562.json new file mode 100644 index 00000000000..56b0b28b64b --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32562.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32562", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:09.980", + "lastModified": "2024-04-18T10:15:09.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en VIICTORY MEDIA LLC ZYNITH permite almacenar XSS. Este problema afecta a ZYNITH: desde n/a hasta 7.4.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/zynith-seo/wordpress-z-y-n-i-t-h-plugin-7-4-9-unauthenticated-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32563.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32563.json new file mode 100644 index 00000000000..a51e9f72ed2 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32563.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32563", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:10.160", + "lastModified": "2024-04-18T10:15:10.160", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en VikBooking Hotel Booking Engine y PMS permite Reflected XSS. Este problema afecta a VikBooking Hotel Booking Engine y PMS: desde n/a hasta 1.6.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/vikbooking/wordpress-vikbooking-hotel-booking-engine-pms-plugin-1-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32564.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32564.json new file mode 100644 index 00000000000..9e73cda064b --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32564.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32564", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:10.347", + "lastModified": "2024-04-18T10:15:10.347", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post Grid Team by WPXPO PostX \u2013 Gutenberg Blocks for Post Grid allows Stored XSS.This issue affects PostX \u2013 Gutenberg Blocks for Post Grid: from n/a through 4.0.1.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Post Grid Team by WPXPO PostX \u2013 Gutenberg Blocks for Post Grid permiten almacenar XSS. Este problema afecta a PostX: bloques Gutenberg para Post Grid: desde n/a hasta 4.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ultimate-post/wordpress-post-grid-blocks-and-wordpress-news-plugin-postx-plugin-4-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32565.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32565.json new file mode 100644 index 00000000000..0ae5ae5b7d1 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32565.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32565", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:10.530", + "lastModified": "2024-04-18T10:15:10.530", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appcheap.Io App Builder allows Stored XSS.This issue affects App Builder: from n/a through 3.8.8.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Appcheap.Io App Builder permite almacenar XSS. Este problema afecta a App Builder: desde n/a hasta 3.8.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/app-builder/wordpress-app-builder-plugin-3-8-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32566.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32566.json new file mode 100644 index 00000000000..d1eac0bb0bb --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32566.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32566", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:10.717", + "lastModified": "2024-04-18T10:15:10.717", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Club Manager allows Stored XSS.This issue affects WP Club Manager: from n/a through 2.2.11.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en WP Club Manager permite almacenar XSS. Este problema afecta a WP Club Manager: desde n/a hasta 2.2.11." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-club-manager/wordpress-wp-club-manager-plugin-2-2-11-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32567.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32567.json new file mode 100644 index 00000000000..a4e4af86b30 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32567.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32567", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:10.910", + "lastModified": "2024-04-18T10:15:10.910", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Designinvento DirectoryPress permite Reflected XSS. Este problema afecta a DirectoryPress: desde n/a hasta 3.6.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/directorypress/wordpress-directorypress-plugin-3-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32568.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32568.json new file mode 100644 index 00000000000..b18c45ac0c2 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32568.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32568", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:11.100", + "lastModified": "2024-04-18T10:15:11.100", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP 2FA allows Reflected XSS.This issue affects WP 2FA: from n/a through 2.6.2.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Melapress WP 2FA permite el XSS reflejado. Este problema afecta a WP 2FA: desde n/a hasta 2.6.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp-2fa-plugin-2-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32569.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32569.json new file mode 100644 index 00000000000..4a749684981 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32569.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32569", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:11.283", + "lastModified": "2024-04-18T10:15:11.283", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metaphor Creations Ditty allows Stored XSS.This issue affects Ditty: from n/a through 3.1.31.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Metaphor Creations Ditty permite almacenar XSS. Este problema afecta a Ditty: desde n/a hasta 3.1.31." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ditty-news-ticker/wordpress-ditty-plugin-3-1-31-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32570.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32570.json new file mode 100644 index 00000000000..d1eeb0c262d --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32570.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32570", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:11.470", + "lastModified": "2024-04-18T10:15:11.470", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Archetyped Cornerstone allows Reflected XSS.This issue affects Cornerstone: from n/a through 0.8.0.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Archetyped Cornerstone permite Reflected XSS. Este problema afecta a Cornerstone: desde n/a hasta 0.8.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/cornerstone/wordpress-cornerstone-plugin-0-8-0-reflected-cross-site-scripting-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32571.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32571.json new file mode 100644 index 00000000000..b9a0b02f550 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32571.