From 60ad9c29e8c2473507bf3358cb233b1488a8a3a7 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 5 Oct 2024 14:03:17 +0000 Subject: [PATCH] Auto-Update: 2024-10-05T14:00:17.749510+00:00 --- CVE-2024/CVE-2024-440xx/CVE-2024-44018.json | 56 ++++++++ CVE-2024/CVE-2024-440xx/CVE-2024-44023.json | 56 ++++++++ CVE-2024/CVE-2024-440xx/CVE-2024-44030.json | 4 +- CVE-2024/CVE-2024-440xx/CVE-2024-44034.json | 56 ++++++++ CVE-2024/CVE-2024-473xx/CVE-2024-47309.json | 56 ++++++++ CVE-2024/CVE-2024-473xx/CVE-2024-47316.json | 56 ++++++++ CVE-2024/CVE-2024-473xx/CVE-2024-47319.json | 56 ++++++++ CVE-2024/CVE-2024-473xx/CVE-2024-47323.json | 56 ++++++++ CVE-2024/CVE-2024-473xx/CVE-2024-47324.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47631.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47632.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47633.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47635.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47638.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47639.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47642.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47643.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47644.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47646.json | 56 ++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47647.json | 56 ++++++++ CVE-2024/CVE-2024-91xx/CVE-2024-9161.json | 76 +++++++++++ CVE-2024/CVE-2024-93xx/CVE-2024-9314.json | 68 ++++++++++ CVE-2024/CVE-2024-95xx/CVE-2024-9533.json | 141 ++++++++++++++++++++ README.md | 41 ++++-- _state.csv | 40 ++++-- 25 files changed, 1410 insertions(+), 24 deletions(-) create mode 100644 CVE-2024/CVE-2024-440xx/CVE-2024-44018.json create mode 100644 CVE-2024/CVE-2024-440xx/CVE-2024-44023.json create mode 100644 CVE-2024/CVE-2024-440xx/CVE-2024-44034.json create mode 100644 CVE-2024/CVE-2024-473xx/CVE-2024-47309.json create mode 100644 CVE-2024/CVE-2024-473xx/CVE-2024-47316.json create mode 100644 CVE-2024/CVE-2024-473xx/CVE-2024-47319.json create mode 100644 CVE-2024/CVE-2024-473xx/CVE-2024-47323.json create mode 100644 CVE-2024/CVE-2024-473xx/CVE-2024-47324.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47631.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47632.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47633.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47635.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47638.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47639.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47642.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47643.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47644.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47646.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47647.json create mode 100644 CVE-2024/CVE-2024-91xx/CVE-2024-9161.json create mode 100644 CVE-2024/CVE-2024-93xx/CVE-2024-9314.json create mode 100644 CVE-2024/CVE-2024-95xx/CVE-2024-9533.json diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44018.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44018.json new file mode 100644 index 00000000000..14a2cfc753b --- /dev/null +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44018.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-44018", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:12.890", + "lastModified": "2024-10-05T13:15:12.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Istmo Plugins Instant Chat Floating Button for WordPress Websites allows PHP Local File Inclusion.This issue affects Instant Chat Floating Button for WordPress Websites: from n/a through 1.0.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/instant-chat-wp/wordpress-instant-chat-wp-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44023.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44023.json new file mode 100644 index 00000000000..71ea1c1d867 --- /dev/null +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44023.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-44023", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:13.120", + "lastModified": "2024-10-05T13:15:13.120", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ABCApp Creator allows PHP Local File Inclusion.This issue affects ABCApp Creator: from n/a through 1.