From 7b5fadab6b22e55bb6ad57bfb65857593b55b361 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 31 Oct 2024 03:03:19 +0000 Subject: [PATCH] Auto-Update: 2024-10-31T03:00:19.409608+00:00 --- CVE-2024/CVE-2024-104xx/CVE-2024-10447.json | 65 ++++++++- CVE-2024/CVE-2024-105xx/CVE-2024-10544.json | 60 +++++++++ CVE-2024/CVE-2024-105xx/CVE-2024-10556.json | 137 +++++++++++++++++++ CVE-2024/CVE-2024-105xx/CVE-2024-10557.json | 141 ++++++++++++++++++++ CVE-2024/CVE-2024-105xx/CVE-2024-10559.json | 141 ++++++++++++++++++++ CVE-2024/CVE-2024-105xx/CVE-2024-10561.json | 137 +++++++++++++++++++ CVE-2024/CVE-2024-205xx/CVE-2024-20526.json | 72 +++++++++- CVE-2024/CVE-2024-483xx/CVE-2024-48307.json | 29 ++++ CVE-2024/CVE-2024-483xx/CVE-2024-48311.json | 21 +++ CVE-2024/CVE-2024-504xx/CVE-2024-50465.json | 51 ++++++- CVE-2024/CVE-2024-504xx/CVE-2024-50470.json | 51 ++++++- CVE-2024/CVE-2024-504xx/CVE-2024-50471.json | 51 ++++++- CVE-2024/CVE-2024-504xx/CVE-2024-50472.json | 51 ++++++- CVE-2024/CVE-2024-504xx/CVE-2024-50478.json | 62 ++++++++- CVE-2024/CVE-2024-504xx/CVE-2024-50492.json | 51 ++++++- CVE-2024/CVE-2024-504xx/CVE-2024-50498.json | 51 ++++++- CVE-2024/CVE-2024-506xx/CVE-2024-50613.json | 58 +++++++- README.md | 43 +++--- _state.csv | 55 ++++---- 19 files changed, 1249 insertions(+), 78 deletions(-) create mode 100644 CVE-2024/CVE-2024-105xx/CVE-2024-10544.json create mode 100644 CVE-2024/CVE-2024-105xx/CVE-2024-10556.json create mode 100644 CVE-2024/CVE-2024-105xx/CVE-2024-10557.json create mode 100644 CVE-2024/CVE-2024-105xx/CVE-2024-10559.json create mode 100644 CVE-2024/CVE-2024-105xx/CVE-2024-10561.json create mode 100644 CVE-2024/CVE-2024-483xx/CVE-2024-48307.json create mode 100644 CVE-2024/CVE-2024-483xx/CVE-2024-48311.json diff --git a/CVE-2024/CVE-2024-104xx/CVE-2024-10447.json b/CVE-2024/CVE-2024-104xx/CVE-2024-10447.json index cd6425d6a9b..5b4bdb8d45d 100644 --- a/CVE-2024/CVE-2024-104xx/CVE-2024-10447.json +++ b/CVE-2024/CVE-2024-104xx/CVE-2024-10447.json @@ -2,13 +2,17 @@ "id": "CVE-2024-10447", "sourceIdentifier": "cna@vuldb.com", "published": "2024-10-28T13:15:04.103", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:23:46.300", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. Affected by this vulnerability is an unknown functionality of the file /timetable/staff/staffdashboard.php?info=updateprofile. The manipulation of the argument n leads to sql injection. The attack can be launched remotely." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Project Worlds Online Time Table Generator 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /timetable/staff/staffdashboard.php?info=updateprofile. La manipulaci\u00f3n del argumento n conduce a una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota." } ], "metrics": { @@ -57,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -116,22 +140,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:projectworlds:online_time_table_generator:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "89AF98EE-9983-48E4-B200-212717C6C739" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jadu101/CVE/blob/main/project_worlds_online_time_table_generator_update_profile_sqli.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.282007", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.282007", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.432372", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10544.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10544.json new file mode 100644 index 00000000000..f28d88f4880 --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10544.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10544", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-31T02:15:03.080", + "lastModified": "2024-10-31T02:15:03.080", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.1.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information about users contained in the exposed log files." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/woo-manage-fraud-orders/trunk/includes/class-wmfo-debug-log.php#L25", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a62df5f6-64b0-4489-9dde-0d472040ee12?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10556.