admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-11T09:00:21.765372+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-11 09:03:52 +00:00
parent 261413d695
commit 4750f9022d
21 changed files with 1272 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-113xx/CVE-2024-11386.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11386",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:23.613",
"lastModified": "2025-01-11T08:15:23.613",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/gatormail-smart-forms/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c96e5939-5b6d-4cf2-83eb-a7b94f032bcb?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-117xx/CVE-2024-11758.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11758",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:24.020",
"lastModified": "2025-01-11T08:15:24.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-spid-italia/trunk/frontend-ui.php#L109",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0cdadbf2-8b5d-4018-8cee-0d0fb07696f9?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2024/CVE-2024-118xx/CVE-2024-11874.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-11874",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:24.237",
"lastModified": "2025-01-11T08:15:24.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-accordion-renderer.php#L172",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L310",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L445",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L98",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7fc20069-5c1d-481a-b0fd-6f29ed6b41ee?source=cve",
"source": "security@wordfence.com"
}
]
}

76
CVE-2024/CVE-2024-118xx/CVE-2024-11892.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2024-11892",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:24.463",
"lastModified": "2025-01-11T08:15:24.463",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Accordion Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'accordion_slider' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/accordion-slider-lite/tags/1.5.1/public/class-accordion-renderer.php#L172",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/accordion-slider-lite/tags/1.5.1/public/class-accordion-renderer.php#L93",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/accordion-slider-lite/tags/1.5.1/public/class-accordion-slider.php#L310",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/accordion-slider-lite/tags/1.5.1/public/class-accordion-slider.php#L445",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/accordion-slider-lite/tags/1.5.1/public/class-accordion-slider.php#L98",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb386ab5-1fb9-4649-99a6-0e3f971a02f8?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-119xx/CVE-2024-11915.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11915",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:24.680",
"lastModified": "2025-01-11T08:15:24.680",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/rrdevs-for-elementor/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f7e300f-06b5-4f59-9deb-9771bf86a204?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-121xx/CVE-2024-12116.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12116",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:24.867",
"lastModified": "2025-01-11T08:15:24.867",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.1 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/unlimited-theme-addons/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9dbdb6cc-2a00-4d34-9c11-62f3d1b51c73?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-124xx/CVE-2024-12407.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12407",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:25.093",