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/abcapp-creator/wordpress-abcapp-creator-plugin-1-1-2-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json index 0a597c4c0ca..daea59f07e1 100644 --- a/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44030.json @@ -2,13 +2,13 @@ "id": "CVE-2024-44030", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-02T10:15:04.340", - "lastModified": "2024-10-04T13:50:43.727", + "lastModified": "2024-10-05T13:15:13.327", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP: from n/a through 8.6." + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP allows PHP Local File Inclusion.This issue affects Checkout Mestres WP: from n/a through 8.6." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44034.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44034.json new file mode 100644 index 00000000000..b5e2127aaa2 --- /dev/null +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44034.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-44034", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:13.483", + "lastModified": "2024-10-05T13:15:13.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Martin Greenwood WPSPX allows PHP Local File Inclusion.This issue affects WPSPX: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wpspx/wordpress-wpspx-plugin-1-0-2-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47309.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47309.json new file mode 100644 index 00000000000..4be35fd1747 --- /dev/null +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47309.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47309", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:13.707", + "lastModified": "2024-10-05T13:15:13.707", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Condless Cities Shipping Zones for WooCommerce allows PHP Local File Inclusion.This issue affects Cities Shipping Zones for WooCommerce: from n/a through 1.2.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/cities-shipping-zones-for-woocommerce/wordpress-cities-shipping-zones-for-woocommerce-plugin-1-2-7-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47316.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47316.json new file mode 100644 index 00000000000..503e5fec3ec --- /dev/null +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47316.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47316", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:13.920", + "lastModified": "2024-10-05T13:15:13.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Authorization Bypass Through User-Controlled Key vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-wordpress-plugin-plugin-10-9-insecure-direct-object-references-idor-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47319.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47319.json new file mode 100644 index 00000000000..b6fa3139b11 --- /dev/null +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47319.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47319", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:14.137", + "lastModified": "2024-10-05T13:15:14.137", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form \u2013 Contact Form Plugin allows Code Injection.This issue affects Bit Form \u2013 Contact Form Plugin: from n/a through 2.13.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/bit-form/wordpress-bit-form-plugin-2-13-10-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47323.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47323.json new file mode 100644 index 00000000000..14601500b15 --- /dev/null +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47323.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47323", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:14.340", + "lastModified": "2024-10-05T13:15:14.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ex-Themes WP Timeline \u2013 Vertical and Horizontal timeline plugin allows PHP Local File Inclusion.This issue affects WP Timeline \u2013 Vertical and Horizontal timeline plugin: from n/a through 3.6.