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10556.json new file mode 100644 index 00000000000..e7b4cf8b8a0 --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10556.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-10556", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-31T01:15:14.253", + "lastModified": "2024-10-31T01:15:14.253", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. Affected is an unknown function of the file birdsadd.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ppp-src/CVE/issues/28", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282558", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282558", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.432727", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10557.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10557.json new file mode 100644 index 00000000000..fe1daf891ee --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10557.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10557", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-31T01:15:14.527", + "lastModified": "2024-10-31T01:15:14.527", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /file/updateprofile.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/bevennyamande/bloodbank_profile_update_csrf", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282559", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282559", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.433057", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10559.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10559.json new file mode 100644 index 00000000000..7698c92c3ac --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10559.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-10559", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-31T02:15:03.370", + "lastModified": "2024-10-31T02:15:03.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function details of the component Passport Number Handler. The manipulation leads to buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "LOCAL", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 4.3 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 3.1, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/CveSecLook/cve/issues/64", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282560", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282560", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.433262", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10561.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10561.json new file mode 100644 index 00000000000..2c3c50fd898 --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10561.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-10561", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-31T02:15:03.680", + "lastModified": "2024-10-31T02:15:03.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file birdsupdate.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ppp-src/CVE/issues/29", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.282561", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.282561", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.434445", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-205xx/CVE-2024-20526.json b/CVE-2024/CVE-2024-205xx/CVE-2024-20526.json index f7404c2306c..28d7b37c485 100644 --- a/CVE-2024/CVE-2024-205xx/CVE-2024-20526.json +++ b/CVE-2024/CVE-2024-205xx/CVE-2024-20526.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20526", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-10-23T18:15:13.303", - "lastModified": "2024-10-25T12:56:07.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:08:26.047", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -51,10 +81,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.67:*:*:*:*:*:*:*", + "matchCriteriaId": "2D87807D-4915-4785-A87C-CE3C1F825378" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.4.70:*:*:*:*:*:*:*", + "matchCriteriaId": "259825FC-469E-47AA-AD5C-E6C6F863A399" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.40:*:*:*:*:*:*:*", + "matchCriteriaId": "95E7E362-4181-4D05-A391-634829CF3DA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.3:*:*:*:*:*:*:*", + "matchCriteriaId": "4B6648F1-B019-4A67-A1D6-9B8FD522E393" + } + ] + } + ] + } + ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM", - "source": "ykramarz@cisco.com" + "source": "ykramarz@cisco.