"lastModified": "2025-01-11T08:15:25.093",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pushnotificationid' parameter in all versions up to, and including, 2.06 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/push-notification-for-post-and-buddypress/trunk/admin/pnfpb_admin_ondemand_notification_settings.php#L711",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de7be653-4d5b-4cbe-ad9c-6c2748f533bb?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-124xx/CVE-2024-12412.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12412",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:25.320",
"lastModified": "2025-01-11T08:15:25.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration \u2013 WpRently | WordPress plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018active_tab\u2019 parameter in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/booking-and-rental-manager-for-woocommerce/trunk/templates/template_segment/resort_info.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0cde64f-2533-46e0-9268-b9d100fb0a82?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12519.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12519",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:25.530",
"lastModified": "2025-01-11T08:15:25.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TCBD Auto Refresher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tcbd_auto_refresh' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/tcbd-auto-refresher/trunk/plugin-hook.php#L115",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/tcbd-auto-refresher",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/851bade8-bd3a-4fb1-8a1d-12461287694e?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12520.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12520",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:25.720",
"lastModified": "2025-01-11T08:15:25.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Dominion \u2013 Domain Checker for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dominion_shortcodes_domain_search_6' shortcode in all versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/dominion-domain-checker-wpbakery-addon/trunk/modules/domain_search/domain_search_6/doamin_search_shortcodes.php#L91",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/dominion-domain-checker-wpbakery-addon",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a684f597-da72-4697-9e37-ca45a30ca64d?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12527.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12527",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:25.913",
"lastModified": "2025-01-11T08:15:25.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfect_portal_intake_form' shortcode in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/perfect-portal-widgets/tags/3.0.3/perfect-portal-widgets.php#L330",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bded6765-e994-46a4-8c88-c324a4fd6ee6?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-128xx/CVE-2024-12877.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12877",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-11T08:15:26.127",