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-timelines/wordpress-wp-timeline-plugin-3-6-7-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47324.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47324.json new file mode 100644 index 00000000000..70201f2ff6b --- /dev/null +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47324.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47324", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:14.537", + "lastModified": "2024-10-05T13:15:14.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ex-Themes WP Timeline \u2013 Vertical and Horizontal timeline plugin allows PHP Local File Inclusion.This issue affects WP Timeline \u2013 Vertical and Horizontal timeline plugin: from n/a through 3.6.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-timelines/wordpress-wp-timeline-plugin-3-6-7-local-file-inclusion-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47631.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47631.json new file mode 100644 index 00000000000..5d163a14e1b --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47631.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47631", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:14.747", + "lastModified": "2024-10-05T13:15:14.747", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins LLC Logo Carousel \u2013 Clients logo carousel for WP allows Stored XSS.This issue affects Logo Carousel \u2013 Clients logo carousel for WP: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/responsive-client-logo-carousel-slider/wordpress-logo-carousel-clients-logo-carousel-for-wp-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47632.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47632.json new file mode 100644 index 00000000000..4d98682b699 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47632.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47632", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:14.950", + "lastModified": "2024-10-05T13:15:14.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.1.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/dethemekit-for-elementor/wordpress-dethemekit-for-elementor-plugin-2-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47633.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47633.json new file mode 100644 index 00000000000..8e7270a01d2 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47633.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47633", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:15.170", + "lastModified": "2024-10-05T13:15:15.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zoho Forms allows Stored XSS.This issue affects Zoho Forms: from n/a through 4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/zoho-forms/wordpress-zoho-forms-plugin-4-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47635.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47635.json new file mode 100644 index 00000000000..29d26584cd1 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47635.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47635", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:15.387", + "lastModified": "2024-10-05T13:15:15.387", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG.This issue affects TinyPNG: from n/a through 3.4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/tiny-compress-images/wordpress-tinypng-plugin-3-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47638.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47638.json new file mode 100644 index 00000000000..43e555c7fb4 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47638.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47638", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:15.593", + "lastModified": "2024-10-05T13:15:15.593", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Reflected XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/meeting-scheduler-by-vcita/wordpress-online-booking-scheduling-calendar-for-wordpress-plugin-4-4-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47639.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47639.json new file mode 100644 index 00000000000..d4aa487aacb --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47639.