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32571", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:11.660", + "lastModified": "2024-04-18T10:15:11.660", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a through 1.2.2.41.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en naa986 WP Stripe Checkout permite almacenar XSS. Este problema afecta a WP Stripe Checkout: desde n/a hasta 1.2.2.41." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-stripe-checkout/wordpress-wp-stripe-checkout-plugin-1-2-2-41-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32572.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32572.json new file mode 100644 index 00000000000..63a3a2c0477 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32572.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32572", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:11.840", + "lastModified": "2024-04-18T10:15:11.840", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.0.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en los complementos de Elementor de BdThemes Element Pack permite almacenar XSS. Este problema afecta a los complementos de Elementor de Element Pack: desde n/a hasta 5.6.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/bdthemes-element-pack-lite/wordpress-element-pack-elementor-addons-plugin-5-6-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32573.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32573.json new file mode 100644 index 00000000000..e36a6740fba --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32573.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32573", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:12.023", + "lastModified": "2024-04-18T10:15:12.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay allows Stored XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.11.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en WP Lab WP-Lister Lite para eBay permite almacenar XSS. Este problema afecta a WP-Lister Lite para eBay: desde n/a hasta 3.5.11." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-lister-for-ebay/wordpress-wp-lister-lite-for-ebay-plugin-3-5-11-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32574.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32574.json new file mode 100644 index 00000000000..08a5ec93e9c --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32574.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32574", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:12.217", + "lastModified": "2024-04-18T10:15:12.217", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Ashish Ajani WP Simple HTML Sitemap permite Reflected XSS. Este problema afecta a WP Simple HTML Sitemap: desde n/a hasta 2.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-simple-html-sitemap/wordpress-wp-simple-html-sitemap-plugin-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32575.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32575.json new file mode 100644 index 00000000000..bb60a371759 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32575.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32575", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:12.413", + "lastModified": "2024-04-18T10:15:12.413", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Kraftplugins Mega Elements permite almacenar XSS. Este problema afecta a Mega Elements: desde n/a hasta 1.1.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/mega-elements-addons-for-elementor/wordpress-mega-elements-plugin-1-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32576.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32576.json new file mode 100644 index 00000000000..e5e9d75761d --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32576.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32576", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:12.610", + "lastModified": "2024-04-18T10:15:12.610", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Booking Algorithms BA Book Everything permite almacenar XSS. Este problema afecta a BA Book Everything: desde n/a hasta 1.6.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ba-book-everything/wordpress-ba-book-everything-plugin-1-6-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32577.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32577.json new file mode 100644 index 00000000000..32bfffa93ac --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32577.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32577", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:12.793", + "lastModified": "2024-04-18T10:15:12.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark permite almacenar XSS. Este problema afecta a CBX Bookmark & Favorite: desde n/a hasta 1.7.20." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/cbxwpbookmark/wordpress-cbx-bookmark-favorite-plugin-1-7-20-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32578.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32578.json new file mode 100644 index 00000000000..97a8a887319 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32578.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32578", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:12.980", + "lastModified": "2024-04-18T10:15:12.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en 10Web Slider by 10Web permite Reflected XSS. Este problema afecta a Slider by 10Web: desde n/a hasta 1.2.54." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/slider-wd/wordpress-sliderby10web-plugin-1-2-54-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32579.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32579.json new file mode 100644 index 00000000000..b0a933bcb1e --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32579.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32579", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:13.170", + "lastModified": "2024-04-18T10:15:13.170", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GloriaFood Restaurant Menu \u2013 Food Ordering System \u2013 Table Reservation allows Stored XSS.This issue affects Restaurant Menu \u2013 Food Ordering System \u2013 Table Reservation: from n/a through 2.4.1.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en GloriaFood Restaurant Menu \u2013 Food Ordering System \u2013 Table Reservation permite almacenar XSS. Este problema afecta al Men\u00fa del restaurante \u2013 Sistema de pedido de alimentos \u2013 Reserva de mesa: desde n/a hasta 2.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/menu-ordering-reservations/wordpress-restaurant-menu-food-ordering-system-table-reservation-plugin-2-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32580.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32580.json new file mode 100644 index 00000000000..62b350c7c83 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32580.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32580", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:13.357", + "lastModified": "2024-04-18T10:15:13.357", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Averta Master Slider permite almacenar XSS. Este problema afecta a Master Slider: desde n/a hasta 3.9.