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-483xx/CVE-2024-48307.json b/CVE-2024/CVE-2024-483xx/CVE-2024-48307.json new file mode 100644 index 00000000000..dd563cf2004 --- /dev/null +++ b/CVE-2024/CVE-2024-483xx/CVE-2024-48307.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-48307", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-31T01:15:14.803", + "lastModified": "2024-10-31T01:15:14.803", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/jeecgboot", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/jeecgboot/JeecgBoot", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/jeecgboot/JeecgBoot/issues/7237", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-483xx/CVE-2024-48311.json b/CVE-2024/CVE-2024-483xx/CVE-2024-48311.json new file mode 100644 index 00000000000..e0294b7deac --- /dev/null +++ b/CVE-2024/CVE-2024-483xx/CVE-2024-48311.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-48311", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-10-31T02:15:04.003", + "lastModified": "2024-10-31T02:15:04.003", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Piwigo v14.5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit album function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/whiteshark2k/Piwigo-CSRF/blob/main/Piwigo-CSRF.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50465.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50465.json index 7034cc42ffc..f2fc74a76cf 100644 --- a/CVE-2024/CVE-2024-504xx/CVE-2024-50465.json +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50465.json @@ -2,17 +2,41 @@ "id": "CVE-2024-50465", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-28T13:15:04.950", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:27:11.423", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP SEO \u2013 Calin Vingan Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a through 1.6.001." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en WP SEO \u2013 Calin Vingan Premium SEO Pack permite la inyecci\u00f3n SQL. Este problema afecta a Premium SEO Pack: desde n/a hasta 1.6.001." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -47,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:squirrly:premium_seo_pack:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.6.002", + "matchCriteriaId": "4C26A680-DE36-43BB-8431-2D381A3F078C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/premium-seo-pack/wordpress-premium-seo-pack-plugin-1-6-001-sql-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50470.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50470.json index 95c16970f22..66309080eee 100644 --- a/CVE-2024/CVE-2024-504xx/CVE-2024-50470.json +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50470.json @@ -2,17 +2,41 @@ "id": "CVE-2024-50470", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-28T13:15:05.177", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:30:24.100", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themes4WP Themes4WP YouTube External Subtitles allows Stored XSS.This issue affects Themes4WP YouTube External Subtitles: from n/a through 1.0." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Themes4WP Themes4WP YouTube External Subtitles permiten XSS almacenado. Este problema afecta a Themes4WP YouTube External Subtitles: desde n/a hasta 1.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -47,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themes4wp:youtube_external_subtitles:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0", + "matchCriteriaId": "1D5EA2D9-B9BA-4E75-9522-2C74828632F8" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/themes4wp-youtube-external-subtitles/wordpress-themes4wp-youtube-external-subtitles-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50471.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50471.json index e19bd3d5815..89531d94d48 100644 --- a/CVE-2024/CVE-2024-504xx/CVE-2024-50471.json +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50471.json @@ -2,17 +2,41 @@ "id": "CVE-2024-50471", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-28T13:15:05.413", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:37:07.183", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Checklist Trip Plan allows Stored XSS.This issue affects Trip Plan: from n/a through 1.0.10." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Checklist Trip Plan permite XSS almacenado. Este problema afecta a Trip Plan: desde n/a hasta 1.0.10." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -47,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checklist:trip_plan:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.10", + "matchCriteriaId": "9C7F25ED-F9DE-4E17-94A5-A67B9174150A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/tripplan/wordpress-trip-plan-plugin-1-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50472.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50472.json index b2ae9a61da0..e505e5c96d9 100644 --- a/CVE-2024/CVE-2024-504xx/CVE-2024-50472.json +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50472.json @@ -2,17 +2,41 @@ "id": "CVE-2024-50472", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-28T13:15:05.643", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:42:02.520", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Drapeau Amilia Store allows Stored XSS.This issue affects Amilia Store: from n/a through 2.9.8." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Martin Drapeau Amilia Store permite XSS almacenado. Este problema afecta a Amilia Store: desde n/a hasta 2.9.8." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -47,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:amilia:store:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.9.8", + "matchCriteriaId": "E0DD5389-859B-434D-824F-DCC815946FA0" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/amilia-store/wordpress-amilia-store-plugin-2-9-8-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50478.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50478.json index b17d203d44e..dbc23a50b47 100644 --- a/CVE-2024/CVE-2024-504xx/CVE-2024-50478.json +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50478.json @@ -2,17 +2,41 @@ "id": "CVE-2024-50478", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-28T13:15:05.870", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:44:47.407", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication: 1.4.5." + }, + { + "lang": "es", + "value": "La vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n por debilidad primaria en Swoop 1-Click Login: Passwordless Authentication permite la omisi\u00f3n de autenticaci\u00f3n. Este problema afecta a 1-Click Login: Passwordless Authentication: 1.4.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -37,8 +61,18 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -47,10 +81,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:swoopnow:1-click_login\\:_passwordless_authentication:1.4.5:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "C5F9DAB3-6F52-45DF-A8EA-A1AF3C63BCAA" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/swoop-password-free-authentication/wordpress-1-click-login-passwordless-authentication-plugin-1-4-5-broken-authentication-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50492.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50492.json index 5d9a12f8e02..6be4bb588d0 100644 --- a/CVE-2024/CVE-2024-504xx/CVE-2024-50492.json +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50492.json @@ -2,17 +2,41 @@ "id": "CVE-2024-50492", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-28T12:15:16.973", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:12:02.283", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson ScottCart allows Code Injection.This issue affects ScottCart: from n/a through 1.1." + }, + { + "lang": "es", + "value": "Vulnerabilidad de control inadecuado de generaci\u00f3n de c\u00f3digo ('inyecci\u00f3n de c\u00f3digo') en Scott Paterson ScottCart permite la inyecci\u00f3n de c\u00f3digo. Este problema afecta a ScottCart: desde n/a hasta 1.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -47,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:scottpaterson:scottcart:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.1", + "matchCriteriaId": "A9651BF7-DF5E-4684-AFCD-A9D4302DBA68" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/scottcart/wordpress-scottcart-plugin-1-1-remote-code-execution-rce-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50498.