From 78dd9aa272b9b419d06abcf643006473d91e4dae Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 15 Jan 2025 11:03:55 +0000 Subject: [PATCH] Auto-Update: 2025-01-15T11:00:28.038209+00:00 --- CVE-2024/CVE-2024-107xx/CVE-2024-10775.json | 60 ++++++++++++++++ CVE-2024/CVE-2024-122xx/CVE-2024-12297.json | 78 +++++++++++++++++++++ CVE-2024/CVE-2024-124xx/CVE-2024-12403.json | 64 +++++++++++++++++ CVE-2024/CVE-2024-124xx/CVE-2024-12423.json | 64 +++++++++++++++++ CVE-2024/CVE-2024-128xx/CVE-2024-12818.json | 60 ++++++++++++++++ CVE-2024/CVE-2024-133xx/CVE-2024-13351.json | 60 ++++++++++++++++ CVE-2024/CVE-2024-523xx/CVE-2024-52337.json | 6 +- CVE-2024/CVE-2024-96xx/CVE-2024-9636.json | 68 ++++++++++++++++++ README.md | 23 +++--- _state.csv | 23 +++--- 10 files changed, 486 insertions(+), 20 deletions(-) create mode 100644 CVE-2024/CVE-2024-107xx/CVE-2024-10775.json create mode 100644 CVE-2024/CVE-2024-122xx/CVE-2024-12297.json create mode 100644 CVE-2024/CVE-2024-124xx/CVE-2024-12403.json create mode 100644 CVE-2024/CVE-2024-124xx/CVE-2024-12423.json create mode 100644 CVE-2024/CVE-2024-128xx/CVE-2024-12818.json create mode 100644 CVE-2024/CVE-2024-133xx/CVE-2024-13351.json create mode 100644 CVE-2024/CVE-2024-96xx/CVE-2024-9636.json diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10775.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10775.json new file mode 100644 index 00000000000..0a5b5fa13db --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10775.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10775", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-15T10:15:07.030", + "lastModified": "2025-01-15T10:15:07.030", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.4.32 via the 'pafe-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3221445%40piotnet-addons-for-elementor&new=3221445%40piotnet-addons-for-elementor&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5fdbc9bc-70cf-4440-b12d-dd98844d33bc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-122xx/CVE-2024-12297.json b/CVE-2024/CVE-2024-122xx/CVE-2024-12297.json new file mode 100644 index 00000000000..55a37915763 --- /dev/null +++ b/CVE-2024/CVE-2024-122xx/CVE-2024-12297.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-12297", + "sourceIdentifier": "psirt@moxa.com", + "published": "2025-01-15T10:15:07.237", + "lastModified": "2025-01-15T10:15:07.237", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Moxa\u2019s Ethernet switch EDS-508A Series, running firmware version 3.11 and earlier, is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.2, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "psirt@moxa.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-656" + } + ] + } + ], + "references": [ + { + "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241407-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-in-eds-508a-series", + "source": "psirt@moxa.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-124xx/CVE-2024-12403.json b/CVE-2024/CVE-2024-124xx/CVE-2024-12403.json new file mode 100644 index 00000000000..479eb1e22a7 --- /dev/null +++ b/CVE-2024/CVE-2024-124xx/CVE-2024-12403.