"lastModified": "2025-01-11T08:15:26.127",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.2 via deserialization of untrusted input from the donation form like 'firstName'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files on the server that makes remote code execution possible. Please note this was only partially patched in 3.19.3, a fully sufficient patch was not released until 3.19.4. However, another CVE was assigned by another CNA for version 3.19.3 so we will leave this as affecting 3.19.2 and before. We have recommended the vendor use JSON encoding to prevent any further deserialization vulnerabilities from being present."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3212723/give/tags/3.19.3/src/Helpers/Utils.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2143edf-5423-4e79-8638-a5b98490d292?source=cve",
"source": "security@wordfence.com"
}
]
}

56
CVE-2024/CVE-2024-421xx/CVE-2024-42170.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42170",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-01-11T07:15:06.767",
"lastModified": "2025-01-11T07:15:06.767",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",
"source": "psirt@hcl.com"
}
]
}

56
CVE-2024/CVE-2024-421xx/CVE-2024-42171.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42171",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-01-11T07:15:08.553",
"lastModified": "2025-01-11T07:15:08.553",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",
"source": "psirt@hcl.com"
}
]
}

56
CVE-2024/CVE-2024-421xx/CVE-2024-42172.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42172",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-01-11T07:15:08.743",
"lastModified": "2025-01-11T07:15:08.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially leading to identity theft and system control. This vulnerability arises from poor configuration, logic errors, or software bugs and can affect any application with access control, including databases, network infrastructure, and web applications."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",
"source": "psirt@hcl.com"
}
]
}

56
CVE-2024/CVE-2024-421xx/CVE-2024-42173.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42173",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-01-11T07:15:08.927",
"lastModified": "2025-01-11T07:15:08.927",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-521"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",
"source": "psirt@hcl.com"
}
]
}

56
CVE-2024/CVE-2024-421xx/CVE-2024-42174.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42174",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-01-11T07:15:09.110",
"lastModified": "2025-01-11T07:15:09.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users, and therefore\u00a0compile a list of valid usernames."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 3.7,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-204"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",
"source": "psirt@hcl.com"
}
]
}

56
CVE-2024/CVE-2024-421xx/CVE-2024-42175.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42175",
"sourceIdentifier": "psirt@hcl.com",
"published": "2025-01-11T08:15:26.343",
"lastModified": "2025-01-11T08:15:26.343",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts special characters and there is no length validation. This can lead to security vulnerabilities like SQL injection, XSS, and buffer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 2.6,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",
"source": "psirt@hcl.com"
}
]
}

137
CVE-2025/CVE-2025-03xx/CVE-2025-0390.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-0390",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-11T08:15:26.527",
"lastModified": "2025-01-11T08:15:26.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-23"
},
{
"lang": "en",
"value": "CWE-24"
}
]
}
],
"references": [
{
"url": "https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKBM",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.291124",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.291124",