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50498.json index 76b86b62325..d283e0b5e05 100644 --- a/CVE-2024/CVE-2024-504xx/CVE-2024-50498.json +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50498.json @@ -2,17 +2,41 @@ "id": "CVE-2024-50498", "sourceIdentifier": "audit@patchstack.com", "published": "2024-10-28T12:15:17.177", - "lastModified": "2024-10-28T13:58:09.230", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-10-31T01:16:41.317", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de control inadecuado de generaci\u00f3n de c\u00f3digo ('Inyecci\u00f3n de c\u00f3digo') en LUBUS WP Query Console permite la inyecci\u00f3n de c\u00f3digo. Este problema afecta a WP Query Console: desde n/a hasta 1.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -47,10 +71,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lubus:wp_query_console:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0", + "matchCriteriaId": "28E89900-F8F0-469C-A369-5D227F6E2E4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-query-console/wordpress-wp-query-console-plugin-1-0-remote-code-execution-rce-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50613.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50613.json index d8e201c2085..7fb77fe21ec 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50613.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50613.json @@ -2,8 +2,8 @@ "id": "CVE-2024-50613", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-27T22:15:03.660", - "lastModified": "2024-10-30T20:35:34.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-10-31T00:58:54.497", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-617" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,10 +81,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libsndfile_project:libsndfile:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2.2", + "matchCriteriaId": "9E71DB9F-FE9E-4369-8473-8D7B860D03DE" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libsndfile/libsndfile/issues/1034", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 9e8be232fb0..1e8589bc6ec 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-31T00:55:37.632779+00:00 +2024-10-31T03:00:19.409608+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-31T00:52:18.370000+00:00 +2024-10-31T02:15:04.003000+00:00 ``` ### Last Data Feed Release @@ -27,39 +27,42 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-10-30T01:00:10.103737+00:00 +2024-10-31T01:00:10.086718+00:00 ``` ### Total Number of included CVEs ```plain -267702 +267709 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `7` +- [CVE-2024-10544](CVE-2024/CVE-2024-105xx/CVE-2024-10544.json) (`2024-10-31T02:15:03.080`) +- [CVE-2024-10556](CVE-2024/CVE-2024-105xx/CVE-2024-10556.json) (`2024-10-31T01:15:14.253`) +- [CVE-2024-10557](CVE-2024/CVE-2024-105xx/CVE-2024-10557.json) (`2024-10-31T01:15:14.527`) +- [CVE-2024-10559](CVE-2024/CVE-2024-105xx/CVE-2024-10559.json) (`2024-10-31T02:15:03.370`) +- [CVE-2024-10561](CVE-2024/CVE-2024-105xx/CVE-2024-10561.json) (`2024-10-31T02:15:03.680`) +- [CVE-2024-48307](CVE-2024/CVE-2024-483xx/CVE-2024-48307.json) (`2024-10-31T01:15:14.803`) +- [CVE-2024-48311](CVE-2024/CVE-2024-483xx/CVE-2024-48311.json) (`2024-10-31T02:15:04.003`) ### CVEs modified in the last Commit -Recently modified CVEs: `14` +Recently modified CVEs: `10` -- [CVE-2024-10374](CVE-2024/CVE-2024-103xx/CVE-2024-10374.json) (`2024-10-31T00:00:05.510`) -- [CVE-2024-10378](CVE-2024/CVE-2024-103xx/CVE-2024-10378.json) (`2024-10-30T23:58:55.990`) -- [CVE-2024-10438](CVE-2024/CVE-2024-104xx/CVE-2024-10438.json) (`2024-10-31T00:52:18.370`) -- [CVE-2024-10439](CVE-2024/CVE-2024-104xx/CVE-2024-10439.json) (`2024-10-31T00:35:36.173`) -- [CVE-2024-10440](CVE-2024/CVE-2024-104xx/CVE-2024-10440.json) (`2024-10-31T00:34:23.870`) -- [CVE-2024-47035](CVE-2024/CVE-2024-470xx/CVE-2024-47035.json) (`2024-10-31T00:05:18.113`) -- [CVE-2024-47481](CVE-2024/CVE-2024-474xx/CVE-2024-47481.json) (`2024-10-31T00:01:40.487`) -- [CVE-2024-47483](CVE-2024/CVE-2024-474xx/CVE-2024-47483.json) (`2024-10-31T00:01:05.127`) -- [CVE-2024-48427](CVE-2024/CVE-2024-484xx/CVE-2024-48427.json) (`2024-10-31T00:07:25.997`) -- [CVE-2024-50477