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-12403", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-15T10:15:07.433", + "lastModified": "2025-01-15T10:15:07.433", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Image Gallery \u2013 Responsive Photo Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'awsmgallery' parameter in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/awesome-responsive-photo-gallery/trunk/inc/arpg-process-options.php?rev=1877314", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3221064%40awesome-responsive-photo-gallery&new=3221064%40awesome-responsive-photo-gallery&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca11e840-04bd-4731-bfa9-3bf8ed98e155?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-124xx/CVE-2024-12423.json b/CVE-2024/CVE-2024-124xx/CVE-2024-12423.json new file mode 100644 index 00000000000..eb1c384c023 --- /dev/null +++ b/CVE-2024/CVE-2024-124xx/CVE-2024-12423.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-12423", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-15T10:15:07.630", + "lastModified": "2025-01-15T10:15:07.630", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/cf7-redirect-thank-you-page/tags/1.0.7/includes/admin/tabs_page.php#L87", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3220810%40cf7-redirect-thank-you-page&new=3220810%40cf7-redirect-thank-you-page&sfp_email=&sfph_mail=#file19", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d67965c-f8f3-4868-a261-81cfc80dbcb3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-128xx/CVE-2024-12818.json b/CVE-2024/CVE-2024-128xx/CVE-2024-12818.json new file mode 100644 index 00000000000..23a9b99f5fc --- /dev/null +++ b/CVE-2024/CVE-2024-128xx/CVE-2024-12818.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-12818", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-15T10:15:07.803", + "lastModified": "2025-01-15T10:15:07.803", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Smart TV plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tv-video-player' shortcode in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3222468%40wp-smart-tv&new=3222468%40wp-smart-tv&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e1d7cf90-1a9f-4d88-9dfb-f48481095a0c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13351.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13351.json new file mode 100644 index 00000000000..5a24fd0a23e --- /dev/null +++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13351.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-13351", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-15T10:15:07.993", + "lastModified": "2025-01-15T10:15:07.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Social proof testimonials and reviews by Repuso plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rw_image_badge1' shortcode in all versions up to, and including, 5.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3222107/social-testimonials-and-reviews-widget/trunk/social-testimonials-and-reviews-widget.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff7ead53-4b20-48ba-95cd-118fb4eab330?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52337.