diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33836.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33836.json new file mode 100644 index 00000000000..0b733c63f73 --- /dev/null +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33836.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-33836", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:56.920", + "lastModified": "2024-06-19T21:15:56.920", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"JA Marketplace\" (jamarketplace) up to version 9.0.1 from JA Module for PrestaShop, a guest can upload files with extensions .php. In version 6.X, the method `JmarketplaceproductModuleFrontController::init()` and in version 8.X, the method `JmarketplaceSellerproductModuleFrontController::init()` allow upload of .php files, which will lead to a critical vulnerability." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-06-18-jamarketplace.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-349xx/CVE-2024-34990.json b/CVE-2024/CVE-2024-349xx/CVE-2024-34990.json new file mode 100644 index 00000000000..65cf7db6e44 --- /dev/null +++ b/CVE-2024/CVE-2024-349xx/CVE-2024-34990.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-34990", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:57.023", + "lastModified": "2024-06-19T21:15:57.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Help Desk - Customer Support Management System\" (helpdesk) up to version 2.4.0 from FME Modules for PrestaShop, a customer can upload .php files. Methods `HelpdeskHelpdeskModuleFrontController::submitTicket()` and `HelpdeskHelpdeskModuleFrontController::replyTicket()` allow upload of .php files on a predictable path for connected customers." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-06-18-helpdesk.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-349xx/CVE-2024-34993.json b/CVE-2024/CVE-2024-349xx/CVE-2024-34993.json new file mode 100644 index 00000000000..402225e2b46 --- /dev/null +++ b/CVE-2024/CVE-2024-349xx/CVE-2024-34993.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-34993", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T20:15:11.053", + "lastModified": "2024-06-19T20:15:11.053", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Bulk Export products to Google Merchant-Google Shopping\" (bagoogleshopping) up to version 1.0.26 from Buy Addons for PrestaShop, a guest can perform SQL injection via`GenerateCategories::renderCategories()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-06-18-bagoogleshopping.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-349xx/CVE-2024-34994.json b/CVE-2024/CVE-2024-349xx/CVE-2024-34994.json new file mode 100644 index 00000000000..97d8d13caa5 --- /dev/null +++ b/CVE-2024/CVE-2024-349xx/CVE-2024-34994.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-34994", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:57.130", + "lastModified": "2024-06-19T21:15:57.130", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Channable\" (channable) up to version 3.2.1 from Channable for PrestaShop, a guest can perform SQL injection via `ChannableFeedModuleFrontController::postProcess()`." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-06-18-channable.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36677.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36677.json new file mode 100644 index 00000000000..55d2bc52b58 --- /dev/null +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36677.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-36677", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:57.257", + "lastModified": "2024-06-19T21:15:57.257", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Login as customer PRO\" (loginascustomerpro) <1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2024/06/18/loginascustomerpro.