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47639", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:15.810", + "lastModified": "2024-10-05T13:15:15.810", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VdoCipher allows Stored XSS.This issue affects VdoCipher: from n/a through 1.29." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/vdocipher/wordpress-vdocipher-plugin-1-29-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47642.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47642.json new file mode 100644 index 00000000000..5446de6084e --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47642.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47642", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:16.027", + "lastModified": "2024-10-05T13:15:16.027", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 2.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/infusionsoft-official-opt-in-forms/wordpress-keap-official-opt-in-forms-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47643.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47643.json new file mode 100644 index 00000000000..95843215e93 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47643.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47643", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:16.230", + "lastModified": "2024-10-05T13:15:16.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Alexander B\u00f6hm Include Fussball.De Widgets allows Stored XSS.This issue affects Include Fussball.De Widgets: from n/a through 4.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/include-fussball-de-widgets/wordpress-include-fussball-de-widgets-plugin-4-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47644.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47644.json new file mode 100644 index 00000000000..f96077bcaa4 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47644.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47644", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:16.430", + "lastModified": "2024-10-05T13:15:16.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Copyscape / Indigo Stream Technologies Copyscape Premium allows Stored XSS.This issue affects Copyscape Premium: from n/a through 1.3.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/copyscape-premium/wordpress-copyscape-premium-plugin-1-3-6-csrf-to-stored-cross-site-scripting-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47646.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47646.json new file mode 100644 index 00000000000..4703e4c7e06 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47646.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47646", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:16.637", + "lastModified": "2024-10-05T13:15:16.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payflex Payflex Payment Gateway.This issue affects Payflex Payment Gateway: from n/a through 2.6.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/payflex-payment-gateway/wordpress-payflex-payment-gateway-plugin-2-6-1-open-redirection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47647.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47647.json new file mode 100644 index 00000000000..572fa1d9d14 --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47647.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47647", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-05T13:15:16.837", + "lastModified": "2024-10-05T13:15:16.837", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HelpieWP Accordion & FAQ \u2013 Helpie WordPress Accordion FAQ Plugin allows Stored XSS.This issue affects Accordion & FAQ \u2013 Helpie WordPress Accordion FAQ Plugin: from n/a through 1.27." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/helpie-faq/wordpress-faq-accordion-docs-helpie-wordpress-faq-accordion-plugin-plugin-1-27-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-91xx/CVE-2024-9161.json b/CVE-2024/CVE-2024-91xx/CVE-2024-9161.json new file mode 100644 index 00000000000..e5b60ee728b --- /dev/null +++ b/CVE-2024/CVE-2024-91xx/CVE-2024-9161.