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52337.json index c6a95a83420..8fafae825a6 100644 --- a/CVE-2024/CVE-2024-523xx/CVE-2024-52337.json +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52337.json @@ -2,7 +2,7 @@ "id": "CVE-2024-52337", "sourceIdentifier": "secalert@redhat.com", "published": "2024-11-26T16:15:17.717", - "lastModified": "2025-01-09T15:15:18.487", + "lastModified": "2025-01-15T10:15:08.200", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -68,6 +68,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:0195", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:0327", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-52337", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9636.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9636.json new file mode 100644 index 00000000000..bb3bddc1a20 --- /dev/null +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9636.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-9636", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-01-15T10:15:08.607", + "lastModified": "2025-01-15T10:15:08.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in versions 2.2.85 to 2.3.3. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register on the site as an administrator." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/post-grid/tags/2.2.93/includes/blocks/form-wrap/functions.php#L3200", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3117675/post-grid/trunk/includes/blocks/form-wrap/functions.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3221012/post-grid/trunk/includes/blocks/form-wrap/functions.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1bbe01b8-24ed-4e1e-bafc-0f4dea96c1f3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index e439668d107..2fdd917d13e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-15T09:00:30.545806+00:00 +2025-01-15T11:00:28.038209+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-15T08:15:26.650000+00:00 +2025-01-15T10:15:08.607000+00:00 ``` ### Last Data Feed Release @@ -33,26 +33,27 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -277424 +277431 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `7` -- [CVE-2024-11870](CVE-2024/CVE-2024-118xx/CVE-2024-11870.json) (`2025-01-15T08:15:25.633`) -- [CVE-2024-4227](CVE-2024/CVE-2024-42xx/CVE-2024-4227.json) (`2025-01-15T08:15:25.983`) -- [CVE-2024-7322](CVE-2024/CVE-2024-73xx/CVE-2024-7322.json) (`2025-01-15T08:15:26.177`) -- [CVE-2025-0354](CVE-2025/CVE-2025-03xx/CVE-2025-0354.json) (`2025-01-15T08:15:26.330`) -- [CVE-2025-0355](CVE-2025/CVE-2025-03xx/CVE-2025-0355.json) (`2025-01-15T08:15:26.493`) -- [CVE-2025-0356](CVE-2025/CVE-2025-03xx/CVE-2025-0356.json) (`2025-01-15T08:15:26.650`) +- [CVE-2024-10775](CVE-2024/CVE-2024-107xx/CVE-2024-10775.json) (`2025-01-15T10:15:07.030`) +- [CVE-2024-12297](CVE-2024/CVE-2024-122xx/CVE-2024-12297.json) (`2025-01-15T10:15:07.237`) +- [CVE-2024-12403](CVE-2024/CVE-2024-124xx/CVE-2024-12403.json) (`2025-01-15T10:15:07.433`) +- [CVE-2024-12423](CVE-2024/CVE-2024-124xx/CVE-2024-12423.json) (`2025-01-15T10:15:07.630`) +- [CVE-2024-12818](CVE-2024/CVE-2024-128xx/CVE-2024-12818.json) (`2025-01-15T10:15:07.803`) +- [CVE-2024-13351](CVE-2024/CVE-2024-133xx/CVE-2024-13351.json) (`2025-01-15T10:15:07.993`) +- [CVE-2024-9636](CVE-2024/CVE-2024-96xx/CVE-2024-9636.json) (`2025-01-15T10:15:08.607`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2024-12085](CVE-2024/CVE-2024-120xx/CVE-2024-12085.json) (`2025-01-15T07:15:27.843`) +- [CVE-2024-52337](CVE-2024/CVE-2024-523xx/CVE-2024-52337.json) (`2025-01-15T10:15:08.200`) ## Download