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36678.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36678.json new file mode 100644 index 00000000000..e7470c8df4d --- /dev/null +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36678.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-36678", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:57.363", + "lastModified": "2024-06-19T21:15:57.363", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Theme settings\" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2024/06/18/pk_themesettings.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36679.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36679.json new file mode 100644 index 00000000000..778a4ea629d --- /dev/null +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36679.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-36679", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:57.470", + "lastModified": "2024-06-19T21:15:57.470", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Module Live Chat Pro (All in One Messaging)\" (livechatpro) <=8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method `Lcp::saveTranslations()` suffer of a white writer that can inject PHP code into a PHP file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2024/06/18/livechatpro.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36680.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36680.json new file mode 100644 index 00000000000..cb185db84c8 --- /dev/null +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36680.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-36680", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:57.577", + "lastModified": "2024-06-19T21:15:57.577", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Facebook\" (pkfacebook) <=1.0.1 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The ajax script facebookConnect.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2024/06/18/pkfacebook.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-366xx/CVE-2024-36684.json b/CVE-2024/CVE-2024-366xx/CVE-2024-36684.json new file mode 100644 index 00000000000..118ee82499b --- /dev/null +++ b/CVE-2024/CVE-2024-366xx/CVE-2024-36684.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-36684", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-19T21:15:57.680", + "lastModified": "2024-06-19T21:15:57.680", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the module \"Custom links\" (pk_customlinks) <= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2024/06/18/pk_customlinks.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38355.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38355.json new file mode 100644 index 00000000000..29f0363f6a5 --- /dev/null +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38355.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2024-38355", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-06-19T20:15:11.180", + "lastModified": "2024-06-19T20:15:11.180", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit `15af22fc22` which has been included in `socket.io@4.6.2` (released in May 2023). The fix was backported in the 2.x branch as well with commit `d30630ba10`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the \"error\" event to catch these errors.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/socketio/socket.io/commit/15af22fc22bc6030fcead322c106f07640336115", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/socketio/socket.io/commit/d30630ba10562bf987f4d2b42440fc41a828119c", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/socketio/socket.io/security/advisories/GHSA-25hc-qcg6-38wj", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38356.