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/master-slider/wordpress-master-slider-plugin-3-9-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32581.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32581.json new file mode 100644 index 00000000000..d410aaf6786 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32581.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32581", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:13.547", + "lastModified": "2024-04-18T10:15:13.547", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Lenderd Mortgage Calculators WP permite almacenar XSS. Este problema afecta a Mortgage Calculators WP: desde n/a hasta 1.56." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/mortgage-calculators-wp/wordpress-mortgage-calculators-wp-plugin-1-56-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32582.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32582.json new file mode 100644 index 00000000000..e57dbf848db --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32582.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32582", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:13.723", + "lastModified": "2024-04-18T10:15:13.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Bowo Debug Log Manager permite almacenar XSS. Este problema afecta a Debug Log Manager: desde n/a hasta 2.3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/debug-log-manager/wordpress-debug-log-manager-plugin-2-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32583.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32583.json new file mode 100644 index 00000000000..8276a249819 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32583.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32583", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:13.920", + "lastModified": "2024-04-18T10:15:13.920", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through 1.8.21.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Photo Gallery Team Photo Gallery de 10Web permite Reflected XSS. Este problema afecta a Photo Gallery de 10Web: desde n/a hasta 1.8.21." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/photo-gallery/wordpress-photo-gallery-by-10web-plugin-1-8-21-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32584.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32584.json new file mode 100644 index 00000000000..655c386a86f --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32584.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32584", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:14.110", + "lastModified": "2024-04-18T10:15:14.110", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StandaloneTech TeraWallet \u2013 For WooCommerce allows Stored XSS.This issue affects TeraWallet \u2013 For WooCommerce: from n/a through 1.5.0.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en StandaloneTech TeraWallet \u2013 Para WooCommerce permite Stored XSS. Este problema afecta a TeraWallet \u2013 Para WooCommerce: desde n/a hasta 1.5.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/woo-wallet/wordpress-terawallet-plugin-1-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32585.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32585.json new file mode 100644 index 00000000000..473cf907259 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32585.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32585", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:14.290", + "lastModified": "2024-04-18T10:15:14.290", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en extendWP Import Content en WordPress y WooCommerce con Excel permite Reflected XSS. Este problema afecta la importaci\u00f3n de contenido en WordPress y WooCommerce con Excel: desde n/a hasta 4.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/content-excel-importer/wordpress-import-content-in-wordpress-woocommerce-with-excel-plugin-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-325xx/CVE-2024-32586.json b/CVE-2024/CVE-2024-325xx/CVE-2024-32586.json new file mode 100644 index 00000000000..58e519c8212 --- /dev/null +++ b/CVE-2024/CVE-2024-325xx/CVE-2024-32586.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32586", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T10:15:14.480", + "lastModified": "2024-04-18T10:15:14.480", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Munir Kamal Gutenberg Block Editor Toolkit allows Stored XSS.This issue affects Gutenberg Block Editor Toolkit: from n/a through 1.40.4.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Munir Kamal Gutenberg Block Editor Toolkit permite almacenar XSS. Este problema afecta al Gutenberg Block Editor Toolkit: desde n/a hasta 1.40.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/block-options/wordpress-gutenberg-block-editor-toolkit-plugin-1-40-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32600.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32600.json new file mode 100644 index 00000000000..6492aad8488 --- /dev/null +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32600.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32600", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:38.530", + "lastModified": "2024-04-18T11:15:38.530", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/master-slider/wordpress-master-slider-plugin-3-9-5-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32602.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32602.json new file mode 100644 index 00000000000..ecffea1aca8 --- /dev/null +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32602.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32602", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:38.753", + "lastModified": "2024-04-18T11:15:38.753", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.3.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/woocommerce-multilingual/wordpress-woocommerce-multilingual-multicurrency-plugin-5-3-3-1-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32604.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32604.json index 242e7c4ac3d..c79278c888b 100644 --- a/CVE-2024/CVE-2024-326xx/CVE-2024-32604.json +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32604.json @@ -8,6 +8,10 @@ { "lang": "en", "value": "Authorization Bypass Through User-Controlled Key vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n a trav\u00e9s de clave controlada por el usuario en Plechev Andrey WP-Recall. Este problema afecta a WP-Recall: desde n/a hasta 16.26.5." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32686.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32686.json new file mode 100644 index 00000000000..08b02b5be12 --- /dev/null +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32686.