and Usage diff --git a/_state.csv b/_state.csv index e618d5a9e00..025d0eae886 100644 --- a/_state.csv +++ b/_state.csv @@ -243887,6 +243887,7 @@ CVE-2024-10771,0,0,2941aae580639cf6274c20bc9b2c690170426b2770b2a94f5c4b36098b272 CVE-2024-10772,0,0,db9db8e407d46bc0a4189b0b98e43eb07c7b1da0fa6105f2dace53455f0c4d78,2024-12-06T13:15:05.763000 CVE-2024-10773,0,0,8dd7dd6daaeb57554e6f55991b2ea3bb44c5207c78c1459c9aae881124be2697,2024-12-06T13:15:05.897000 CVE-2024-10774,0,0,d680a4839a86b096aeb8b7cc2dc0ff08f28a9d77ee51ad1e46e78500ede5d2c6,2024-12-06T13:15:06.023000 +CVE-2024-10775,1,1,ecb15a99b245608bccd9c0793c98cd8f21947c22a853f6aef23499ce00b650c8,2025-01-15T10:15:07.030000 CVE-2024-10776,0,0,d0833c036a6562ea7c6928db6bfa29e04686cd0cb2268f7563ea9636f139506c,2024-12-06T13:15:06.147000 CVE-2024-10777,0,0,151aa045b3cc4f5e20403226014d6e3e0b6b3679df35fc7dcb5b2bc90ffc9083,2024-12-05T10:31:38.960000 CVE-2024-10778,0,0,7a530f50092a14180f4360e4ebb140fc0398b9f90314a295f3515df6641fb86b,2024-11-13T17:01:16.850000 @@ -244846,7 +244847,7 @@ CVE-2024-11867,0,0,f6acb417b5c25ca0787745f2bd6aa4f31f6cfd5553556db6c5bd027949960 CVE-2024-11868,0,0,5f9ba717e5bba6d40e615f3014a00e06d2189a88181101a3b1c6210ef70fffe1,2025-01-14T21:36:35.760000 CVE-2024-11869,0,0,a3baa31d4416f73c33dff88cf9049afe2222269653dc692e0c231b411ae31126,2024-12-14T05:15:08.533000 CVE-2024-1187,0,0,34bfab1d2868a509e17e58177c8ef1072428b9ace11ecd550f1c0daa57f2d37c,2024-11-21T08:49:59.543000 -CVE-2024-11870,1,1,e40bc630aac5ce6ae377e45037e34d36ed90a3a8d4dfacbabc353b9ccf08acc3,2025-01-15T08:15:25.633000 +CVE-2024-11870,0,0,e40bc630aac5ce6ae377e45037e34d36ed90a3a8d4dfacbabc353b9ccf08acc3,2025-01-15T08:15:25.633000 CVE-2024-11871,0,0,36cc57375a53657e02bd7a0a87b9e1475ef36a9df08a07761721bf952ae1c645,2024-12-12T06:15:22.327000 CVE-2024-11872,0,0,73a0c13648454617801aeec393eb6a762bb5263f614221a21da77057533ece08,2024-12-12T01:40:20.537000 CVE-2024-11873,0,0,83746cce2dad963e58a32339952bb6b4ae12bd4ff788e558b09e1ea778150265,2024-12-14T05:15:08.707000 @@ -245010,7 +245011,7 @@ CVE-2024-12077,0,0,fc51d2e5a9f19fe3fbf82780f8b1560f161bbef921778ce0625a7b0a00680 CVE-2024-1208,0,0,3c4b0e7895c1837530e812c9d592f58958b18ef870d236a49969dfb3f5e669a9,2024-11-21T08:50:02.590000 CVE-2024-12082,0,0,d67c450c190c0364d4b144dcd382bc569f8e4f4f12ff2a960005828e083c85c7,2024-12-11T17:12:56.793000 CVE-2024-12083,0,0,5fe27c2d4a4ee9695e52118078393ced73f3a0ce93a0eb895d11382e665ef303,2025-01-14T01:15:09.267000 -CVE-2024-12085,0,1,16afb68c64775ecf0b48facf338b16d0a7fcca926372e4bcec6854d6d1a66e98,2025-01-15T07:15:27.843000 +CVE-2024-12085,0,0,16afb68c64775ecf0b48facf338b16d0a7fcca926372e4bcec6854d6d1a66e98,2025-01-15T07:15:27.843000 CVE-2024-12086,0,0,5887c5c35fb1bf0c47e6f2f0b3ef201e9bfb6399ba1c3e952682d77d3c75c690,2025-01-14T22:15:26.370000 CVE-2024-12087,0,0,92444a4c8e1098ca810f0f12473e16166fd6e31f57a583a297e3521f39a5f70f,2025-01-14T22:15:26.503000 CVE-2024-12088,0,0,39bc38a877636df809df561923ec2731db5824435ee5727233c858fc237b049e,2025-01-14T22:15:26.600000 @@ -245174,6 +245175,7 @@ CVE-2024-12291,0,0,92bd6430c2e668a17bac8eff58d5c2110f868302e763b561cafc443091528 CVE-2024-12292,0,0,9c2e3f4715c47523d2f1e1d813aca821c280ab211aff2eeed6650ad59c376aa9,2024-12-12T12:15:22.470000 CVE-2024-12293,0,0,2953fa4e59ad0d89a9c80037ec9c293444942d58e596c71e3b8975df1192ecb7,2024-12-17T09:15:05.347000 CVE-2024-12294,0,0,beb757b9be530a21bd62fb0889c97c31013e2208ab8db98bc3384b757caf5365,2024-12-11T11:15:06.623000 +CVE-2024-12297,1,1,45eb13901ddb02484873bfc3afb1fc35bfd6bb4fc5cc6a0b2e410b20a5479229,2025-01-15T10:15:07.237000 CVE-2024-12298,0,0,45127e972135e0f663b287dd98e22a839e86dfce6953e71f91ed596ac81f4e99,2025-01-14T01:15:09.423000 CVE-2024-1230,0,0,4e58704ea3cd6d96f1b95bf7630f56ca27fd7e9cf7f7c464007165035f04082e,2024-11-21T08:50:06.710000 CVE-2024-12300,0,0,0328248a8fb43f00ec541ab5455f8917a3d5219f0a666c2cc7f8e41b776c4b36,2024-12-13T04:15:05.073000 @@ -245250,6 +245252,7 @@ CVE-2024-12398,0,0,edce43a555297dcf503d2b9755d2cabdf06ebe415f26cf31fc5ce1bbfc43a CVE-2024-1240,0,0,28733ede53b96385ee0de4a7c5187b3db0d925b1e4ab6e977522dc277dee75de,2024-11-19T19:04:53.913000 CVE-2024-12401,0,0,ba741c7b51198b95eba245807f65253a1c54ea777ddd918337cd97bd144396fe,2024-12-12T09:15:05.790000 CVE-2024-12402,0,0,36e3ce185be6b6d4714b97d0b9e949abc75eb52a2fa273901aa2b4c0f962b168,2025-01-07T04:15:07.990000 +CVE-2024-12403,1,1,65ae156d0994605ba4bf9e3cb2d05e75cca4e5dc5d2e8d7fe17cdf557025effe,2025-01-15T10:15:07.433000 CVE-2024-12404,0,0,0ae799af50bc1f8f81ca73c24e0c487e6cb95e7dbb212bb43b7dafb4f227c072,2025-01-11T03:15:21.140000 CVE-2024-12405,0,0,631a04fc890c6ac2fbe1fd822df1e67f289f1ef7b029b11f0950a96d4993c03b,2024-12-24T06:15:33.123000 CVE-2024-12406,0,0,3a24bd925fcaee835bc0ee30f7ad38b16626ae1e5c8470fedd28227d3dd60123,2024-12-12T05:15:12.210000 @@ -245267,6 +245270,7 @@ CVE-2024-1242,0,0,8257984bba04d3b8d9819d4344dfe11cb91111c964df741c73e350923121da CVE-2024-12420,0,0,ae8d110f5efef295dc5d542d71461638a083f9c010e00a24758178ab1b247bfd,2024-12-13T09:15:08.627000 CVE-2024-12421,0,0,d0800edd844bf37ccee00fc76da3ec64bb2b51e717430e725122892ee39e78eb,2024-12-13T09:15:08.870000 CVE-2024-12422,0,0,27a2b7b5579aea6b626e898353e29adaf77dce7f7392fa2cdcdfb4f6d55292dc,2024-12-14T06:15:19.357000 +CVE-2024-12423,1,1,3555afe86904ac107f3db4c4d72aa253a40f0541e51402914a1017949cc8c3b5,2025-01-15T10:15:07.630000 CVE-2024-12425,0,0,d885296390121d087e04ef42b8491b76f893200d98a386f95c4a72f26f9f2359,2025-01-07T12:15:24.183000 CVE-2024-12426,0,0,172dd3632cc915a80121d55ee02d9001ce95b069ca8a1e5b844628b1eeffffb6,2025-01-07T13:15:07.210000 CVE-2024-12428,0,0,0dc42c82097510dcd67ba200f4a63250bd059d1ff61bcff7d39f7b5f34a5af10,2024-12-25T05:15:06.920000 @@ -245522,6 +245526,7 @@ CVE-2024-12803,0,0,71d62dec252a0f259b2c18f826038e36f57f9a647b87e6ff28541f3fd967b CVE-2024-12805,0,0,d6094291885dfb29bd5a5da62c0372feb6c8c3ca251ef60e837bbb54cbe9775b,2025-01-09T15:15:15.060000 CVE-2024-12806,0,0,c45480b247444cb90e8e7a223e8acaf0bdfdffdda029f1c1e4cf3d9ef4282b4a,2025-01-09T21:15:24.797000 CVE-2024-12814,0,0,9d88ed8035fdc2fe3c6fe32e0accb8f4976205d682521fcc6260cfe967c9dc43,2024-12-24T07:15:10.800000 +CVE-2024-12818,1,1,a3cee6dac7f2558cc02053bf5ae1b32f28fed83f74b72abd85104144303936af,2025-01-15T10:15:07.803000 