"source": "cna@vuldb.com"
}
]
}

28
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-11T07:00:19.985085+00:00
2025-01-11T09:00:21.765372+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-11T06:15:25.070000+00:00
2025-01-11T08:15:26.527000+00:00
```
### Last Data Feed Release
@ -33,14 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
276703
276722
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `19`
- [CVE-2024-12587](CVE-2024/CVE-2024-125xx/CVE-2024-12587.json) (`2025-01-11T06:15:25.070`)
- [CVE-2024-11386](CVE-2024/CVE-2024-113xx/CVE-2024-11386.json) (`2025-01-11T08:15:23.613`)
- [CVE-2024-11758](CVE-2024/CVE-2024-117xx/CVE-2024-11758.json) (`2025-01-11T08:15:24.020`)
- [CVE-2024-11874](CVE-2024/CVE-2024-118xx/CVE-2024-11874.json) (`2025-01-11T08:15:24.237`)
- [CVE-2024-11892](CVE-2024/CVE-2024-118xx/CVE-2024-11892.json) (`2025-01-11T08:15:24.463`)
- [CVE-2024-11915](CVE-2024/CVE-2024-119xx/CVE-2024-11915.json) (`2025-01-11T08:15:24.680`)
- [CVE-2024-12116](CVE-2024/CVE-2024-121xx/CVE-2024-12116.json) (`2025-01-11T08:15:24.867`)
- [CVE-2024-12407](CVE-2024/CVE-2024-124xx/CVE-2024-12407.json) (`2025-01-11T08:15:25.093`)
- [CVE-2024-12412](CVE-2024/CVE-2024-124xx/CVE-2024-12412.json) (`2025-01-11T08:15:25.320`)
- [CVE-2024-12519](CVE-2024/CVE-2024-125xx/CVE-2024-12519.json) (`2025-01-11T08:15:25.530`)
- [CVE-2024-12520](CVE-2024/CVE-2024-125xx/CVE-2024-12520.json) (`2025-01-11T08:15:25.720`)
- [CVE-2024-12527](CVE-2024/CVE-2024-125xx/CVE-2024-12527.json) (`2025-01-11T08:15:25.913`)
- [CVE-2024-12877](CVE-2024/CVE-2024-128xx/CVE-2024-12877.json) (`2025-01-11T08:15:26.127`)
- [CVE-2024-42170](CVE-2024/CVE-2024-421xx/CVE-2024-42170.json) (`2025-01-11T07:15:06.767`)
- [CVE-2024-42171](CVE-2024/CVE-2024-421xx/CVE-2024-42171.json) (`2025-01-11T07:15:08.553`)
- [CVE-2024-42172](CVE-2024/CVE-2024-421xx/CVE-2024-42172.json) (`2025-01-11T07:15:08.743`)
- [CVE-2024-42173](CVE-2024/CVE-2024-421xx/CVE-2024-42173.json) (`2025-01-11T07:15:08.927`)
- [CVE-2024-42174](CVE-2024/CVE-2024-421xx/CVE-2024-42174.json) (`2025-01-11T07:15:09.110`)
- [CVE-2024-42175](CVE-2024/CVE-2024-421xx/CVE-2024-42175.json) (`2025-01-11T08:15:26.343`)
- [CVE-2025-0390](CVE-2025/CVE-2025-03xx/CVE-2025-0390.json) (`2025-01-11T08:15:26.527`)
### CVEs modified in the last Commit

21
_state.csv
View File

@ -244355,6 +244355,7 @@ CVE-2024-11382,0,0,df85d7e3403a61740b0f7988e30b29460f9aa19d1c808298873a699eef4bb
CVE-2024-11383,0,0,0bd752b29e1d721279f3a057a12cad20bb26b751fe22cdc457a198866064150b,2025-01-07T05:15:12.650000
CVE-2024-11384,0,0,bd09d80eb823d8832deb7b6d31dd08e4639583550e7acd4a531e328e5f289803,2024-12-12T05:15:07.527000
CVE-2024-11385,0,0,b8c574c75cf2cea00a757d377dc474503f06328c73f6861f0cd8dff47b3ce271,2024-11-26T18:04:49.077000
CVE-2024-11386,1,1,458e90cc10d5ea7966014cc93ebe3e8ec2358207a7341c32907eb034b035dd6c,2025-01-11T08:15:23.613000
CVE-2024-11387,0,0,cc2575267c0624c2d772e7a1294628b14be17e17456ccbcf14c82a61dc7cfdd8,2024-11-23T05:15:06.833000
CVE-2024-11388,0,0,cc4ce5951e6443c6719f0b47e25fd91148c8919ab17cf08bd038e67541d941d5,2024-11-26T17:23:56.647000
CVE-2024-1139,0,0,ed27d132fb547ef9bb4d842588c622a547c4be05d0420da7bbf8b6fe851be114,2024-11-21T08:49:52.997000
@ -244696,6 +244697,7 @@ CVE-2024-11754,0,0,115157a8a0f024c3ba84de7edd359cbde1e25041eace45096f12b0e339d7e
CVE-2024-11755,0,0,c883abaefa6170cee64d3b62a0d846726e75234488258495594582792094520e,2024-12-14T05:15:07.100000
CVE-2024-11756,0,0,61a3f10bbfe20c57d2a9ef3bbe71f843c6e92a6387f10cd46d5720b2e61f0cf5,2025-01-07T06:15:14.943000
CVE-2024-11757,0,0,1bc7aae07622ccc6a4b7076dd363e7b8ecfc55de5a0f36b46f6f6ac7ac916966,2024-12-12T06:15:21.367000