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-9161", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-05T12:15:02.897", + "lastModified": "2024-10-05T12:15:02.897", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Rank Math SEO \u2013 AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'update_metadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated attackers to insert new and update existing metadata beginning with 'rank_math', and delete arbitrary existing user metadata and term metadata. Deleting existing usermeta can cause a loss of access to the administrator dashboard for any registered users, including Administrators." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/rest/class-shared.php#L120", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/rest/class-shared.php#L161", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/rest/class-shared.php#L162", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/rest/class-shared.php#L64", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3161896/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7df39a64-76c5-4ebe-a271-44bd147a3a86?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9314.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9314.json new file mode 100644 index 00000000000..7c8c07b4221 --- /dev/null +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9314.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-9314", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-05T12:15:03.103", + "lastModified": "2024-10-05T12:15:03.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Rank Math SEO \u2013 AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'set_redirections' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/admin/class-import-export.php#L507", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/seo-by-rank-math/trunk/includes/admin/class-import-export.php#L514", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3161896/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af5ed47e-f183-4e72-a916-15020e2bc91e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-95xx/CVE-2024-9533.json b/CVE-2024/CVE-2024-95xx/CVE-2024-9533.json new file mode 100644 index 00000000000..21a464297ec --- /dev/null +++ b/CVE-2024/CVE-2024-95xx/CVE-2024-9533.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-9533", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-05T13:15:17.040", + "lastModified": "2024-10-05T13:15:17.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE", + "baseScore": 9.0 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-605L/formDeviceReboot.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.279239", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.279239", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.413883", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index d4a72a13420..9d311b7f1b9 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-05T12:00:17.915033+00:00 +2024-10-05T14:00:17.749510+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-05T11:15:12.230000+00:00 +2024-10-05T13:15:17.040000+00:00 ``` ### Last Data Feed Release @@ -33,27 +33,42 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -264545 +264567 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `22` -- [CVE-2024-44011](CVE-2024/CVE-2024-440xx/CVE-2024-44011.json) (`2024-10-05T11:15:11.050`) -- [CVE-2024-44012](CVE-2024/CVE-2024-440xx/CVE-2024-44012.json) (`2024-10-05T11:15:11.280`) -- [CVE-2024-44013](CVE-2024/CVE-2024-440xx/CVE-2024-44013.json) (`2024-10-05T11:15:11.477`) -- [CVE-2024-44014](CVE-2024/CVE-2024-440xx/CVE-2024-44014.json) (`2024-10-05T11:15:11.660`) -- [CVE-2024-44015](CVE-2024/CVE-2024-440xx/CVE-2024-44015.json) (`2024-10-05T11:15:11.850`) -- [CVE-2024-44016](CVE-2024/CVE-2024-440xx/CVE-2024-44016.json) (`2024-10-05T11:15:12.037`) -- [CVE-2024-9146](CVE-2024/CVE-2024-91xx/CVE-2024-9146.json) (`2024-10-05T11:15:12.230`) -- [CVE-2024-9417](CVE-2024/CVE-2024-94xx/CVE-2024-9417.json) (`2024-10-05T10:15:02.957`) +- [CVE-2024-44018](CVE-2024/CVE-2024-440xx/CVE-2024-44018.json) (`2024-10-05T13:15:12.890`) +- [CVE-2024-44023](CVE-2024/CVE-2024-440xx/CVE-2024-44023.json) (`2024-10-05T13:15:13.120`) +- [CVE-2024-44034](CVE-2024/CVE-2024-440xx/CVE-2024-44034.json) (`2024-10-05T13:15:13.483`) +- [CVE-2024-47309](CVE-2024/CVE-2024-