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38356.json new file mode 100644 index 00000000000..f18e211ab95 --- /dev/null +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38356.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-38356", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-06-19T20:15:11.453", + "lastModified": "2024-06-19T20:15:11.453", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE\u2019s content extraction code. When using the `noneditable_regexp` option, specially crafted HTML attributes containing malicious code were able to be executed when content was extracted from the editor. This vulnerability has been patched in TinyMCE 7.2.0, TinyMCE 6.8.4 and TinyMCE 5.11.0 LTS by ensuring that, when using the `noneditable_regexp` option, any content within an attribute is properly verified to match the configured regular expression before being added. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/tinymce/tinymce/commit/5acb741665a98e83d62b91713c800abbff43b00d", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-9hcv-j9pv-qmph", + "source": "security-advisories@github.com" + }, + { + "url": "https://owasp.org/www-community/attacks/xss", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.tiny.cloud/docs/tinymce/6/6.8.4-release-notes/#overview", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.tiny.cloud/docs/tinymce/7/7.2-release-notes/#overview", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38357.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38357.json new file mode 100644 index 00000000000..1a5acaa12d8 --- /dev/null +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38357.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-38357", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-06-19T20:15:11.727", + "lastModified": "2024-06-19T20:15:11.727", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TinyMCE is an open source rich text editor. A cross-site scripting (XSS) vulnerability was discovered in TinyMCE\u2019s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. This vulnerability has been patched in TinyMCE 7.2.0, TinyMCE 6.8.4 and TinyMCE 5.11.0 LTS by ensuring that content within noscript elements are properly parsed. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/tinymce/tinymce/commit/5acb741665a98e83d62b91713c800abbff43b00d", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-w9jx-4g6g-rp7x", + "source": "security-advisories@github.com" + }, + { + "url": "https://owasp.org/www-community/attacks/xss", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.tiny.cloud/docs/tinymce/6/6.8.4-release-notes/#overview", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.tiny.cloud/docs/tinymce/7/7.2-release-notes/#overview", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38358.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38358.json new file mode 100644 index 00000000000..61593e83176 --- /dev/null +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38358.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-38358", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-06-19T20:15:11.990", + "lastModified": "2024-06-19T20:15:11.990", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Wasmer is a web assembly (wasm) Runtime supporting WASIX, WASI and Emscripten. If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both `oflags::creat` and `rights::fd_write`. Programs can also crash the runtime by creating a symlink pointing outside with `path_symlink` and `path_open`ing the link. This issue has been addressed in commit `b9483d022` which has been included in release version 4.3.