CVE-2024-11758,1,1,ca726f10359ea7a86c76a4ce25cc4fb51d404c0b02b8352f33945ac7a0f2c12b,2025-01-11T08:15:24.020000
CVE-2024-11759,0,0,721c2f6fdff65f13ac54d162c1b8bb0f862a88123dec2155aa18c28dd98f712d,2024-12-14T05:15:07.287000
CVE-2024-1176,0,0,ade3cc69c20caab05c727481cc0ec5f568a186d8a0d855f0f768d9d6ccfee82f,2024-11-21T08:49:58.123000
CVE-2024-11760,0,0,72a8fc65de07cdadf0a0f6ed904fea74fd9bb6ba4b9fc9e5c352d9cc3a548975,2024-12-12T09:15:05.040000
@ -244801,6 +244803,7 @@ CVE-2024-1187,0,0,34bfab1d2868a509e17e58177c8ef1072428b9ace11ecd550f1c0daa57f2d3
CVE-2024-11871,0,0,36cc57375a53657e02bd7a0a87b9e1475ef36a9df08a07761721bf952ae1c645,2024-12-12T06:15:22.327000
CVE-2024-11872,0,0,73a0c13648454617801aeec393eb6a762bb5263f614221a21da77057533ece08,2024-12-12T01:40:20.537000
CVE-2024-11873,0,0,83746cce2dad963e58a32339952bb6b4ae12bd4ff788e558b09e1ea778150265,2024-12-14T05:15:08.707000
CVE-2024-11874,1,1,074c681a0af35e6e5c7b941981b56804a74fe1d91f1cb4652c19535ac87301f3,2025-01-11T08:15:24.237000
CVE-2024-11875,0,0,2fce0016aa8c6a027c95eca97da341c6f52b04c99e151a803448f2d92e035de0,2024-12-12T05:15:10.317000
CVE-2024-11876,0,0,4d446e019fc456b762b8b387c5e79806d641107f5a6d66eca5284969e986ead6,2024-12-14T05:15:08.890000
CVE-2024-11877,0,0,ea4b234684fec63e3511addc951d161596023eb0b3e6bfea2e1878541e65dfd7,2024-12-14T05:15:09.060000
@ -244818,6 +244821,7 @@ CVE-2024-11888,0,0,8a06477d55991ecfcdfbbbe13cfc5cc7673a7932d3eb8f15153aab2ef7344
CVE-2024-11889,0,0,c40f4924de6b0709ad2ac4ea75e730ab583fde8e75b7967e6c96aa9146701117,2024-12-14T05:15:10.030000
CVE-2024-1189,0,0,3e2c1a3fc9f24eb6eaedd5adba4b6f521645b93b8971a5e9477fe83a4ee5ef97,2024-11-21T08:49:59.850000
CVE-2024-11891,0,0,f8a38032fa61b45ae7f4fd61d15412795ca770178ff882a3a6fac619a51ce045,2024-12-12T05:15:10.670000
CVE-2024-11892,1,1,136e0aea797baf6aec107fd99f716a2a8a98d5331a2bdfff8885477242464f44,2025-01-11T08:15:24.463000
CVE-2024-11893,0,0,ab78f78c6e435c83f3f5f09a281780ac0636482d65ec96c7c75ce803df2c5017,2024-12-20T07:15:11.747000
CVE-2024-11894,0,0,9e31b28fa56a41e12b82fdf98576d9a13777f5eed7b6c3fc1f71a85af109ef81,2024-12-14T05:15:10.227000
CVE-2024-11896,0,0,34f349ccc91bcf6d6c27bb81a454efc17924954cfa878d33ee370546a785a3f4,2024-12-24T09:15:05.663000
@ -244838,6 +244842,7 @@ CVE-2024-11910,0,0,7cdc56d220bb226d66f2e09af7dfa09212676d67ef40d93704c67462fa98d
CVE-2024-11911,0,0,caa0b453641ff9f186639ae770eb52db38531714654a626a4eab9e32db68000f,2024-12-13T09:15:07.083000
CVE-2024-11912,0,0,0aaa3071f593c52d1aa93372da39c5543ab6e6ea5c65e9bf469d02aec4ea5907,2024-12-18T12:15:08.950000
CVE-2024-11914,0,0,fa4ae25ac8caf18cb116501f16c4447bae56afeb864dc904882202ad6cc9632f,2024-12-12T04:15:06.983000
CVE-2024-11915,1,1,dc3ca0c1970f54dc4a5ca94d3cc15a32b71532a500815bf83b22c0157a62de2b,2025-01-11T08:15:24.680000
CVE-2024-11916,0,0,ebf505af531198d809ed1e93c1d8be8e129094835bb0f050a7490a11374346ee,2025-01-08T04:15:06.537000
CVE-2024-11918,0,0,f7031582b21494aaa2ccab4dd4ab92d52bf9f67c1445d9fb72b363b717cfc06b,2024-11-28T06:15:08.347000
CVE-2024-1192,0,0,4521fc6ae268791ebd6da2ad80ce9552b7ae38c5833cb5098776b1906357f9a0,2025-01-08T14:35:22.633000
@ -244976,6 +244981,7 @@ CVE-2024-12110,0,0,f266935beaa447960f1dea8d3421db64eefadfd0613c53fd8d2543de02327
CVE-2024-12111,0,0,94cbde89c1eb7b342ad5b2e1b90e676e3d9dc7b09262fa3ba8de5cb41e47a11b,2024-12-19T20:15:06.950000
CVE-2024-12112,0,0,cb0f7873248fd4a1fa61695f98ef1eefe20e324e4ad567998bdfa3d468a39f02,2025-01-08T04:15:06.683000
CVE-2024-12115,0,0,e6944683813361fa4999b92dbfb5849d2d0c20bc3f6186b671317bdf2839435d,2024-12-07T02:15:18.653000
CVE-2024-12116,1,1,869ce525ce7e781c5f6c67db9c3c06f2e95fa2c0db4e986ac99d9fc5b5f2ce69,2025-01-11T08:15:24.867000