CVE-2024-12819,0,0,d67b85742967f9e166e23a2e5c4440d086b3b3988f6b73108d4bee255219b06d,2025-01-09T11:15:15.657000 CVE-2024-1282,0,0,e6b07825f0f3597687613e3a6164d0e157f6f527c33c61eb8d90ec07193bdec2,2024-11-21T08:50:13.520000 CVE-2024-12828,0,0,a29f7d175d08af9e9a3e3b2d9a239843d4c47c7b84f9529c7b9ddf19ae5c7fea,2024-12-30T17:15:07.717000 @@ -245918,6 +245923,7 @@ CVE-2024-13334,0,0,30c432abb97d04ee92181b3fbe024f7609d999db2107b6b42ffcc6057b3cd CVE-2024-1334,0,0,5cd8113de272a8c461c68981cf2d6addc6166d9cf4d9dbad0d56a2a1ca671349,2024-12-31T16:48:40.290000 CVE-2024-13348,0,0,28a0ee7b4191c68c40fabdc5ca96e1c7f939c87fdb38db21e8b32e455395118b,2025-01-14T04:15:09.200000 CVE-2024-1335,0,0,82fb69da532892baa7a81804ae338bd46e69a8bbbad77be8c22b678b91bcc8f9,2024-12-31T16:50:11.167000 +CVE-2024-13351,1,1,82f0f1a80f8f2950e9c84e7abdd61c165fb4e8543af42fe1c6d847744006626a,2025-01-15T10:15:07.993000 CVE-2024-1336,0,0,5ac217bb74b5afa6bf4a3181b1971e5eb197bf861678b67cc85953b7d0e71d82,2024-12-31T16:51:04.857000 CVE-2024-1337,0,0,ecd9569d803b0ad7e93765437336dbe54b6bca900bd0d8d6a4265ae95a2bd0fa,2024-11-21T08:50:21.857000 CVE-2024-1338,0,0,dc2761903a1c29795472be9ec50c80e554c7222ddc44792707b7eb37ea2462f8,2024-12-31T16:51:41.113000 @@ -263463,7 +263469,7 @@ CVE-2024-42266,0,0,e3773d6d9416557898775f8e251bb3caface8cb0ca7f14ef02f46bb386d50 CVE-2024-42267,0,0,881474d04f014e3df273462be8ded36c9d57a485e542f49fb9e4732784ec7797,2024-08-19T12:59:59.177000 CVE-2024-42268,0,0,32405a14e4dd6aeea6b8bac7d9fbbbb26f3abdb388425d48d9528ab8165ab983,2024-08-19T20:52:49.323000 CVE-2024-42269,0,0,02987285ba6a510a4f86004b6c012db3daaca6a917d5ddca0195d2e4fddf6486,2024-08-19T20:53:51.717000 -CVE-2024-4227,1,1,58e47d5be6c4e2dd73b4cd46c9ec9dc6f4ce44db3dbfd2264ae51caa2d816627,2025-01-15T08:15:25.983000 +CVE-2024-4227,0,0,58e47d5be6c4e2dd73b4cd46c9ec9dc6f4ce44db3dbfd2264ae51caa2d816627,2025-01-15T08:15:25.983000 CVE-2024-42270,0,0,6b50e5a9597b9526acb4eaeebc4139bcf4abc11e8002fddbaf9c4256b84553ae,2024-08-19T20:01:09.520000 CVE-2024-42271,0,0,9523571215d77ef04f2ffa9461360c070595c5ed9f9b05d782d5f2b6bed98b5c,2024-08-19T20:03:31.840000 CVE-2024-42272,0,0,4fdcca2a8e5f5cc9a2a4cb69a5754d8e5d4f5b4acbe21ea4a0783f9d615cf61b,2024-09-30T13:40:21.843000 @@ -270438,7 +270444,7 @@ CVE-2024-52332,0,0,af74adb12488f71127ab8b372db4933520d8b9b1a04d45a629e928fac8569 CVE-2024-52333,0,0,1ffe9afc2aea0a607b789fb43fe253b28e5ac25c7d1bf7f3add2a0a67ed110ca,2025-01-13T16:15:17.990000 CVE-2024-52335,0,0,e1e5dff8245ade7d0df486779ba826bca2b65cb6a4f443a05cb574ac0185e48c,2024-12-06T14:15:21.230000 CVE-2024-52336,0,0,160e4fdf3c9ddd8c08bcb01e538c5c08889e84ce5825eea53a2a7d6fc852d283,2024-12-05T14:15:21.663000 -CVE-2024-52337,0,0,2f176d611c76ed2c70dfbd95e56604f633499376027c37a803684cca5d8e25a6,2025-01-09T15:15:18.487000 +CVE-2024-52337,0,1,bd4320b1d4de56d3501987fc288b67bfc08a7fabe88f6e528abab1c58d934b46,2025-01-15T10:15:08.200000 CVE-2024-52338,0,0,9bcca0f5584def2789a1613da17d1dfa11f003cf9877e634fced8f070cd4a571,2024-11-29T15:15:17.550000 CVE-2024-52339,0,0,8c254a85b0cc7761c2c8f8cf7f1a34f104621eefc5d8f80c80f60233cb82f4fd,2024-11-19T21:57:32.967000 CVE-2024-5234,0,0,3621dd7a9355ab69fb44113adac5d6db321db5bd9e4f974601bbdcdbc1644b98,2024-11-21T09:47:14.493000 @@ -274573,7 +274579,7 @@ CVE-2024-7318,0,0,8cbca515fa6d8fbd9808eb88225bf271b50136ae9aabf8f4edc8bdb9df7d7f CVE-2024-7319,0,0,4525edc8de27c7880ec08e0f3c2fc246097df2a636951ddea8eaec76b898d5fc,2024-10-07T19:15:11.090000 CVE-2024-7320,0,0,3663c335309fba0eb777ff800cafcae28d107b8f49aacc2ab9010c2b3b0bbe51,2024-08-12T16:47:36.887000 CVE-2024-7321,0,0,a8c12720720f2bd402d58186893bb07a37c72ff78244c59b25b745e59e6b34a4,2024-08-12T16:49:01.887000 -CVE-2024-7322,1,1,104fd3773da1ec9f2bda207b34daadf1128c22bb3d4009141c21da5272515344,2025-01-15T08:15:26.177000 +CVE-2024-7322,0,0,104fd3773da1ec9f2bda207b34daadf1128c22bb3d4009141c21da5272515344,2025-01-15T08:15:26.177000 CVE-2024-7323,0,0,8601d2f72a02fd3ae2c8cdb848b5505e38f292f5bb4774667cf7b2bab4a3b63e,2024-09-11T14:22:46.903000 CVE-2024-7324,0,0,09c95ac35280a11643c9f113bb1122fbd2f0071a06f32fe119264658dda4f997,2024-08-01T12:42:36.933000 CVE-2024-7325,0,0,3cc8d3abb0f14185c057bb972ab039a93906a7d808c343cc1cdb18f358102453,2024-09-11T15:42:50.473000 @@ -276493,6 +276499,7 @@ CVE-2024-9632,0,0,239a4c189d3eed560921482fe12c18bb19732b61a1100ff2b6e56460beb86e CVE-2024-9633,0,0,464719aabf82d4c51da737aba0ef58dd3d7e243c61253713abe304606828160b,2024-12-12T21:43:44.480000 CVE-2024-9634,0,0,7b5dabf15ae54de4daab48b64d2e27f430eb55d7ab2217a5e19376e8531d6f32,2024-10-16T16:38:14.557000 CVE-2024-9635,0,0,9f77fd7ccc96fa6d4c00f44465f9f4a309bfc7a2ae1c26c3627ef0449f3c9e02,2024-11-23T07:15:05.027000 +CVE-2024-9636,1,1,47e4fcb859ba924f99260aab4edf6abeec61413c79d458738639482ac39379d7,2025-01-15T10:15:08.607000 CVE-2024-9637,0,0,0f4d16db68000f66da50bae84c41a0f228004e7436fcad95d0969905f72e932a,2024-10-28T13:58:09.230000 CVE-2024-9638,0,0,d242a26cf294563aa693c3b48eace80fd3f0c8397670ca74457232bc92e1deda,2025-01-07T16:15:38.170000 CVE-2024-9641,0,0,1af3f797b9845e72a30c1ec84ed9cc9350f350e1f0f00ee15b2f0dce5766f023,2024-12-12T18:15:28.297000 @@ -276907,9 +276914,9 @@ CVE-2025-0346,0,0,3ca882ed5f0f6ff30f77b6214e7e7bdd383925e6a59aee9ebd80a0c7383e3b CVE-2025-0347,0,0,ec55ad444ba1a81cdc39b917c4d69e23fb6f894614506108703cecaf8b681d74,2025-01-09T10:15:07.170000 CVE-2025-0348,0,0,caf29c7d10aa1d0bc868897d1f5fe71d1c997b913af05adf015858af50a20840,2025-01-09T10:15:07.700000 CVE-2025-0349,0,0,5c5bde0373ec0c26c713a0d565cd6e4461e0dfe3c3d54fa435cc26640f811d63,2025-01-09T11:15:16.547000 -CVE-2025-0354,1,1,d346f95fc15ab97802a71c3b9eea7692ca5351a1209bc93508539ce9d3279e05,2025-01-15T08:15:26.330000 -CVE-2025-0355,1,1,33e06caab68d0194ce530505431588240b2a7740117cb710b974201c33bb57f0,2025-01-15T08:15:26.493000 -CVE-2025-0356,1,1,536ff409278f7933d4a453ae82fd41c47596f9a16213b1ee32a364925d5f4dda,2025-01-15T08:15:26.650000 +CVE-2025-0354,0,0,d346f95fc15ab97802a71c3b9eea7692ca5351a1209bc93508539ce9d3279e05,2025-01-15T08:15:26.330000 +CVE-2025-0355,0,0,33e06caab68d0194ce530505431588240b2a7740117cb710b974201c33bb57f0,2025-01-15T08:15:26.493000 +CVE-2025-0356,0,0,536ff409278f7933d4a453ae82fd41c47596f9a16213b1ee32a364925d5f4dda,2025-01-15T08:15:26.650000 CVE-2025-0390,0,0,e8680a8850f5f93c327358a0bafb5800686853499fcfad6c845505a58dd62509,2025-01-11T08:15:26.527000 CVE-2025-0391,0,0,92a57f196719fdf887816695b3a83526079e0969236a36b3dfc45b775c9f93d0,2025-01-11T09:15:05.937000 CVE-2025-0392,0,0,aa9606366d99278451746d2e901d7f278b325bf8d4482ec56713b1565fb0cf2e,2025-01-11T11:15:06.657000