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32686", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:38.930", + "lastModified": "2024-04-18T11:15:38.930", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/backup-backup/wordpress-backup-migration-plugin-1-4-3-sensitive-data-exposure-via-log-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-326xx/CVE-2024-32689.json b/CVE-2024/CVE-2024-326xx/CVE-2024-32689.json new file mode 100644 index 00000000000..4837e77b746 --- /dev/null +++ b/CVE-2024/CVE-2024-326xx/CVE-2024-32689.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-32689", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-04-18T11:15:39.117", + "lastModified": "2024-04-18T11:15:39.117", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in GenialSouls WP Social Comments.This issue affects WP Social Comments: from n/a through 1.7.3.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/gs-facebook-comments/wordpress-wp-social-comments-plugin-1-7-3-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-39xx/CVE-2024-3948.json b/CVE-2024/CVE-2024-39xx/CVE-2024-3948.json new file mode 100644 index 00000000000..3f5ae4af168 --- /dev/null +++ b/CVE-2024/CVE-2024-39xx/CVE-2024-3948.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3948", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-18T11:15:39.300", + "lastModified": "2024-04-18T11:15:39.300", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \\admin\\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261440." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xuanluansec/vul/issues/5", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.261440", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.261440", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.318722", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7d141530896..678dc1f9055 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-18T10:00:39.484350+00:00 +2024-04-18T12:00:38.955149+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-18T09:15:15.550000+00:00 +2024-04-18T11:15:39.300000+00:00 ``` ### Last Data Feed Release @@ -33,46 +33,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -246218 +246268 ``` ### CVEs added in the last Commit -Recently added CVEs: `21` +Recently added CVEs: `50` -- [CVE-2023-41864](CVE-2023/CVE-2023-418xx/CVE-2023-41864.json) (`2024-04-18T09:15:11.123`) -- [CVE-2023-49742](CVE-2023/CVE-2023-497xx/CVE-2023-49742.json) (`2024-04-18T08:15:37.330`) -- [CVE-2024-28076](CVE-2024/CVE-2024-280xx/CVE-2024-28076.json) (`2024-04-18T09:15:11.463`) -- [CVE-2024-29001](CVE-2024/CVE-2024-290xx/CVE-2024-29001.json) (`2024-04-18T09:15:11.670`) -- [CVE-2024-31869](CVE-2024/CVE-2024-318xx/CVE-2024-31869.json) (`2024-04-18T08:15:38.037`) -- [CVE-2024-32142](CVE-2024/CVE-2024-321xx/CVE-2024-32142.json) (`2024-04-18T08:15:38.143`) -- [CVE-2024-32587](CVE-2024/CVE-2024-325xx/CVE-2024-32587.json) (`2024-04-18T09:15:12.000`) -- [CVE-2024-32588](CVE-2024/CVE-2024-325xx/CVE-2024-32588.json) (`2024-04-18T09:15:12.267`) -- [CVE-2024-32590](CVE-2024/CVE-2024-325xx/CVE-2024-32590.json) (`2024-04-18T09:15:12.503`) -- [CVE-2024-32591](CVE-2024/CVE-2024-325xx/CVE-2024-32591.json) (`2024-04-18T09:15:12.700`) -- [CVE-2024-32592](CVE-2024/CVE-2024-325xx/CVE-2024-32592.json) (`2024-04-18T09:15:13.010`) -- [CVE-2024-32593](CVE-2024/CVE-2024-325xx/CVE-2024-32593.json) (`2024-04-18T09:15:13.257`) -- [CVE-2024-32594](CVE-2024/CVE-2024-325xx/CVE-2024-32594.json) (`2024-04-18T09:15:13.493`) -- [CVE-2024-32595](CVE-2024/CVE-2024-325xx/CVE-2024-32595.json) (`2024-04-18T09:15:13.797`) -- [CVE-2024-32596](CVE-2024/CVE-2024-325xx/CVE-2024-32596.json) (`2024-04-18T09:15:14.057`) -- [CVE-2024-32597](CVE-2024/CVE-2024-325xx/CVE-2024-32597.json) (`2024-04-18T09:15:14.317`) -- [CVE-2024-32598](CVE-2024/CVE-2024-325xx/CVE-2024-32598.json) (`2024-04-18T09:15:14.593`) -- [CVE-2024-32599](CVE-2024/CVE-2024-325xx/CVE-2024-32599.json) (`2024-04-18T09:15:14.823`) -- [CVE-2024-32601](CVE-2024/CVE-2024-326xx/CVE-2024-32601.json) (`2024-04-18T09:15:15.053`) -- [CVE-2024-32603](CVE-2024/CVE-2024-326xx/CVE-2024-32603.json) (`2024-04-18T09:15:15.330`) -- [CVE-2024-32604](CVE-2024/CVE-2024-326xx/CVE-2024-32604.json) (`2024-04-18T09:15:15.550`) +- [CVE-2024-32567](CVE-2024/CVE-2024-325xx/CVE-2024-32567.json) (`2024-04-18T10:15:10.910`) +- [CVE-2024-32568](CVE-2024/CVE-2024-325xx/CVE-2024-32568.json) (`2024-04-18T10:15:11.100`) +- [CVE-2024-32569](CVE-2024/CVE-2024-325xx/CVE-2024-32569.json) (`2024-04-18T10:15:11.283`) +- [CVE-2024-32570](CVE-2024/CVE-2024-325xx/CVE-2024-32570.json) (`2024-04-18T10:15:11.470`) +- [CVE-2024-32571](CVE-2024/CVE-2024-325xx/CVE-2024-32571.json) (`2024-04-18T10:15:11.660`) +- [CVE-2024-32572](CVE-2024/CVE-2024-325xx/CVE-2024-32572.json) (`2024-04-18T10:15:11.840`) +- [CVE-2024-32573](CVE-2024/CVE-2024-325xx/CVE-2024-32573.json) (`2024-04-18T10:15:12.023`) +- [CVE-2024-32574](CVE-2024/CVE-2024-325xx/CVE-2024-32574.json) (`2024-04-18T10:15:12.217`) +- [CVE-2024-32575](CVE-2024/CVE-2024-325xx/CVE-2024-32575.json) (`2024-04-18T10:15:12.413`) +- [CVE-2024-32576](CVE-2024/CVE-2024-325xx/CVE-2024-32576.json) (`2024-04-18T10:15:12.610`) +- [CVE-2024-32577](CVE-2024/CVE-2024-325xx/CVE-2024-32577.json) (`2024-04-18T10:15:12.793`) +- [CVE-2024-32578](CVE-2024/CVE-2024-325xx/CVE-2024-32578.json) (`2024-04-18T10:15:12.980`) +- [CVE-2024-32579](CVE-2024/CVE-2024-325xx/CVE-2024-32579.json) (`2024-04-18T10:15:13.170`) +- [CVE-2024-32580](CVE-2024/CVE-2024-325xx/CVE-2024-32580.json) (`2024-04-18T10:15:13.357`) +- [CVE-2024-32581](CVE-2024/CVE-2024-325xx/CVE-2024-32581.json) (`2024-04-18T10:15:13.547`) +- [CVE-2024-32582](CVE-2024/CVE-2024-325xx/CVE-2024-32582.json) (`2024-04-18T10:15:13.723`) +- [CVE-2024-32583](CVE-2024/CVE-2024-325xx/CVE-2024-32583.json) (`2024-04-18T10:15:13.920`) +- [CVE-2024-32584](CVE-2024/CVE-2024-325xx/CVE-2024-32584.json) (`2024-04-18T10:15:14.110`) +- [CVE-2024-32585](CVE-2024/CVE-2024-325xx/CVE-2024-32585.json) (`2024-04-18T10:15:14.290`) +- [CVE-2024-32586](CVE-2024/CVE-2024-325xx/CVE-2024-32586.json) (`2024-04-18T10:15:14.480`) +- [CVE-2024-32600](CVE-2024/CVE-2024-326xx/CVE-2024-32600.json) (`2024-04-18T11:15:38.530`) +- [CVE-2024-32602](CVE-2024/CVE-2024-326xx/CVE-2024-32602.json) (`2024-04-18T11:15:38.753`) +- [CVE-2024-32686](CVE-2024/CVE-2024-326xx/CVE-2024-32686.json) (`2024-04-18T11:15:38.930`) +- [CVE-2024-32689](CVE-2024/CVE-2024-326xx/CVE-2024-32689.json) (`2024-04-18T11:15:39.117`) +- [CVE-2024-3948](CVE-2024/CVE-2024-39xx/CVE-2024-3948.json) (`2024-04-18T11:15:39.300`) ### CVEs modified in the last Commit -Recently modified CVEs: `6` +Recently modified CVEs: `1` -- [CVE-2023-51391](CVE-2023/CVE-2023-513xx/CVE-2023-51391.json) (`2024-04-18T09:15:11.370`) -- [CVE-2023-6317](CVE-2023/CVE-2023-63xx/CVE-2023-6317.json) (`2024-04-18T08:15:37.663`) -- [CVE-2023-6318](CVE-2023/CVE-2023-63xx/CVE-2023-6318.json) (`2024-04-18T08:15:37.793`) -- [CVE-2023-6319](CVE-2023/CVE-2023-63xx/CVE-2023-6319.json) (`2024-04-18T08:15:37.873`) -- [CVE-2023-6320](CVE-2023/CVE-2023-63xx/CVE-2023-6320.json) (`2024-04-18T08:15:37.953`) -- [CVE-2024-3446](CVE-2024/CVE-2024-34xx/CVE-2024-3446.json) (`2024-04-18T08:15:38.340`) +- [CVE-2024-32604](CVE-2024/CVE-2024-326xx/CVE-2024-32604.json) (`2024-04-18T09:15:15.550`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 