473xx/CVE-2024-47309.json) (`2024-10-05T13:15:13.707`) +- [CVE-2024-47316](CVE-2024/CVE-2024-473xx/CVE-2024-47316.json) (`2024-10-05T13:15:13.920`) +- [CVE-2024-47319](CVE-2024/CVE-2024-473xx/CVE-2024-47319.json) (`2024-10-05T13:15:14.137`) +- [CVE-2024-47323](CVE-2024/CVE-2024-473xx/CVE-2024-47323.json) (`2024-10-05T13:15:14.340`) +- [CVE-2024-47324](CVE-2024/CVE-2024-473xx/CVE-2024-47324.json) (`2024-10-05T13:15:14.537`) +- [CVE-2024-47631](CVE-2024/CVE-2024-476xx/CVE-2024-47631.json) (`2024-10-05T13:15:14.747`) +- [CVE-2024-47632](CVE-2024/CVE-2024-476xx/CVE-2024-47632.json) (`2024-10-05T13:15:14.950`) +- [CVE-2024-47633](CVE-2024/CVE-2024-476xx/CVE-2024-47633.json) (`2024-10-05T13:15:15.170`) +- [CVE-2024-47635](CVE-2024/CVE-2024-476xx/CVE-2024-47635.json) (`2024-10-05T13:15:15.387`) +- [CVE-2024-47638](CVE-2024/CVE-2024-476xx/CVE-2024-47638.json) (`2024-10-05T13:15:15.593`) +- [CVE-2024-47639](CVE-2024/CVE-2024-476xx/CVE-2024-47639.json) (`2024-10-05T13:15:15.810`) +- [CVE-2024-47642](CVE-2024/CVE-2024-476xx/CVE-2024-47642.json) (`2024-10-05T13:15:16.027`) +- [CVE-2024-47643](CVE-2024/CVE-2024-476xx/CVE-2024-47643.json) (`2024-10-05T13:15:16.230`) +- [CVE-2024-47644](CVE-2024/CVE-2024-476xx/CVE-2024-47644.json) (`2024-10-05T13:15:16.430`) +- [CVE-2024-47646](CVE-2024/CVE-2024-476xx/CVE-2024-47646.json) (`2024-10-05T13:15:16.637`) +- [CVE-2024-47647](CVE-2024/CVE-2024-476xx/CVE-2024-47647.json) (`2024-10-05T13:15:16.837`) +- [CVE-2024-9161](CVE-2024/CVE-2024-91xx/CVE-2024-9161.json) (`2024-10-05T12:15:02.897`) +- [CVE-2024-9314](CVE-2024/CVE-2024-93xx/CVE-2024-9314.json) (`2024-10-05T12:15:03.103`) +- [CVE-2024-9533](CVE-2024/CVE-2024-95xx/CVE-2024-9533.json) (`2024-10-05T13:15:17.040`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2024-44030](CVE-2024/CVE-2024-440xx/CVE-2024-44030.json) (`2024-10-05T13:15:13.327`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 926a2c3d612..4cfdd8ddb72 100644 --- a/_state.csv +++ b/_state.csv @@ -259599,15 +259599,18 @@ CVE-2024-44007,0,0,d7d1930aeec9d62758ccc2ddf09e21d07c0b586fa0d9735f7d5dee1a37d78 CVE-2024-44008,0,0,c6d2b6687f1293a95753882058aa8ed47455c99d54b3161e64050d330a139582,2024-09-24T22:08:01.060000 CVE-2024-44009,0,0,5b0cf6c82d301fa9d5358bb5d9e7b1a016eed523b7e9c7d9c1329e61fba4852b,2024-09-24T22:06:15.843000 CVE-2024-4401,0,0,48f8e641129f81284635fb93c6fe88c5c5fc547b585fa75e650b46a3bc3c0b8f,2024-09-04T14:33:01.807000 -CVE-2024-44011,1,1,552a9c7313297b45baf7c3fa0db15cf3cc41bef19cf923c6de0c8bd9fe9e2160,2024-10-05T11:15:11.050000 -CVE-2024-44012,1,1,4b20b5d91f91a2f4004ff689322bb5ea129765874367a43e9f90c163000d6018,2024-10-05T11:15:11.280000 -CVE-2024-44013,1,1,18c82eb7fb38ef8c96874dfc4472d189eeb74888f3ffa9edac308a8d2862d53c,2024-10-05T11:15:11.477000 -CVE-2024-44014,1,1,d894cf737c51aa397c9be176f7e81fd91882e57731a11d93baa91afcdbce0b53,2024-10-05T11:15:11.660000 -CVE-2024-44015,1,1,caae3579778542f02e2793b7cfe285c415e707cb0c5d08b42f119805090fd2ab,2024-10-05T11:15:11.850000 -CVE-2024-44016,1,1,da4a0982ea2d3698e4141ae0d21ff6160662d9f14de8780dceca827626d28981,2024-10-05T11:15:12.037000 +CVE-2024-44011,0,0,552a9c7313297b45baf7c3fa0db15cf3cc41bef19cf923c6de0c8bd9fe9e2160,2024-10-05T11:15:11.050000 +CVE-2024-44012,0,0,4b20b5d91f91a2f4004ff689322bb5ea129765874367a43e9f90c163000d6018,2024-10-05T11:15:11.280000 +CVE-2024-44013,0,0,18c82eb7fb38ef8c96874dfc4472d189eeb74888f3ffa9edac308a8d2862d53c,2024-10-05T11:15:11.477000 +CVE-2024-44014,0,0,d894cf737c51aa397c9be176f7e81fd91882e57731a11d93baa91afcdbce0b53,2024-10-05T11:15:11.660000 +CVE-2024-44015,0,0,caae3579778542f02e2793b7cfe285c415e707cb0c5d08b42f119805090fd2ab,2024-10-05T11:15:11.850000 +CVE-2024-44016,0,0,da4a0982ea2d3698e4141ae0d21ff6160662d9f14de8780dceca827626d28981,2024-10-05T11:15:12.037000 CVE-2024-44017,0,0,937994d70d4da29139a5025f31ebc224350831fd4a4cb0a9e48d092a036cb87d,2024-10-04T13:50:43.727000 +CVE-2024-44018,1,1,982fbbdfe9694ec15b4f0a4216ecd06974a3409cd1619740e7a09c41bd6e0ad7,2024-10-05T13:15:12.890000 +CVE-2024-44023,1,1,56ae1b83a92b6ced91b11f67255e107f194c438aaeb3199ea754f01a013a555f,2024-10-05T13:15:13.120000 CVE-2024-4403,0,0,07b387e13ed3d47c920433d5f499100d4d5e53ffefe1712d98753a4da5408fe2,2024-06-10T18:06:22.600000 -CVE-2024-44030,0,0,48caa9b09f2544567a2401b7b31ebbcbe3a68bebf3fb3629080e335c2c413f92,2024-10-04T13:50:43.727000 +CVE-2024-44030,0,1,41fbceaad62c353538fb2b5ae5687078c5e6d2c028ef1d6af6a3cc9832e431b1,2024-10-05T13:15:13.327000 +CVE-2024-44034,1,1,187c0e3cf707031e9578d66a98113798bc64540d25b4ef11348e63a3f59ab835,2024-10-05T13:15:13.483000 CVE-2024-4404,0,0,3ae3ea086edb9bd484931090d5df4b9ee138a4bfd155faf3c535f115da6a15de,2024-06-17T12:42:04.623000 CVE-2024-44047,0,0,dcb68301e676e70a82dc46628c9493a0293e3e08d4f537ef9633f5a0b67d56b5,2024-09-24T22:05:25.723000 CVE-2024-44048,0,0,e9b1cc8fc597060cfdd72752b827b4aa13d91f1cd6810edba590f679e79cd789,2024-09-26T13:32:55.343000 @@ -260983,9 +260986,14 @@ CVE-2024-47295,0,0,e2e23f79bdc2d34fff41ad7b237b64b4377c53fc19d83ce80e380fdc2e18e CVE-2024-4730,0,0,055c30f8bd03259d264f17e44955582c75615e93d958180e12436700bac392ab,2024-06-12T20:15:13.300000 CVE-2024-47303,0,0,bf8d75e01dd1aa85338666dfdc484b4a62ecc62745a2e39a6913339b9fa92fed,2024-10-02T19:00:24.750000 CVE-2024-47305,0,0,7c018d03a71f28200e41a87d693293b1e365b3b52710d7dc9c8bc548afdcc447,2024-10-02T16:35:40.077000 +CVE-2024-47309,1,1,4d8757059d1e8ab99120fa67d729634231acc476471a713adb38b44afa0137da,2024-10-05T13:15:13.707000 CVE-2024-4731,0,0,ff0f4697afac2eb26d16b700c40cb0a3947b6039ec9b762c8c08a8e49bc998ce,2024-06-04T19:20:48.130000 CVE-2024-47315,0,0,f8fc8e04ef461f394697878d14c77fa20555585c6db931561c38f9edd4a9ab5c,2024-09-30T18:06:36.060000 +CVE-2024-47316,1,1,214b662d14df10a730002b7ddeaa36f8cdaaccd5afa398047874ed99028c869a,2024-10-05T13:15:13.920000 +CVE-2024-47319,1,1,b5b578fd19e98243ea86a7b818cb32d07972df83e49a17c5c38bd419f2db192f,2024-10-05T13:15:14.137000 CVE-2024-4732,0,0,2f9d1622a74bcf5d144d47d69a297d840c0353e903036f272ef15e7560aa5dbf,2024-06-04T19:20:48.237000 +CVE-2024-47323,1,1,44be6356de3225bedc0292322f8b1fb6a2a8b3f0ef30a14db831079e18f423ae,2024-10-05T13:15:14.340000 +CVE-2024-47324,1,1,dab23a4b3daeb5bb1fccde1ceb34f69c6022213d7f69f908cb7ac8cc55a95d31,2024-10-05T13:15:14.537000 CVE-2024-4733,0,0,bab73609d3aaa55dacedcdd69b9c9d83fbc709adf98853b3adb423b13daf2498,2024-05-17T18:36:31.297000 CVE-2024-47330,0,0,8e1bb94d03c47cc1936bb0a3abc1d94c591039097eebb503639095132d634032,2024-10-02T17:26:49.470000 CVE-2024-47337,0,0,3f50b583aae71c6f8cadac0ae6ee64e91fb1dabd9a75ac191a842163ad487c42,2024-09-26T13:32:02.803000 @@ -261040,8 +261048,19 @@ CVE-2024-47616,0,0,858e2824018889ba67f8cabdb1c66da573f6d5732aaa656ab4224aec4de64 CVE-2024-47617,0,0,9ed0528c2b0d03a3b19eac614adcd2a324732168fac8427e35d7a6eb10eaa790,2024-10-04T13:50:43.727000 CVE-2024-47618,0,0,5cac808af34257e3f5b361c06cec3f33bfe98593c838552b2eee66c0cb187691,2024-10-04T13:50:43.727000 CVE-2024-4763,0,0,674813a6ab24bd703f885b42dfe132f3057b83ab6d40519e0af01ad0b69a7ece,2024-08-19T13:00:23.117000 +CVE-2024-47631,1,1,7e86dbaa614251a4f97d98ba9ac00dfa6fd423c2d954d3afe384548b9af66598,2024-10-05T13:15:14.747000 +CVE-2024-47632,1,1,d9b739be2b6c8710e08e38945997119bf4654ff3edce5baebe4f14fd9ad063cd,2024-10-05T13:15:14.950000 +CVE-2024-47633,1,1,422a650fc918ffe75ac1205bcf2e510ebcd44aefe0d8a2a79a1d8289ba9f95e7,2024-10-05T13:15:15.170000 +CVE-2024-47635,1,1,9bbf3958fc80b31fdf7923dc7e9d97890738add4302299b375444e5c62fb48ca,2024-10-05T13:15:15.387000 +CVE-2024-47638,1,1,142dd570fa1f4849448f95ad779b50e102b1394ea045b65108a1e6b5d0581199,2024-10-05T13:15:15.593000 +CVE-2024-47639,1,1,c838e636719bfddd97b7441fd508ed7c5e9fbddaed7e65441040317e0b2b6c3e,2024-10-05T13:15:15.810000 CVE-2024-4764,0,0,d4513c07467374a5b389bb93120fcb2ac353ef34ecf409f85646dd7a83574a17,2024-07-03T02:08:04.193000 CVE-2024-47641,0,0,20121fa3c4c5a3e4a909974f90b64e2e442d0d40e7dbc52d4d9a68852218f553,2024-10-04T13:51:25.567000 +CVE-2024-47642,1,1,dd68ff98313b62b65584e11eccc26720791424950dbb84762ec31b167f3fdcfa,2024-10-05T13:15:16.027000 +CVE-2024-47643,1,1,6606f692bdff423f7a0106f35a64f792e533bb98e22c8a22d7651d96c46b53b4,2024-10-05T13:15:16.230000 +CVE-2024-47644,1,1,1c2fe8479ae4a5395fad08b5cac8a542a09650bb1f5aa648b924a42c9f7ecfe9,2024-10-05T13:15:16.430000 +CVE-2024-47646,1,1,7ba36713fbb90f6746674671fea486d55f91c9f2157fb642d67d70c359ac8b24,2024-10-05T13:15:16.637000 +CVE-2024-47647,1,1,f30f2c9c01f19ef64d34d838a1a763e640bd0e3297ba10d5973c5a0a7591b074,2024-10-05T13:15:16.837000 