CVE-2024-1212,0,0,c6c0d98b39fe69ac963e13ef16e93aec1a62abd1466de44e7788f638a4921cfa,2024-11-21T08:50:03.010000
CVE-2024-12121,0,0,03702b315699ac0a86731f33a73d0aefd1ecc16bf8d72dc7730c1bb362033b62,2024-12-19T02:15:22.610000
CVE-2024-12122,0,0,cd1f78c8c596258a19e9ed3e4a0459f757b23ea59e2546cc9293883a9975ed13,2025-01-09T11:15:11.860000
@ -245187,9 +245193,11 @@ CVE-2024-12402,0,0,8e35cfc4cf7a344abb45fa7331224e766525626c55ea5686a3d8b4838a76c
CVE-2024-12404,0,0,0ae799af50bc1f8f81ca73c24e0c487e6cb95e7dbb212bb43b7dafb4f227c072,2025-01-11T03:15:21.140000
CVE-2024-12405,0,0,631a04fc890c6ac2fbe1fd822df1e67f289f1ef7b029b11f0950a96d4993c03b,2024-12-24T06:15:33.123000
CVE-2024-12406,0,0,3a24bd925fcaee835bc0ee30f7ad38b16626ae1e5c8470fedd28227d3dd60123,2024-12-12T05:15:12.210000
CVE-2024-12407,1,1,d9811ea7aaed00c035a057ab8d0a3989286774aca6d4690b922da837a88beb9b,2025-01-11T08:15:25.093000
CVE-2024-12408,0,0,c9a97800ebdc971055fe039c0934b7c899913355f0545cc6cb71b6253bd484f6,2024-12-21T10:15:08.067000
CVE-2024-1241,0,0,ba82bb77c28ed45b324839e72710669d8c2af006c45eeed23dee90a28ff67ea8,2024-11-21T08:50:08.490000
CVE-2024-12411,0,0,fca8eab422ceda64b215d958b150a7f03625a9aa9df8afa22fe2b27e73430e47,2024-12-14T05:15:10.437000
CVE-2024-12412,1,1,a36f11976e1e41ee78fe97d1e70577f9d00cafdfe398e32080cffa4b8eeaa8f0,2025-01-11T08:15:25.320000
CVE-2024-12413,0,0,fdd057a05387c9ace72d4ba4316c6065bf29813d0f1c7f4a169e0a5a81de204b,2024-12-25T04:15:06.607000
CVE-2024-12414,0,0,ecf25a2c3f536085b4d44f95471b078e2b7cb6ad454e7c12c9e7d103ff4fa2bb,2024-12-13T09:15:08.070000
CVE-2024-12416,0,0,435759be4e4ba56188ea7f6720fc32442a546d90f18b812fdb1df1c91242e1f0,2025-01-07T04:15:08.143000
@ -245276,10 +245284,13 @@ CVE-2024-12515,0,0,09dd4a0c49aa32e74192a256344ff33ed3a3398ea0769ff4f67849bb3b5cb
CVE-2024-12516,0,0,e41b8f7326a1ff9d5fbcf49901d9bff7bf07cbba6980171c82a8cc823c6f0a6e,2025-01-07T08:15:25.290000
CVE-2024-12517,0,0,4d330b1d19e40313cc9a81f9b8784c01c801f44b6fb4859786e4a9a0d1f904a4,2024-12-14T05:15:11.453000
CVE-2024-12518,0,0,e836e2bda2de8df1c322fb96b28c258a6308fb3f7a0cbb3b5a146ac83d3fa431,2024-12-24T05:15:06.827000
CVE-2024-12519,1,1,6450c33307c9449b6013ea08667cefb1a5486038517ffb39b882eb5aad6e21fa,2025-01-11T08:15:25.530000
CVE-2024-1252,0,0,d03beb126367df5b21be601ec7e2ecf5f48cece91d0754af14f589827736f3cf,2024-11-21T08:50:09.700000
CVE-2024-12520,1,1,3f1b14d7dffeae4c90b0f9206c631144937a48e23d81ccf571b144329c30ab26,2025-01-11T08:15:25.720000
CVE-2024-12521,0,0,2dfc767456ed3b436c8094393a38b7cdd77f0a32468d17a99274b9a7d3db5dce,2025-01-08T04:15:06.827000
CVE-2024-12523,0,0,185a41d328f0e130d8ed17ada12f64a855433449910369cbbb025fff8ce0f4d8,2024-12-14T05:15:11.640000
CVE-2024-12526,0,0,b192d6e45212a3c6d09a8a6cd2198d071bb3ba4da94a4e2bf151be7ad2c18324,2024-12-12T05:15:13.577000
CVE-2024-12527,1,1,2eded19676c81f6420ec9daeb3ce62a1cabb4a11728f06c8deff94df9b3fcae8,2025-01-11T08:15:25.913000
CVE-2024-12528,0,0,b542d57e01c0c48ad9564b0890e0d12d29edb2156a8c53246e86bf7139add551,2025-01-07T04:15:08.543000
CVE-2024-1253,0,0,a598e10fa6d530af6148de164d99995412d597f7142ead42d62b85e905a98949,2024-11-21T08:50:09.843000
CVE-2024-12532,0,0,9ca157cc408917cff34071ccec5f6a565d9704ba7df388f3088985d6d80c9ea4,2025-01-07T12:15:24.363000
@ -245317,7 +245328,7 @@ CVE-2024-12582,0,0,bbfe1aae814f308a85392c13709691d46da248e6458c80cb519b63fa483aa
CVE-2024-12583,0,0,6c1f345fbc3f1cc53302e61a1dfbebbfcc1b6c1ee5d98cc4a9e3c7ebaa7ceed3,2025-01-04T09:15:06.090000
CVE-2024-12584,0,0,816f60d6132b2347c9aa70129bc858e7047e308acf27028a30827ba4bb7b6af3,2025-01-08T07:15:26.833000
CVE-2024-12585,0,0,ead992288f92d4be283e03018b341d11a9b47641e24068b49fe654a049e91e84,2025-01-08T16:15:34.130000
CVE-2024-12587,1,1,fa0892d68b7bb4f6804fea8fc811eca021bdbb7440a414a14dfb72694409d2c4,2025-01-11T06:15:25.070000