7a58554be0a..923fdf4cf95 100644 --- a/_state.csv +++ b/_state.csv @@ -226214,6 +226214,7 @@ CVE-2023-36746,0,0,689bd367f10332ffaa3c5e89c0d2659695640dac683ca3333b6b902201aeb CVE-2023-36747,0,0,b3ae277b4887a46e400860c5c36321f8284be211e650359cc5d3422d21ea9061,2024-04-09T21:15:10.840000 CVE-2023-36748,0,0,16fcbdab80ad50ef951910e3569d506067689ea505e2d011a952a658b1d7a02c,2023-07-18T16:40:40.913000 CVE-2023-36749,0,0,c75d738518037de335c1141076e80a0efba8a2a54fc146d1982dabfd9e527dc8,2023-07-18T16:57:14.643000 +CVE-2023-3675,1,1,bff3764bb400e691335aa4491411afda484bb412b329b3e3e0d097a8a182992e,2024-04-18T11:15:36.370000 CVE-2023-36750,0,0,9ebcaeb0f7a58247f9f01b774ef13a644ab588ddf3155986663741153ea2cd24,2023-07-18T18:28:19.370000 CVE-2023-36751,0,0,d5e3b71babae677fc02829db34741fd5f0d7c3ce782a336bdb819f0b5155a214,2023-07-18T18:34:49.170000 CVE-2023-36752,0,0,56f5c9f421b4b675d490180585b54eca3997e5163ebe563d8637d05d0b20e7df,2023-07-18T18:36:28.237000 @@ -229829,7 +229830,7 @@ CVE-2023-4186,0,0,3abcdb46d80abad104dce39b9350b3a6c8b38797243f9179ad443285e2b2d7 CVE-2023-41860,0,0,4d08e5ff25e45b721b429e2300d096467b55e8ddcbddf4556f1eaa2767de6509,2023-09-28T17:48:04.947000 CVE-2023-41861,0,0,987ffad05223ade61e9ab0b717071315ebf0cf09b5de64178e7918616ff02e9c,2023-09-28T17:49:32.943000 CVE-2023-41863,0,0,dc1f96ad0e6adcd5c9b117e284c1ab7a9537ba92010418f76f598af8967c33a1,2023-09-26T14:36:16.600000 -CVE-2023-41864,1,1,85444e51357590732fe0cc9687932cb04f6f28ca18ab3911d63b1bd3ba1127c9,2024-04-18T09:15:11.123000 +CVE-2023-41864,0,0,85444e51357590732fe0cc9687932cb04f6f28ca18ab3911d63b1bd3ba1127c9,2024-04-18T09:15:11.123000 CVE-2023-41867,0,0,eee5a1532a938ae7d8971f2eace1505dc851ed2c27f4f91e9813ae02bb99cb45,2023-09-26T14:36:32.207000 CVE-2023-41868,0,0,5618b3d59c8e4b7ad31dfb8fd14c6e924f637eb2eafda521eafee9b5136f233b,2023-09-26T14:53:37.590000 CVE-2023-4187,0,0,f2c6a706ec6eae8ed54edf79dd7cb4527eda4e5a5692b563f1ad18c73c946d59,2023-08-09T17:58:37.840000 @@ -233594,6 +233595,7 @@ CVE-2023-47835,0,0,7a712355ce5c48eadcb9e26f4f27778335f03b4bfa9861aa3fd9d0cda8b8d CVE-2023-47839,0,0,7480547339b9b3ac3798f9c06e00c706f49ca35ebe73ec8189117729e422f769,2023-11-28T21:07:29.180000 CVE-2023-47840,0,0,7e24f7bfe5242765e69f6a2a237de2196af9eb411219ff1fe89053605cf27eb0,2024-01-04T21:27:45.337000 CVE-2023-47842,0,0,f440905c307b5610d2cfc83060eabc85c90c284cc9c17dab2bd938d9d5409ffb,2024-03-27T12:29:30.307000 +CVE-2023-47843,1,1,ee0713bd910aad9683d35bd303ef07cdaaf9aee96af593b1a0eb1458e801e009,2024-04-18T11:15:36.580000 CVE-2023-47844,0,0,741d209d5f9025e6891615bc08c4470c63d9aa75d230c481c60846b322e1cd21,2023-12-05T22:05:16.770000 CVE-2023-47846,0,0,585eb80c3e630281a75adcb6868cc518653f6f22fa6afc08b1a27eb555fa41c8,2024-03-27T12:29:30.307000 CVE-2023-47848,0,0,21fbbbf4e86fa9dec45730eda9a909888845fbee735e966e936dc57fecf04f7d,2023-12-05T22:04:43.287000 @@ -234865,7 +234867,7 @@ CVE-2023-49738,0,0,5c4f6ee44efbee607c5172901fe24b0e1c0f9924fd7d48aa8f7d198bbcf99 CVE-2023-49739,0,0,ed7af1af7b29da09287b9796692740d5a8f67a583e414c6ddb16b5263abbb30d,2023-12-19T18:06:46.643000 CVE-2023-4974,0,0,35450376420e332ac02a2249b8d034eb51dc9b872c207d5cf39076508be3d2f7,2024-04-11T01:22:38.740000 CVE-2023-49740,0,0,3b57b466e1f923eaa7ef022a2f7c4ea812dd859f4964babb0a9a182102c6b49e,2023-12-18T18:29:26.233000 -CVE-2023-49742,1,1,9eb0c789de97bcd583baa8cf8c68cab7b5c71607b5e4de6908869c53abe66674,2024-04-18T08:15:37.330000 +CVE-2023-49742,0,0,9eb0c789de97bcd583baa8cf8c68cab7b5c71607b5e4de6908869c53abe66674,2024-04-18T08:15:37.330000 CVE-2023-49743,0,0,13f5af3ccb1e4b324e598e3022c0f930ec45448d3679021de25381951c590aa0,2023-12-18T18:39:56.250000 CVE-2023-49744,0,0,62713799f09c53108f2fff9617764ffd422292e0d6304d7c901d420c7eef25ca,2023-12-21T17:29:00.677000 CVE-2023-49745,0,0,fffe20c1d784d2b7c929f594f59c7d620c018b6b1ac8213ab25365d0b1ce526d,2023-12-18T18:40:10.603000 @@ -234885,6 +234887,7 @@ CVE-2023-49764,0,0,6a0568f44325ac1fd740f72f5087d6a171710f839df3bde6ed3c2e416c5c2 CVE-2023-49765,0,0,06b748ab9346ad4cd48739500d92fd88db0cfa27aaf7aaaf6da5babab48e3bf5,2023-12-30T03:21:01.940000 CVE-2023-49766,0,0,470cc74253a064058975f565b53bcde7efea241fe3724a43148b1dc04de6d86e,2023-12-18T19:48:14.307000 CVE-2023-49767,0,0,4edc3fc227dd38b5eb293c3d6afac902b5ca27bee81180389ef3df79af1ec053,2023-12-21T17:45:47.293000 +CVE-2023-49768,1,1,8bc00844016265a8a3ad94ff392c3ac2eef3a9b7b76b8dfe811d30b487262d34,2024-04-18T11:15:36.807000 CVE-2023-49769,0,0,91366dfbc1492c919f28d9187aff4b0b2250d2363a8039baff9ef53b39b8726c,2023-12-20T04:19:35.600000 CVE-2023-4977,0,0,62f89aa8cb7b45d850c5877faf5cbc29b33652c1b16d11f79fb830b492a75caa,2023-09-20T13:11:56.513000 CVE-2023-49770,0,0,0a27ec81e7d2882781700f3f05263aa58179bb03e78b71006e6b846b4d5515d2,2023-12-19T16:53:26.097000 @@ -235455,6 +235458,7 @@ CVE-2023-50879,0,0,e7f635ec835f8af6e68324c638f96c217e373f3a3af9c80d6a7d36cc1662f CVE-2023-5088,0,0,939ef66299af3edb362a7d2c74b0e49564a48ba289fd555d0389350188c0dc0b,2024-03-11T18:15:17.433000 CVE-2023-50880,0,0,45dfc20edf873b6f54c033b90d8b745bc998db6f75a866db44cd1e8a384e14b7,2024-01-05T17:36:02.743000 CVE-2023-50881,0,0,21fc9e5f06f2216fa2395fe2689d924b63b36b0b4cdf8b0f9c5260d788c328af,2024-01-05T17:37:29.017000 +CVE-2023-50885,1,1,7dfe5322c7ddfb157228b31debe6632872f60245d1b7295478902b18de3db42a,2024-04-18T11:15:37.003000 CVE-2023-50886,0,0,7792f347cde4c420b06e643a12a04ca1bbbaf32b14e20bdefdd360583db86f82,2024-03-15T16:26:49.320000 CVE-2023-50889,0,0,c1ad7d35b6d5afc074175b11fcf31e66a1f88510cc63a735f12500e424605271,2024-01-05T17:39:22.253000 CVE-2023-5089,0,0,cddae8cd7907847e037d2a072115a2d298d26ef8e69ec53058c1c3b486a685c8,2023-11-07T04:23:26.960000 @@ -235688,7 +235692,7 @@ CVE-2023-51388,0,0,23d45ab8268f61b603be601097b6403fe4846d03068822a939edea7f32dfb CVE-2023-51389,0,0,1ab7e7a3a71f66a7621faf47f7e371d4af946a67075635b4b3343083855bb6c4,2024-02-22T19:07:27.197000 CVE-2023-5139,0,0,45ab71d0a08a733e36a646ff7244b4f355dd92a60fbfd4d74553b86425e7d813,2024-01-21T01:44:13.437000 CVE-2023-51390,0,0,aec164d1ba230dc6205a9a23a906268daf85aeab87f80c94d3bcd0e722b52384,2024-01-02T16:25:35.387000 -CVE-2023-51391,0,1,957fce0f26a1f3c1171609031d2144db63e306bf4dd5366bdd07bd5aacc5a870,2024-04-18T09:15:11.370000 +CVE-2023-51391,0,0,957fce0f26a1f3c1171609031d2144db63e306bf4dd5366bdd07bd5aacc5a870,2024-04-18T09:15:11.370000 CVE-2023-51392,0,0,67927e656158c46412ae3bb504118fce54b24cfa01ec58a8655578d96aa8e815,2024-02-23T19:31:25.817000 CVE-2023-51393,0,0,134d5dde596b1c0957ff0f344967668816279a31dc85a1621f6b9d383706e3f6,2024-02-26T13:42:22.567000 CVE-2023-51394,0,0,71b2bd989998d21aa0bbb95271be09edc08ce6d20103c2e6bcee8ea1c20c92b8,2024-02-26T13:42:22.567000 @@ -237521,10 +237525,10 @@ CVE-2023-6313,0,0,37257477d4aa2923e734a02239fe22761c2b383dd01a5ad6f0805b72148ecb CVE-2023-6314,0,0,f4128a234377715ed433398ed29329489185b89566c1f8948f1313fe3eb87e21,2024-01-02T13:31:21.217000 CVE-2023-6315,0,0,0ea3d757b463802bd072d80c605e85486723b96d15e4b6f43ffdbe4b27553792,2024-01-02T13:43:51.817000 CVE-2023-6316,0,0,d2a53cf9d574188a1d1db73921a61c0a0e0e318b0720f84fd1373b0184553c47,2024-01-17T20:17:22.003000 -CVE-2023-6317,0,1,7d7bdd6df101d067864ba1ce1e0999d7faf07fe4e884cb0e07f2b66cbb2c2a46,2024-04-18T08:15:37.663000 -CVE-2023-6318,0,1,c5b0fd94faa5692041827b1e90cea49c70217d21979f19374a5399fa311000d9,2024-04-18T08:15:37.793000 -CVE-2023-6319,0,1,f0c8ec35edda76734c52d8668ac037fa65c1f29b0ee20b6b276b3d575b1d8043,2024-04-18T08:15:37.873000 -CVE-2023-6320,0,1,97c0d852626b4121996a68ef80a1034e5eac45cc3e27fd758a11cceb60b37d97,2024-04-18T08:15:37.953000 +CVE-2023-6317,0,0,7d7bdd6df101d067864ba1ce1e0999d7faf07fe4e884cb0e07f2b66cbb2c2a46,2024-04-18T08:15:37.663000 +CVE-2023-6318,0,0,c5b0fd94faa5692041827b1e90cea49c70217d21979f19374a5399fa311000d9,2024-04-18T08:15:37.793000 +CVE-2023-6319,0,0,f0c8ec35edda76734c52d8668ac037fa65c1f29b0ee20b6b276b3d575b1d8043,2024-04-18T08:15:37.873000 +CVE-2023-6320,0,0,97c0d852626b4121996a68ef80a1034e5eac45cc3e27fd758a11cceb60b37d97,2024-04-18T08:15:37.953000 CVE-2023-6326,0,0,da68435ec565f5478deb03e75227a685933d8e7699006844b61a2674d05885d6,2024-03-04T13:58:23.447000 CVE-2023-6329,0,0,acb69acf796efdc21d3e11700a3115c7e39470c82b6e643969998bcd2e6b6d74,2023-12-01T20:50:45.717000 CVE-2023-6333,0,0,c9c5b2d28685d70e3694c86d73a2ffba7633a0d13b15746a0b23ea79549ea6b5,2023-12-12T20:39:57.697000 @@ -237971,10 +237975,12 @@ CVE-2023-6888,0,0,4c4ede3442fccc6f5279de75212b5b5e1b33e5df232b21ee287bddc25bcd81 CVE-2023-6889,0,0,5178dca3fad767c9438e93fa6f828da99ebc9221d314225c125d4ccc6e6915f6,2024-02-08T10:15:12.730000 CVE-2023-6890,0,0,9ecc37279e8814f4b67cf29c86ab5ca566d49dfec3dae8b29441fd5d44b3abbd,2024-02-08T10:15:13.133000 CVE-2023-6891,0,0,93b8d5d43a81c1211034a16faf339d8c63d7393a5abfbfa5e4f247c9e06a373e,2024-04-11T01:23:28.490000 +CVE-2023-6892,1,1,8cdda99a5da88185e0d73a11cf7b6654e607c4c23d19d2204066f69a5808a079,2024-04-18T11:15:37.187000 CVE-2023-6893,0,0,dabf74bbb65c333b388b3c8dcf9bbdc06b069ddc05ba2f2b42288dbd5d663862,2024-04-11T01:23:28.590000 CVE-2023-6894,0,0,2769ed371ecfb9f28796213b7e298bce3f65bebdcdb76aee252642b05f63990f,2024-04-11T01:23:28.697000 CVE-2023-6895,0,0,1f011675b045cde0deedfda982075f2ccdac7ca3a163f1efca29ae466d2ce8a6,2024-04-11T01:23:28.810000 CVE-2023-6896,0,0,94e0f7e65ef64726299ff864e0cc6a6b06dd772e2b14e82252aa499ff6a50da1,2024-04-11T01:23:28.903000 +CVE-2023-6897,1,1,19dc87948d66a99fab69d7639a0776208d3a6c04f3c71818bc0ed3ab3283f0c2,2024-04-18T11:15:37.350000 CVE-2023-6898,0,0,6d654fe5bb80c64663efb97dfd3e75a9ac2c2cd9d89f857770b3794556154708,2024-04-11T01:23:28.993000 CVE-2023-6899,0,0,c73a7b1956ff785320ec1dd97adaf3a2c6a54d2233b4102320eefc6645406f7d,2024-04-11T01:23:29.083000 CVE-2023-6900,0,0,0f4f1d5290a5a0aa11e6b068df417e2ed0d57951414cc99f31bbe6a078557226,2024-04-11T01:23:29.180000 @@ -243563,6 +243569,7 @@ CVE-2024-26918,0,0,e969c5e65c27c48161954ded29f513a04dd008bd660c330f261ba39a0cdec CVE-2024-26919,0,0,8ce229e6f304423499a3d2dbc331713eb1fbfa99e3cc0b71da0db8b8b65f091c,2024-04-17T16:51:07.347000 CVE-2024-2692,0,0,aefc05ddca23ffc90de039367cc7fed9a06f50bd32c460cfe2bbf1c8645c8f06,2024-04-04T12:48:41.700000 CVE-2024-26920,0,0,8ad9dc4497d0ab325621ba9253d9bafe6f0648f6e0dcc53db528add7b30825c1,2024-04-17T16:51:07.347000 +CVE-2024-26921,1,1,13fc6955d341f1e33c10a86609faa8a08929f1e7ddbb788de1d184d714938510,2024-04-18T10:15:07.740000 CVE-2024-2693,0,0,0523f248585c70810eb494560526f8a16efe419cf7f3014aa23838648b0d3e89,2024-04-10T13:23:38.787000 CVE-2024-2700,0,0,ec51b942504a96d4888f64f81c70906fd44973b0d1ace8e2f862241f82ce29e0,2024-04-17T20:15:08.240000 CVE-2024-2702,0,0,d714950951d2438da53d97b453b8470335efdb106b4a3aaafe4c816e98d263df,2024-03-20T13:00:16.367000 @@ -244000,7 +244007,7 @@ CVE-2024-28069,0,0,99a57a9955c5ed5463e7c560b95e0a17dfa2789ec3c024f2825003d476d4b CVE-2024-2807,0,0,389dec77d863d88d0729c3b21a13c4f638dbaad2d7ffdf5a3bec6019fd1a7b1b,2024-04-11T01:25:36.783000 CVE-2024-28070,0,0,c8eeec88fa6e3b91036a4eadc63dd921f090ad52309176e7af22a570b911aeac,2024-03-17T22:38:29.433000 CVE-2024-28073,0,0,11595a1e096ea791c7b3c722c3e27da07919e96619a7c3a0a6fbf6f73647b227,2024-04-17T20:08:21.887000 -CVE-2024-28076,1,1,9f59893f8c48e7887c5ca0fc1d844ab7452ab34e4eaeddbd3e74c5aab680b336,2024-04-18T09:15:11.463000 +CVE-2024-28076,0,0,9f59893f8c48e7887c5ca0fc1d844ab7452ab34e4eaeddbd3e74c5aab680b336,2024-04-18T09:15:11.463000 CVE-2024-2808,0,0,c3ed3b9e68948cd880b53f1e926f321cf4b47941f31cc49bbad2cbe5e609284b,2024-04-11T01:25:36.883000 CVE-2024-28084,0,0,e855eaf3201adbee7f29bca688e63324787cf32844050753a9cd1965f8c4b542,2024-03-23T03:15:11.583000 CVE-2024-28085,0,0,50b7c8ccc5599b7ab0a3fb9fa52479a655595623006a86c4fef2d0664fd54633,2024-04-07T12:15:08.903000 @@ -244147,6 +244154,7 @@ CVE-2024-28318,0,0,ede034690df957e6783d45bfb66a16f12d36f93dac03aab57e77aeedfffbb CVE-2024-28319,0,0,26fe071877c361c1420da78d668cd8bd73e607c2889fe07f596425c3f0efcaf7,2024-03-15T16:26:49.320000 CVE-2024-2832,0,0,c24a89a98158bb4e496d6c9324979be50b5d8206e1a887bc4c92d3f4efe6d296,2024-04-11T01:25:38.597000 CVE-2024-28323,0,0,2aeca3d06db49b1f3cf193f09da3283ca9cea9d02fb53cf2b91c906fc8c5ae56,2024-03-14T14:21:20.217000 +CVE-2024-2833,1,1,a585778ca7185d9b885ed2e055fabcbdf78b76721983806459902fa6afa100d8,2024-04-18T10:15:08.690000 CVE-2024-28335,0,0,a217e219718a353480ebe6dbe5087fa485efbd4ed754c44582430f96bbfa9ecc,2024-03-27T12:29:30.307000 CVE-2024-28338,0,0,3ea1d4c3a66b67172d60399e17da8570aa15fd5d4f0e652ed0ed26bd90bdb1be,2024-03-12T17:46:17.273000 CVE-2024-28339,0,0,eb06dcbba6c6b866b3957a0b1f6af1817f1ee37fb8932a4cb080c5ef814ab185,2024-03-12T17:46:17.273000 @@ -244403,7 +244411,8 @@ CVE-2024-2897,0,0,845f7ba04cd28c84698eb0ec67ce51aa02df2e982261e886754cbe95c05467 CVE-2024-2898,0,0,a9e168d2d155295869c860f65d1c37cd69170336e2176bd6e18025be31d1bd5d,2024-04-11T01:25:40.393000 CVE-2024-2899,0,0,5a6a51f3ed72df0a6dd64abc73047bf55c3b64e6e92d5e232b7d6d24120a6174,2024-04-11T01:25:40.480000 CVE-2024-2900,0,0,0c94ddc095b3847b98b965817804f73bd4e2c123c1146ff5d0c398accd06d081,2024-04-11T01:25:40.563000 -CVE-2024-29001,1,1,6b1d7dbe9a0f6f77f79a7c6f2a9a4414a75cf3bbfb3e3961e471be9204f696f6,2024-04-18T09:15:11.670000 +CVE-2024-29001,0,0,6b1d7dbe9a0f6f77f79a7c6f2a9a4414a75cf3bbfb3e3961e471be9204f696f6,2024-04-18T09:15:11.670000 +CVE-2024-29003,1,1,51885b9fb0184b3060b1038d08264e5b3ee78cd30f11530569af3f05e5998d88,2024-04-18T10:15:08.353000 CVE-2024-29006,0,0,372dae7e0517fadec7afbebb95bb2f6ce85fed46918b994309163c310eb23334,2024-04-04T12:48:41.700000 CVE-2024-29007,0,0,8d6137d5f48685e1b64d39fd4cc7492f2850ddf9c3f329869c8ad7ee434fc200,2024-04-04T12:48:41.700000 CVE-2024-29008,0,0,1a4f3f4485b339858eac2ebf1bb542365a61220eb67f8fc5d6a3ce2d6f0576ed,2024-04-04T12:48:41.700000 @@ -245449,6 +245458,7 @@ CVE-2024-31219,0,0,7acd0be915f9eb553170dac7fcfc2b835daa11c61b3f2663f7153cdd55191 CVE-2024-31220,0,0,5364fec01a2c522837b9bb1f12dd2e109f09573a57ee59445d858fa07dd681f7,2024-04-08T18:49:25.863000 CVE-2024-31221,0,0,093d7a2a638171e5d3f8cc3b06e5a6b3ca8a7674a42c7ed40ef62927f76d1926,2024-04-08T18:48:40.217000 CVE-2024-31224,0,0,2f84ceb3d774709c2492171042eddaeb6b6b98a31b06a1f67434414d962c7206,2024-04-08T18:48:40.217000 +CVE-2024-31229,1,1,039d274d48caf1d2a2f1a8ea4d26ce312480c58eabf52fbe76c0ac129a3a5892,2024-04-18T11:15:37.513000 CVE-2024-31230,0,0,52cfa4cc0c105e0f4a014468a390d1fae46fb176c8f9a3fd8a419c5888fe92a6,2024-04-10T19:49:51.183000 