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.9, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.4, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/wasmerio/wasmer/commit/b9483d022c602b994103f78ecfe46f017f8ac662", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/wasmerio/wasmer/security/advisories/GHSA-55f3-3qvg-8pv5", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-55xx/CVE-2024-5564.json b/CVE-2024/CVE-2024-55xx/CVE-2024-5564.json index 51c48dc17cf..395561b7432 100644 --- a/CVE-2024/CVE-2024-55xx/CVE-2024-5564.json +++ b/CVE-2024/CVE-2024-55xx/CVE-2024-5564.json @@ -2,7 +2,7 @@ "id": "CVE-2024-5564", "sourceIdentifier": "secalert@redhat.com", "published": "2024-05-31T19:15:08.883", - "lastModified": "2024-06-03T14:46:24.250", + "lastModified": "2024-06-19T20:15:12.277", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -58,6 +58,10 @@ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284122", "source": "secalert@redhat.com" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00011.html", + "source": "secalert@redhat.com" } ] } \ No newline at end of file diff --git a/README.md b/README.md index 1395cd8fde2..c9e00c88887 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-06-19T20:00:19.790114+00:00 +2024-06-19T22:00:18.346906+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-06-19T18:15:11.820000+00:00 +2024-06-19T21:15:57.680000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -254600 +254613 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `13` -- [CVE-2024-36115](CVE-2024/CVE-2024-361xx/CVE-2024-36115.json) (`2024-06-19T18:15:10.597`) -- [CVE-2024-36116](CVE-2024/CVE-2024-361xx/CVE-2024-36116.json) (`2024-06-19T18:15:10.910`) -- [CVE-2024-36117](CVE-2024/CVE-2024-361xx/CVE-2024-36117.json) (`2024-06-19T18:15:11.220`) -- [CVE-2024-38352](CVE-2024/CVE-2024-383xx/CVE-2024-38352.json) (`2024-06-19T18:15:11.507`) +- [CVE-2024-33836](CVE-2024/CVE-2024-338xx/CVE-2024-33836.json) (`2024-06-19T21:15:56.920`) +- [CVE-2024-34990](CVE-2024/CVE-2024-349xx/CVE-2024-34990.json) (`2024-06-19T21:15:57.023`) +- [CVE-2024-34993](CVE-2024/CVE-2024-349xx/CVE-2024-34993.json) (`2024-06-19T20:15:11.053`) +- [CVE-2024-34994](CVE-2024/CVE-2024-349xx/CVE-2024-34994.json) (`2024-06-19T21:15:57.130`) +- [CVE-2024-36677](CVE-2024/CVE-2024-366xx/CVE-2024-36677.json) (`2024-06-19T21:15:57.257`) +- [CVE-2024-36678](CVE-2024/CVE-2024-366xx/CVE-2024-36678.json) (`2024-06-19T21:15:57.363`) +- [CVE-2024-36679](CVE-2024/CVE-2024-366xx/CVE-2024-36679.json) (`2024-06-19T21:15:57.470`) +- [CVE-2024-36680](CVE-2024/CVE-2024-366xx/CVE-2024-36680.json) (`2024-06-19T21:15:57.577`) +- [CVE-2024-36684](CVE-2024/CVE-2024-366xx/CVE-2024-36684.json) (`2024-06-19T21:15:57.680`) +- [CVE-2024-38355](CVE-2024/CVE-2024-383xx/CVE-2024-38355.json) (`2024-06-19T20:15:11.180`) +- [CVE-2024-38356](CVE-2024/CVE-2024-383xx/CVE-2024-38356.json) (`2024-06-19T20:15:11.453`) +- [CVE-2024-38357](CVE-2024/CVE-2024-383xx/CVE-2024-38357.json) (`2024-06-19T20:15:11.727`) +- [CVE-2024-38358](CVE-2024/CVE-2024-383xx/CVE-2024-38358.json) (`2024-06-19T20:15:11.990`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2024-4369](CVE-2024/CVE-2024-43xx/CVE-2024-4369.json) (`2024-06-19T18:15:11.820`) +- [CVE-2024-5564](CVE-2024/CVE-2024-55xx/CVE-2024-5564.json) (`2024-06-19T20:15:12.277`) ## Download and Usage diff --git a/_state.csv b/_state.csv index d29e3f0fd16..1e6c0122bb8 100644 --- a/_state.csv +++ b/_state.csv @@ -250964,6 +250964,7 @@ CVE-2024-33830,0,0,4bec17a1ace431d40129f86a3decff5923e7758432d69e3320d95a816eb74 CVE-2024-33831,0,0,98c1e02fb52cc885fef491b04fbf31cf74b7566005400cd91ab0d4a14f98e6eb,2024-04-30T19:35:36.960000 CVE-2024-33832,0,0,e7d2cac687a99961b7eaca7437c17155c2c3f6529821c095b09e5161bda8425f,2024-04-30T19:35:36.960000 CVE-2024-33835,0,0,b7a1ddab44d53e7f09c5ad58cb148033d556cb74ed3d7a19809aa297e0382c78,2024-05-01T13:01:51.263000 +CVE-2024-33836,1,1,5e3480fa82212040508d6d08eb0e0a60833210b602c0a8e357d7b52cffc1e40d,2024-06-19T21:15:56.920000 CVE-2024-3384,0,0,f1db02aa38b819888be52a421a922174001b5f3c9e0abe3ab9082a168503f129,2024-04-10T19:49:51.183000 