CVE-2024-12587,0,0,fa0892d68b7bb4f6804fea8fc811eca021bdbb7440a414a14dfb72694409d2c4,2025-01-11T06:15:25.070000
CVE-2024-12588,0,0,9ef4dd85f085f6ba612688cc14a2c49d05248e20e75bd2d7bdd4aff39b5ac0f2,2024-12-21T09:15:06.233000
CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000
CVE-2024-12590,0,0,78caf08663857a2f888f89c4842ba777750ad04068c078583ff87671d3a13c4e,2025-01-07T04:15:09.607000
@ -245483,6 +245494,7 @@ CVE-2024-1286,0,0,3a37afba636befcbf537a255eb60a76fe80040636283609c3669d2692aee91
CVE-2024-12867,0,0,732c7583e9efa2618fe2f4098930414e7eb5e8b8eea2432950087191a298a004,2024-12-20T20:15:22.740000
CVE-2024-1287,0,0,86cfcf8ed68830eef8991c1cc47e2012e7e4c97ca8a27598ab8fa2741ba6d8b0,2024-11-21T08:50:14.227000
CVE-2024-12875,0,0,65f6ca3bff49bc2fd9ea644c89d99467e02d0f3d3859a576808fcf00ae63e813,2024-12-21T12:15:20.910000
CVE-2024-12877,1,1,ee745cc6891b6f98f31fc8fb5b937635d304fd155e8f601a9dbdfeb4b3023c62,2025-01-11T08:15:26.127000
CVE-2024-1288,0,0,395f2de724425f73212a7bc39e91c09ee4289c7b4882341dd1ed370b6c884fd8,2024-11-21T08:50:14.440000
CVE-2024-12881,0,0,ca1a79d9bb91f6e4db066c4e6e2534703ac042b68f8ca082fdad0b99821d0028,2024-12-24T10:15:06.240000
CVE-2024-12883,0,0,0dccbc52a4dfe90cc951e45cce63bd7a8971973694371765a4b4ec10fba99d5e,2025-01-10T21:24:53.957000
@ -263205,6 +263217,12 @@ CVE-2024-42167,0,0,a8537f04ff59d4b55355491fa52ffd928dd919682df2e2ae176719a0ae545
CVE-2024-42168,0,0,396f9a2a9cf8c68e9266763d699c26138cc1d4ef65d45c1544d9044b683ac508,2025-01-11T03:15:21.737000
CVE-2024-42169,0,0,c4139885b2469e8450cbc5522608cee82c175ae727bad061d2616411c5428be4,2025-01-11T03:15:21.873000
CVE-2024-4217,0,0,4a31dba4c3cb596b9bff69bedee5b7fb5464d8d24ddeafafb7638907c1f396d8,2024-11-21T09:42:24.493000
CVE-2024-42170,1,1,8621732feafb5a1965cf3a672a0abfa5ec1d2fa154849f8bc0827a4858d29f69,2025-01-11T07:15:06.767000
CVE-2024-42171,1,1,7c23376f01e8a71dba8f02e3cc459179e17a02155763a5cb5f720093a587aefd,2025-01-11T07:15:08.553000
CVE-2024-42172,1,1,225fcad75eabc6687a4f18f7362b2adb3c25abd093cdc9d59c7996b0d4e7cfbe,2025-01-11T07:15:08.743000
CVE-2024-42173,1,1,44f315b59e5db8539983c783dcc88b531da6958c918975bbf10efa6c538c20d2,2025-01-11T07:15:08.927000
CVE-2024-42174,1,1,3f28820a9bd8cf8cf9d334457ab9a1a64b4e8c40d794a897f768f73624ecc250,2025-01-11T07:15:09.110000
CVE-2024-42175,1,1,15ace39e893c1bff8b7e16e522cde4b95b5af743307f180322bb8a85d03c4238,2025-01-11T08:15:26.343000
CVE-2024-4218,0,0,7a0061e75f27495a7259e5a50ce11715685411290c6b771dfa8c54d8a57b046e,2024-11-21T09:42:24.667000
CVE-2024-42188,0,0,a8278cfe50e3ca68bde755bed653483d11589c1acd3e94c1e7362476b4ce136e,2024-11-15T13:58:08.913000
CVE-2024-4219,0,0,cd28361343cc861bde40c0bbbee1aabb101ed013946c5589d3ba0dabbead402f,2024-11-21T09:42:24.783000
@ -276462,6 +276480,7 @@ CVE-2025-0346,0,0,5ef713c51f5d66e23ba323fef83a836926d709bf8afa5794ad9246d5b98392
CVE-2025-0347,0,0,6deecfeab5129f64e2a00007dc87253c44d21860263f71f54e4dc7b1cdd350f5,2025-01-09T10:15:07.170000
CVE-2025-0348,0,0,331eb1ff4b382b4fa4cded2d4eff33d4e1224a2775f1380fa27191f50e86e003,2025-01-09T10:15:07.700000
CVE-2025-0349,0,0,113bd719c64af64e563d3b7f6bc64a9c5a1e1f5ad7d7591de270b2e445c8d15a,2025-01-09T11:15:16.547000
CVE-2025-0390,1,1,e8680a8850f5f93c327358a0bafb5800686853499fcfad6c845505a58dd62509,2025-01-11T08:15:26.527000
CVE-2025-20033,0,0,6018e09e60bc36da724018ac20bc63bc1922bb37746fdb9e10624cea7c137ebf,2025-01-09T07:15:28.450000
CVE-2025-20123,0,0,7f3b728d3f9cbfa875df0a45e50a08c953f805f15b1141475f4e31dfbed0e1d1,2025-01-08T16:15:38.150000
CVE-2025-20126,0,0,1585188395ef0aa5a894bbea6d526bdf238d58865dbcb187ac89434fb8c590b9,2025-01-08T19:15:38.553000

Can't render this file because it is too large.