CVE-2024-31233,0,0,d489633661459fa8fba7247a4e042c4067793ed99651e43e0cd0674db1c81416,2024-04-08T18:48:40.217000 CVE-2024-31234,0,0,e2afc7f2f1012ca63d202c441d893de0eb7415294dc8692e4b069bf731411329,2024-04-08T18:48:40.217000 @@ -245669,7 +245679,7 @@ CVE-2024-31865,0,0,55f6426de8554bc6f4da7fb7dfa9079a9656bfc67d2afbc128c56bec8f8ea CVE-2024-31866,0,0,9d4ecb9aa9c29d85edac6e2052e365b7781227bb2f4fea81ddf721491f897e1e,2024-04-10T13:24:22.187000 CVE-2024-31867,0,0,d9ca0aa9578216e078b0a79214f51d5fd012c5b9e5fcd78052a038316e3088f8,2024-04-10T13:24:00.070000 CVE-2024-31868,0,0,a79f3943c68f02bd30297ac353bf9f000b38c0f07e44f3ffb16a4f3e82c12f40,2024-04-10T13:24:22.187000 -CVE-2024-31869,1,1,d93bcc2c83a183090097521a1470aa851a1749fd31baa5e83ada98336d56a815,2024-04-18T08:15:38.037000 +CVE-2024-31869,0,0,d93bcc2c83a183090097521a1470aa851a1749fd31baa5e83ada98336d56a815,2024-04-18T08:15:38.037000 CVE-2024-31871,0,0,2e9cb20a8839296f42d6bc6aa4eee6ec286fed065eef42e4971f116c0f81a135,2024-04-10T19:49:51.183000 CVE-2024-31872,0,0,7d09da772d85c1598253bebf81c543077ef995af0f84d1cf088132605a2400f9,2024-04-10T19:49:51.183000 CVE-2024-31873,0,0,30397559953deb34a9ae192149473632dc6b2334245e920787a4c5e14fc76375,2024-04-10T19:49:51.183000 @@ -245772,6 +245782,7 @@ CVE-2024-32109,0,0,e0a4e8c5f217571de21e69ff68b322f2becdcc662ae51f8c1b5dcaad24451 CVE-2024-3211,0,0,54794b5c5e3c18fabed2b9971b38f38495032ad68cd1edd1eef302942016e9fd,2024-04-12T12:43:46.210000 CVE-2024-32112,0,0,2df62c2ad1478d07a612eff17f984ad78c51d3b47027012c1c38076227812cd3,2024-04-11T12:47:44.137000 CVE-2024-32125,0,0,df49ac279a5dab5894d2cf46d4df920e793fb77c32b1360bd4eb9ce6cc4c2bcb,2024-04-15T13:15:31.997000 +CVE-2024-32126,1,1,99f0ede5698f6f3248fcac682b9d1e5e2819b297e852c5021e54f11b2a9b8226,2024-04-18T11:15:37.697000 CVE-2024-32127,0,0,57252810e1702be160161ac7dc44c20062237ffc3e0f3ad79884c0b06ee5b822,2024-04-15T13:15:31.997000 CVE-2024-32128,0,0,cb935dc8078553e54335e879bd7502243cd9a625b79c1c1dfceb4bfba45b9de1,2024-04-15T13:15:31.997000 CVE-2024-32129,0,0,656ae28bdfb245e62d73e796b0c62cc9d732e7baa7efbfb92e21d3088230cd74,2024-04-15T13:15:31.997000 @@ -245788,7 +245799,7 @@ CVE-2024-32139,0,0,f0d5014bb10dda1d4c60387d3ee25cb89484d8347271efa44c8824b99e4cd CVE-2024-3214,0,0,d9b62addfa853a8ede1a8dcf4e065081d1f9021a8cffa0357e41cb2e91733c15,2024-04-10T13:23:38.787000 CVE-2024-32140,0,0,25ce82707bac814bfa60dbd042d77eeb2e77d40673480a75309bcbecca8ba7aa,2024-04-15T13:15:31.997000 CVE-2024-32141,0,0,d919f1f06e8f9dddc68864df4d4cc49a38b5318983c1cd8a09580919ead44629,2024-04-15T13:15:31.997000 -CVE-2024-32142,1,1,298263eb64042ee39f67302a17ce7849954b5bc138e519c7bd1afdaf6e5114d0,2024-04-18T08:15:38.143000 +CVE-2024-32142,0,0,298263eb64042ee39f67302a17ce7849954b5bc138e519c7bd1afdaf6e5114d0,2024-04-18T08:15:38.143000 CVE-2024-32145,0,0,46f82be3b79b18ba25f2a9e0fa1663c301fc655d81936963a35db2da93921f80,2024-04-15T13:15:31.997000 CVE-2024-32147,0,0,221f8d37c746fb10439627f9391d23954c77e6687fd4a296059e2d8c0758881a,2024-04-15T13:15:31.997000 CVE-2024-32149,0,0,12d107e3c0999cbcd27b2d933b885433c81cf0faba3d46ab08b4e66fab365309,2024-04-15T13:15:31.997000 @@ -245929,26 +245940,62 @@ CVE-2024-32548,0,0,e4a54d0c123966d243f4109663ea69da8c581993342a73ff76dd194058f5e CVE-2024-32549,0,0,b59f7f2824ce9ae7d954ffb76652523e3be5c2253362a34c8d57af347b2b167b,2024-04-17T12:48:07.510000 CVE-2024-3255,0,0,904fbc57ab93b7669a1ad2e0d7bc935ea8e0a09d4be39b643e0cf95a488528d5,2024-04-11T01:25:57.280000 CVE-2024-32550,0,0,38a7958e0db4ae6ee8aaaa1157ea8534e3c4edeb5dc2e0a5a4ff2571e83a4eb8,2024-04-17T12:48:07.510000 +CVE-2024-32551,1,1,5fefbc59f78f8c2de1d8a0f30514c458d8b94bc056f658c1ebd25ba21da28cdc,2024-04-18T11:15:37.877000 +CVE-2024-32552,1,1,bfcbcb57c0c4bcb9ecc7ade09052959045ae4af44f10fd8ad03b684fcb5182d2,2024-04-18T11:15:38.063000 +CVE-2024-32553,1,1,a2c40872a96617aff99facb0200ca9ba32d89daa6247a9986411765fe3939bbb,2024-04-18T11:15:38.243000 +CVE-2024-32554,1,1,bfc695779644f6488bf5bcffcec731efc0144a4a0e9edd170940e9cc28dfce38,2024-04-18T10:15:08.857000 +CVE-2024-32556,1,1,6944e2ef720a4001717b7b25a3cd56fc311315b8569ca31659c300c5ea584efb,2024-04-18T10:15:09.053000 CVE-2024-32557,0,0,a0d48866dc85bb81bf860dbf507dd0114438e0c1a5f7430be94c87993736426b,2024-04-16T13:24:07.103000 +CVE-2024-32558,1,1,cca5307ae9b2da2ffa68f799208aab699b0ee33b4e363bf6f33f387fe6fd5e86,2024-04-18T10:15:09.233000 +CVE-2024-32559,1,1,3fd079f18bce02423a15fbdd66f1a242d50aac6c6aa110f7ea22eddaf1366fa9,2024-04-18T10:15:09.420000 CVE-2024-3256,0,0,16875209444216c7ddeeb37cb7b039ce17b63ab170d52bcb48aafa2d5e629841,2024-04-11T01:25:57.377000 +CVE-2024-32560,1,1,dade66c655d7e2975a004e996b0c184a4d0481b420cbe0cebb80bfddae42e0f5,2024-04-18T10:15:09.610000 +CVE-2024-32561,1,1,5dcb9ebb3723bb3043336d65515c620ea53ae01f5d8cafbda497aeae8fbbe7bb,2024-04-18T10:15:09.790000 +CVE-2024-32562,1,1,1b76a0bedab37f7845a43bb542c04b02bfca6462e31f6c3c12f90bddb64d5b81,2024-04-18T10:15:09.980000 +CVE-2024-32563,1,1,11a49c6d8274169e250ca5a6d1870ea2c64d3d55e14b65dfe066baa5401b2053,2024-04-18T10:15:10.160000 +CVE-2024-32564,1,1,ce56fac88083ed2fb86a0eaa4e2252ae2a38489d6ff202fee21774dc5c334e81,2024-04-18T10:15:10.347000 +CVE-2024-32565,1,1,a5fbe8a7cb6e658d67e2de9fd79138331e61cf4b500f550a29f502cc060792f1,2024-04-18T10:15:10.530000 +CVE-2024-32566,1,1,d4d5abc2fcfc9916d174319a4c414aed7b737faeb59ee9189ddda1f6881b2aac,2024-04-18T10:15:10.717000 +CVE-2024-32567,1,1,60bb78fdb72fd73723a8c33349d35eb3ce680ae1301d5beacc10fd1a4f24ddbb,2024-04-18T10:15:10.910000 +CVE-2024-32568,1,1,687b515ca4ff8bc0756eaa11c5bf3fef6fad84a19dc90f277e3e9948fc44139a,2024-04-18T10:15:11.100000 +CVE-2024-32569,1,1,8b2f786f7d90115d028bff9b7c91945a15e9f56424ef6c8a1c38a1b43df453c9,2024-04-18T10:15:11.283000 CVE-2024-3257,0,0,3c0b711c0035bcf8d4b92bcec7dfdb1ab21cf5c848bdfe1dfc7f34628ee0f77e,2024-04-11T01:25:57.457000 +CVE-2024-32570,1,1,03cf7f9d471d01c62d37d7245acd337aa508f33bc507cf6a53f36c567f5de21f,2024-04-18T10:15:11.470000 +CVE-2024-32571,1,1,73f7d01feaf7a731769f3c21afbaacd744c76be5ecb90e4e390902aea88bd0b9,2024-04-18T10:15:11.660000 +CVE-2024-32572,1,1,28165cd9753530961650bf3fc96785d09fd435b95027ee2282926c207bdb4b92,2024-04-18T10:15:11.840000 +CVE-2024-32573,1,1,10cf1f9d648b5b709e1166d2783de7b2d1ce39e9384fbaf4f7571b3c0d7dbbcb,2024-04-18T10:15:12.023000 +CVE-2024-32574,1,1,a1f60013e8ce2549e915f950f2e27af972d7064cb3353ce90077f7f5c7e9c898,2024-04-18T10:15:12.217000 +CVE-2024-32575,1,1,a873712999c38cb89e0ef688146f2b4aa2f5d1b607a8debb48b71bda9cf7bc4e,2024-04-18T10:15:12.413000 +CVE-2024-32576,1,1,38b2a9e94629bc1828ec041a2309043170d7454e85d63cf5ce61663da0b441d2,2024-04-18T10:15:12.610000 +CVE-2024-32577,1,1,16c644a64c6c56f762edf8324e5bfca62b3d8f53c224a919b666c5adcb18cb70,2024-04-18T10:15:12.793000 +CVE-2024-32578,1,1,e46b5b7bcbb468b69d634a730553e262c09d735374f512883dba7c1f106eee81,2024-04-18T10:15:12.980000 +CVE-2024-32579,1,1,bef85a91d335382893825105d43653a0b3af1ade84a1169bdd693529d8880e90,2024-04-18T10:15:13.170000 CVE-2024-3258,0,0,00a0a017c084aafa026269300c69a9360444c24c6a4308e5e8f072ac33cf3451,2024-04-11T01:25:57.540000 -CVE-2024-32587,1,1,c0101340dd6e57977cd824dbc19762084b1f0311c3d79fc90768f09c9a11ff91,2024-04-18T09:15:12 -CVE-2024-32588,1,1,06199b7ea06222cb98c8d66024bbbf552b7a1ac7ada928b15b247be58d64ecb0,2024-04-18T09:15:12.267000 +CVE-2024-32580,1,1,d89212e1511463c2118378359d61857594e44af19ff1044b99c64fb6290a46c9,2024-04-18T10:15:13.357000 +CVE-2024-32581,1,1,2b4dca63712493af322501c332510a8f2ba63649e3cc839542d456fd433319b0,2024-04-18T10:15:13.547000 +CVE-2024-32582,1,1,c703475149bee1cf7f985634571326ae9b5ec600c9cb413e68cb979f2c6d097f,2024-04-18T10:15:13.723000 +CVE-2024-32583,1,1,0543df0029241e49f05dae2e626e57786cb81fa90b738d12ab5fc3bcdc7652ca,2024-04-18T10:15:13.920000 +CVE-2024-32584,1,1,7cd651ecdc23c5e971ef4ec044031abf262bc9888b5e9b140006060149b67c32,2024-04-18T10:15:14.110000 +CVE-2024-32585,1,1,24176cbd9d79dcc98d23f49de9e058279b6bbf02c8058bc864e22a105c82b161,2024-04-18T10:15:14.290000 +CVE-2024-32586,1,1,70b5df2ab5b36869761ce8c14e07adcc45d85265c8eae2c1a0cd2668de14387d,2024-04-18T10:15:14.480000 +CVE-2024-32587,0,0,c0101340dd6e57977cd824dbc19762084b1f0311c3d79fc90768f09c9a11ff91,2024-04-18T09:15:12 +CVE-2024-32588,0,0,06199b7ea06222cb98c8d66024bbbf552b7a1ac7ada928b15b247be58d64ecb0,2024-04-18T09:15:12.267000 CVE-2024-3259,0,0,3481f546c5fee878032df1d9aae401834d514bd5070dbdd69c5e7940d2e2efbe,2024-04-11T01:25:57.637000 -CVE-2024-32590,1,1,db34fe33ced7f25e3181ef7f278c309a9064327983fee1bedbae1e55394843ba,2024-04-18T09:15:12.503000 -CVE-2024-32591,1,1,00473bc3a983b7fc96333bf1501cdfaefb079cbe68bae057780e02a5581572b8,2024-04-18T09:15:12.700000 -CVE-2024-32592,1,1,8d3099b5f23ce9d41fa0ba5f02c1a65403577ea96ede3e8c51cfc83555cc3fbc,2024-04-18T09:15:13.010000 -CVE-2024-32593,1,1,caff7c586216de07cbe4b60548974acb79f738bd62066bd7f2e2a2aa5a923a7e,2024-04-18T09:15:13.257000 -CVE-2024-32594,1,1,4308ec0d34e3ed3c5a3718c79a111b9f300285740da56659ba0d68b316586447,2024-04-18T09:15:13.493000 -CVE-2024-32595,1,1,9d69f0586c28204877cc712d36c3783fa59b17f74c4738c0fa0b2a2de58087eb,2024-04-18T09:15:13.797000 -CVE-2024-32596,1,1,b246122c5d7389d43c23bef1db0c73b663438c58540076bad1b8b9f4e61486d6,2024-04-18T09:15:14.057000 -CVE-2024-32597,1,1,51f27b098078170afc9827fb2383191fed7f8c050b4f6dbf2abfddd1a93be587,2024-04-18T09:15:14.317000 -CVE-2024-32598,1,1,77579937e04e87143a2992dc1d37125ae40cd82911a70e2aa1c84099a87908ec,2024-04-18T09:15:14.593000 -CVE-2024-32599,1,1,ac6b88817e953f6fd9c1d9e015a366dfb3b261ff03948cfd08c270336a09f70d,2024-04-18T09:15:14.823000 -CVE-2024-32601,1,1,e55511b9e3e88f07023816dfd5dcf78b8e73f5e9d9e9e8145640fbf83cf0d2f6,2024-04-18T09:15:15.053000 -CVE-2024-32603,1,1,99dc9bddebf2ce3a291941a3ef798cc8afc75cd8a435bf59b25a8a6ffebae1aa,2024-04-18T09:15:15.330000 -CVE-2024-32604,1,1,f6f2ddb0da87c5d3b38c0b0646f3f9c3ce37b3eea3394add99286494619cb6a9,2024-04-18T09:15:15.550000 +CVE-2024-32590,0,0,db34fe33ced7f25e3181ef7f278c309a9064327983fee1bedbae1e55394843ba,2024-04-18T09:15:12.503000 +CVE-2024-32591,0,0,00473bc3a983b7fc96333bf1501cdfaefb079cbe68bae057780e02a5581572b8,2024-04-18T09:15:12.700000 +CVE-2024-32592,0,0,8d3099b5f23ce9d41fa0ba5f02c1a65403577ea96ede3e8c51cfc83555cc3fbc,2024-04-18T09:15:13.010000 +CVE-2024-32593,0,0,caff7c586216de07cbe4b60548974acb79f738bd62066bd7f2e2a2aa5a923a7e,2024-04-18T09:15:13.257000 +CVE-2024-32594,0,0,4308ec0d34e3ed3c5a3718c79a111b9f300285740da56659ba0d68b316586447,2024-04-18T09:15:13.493000 +CVE-2024-32595,0,0,9d69f0586c28204877cc712d36c3783fa59b17f74c4738c0fa0b2a2de58087eb,2024-04-18T09:15:13.797000 +CVE-2024-32596,0,0,b246122c5d7389d43c23bef1db0c73b663438c58540076bad1b8b9f4e61486d6,2024-04-18T09:15:14.057000 +CVE-2024-32597,0,0,51f27b098078170afc9827fb2383191fed7f8c050b4f6dbf2abfddd1a93be587,2024-04-18T09:15:14.317000 +CVE-2024-32598,0,0,77579937e04e87143a2992dc1d37125ae40cd82911a70e2aa1c84099a87908ec,2024-04-18T09:15:14.593000 +CVE-2024-32599,0,0,ac6b88817e953f6fd9c1d9e015a366dfb3b261ff03948cfd08c270336a09f70d,2024-04-18T09:15:14.823000 +CVE-2024-32600,1,1,ea8a036b81de220bde5fe16acec4b012920801f1d23714b6b99ac6dbc265ff24,2024-04-18T11:15:38.530000 +CVE-2024-32601,0,0,e55511b9e3e88f07023816dfd5dcf78b8e73f5e9d9e9e8145640fbf83cf0d2f6,2024-04-18T09:15:15.053000 +CVE-2024-32602,1,1,e3f2a36fd3db86385268a658d3d2fc41d7047dbeda39845be950ae6facf6b8f3,2024-04-18T11:15:38.753000 +CVE-2024-32603,0,0,99dc9bddebf2ce3a291941a3ef798cc8afc75cd8a435bf59b25a8a6ffebae1aa,2024-04-18T09:15:15.330000 +CVE-2024-32604,0,1,0791a0c3ed34a464b148d19bbd2ddecb72ff6f4a1059a32b7065f1b8a6626ee7,2024-04-18T09:15:15.550000 CVE-2024-3262,0,0,758c253f08a1135a2d383be61db9b8d36970b2087c7788f9321bc534b0b4222c,2024-04-04T12:48:22.650000 CVE-2024-32625,0,0,83e118a0392b3bec4594db5d969d72238cd7025e3075e1bbd62c95f93a226798,2024-04-16T13:24:07.103000 CVE-2024-32631,0,0,f6179c4a1916a92ef208430456218c10bd0600c556ab5afe50d23115ed2f9700,2024-04-16T13:24:07.103000 @@ -245957,6 +246004,8 @@ CVE-2024-32633,0,0,8ac8ce6a1ac201ef8dc36e7fab192ecb8b1b583d781df940a83a5707e3155 CVE-2024-32634,0,0,399e2bba8e548c1c98770d2f478e96e69a60afbc020788dd69a365e3ae504be6,2024-04-16T13:24:07.103000 CVE-2024-3266,0,0,254a5ba127b10ac48f062b62dbe4c90ef51eaba1ed741161e5a22416cbb32240,2024-04-10T13:23:38.787000 CVE-2024-3267,0,0,00a210ede7a73ca33b64d3b8a0e382509d5bafa34ae84022125b180763aee2bd,2024-04-10T13:23:38.787000 +CVE-2024-32686,1,1,316b351d5eb1c6fe086eecf4393bd4f6b058a407c5fefc2fafab9111d65ec6f7,2024-04-18T11:15:38.930000 +CVE-2024-32689,1,1,1cc97f975685b7165445ab80e94d28f01f88010cbf1bfbbdb086b854cbbf502a,2024-04-18T11:15:39.117000 CVE-2024-3270,0,0,6f3801d6fa573f4a130c8a1ad393f7345008a6cf48547c2d9608d260a00cb3bb,2024-04-11T01:25:57.753000 CVE-2024-3271,0,0,427448d66ebe59002a93ad233a5fbd2b2253db3687d924fc6f5652a183f66ed0,2024-04-16T13:24:07.103000 CVE-2024-3272,0,0,ef44e7e2e0d0ab3ec436a6ccc174b0a90f543a9a2cfa65f7a6d262da6c5446ee,2024-04-15T20:14:55.570000 @@ -246049,7 +246098,7 @@ CVE-2024-3442,0,0,756156f7de62e4a3ae69e9bbc13d8b798986428892e90d3991a24b2c8375a9 CVE-2024-3443,0,0,05006967bda17a889e39c8ccda497403cb2b35584eb895b86d4c8dd8b79230c6,2024-04-11T01:26:02.973000 CVE-2024-3444,0,0,20ed8f6fb3358c183e59c59fd1e15718847c74b3b8477277ced05a568bf760d4,2024-04-11T01:26:03.057000 CVE-2024-3445,0,0,c9628f9221624aa27cf7f5ca164e4ed34c93be648ba2ac6a84e0908c02d87fc9,2024-04-11T01:26:03.137000 -CVE-2024-3446,0,1,d41b6ff09ba21a5a975268b5a0441447c6b2bcfd6bedfe0914b9c96867cd290f,2024-04-18T08:15:38.340000 +CVE-2024-3446,0,0,d41b6ff09ba21a5a975268b5a0441447c6b2bcfd6bedfe0914b9c96867cd290f,2024-04-18T08:15:38.340000 CVE-2024-3448,0,0,38511310080ef6cbfb33c1721e41ad41c6df0877e6ffcdbf14f478fa1ea7a673,2024-04-10T19:49:51.183000 CVE-2024-3455,0,0,18e948f1ff2182718852b2ba697f0fa9a8598811bb1c2e87509c3bd543b90a57,2024-04-11T01:26:03.233000 CVE-2024-3456,0,0,944b33373fddc7621692e3fce6708723c7abc962139d88da65ad0c4ce610f104,2024-04-11T01:26:03.310000 @@ -246217,3 +246266,4 @@ CVE-2024-3914,0,0,f93977105202dbc9d06c0cd96ce45891e87c322bf8bb225cb96c3dd248984c CVE-2024-3928,0,0,3a491d85e7ac82f506cd6d0632b4632be31396fe4a14c260d7b808f8656e6c51,2024-04-18T00:15:07.523000 CVE-2024-3931,0,0,00e4dcf58c27094929770929932635c0ac41778feef8cfb4d4b8ae56ac218544,2024-04-18T00:15:07.810000 CVE-2024-3932,0,0,3d97f4daafb1ee3bdff6b350a6da680923cf8bf3d7f295646f7244d805db66a9,2024-04-18T00:15:08.033000 +CVE-2024-3948,1,1,e6a8d5233f66fae27a62fed3b1c483d27474f77db553ee8988347a0ad326c6ef,2024-04-18T11:15:39.300000