CVE-2024-33844,0,0,921cf446ac356d2881e6613aac60d162eae136862d065184d9b1201e02e62333,2024-06-10T18:45:09.903000 CVE-2024-33849,0,0,3b4368a52b5ddf8a3c305c2346a67c77b86eca45d334812e664f6d20b43a32e6,2024-05-28T17:11:47.007000 @@ -251596,6 +251597,9 @@ CVE-2024-3498,0,0,5a88bde38eadc03f84603569fdec38fe83a6606de78277714e78faa80a5569 CVE-2024-34982,0,0,ef460a32eb987949d8c2a373dc7919974bee9f6e2b2a3c53ead2e4138396cd2a,2024-05-17T18:35:35.070000 CVE-2024-34987,0,0,262d3ccca2f7e7df7be241d8326c4714ae2b44466572454690af1a110c26db06,2024-06-18T19:15:59.873000 CVE-2024-3499,0,0,38e1f3a6ce5aff826b19a73a4f796b980cc1161eaf58f8fada2f6f87e54573a4,2024-05-02T18:00:37.360000 +CVE-2024-34990,1,1,13ccab59c2424db60c7b433cf56fbf860b9c9b8e04719321b68e5b62c442f80f,2024-06-19T21:15:57.023000 +CVE-2024-34993,1,1,c85954a771357ba0ecc33a52666c32e422f90f8939758fd997c93a31f43d78c7,2024-06-19T20:15:11.053000 +CVE-2024-34994,1,1,f9367d66e327433fabf526300a6d5445a40e06ad7a614c7f91486a5c6960c652,2024-06-19T21:15:57.130000 CVE-2024-34995,0,0,ff7295f94bdc66d877986c97deb7981eb83c3e840f72ac7a8ee7543b9685ad7b,2024-05-24T18:09:20.027000 CVE-2024-34997,0,0,cee044c4ccffe504e44bd95724dd0befc01681debe6525e4c247f664c7f74ef5,2024-06-17T14:15:09.950000 CVE-2024-3500,0,0,bd83544d3c8c82359104dcd5b032a6095cbae3178ec9c9c56ddfe242d28462ee,2024-05-02T18:00:37.360000 @@ -252301,9 +252305,9 @@ CVE-2024-3611,0,0,b6a9e7e031fc264aaf6cc25eb2de4637a54a3c74ff1ad6ab29710fbea0fb99 CVE-2024-36110,0,0,60de6d063a43c2488fb7938eb212a9d443b4f1b9215af12070cdde5c64f618d1,2024-05-29T13:02:09.280000 CVE-2024-36112,0,0,fd8205b7c79aea233d5b23b835a6806c74e0d450d4ed81f7488de46ba99ce9ca,2024-05-29T13:02:09.280000 CVE-2024-36114,0,0,cd6667af901bf4e55598a9890cfbf772045b36365134bac1827f2ee46e0e9bfd,2024-05-30T13:15:41.297000 -CVE-2024-36115,1,1,77ffb340facd4eb973eac52381e2f6a69c57f16112d9a1e9c8a11631b93721bf,2024-06-19T18:15:10.597000 -CVE-2024-36116,1,1,97d02985e00df6f7d772ee84aa2631c7ca3d05edfa8f47e4715c606bf2662bd4,2024-06-19T18:15:10.910000 -CVE-2024-36117,1,1,3a38fcb17cdffee17f9ebc04549ce42d49dd9d7c61932ea40dda2b103f15627b,2024-06-19T18:15:11.220000 +CVE-2024-36115,0,0,77ffb340facd4eb973eac52381e2f6a69c57f16112d9a1e9c8a11631b93721bf,2024-06-19T18:15:10.597000 +CVE-2024-36116,0,0,97d02985e00df6f7d772ee84aa2631c7ca3d05edfa8f47e4715c606bf2662bd4,2024-06-19T18:15:10.910000 +CVE-2024-36117,0,0,3a38fcb17cdffee17f9ebc04549ce42d49dd9d7c61932ea40dda2b103f15627b,2024-06-19T18:15:11.220000 CVE-2024-36118,0,0,33d8fbf029e8489b5c9f0a8940761bdd6087754b4000c59931582a52c8a8908f,2024-05-30T18:18:58.870000 CVE-2024-36119,0,0,df322ac6443fcc8a013c93b7e5a35f3678792028e0c0bb1f44fa863251664f98,2024-05-31T13:01:46.727000 CVE-2024-3612,0,0,d6528427cbb589467c111cbd40a18dd09640d3302d8baf887860f351407e958e,2024-05-17T02:40:01.520000 @@ -252576,7 +252580,12 @@ CVE-2024-36670,0,0,fdafe9c66140e5a2018ce6b3a330b135107007226ee1c746bda0de7803753 CVE-2024-36673,0,0,c3fdb493385fd7349af8a7f0f647aa65a0c25320dc90b659d1425197d89ce5bd,2024-06-11T18:27:20.950000 CVE-2024-36674,0,0,80518ec37aaca3163e2f2a38f2de20c8dedbcb7f0e795fb382e532f1b66ca868,2024-06-03T19:23:17.807000 CVE-2024-36675,0,0,d8b3bb8705c0d8b166e699377141fb97d9735e483700819521a5fc1573c26a90,2024-06-11T16:49:10.457000 +CVE-2024-36677,1,1,93c22664235a2af49937c6fc169e3dce04c8914727d28c9438d6cea425acd789,2024-06-19T21:15:57.257000 +CVE-2024-36678,1,1,57eba006cdb8a72766df2b7b61cd7cd0ab7a4a69f11d5e1e237eda7b4e0b84a7,2024-06-19T21:15:57.363000 +CVE-2024-36679,1,1,58af4cab32f0095f9b3f92c7e0c895f2f34213c0eadfbb8fd8a338d56130861d,2024-06-19T21:15:57.470000 CVE-2024-3668,0,0,49d55bc0cfb418bcfc9437877f4056373badba24215047598ce2c0a1a6dfb761,2024-06-10T02:52:08.267000 +CVE-2024-36680,1,1,a2785cd07a34b06766cbf6cc40d21f8414f9fa61543ff95041c99981f6d966d4,2024-06-19T21:15:57.577000 +CVE-2024-36684,1,1,2cb04fa49b7499bc6667d7d1d4a5491f6ca6eda601e1477df9f1d513e4c0124f,2024-06-19T21:15:57.680000 CVE-2024-36691,0,0,eb8762b05fd0460b1321a45df3641c06640e12f5ae9e65b313352697eb6ff0d2,2024-06-13T18:36:09.010000 CVE-2024-36699,0,0,4c8862d154ba42ed56a4ce8bf1e6f3cc34d74fcc619fdd49ec3e97bb2690a0fe,2024-06-14T15:15:50.967000 CVE-2024-3670,0,0,c82d0130c8edc16344a78447d1514c5ffe18d421cd344e5799606a7730bedf8c,2024-05-02T18:00:37.360000 @@ -253036,7 +253045,11 @@ CVE-2024-3834,0,0,a6e69ceb5a64ba9dfba23cdfa4c02e2549bf746772815229f9a627159689f7 CVE-2024-38347,0,0,1db5df6f7760b01b56d52993df383797c5f4798c0cdb9cb68f64a4daf639125b,2024-06-18T17:15:52.583000 CVE-2024-38348,0,0,94cbfe55a7243d30de59c6d5a0b267d7b83aa88d8592807a6edbb2ea3d15f4b0,2024-06-18T17:15:52.677000 CVE-2024-38351,0,0,e713168365103b037ea0e97b0ff1c8370226a2ff3430694f8a53a77f591bce4f,2024-06-18T17:15:52.777000 -CVE-2024-38352,1,1,13a6e81e4d4d40a0591843c161ee638c75aac348990bf4d2603a4c2fb8cf2a30,2024-06-19T18:15:11.507000 +CVE-2024-38352,0,0,13a6e81e4d4d40a0591843c161ee638c75aac348990bf4d2603a4c2fb8cf2a30,2024-06-19T18:15:11.507000 +CVE-2024-38355,1,1,278543c69fed17838c464fd75fdfae5cc583fde89bdf573040918981a86265a1,2024-06-19T20:15:11.180000 +CVE-2024-38356,1,1,b087ab52a4a6f9850eaa03fd1740cd30dbab7b1e2cef201f002582eaa58d07bf,2024-06-19T20:15:11.453000 +CVE-2024-38357,1,1,1e04483f65eff96a043cf58a7aa17669e01ba401e8032d34860eb347d04bc131,2024-06-19T20:15:11.727000 +CVE-2024-38358,1,1,4942d1e00758f0ba19862200c342e18c5bdd69c37ff3fc43be42b8eb75873261,2024-06-19T20:15:11.990000 CVE-2024-3837,0,0,5046b04f6fff161407832d91f839d6c01f3dcf30bcf75f620bfd7221b5de1c27,2024-05-03T03:16:29.010000 CVE-2024-3838,0,0,bd55ca068ebe4472845bce1f3d037932d27279da54b129864c942318cbf6c399,2024-04-23T18:15:15.410000 CVE-2024-3839,0,0,5078cfd1c7c68c41b30fd8b0c9c6a095120ec81bc8166ccecb75ba3c8be530b5,2024-05-03T04:15:09.127000 @@ -253556,7 +253569,7 @@ CVE-2024-4365,0,0,9806433296206bcec148d9648ab2fc91142327d17ef07e64e0ad9e5ff3907a CVE-2024-4366,0,0,c04cea9d73579a737d5c3d200547b1e50e3a1d3ac8e5c0e3a1d88c878c2e9d6a,2024-05-24T13:03:05.093000 CVE-2024-4367,0,0,c21edbb80531231ffca1d343d0a559592c99f935f8e88145cc03f35a6a006b04,2024-06-10T17:16:33.380000 CVE-2024-4368,0,0,e238366009859277dd7e92e4325028250a78f7d3fa28b20672c01083b2417648,2024-06-10T18:15:36.693000 -CVE-2024-4369,0,1,50920fdcee19aa19b0b40029a8eb79df3e2175cd7214593e13e1ad35efa56c2f,2024-06-19T18:15:11.820000 +CVE-2024-4369,0,0,50920fdcee19aa19b0b40029a8eb79df3e2175cd7214593e13e1ad35efa56c2f,2024-06-19T18:15:11.820000 CVE-2024-4370,0,0,069da1b0ae5c656e192af67776d4fb05a1e574a802cd3af79b4e6cc7490b0dbc,2024-05-15T16:40:19.330000 CVE-2024-4371,0,0,6cec3438f9da16aaaf81036d5252f279057c04fa33a9a5b8c9aee6667c7b57b7,2024-06-13T18:35:19.777000 CVE-2024-4372,0,0,88e318f3c277cb3db68d033332d7a1ea039944347227497506fc7085644cb64e,2024-05-21T12:37:59.687000 @@ -254387,7 +254400,7 @@ CVE-2024-5557,0,0,d46453be6b66f76046381e0db014eed7a6e7aed2ef0e3daec4893bcd8fb5d2 CVE-2024-5558,0,0,09f3631381717b3ba9f6f331adbe19283ecf1ecf6408742eafb8b270343d373b,2024-06-13T18:36:09.010000 CVE-2024-5559,0,0,2783b17045adc6e83e5bf6acfe749e5c6489b786d017eb582b973704c839f44d,2024-06-13T18:36:09.010000 CVE-2024-5560,0,0,f1a6e79f857dcb0da00298e85540b2901c155f3f4e8e842ef291f9f993b61e1f,2024-06-13T18:36:09.010000 -CVE-2024-5564,0,0,cd961630c6982ea90916e9cc290067a2c4a02a79292d87af6b0ec76760478ca9,2024-06-03T14:46:24.250000 +CVE-2024-5564,0,1,dcea96840208d2ac663aaa4f0f3c3d4a29deb4a56217e3b064f75f0ccdd62128,2024-06-19T20:15:12.277000 CVE-2024-5565,0,0,830316f5c713618fdad4a0eda5b7296c22d5d93c87a8813197db3ff9cf28c4ee,2024-05-31T19:14:47.793000 CVE-2024-5571,0,0,105c4e644019eeccf72c6e63813cdc36601b1b9a7e3cba5bc172df86631261e6,2024-06-11T17:29:03.277000 CVE-2024-5574,0,0,e61398b52e7e578c38514d99e1cd854ee3b9045f14e28a4d2db6de7566257631,2024-06-19T06:15:11.993000