CVE-2024-4765,0,0,2cc9c7bf1e2c28194496aab966e3be262d91c35cfd4edb32adc2df596a464b78,2024-08-29T21:35:11.807000 CVE-2024-47651,0,0,a5c70d4582bbdb3780ac3463bdf31076b74c5748ebb37496a5c0ac719743777c,2024-10-04T13:50:43.727000 CVE-2024-47652,0,0,0106178cdc2d236f6bd6fb41168a986de53675f8839d6b1fc83ef0e66c837bbc,2024-10-04T13:50:43.727000 @@ -264414,11 +264433,12 @@ CVE-2024-9136,0,0,9b9746749b73403d8dc2b7a33b5935315a467feb0aa3698e70e44d08c2289a CVE-2024-9141,0,0,1186d93c71ba2b76e7029b0455d3828535e51a6f22b721a65c3963a052cae512,2024-09-26T13:32:02.803000 CVE-2024-9142,0,0,f41ad411b11065ca581c6c09a7cdbabb7231f7d077f84444580389a46c43e76b,2024-09-26T13:32:02.803000 CVE-2024-9145,0,0,666aa1000539c0391187e882757d18372cd0bce4cc6b153bd670793f8325f34a,2024-10-04T13:51:25.567000 -CVE-2024-9146,1,1,dc838afb0a860a23d0abd361459c53e288de26863e40e5276303e2ae8bb80158,2024-10-05T11:15:12.230000 +CVE-2024-9146,0,0,dc838afb0a860a23d0abd361459c53e288de26863e40e5276303e2ae8bb80158,2024-10-05T11:15:12.230000 CVE-2024-9148,0,0,54e87e3f2b6f69d5080b11c080fcfce17264899c6147cd6032f168b6e8923e92,2024-09-30T17:34:12.760000 CVE-2024-9155,0,0,e7852dec1d1a0cf6fb02c65df23cf83432ff26399350f16bb6b49f28f4d3005e,2024-09-30T12:46:20.237000 CVE-2024-9158,0,0,8b9a36df9ee697b421086e02a79a7c2a666c522ed29ccb8e555bd2863b3d1bdb,2024-10-04T13:51:25.567000 CVE-2024-9160,0,0,dcb08097a2707d90887b21cc5ab80eb6cf86ff84abb571a9a69f82310c298b71,2024-09-30T12:45:57.823000 +CVE-2024-9161,1,1,47cd02bb86533ce434dd6483516c1e5bf56484ba2263bb8eef75ee0f2e28817b,2024-10-05T12:15:02.897000 CVE-2024-9166,0,0,b24f9ebc4650fb7d123f858805d8b1a753ef6a732064f8b14cd979bccf2c240a,2024-09-30T12:46:20.237000 CVE-2024-9169,0,0,3e58e76dfb6d40928d7a81777e9f17fdbdc857f6ee99a9600a6d563079322d8f,2024-09-26T13:32:02.803000 CVE-2024-9171,0,0,af15a4d4f57722dfce9c8f35af79ddfb4512cd4df5a539148a2f7d51c39f2ac2,2024-09-27T17:15:14.437000 @@ -264477,6 +264497,7 @@ CVE-2024-9301,0,0,73ba33e42a5a66e63775d86ddfdf57e7a04bcd9ceda925406fc4894f153c08 CVE-2024-9304,0,0,f4e2b697051bb54ba85260a74446cf2ab04e7ed5a9a99551a585b1547839152d,2024-10-04T13:51:25.567000 CVE-2024-9306,0,0,c8859ae4f31fd9a0006087320a8c378196469fd682a39c8fee84f5eee69b53c2,2024-10-04T13:50:43.727000 CVE-2024-9313,0,0,8eab8e6a12fcb7dddda62f8c34fd34d547229d6ef4cec2e38f61189642da0e5f,2024-10-04T13:50:43.727000 +CVE-2024-9314,1,1,073d6526dd3c6d1033f8632bee243c5a37b77d37cc5cff0a0c3bf12166fb9b7e,2024-10-05T12:15:03.103000 CVE-2024-9315,0,0,dcae3590349756096f3149f913fcd278d961f7a38fe3ece525d39bf3aa5da14a,2024-10-01T13:33:59.480000 CVE-2024-9316,0,0,dc1cd9e0c0f14c1ac859a7efc8a45f5e2b48ab85717e9999593b73d7873483e5,2024-10-02T13:29:29.813000 CVE-2024-9317,0,0,f67b854cd75d25217a31bdd6074d6f9f6352c2218386ab264e509a61a09e8c0d,2024-10-01T13:32:39.140000 @@ -264525,7 +264546,7 @@ CVE-2024-9405,0,0,5a1aaacdf03c4deeb5787d411c40d8ad3aed60be9320ac0ab9cd4983368bff CVE-2024-9407,0,0,c86f90b2fe6be22dec486d34b9c6e67b91a5945de93bcc27372041ed6a426800,2024-10-04T13:50:43.727000 CVE-2024-9410,0,0,f29b174f8fdf0dd37c3d5ec590c3e2fb98e20da0c7d287b50480acfe2a84b9e0,2024-10-04T14:15:05.577000 CVE-2024-9411,0,0,09446adc9a52ba88acfc951352e9088b24cfd1cdb8a001643ee070875c43ffef,2024-10-04T13:51:25.567000 -CVE-2024-9417,1,1,27c21e7b2d4ce77c6a0b96e4bb3372804bbafe9bfd03108fe3f6c00ee0a66689,2024-10-05T10:15:02.957000 +CVE-2024-9417,0,0,27c21e7b2d4ce77c6a0b96e4bb3372804bbafe9bfd03108fe3f6c00ee0a66689,2024-10-05T10:15:02.957000 CVE-2024-9421,0,0,9a8bea0e59d0ab668a3cbf6b96506990581414c04a5ce69b672a275a746007d3,2024-10-04T13:50:43.727000 CVE-2024-9423,0,0,080f0a87d4561f3316974a1b5473f0b3836e39e629c6273c7813cc62b41d4a31,2024-10-04T13:50:43.727000 CVE-2024-9429,0,0,592d43b27195b972d7813524b33408fe322b92c7bc3230cbbdb100a79ac0eaa8,2024-10-04T13:50:43.727000 @@ -264544,3 +264565,4 @@ CVE-2024-9514,0,0,a53f44accfe30910c541c9413b06e85ad70baafde1404ed3bbfe26f781762e CVE-2024-9515,0,0,61876f9f404131a68b50426992d9bacb784e56537f2a34f2232f3fbcd09a799e,2024-10-04T14:15:06.210000 CVE-2024-9528,0,0,a67033828dc64ab8097f9cad1507ec37a96a1d18a16a5e9dfac7c1b08408a02f,2024-10-05T03:15:02.447000 CVE-2024-9532,0,0,a815b2d2d40154bda523e1414a48d6370dcd762c40c31672f1130eb3adb44524,2024-10-05T08:15:02.653000 +CVE-2024-9533,1,1,92ee4765b2d90cf5f1a6ce89292c6b4c27fa3f87e3a336020fea2ec851224d7a,2024-10-05T13:15:17.040000