](CVE-2024/CVE-2024-504xx/CVE-2024-50477.json) (`2024-10-31T00:24:28.160`) -- [CVE-2024-50487](CVE-2024/CVE-2024-504xx/CVE-2024-50487.json) (`2024-10-31T00:17:48.153`) -- [CVE-2024-50489](CVE-2024/CVE-2024-504xx/CVE-2024-50489.json) (`2024-10-31T00:16:07.977`) -- [CVE-2024-9355](CVE-2024/CVE-2024-93xx/CVE-2024-9355.json) (`2024-10-30T23:15:13.917`) -- [CVE-2024-9675](CVE-2024/CVE-2024-96xx/CVE-2024-9675.json) (`2024-10-30T23:15:14.133`) +- [CVE-2024-10447](CVE-2024/CVE-2024-104xx/CVE-2024-10447.json) (`2024-10-31T01:23:46.300`) +- [CVE-2024-20526](CVE-2024/CVE-2024-205xx/CVE-2024-20526.json) (`2024-10-31T01:08:26.047`) +- [CVE-2024-50465](CVE-2024/CVE-2024-504xx/CVE-2024-50465.json) (`2024-10-31T01:27:11.423`) +- [CVE-2024-50470](CVE-2024/CVE-2024-504xx/CVE-2024-50470.json) (`2024-10-31T01:30:24.100`) +- [CVE-2024-50471](CVE-2024/CVE-2024-504xx/CVE-2024-50471.json) (`2024-10-31T01:37:07.183`) +- [CVE-2024-50472](CVE-2024/CVE-2024-504xx/CVE-2024-50472.json) (`2024-10-31T01:42:02.520`) +- [CVE-2024-50478](CVE-2024/CVE-2024-504xx/CVE-2024-50478.json) (`2024-10-31T01:44:47.407`) +- [CVE-2024-50492](CVE-2024/CVE-2024-504xx/CVE-2024-50492.json) (`2024-10-31T01:12:02.283`) +- [CVE-2024-50498](CVE-2024/CVE-2024-504xx/CVE-2024-50498.json) (`2024-10-31T01:16:41.317`) +- [CVE-2024-50613](CVE-2024/CVE-2024-506xx/CVE-2024-50613.json) (`2024-10-31T00:58:54.497`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 96e3b240814..73d12edd58c 100644 --- a/_state.csv +++ b/_state.csv @@ -242552,10 +242552,10 @@ CVE-2024-1037,0,0,dc80ea945a1c7339fa73e61584161c3f0eb5c7e682984c3146b230e695ed7d CVE-2024-10370,0,0,810741af1a3bf30d10bf8fd3a18c7ee61ae1ab9f3ef9c730b2d4820dea325396,2024-10-30T16:38:40.240000 CVE-2024-10371,0,0,0850681dd0b7affd7117bf912b3d2c475da42ed7b5f5270f8839e339171d9bac,2024-10-30T14:51:07.863000 CVE-2024-10372,0,0,55d82ebc64e3347208b42e044461acfe18dba6e494597fc717ca90fd21fd7f16,2024-10-25T12:56:07.750000 -CVE-2024-10374,0,1,59bba53bba8dcb6bcfc375aa5430a3869e7605a1791381fc737854720c5b6516,2024-10-31T00:00:05.510000 +CVE-2024-10374,0,0,59bba53bba8dcb6bcfc375aa5430a3869e7605a1791381fc737854720c5b6516,2024-10-31T00:00:05.510000 CVE-2024-10376,0,0,f82f08f1ceca9553145aba97b8462c352f4e5d7c7ee750ca3d73316f521c8aa7,2024-10-25T12:56:07.750000 CVE-2024-10377,0,0,a15010b5ad5322f79230df4206509f3830d24cc27a02c60cbaafdcf05dc546a6,2024-10-25T12:56:07.750000 -CVE-2024-10378,0,1,0519ccfb9ffb217aa5525f603630d31015664bf59560310b4f925870ef4ebbb8,2024-10-30T23:58:55.990000 +CVE-2024-10378,0,0,0519ccfb9ffb217aa5525f603630d31015664bf59560310b4f925870ef4ebbb8,2024-10-30T23:58:55.990000 CVE-2024-10379,0,0,214be4d491421db3527c631a39011912a259f53e90e222f386f0e0be59c2557a,2024-10-30T18:54:15.323000 CVE-2024-1038,0,0,c7b47d6608546def6f3304631405edc76ac6151bae95644217fe0b19e7498b5e,2024-03-13T18:16:18.563000 CVE-2024-10380,0,0,c0bfbd9ad4334d0e506431d63b2a93926d9f9867b959b3bb457de8428d08215c,2024-10-28T13:58:09.230000 @@ -242601,12 +242601,12 @@ CVE-2024-10434,0,0,f9a031ee95bd658c2fe9253d4ed2ae867e5902a8cd9d172e239b9cea0516e CVE-2024-10435,0,0,8912a60b7c15872def4963355302dc88d9e35ad474f000f7a82d872c1d7ba62f,2024-10-28T13:58:09.230000 CVE-2024-10436,0,0,a1797d9cd5fbed49a304a21cb6a3c6dedd7a712c79dd7d33ba3878a13f49582f,2024-10-29T14:34:04.427000 CVE-2024-10437,0,0,d3bc9d2bb8e4c51579dc229bca1603ee4a47fb6c58b52787ed4dbb875d8f0331,2024-10-29T14:34:04.427000 -CVE-2024-10438,0,1,927b1217e569151a95177fd0867aa44fd49cf458bed4e6241532df7fa85167cb,2024-10-31T00:52:18.370000 -CVE-2024-10439,0,1,3741efcec87ce897773441ba8b13058a649924c1100d6b93c1ffe7465b37c5dc,2024-10-31T00:35:36.173000 +CVE-2024-10438,0,0,927b1217e569151a95177fd0867aa44fd49cf458bed4e6241532df7fa85167cb,2024-10-31T00:52:18.370000 +CVE-2024-10439,0,0,3741efcec87ce897773441ba8b13058a649924c1100d6b93c1ffe7465b37c5dc,2024-10-31T00:35:36.173000 CVE-2024-1044,0,0,aabb10708db1db153d691de2620429bf76b48269bc86aae28cbf6b6a3c047729,2024-02-29T13:49:29.390000 -CVE-2024-10440,0,1,9134bb1aaa59624e138e5f8b3325f09bddc2e56431561ccb4c3e021d68fff1ce,2024-10-31T00:34:23.870000 +CVE-2024-10440,0,0,9134bb1aaa59624e138e5f8b3325f09bddc2e56431561ccb4c3e021d68fff1ce,2024-10-31T00:34:23.870000 CVE-2024-10446,0,0,9a110001279aec61be0a01c28d9ac0a67361a3753f5f02059a709117bcd9c6a3,2024-10-28T13:58:09.230000 -CVE-2024-10447,0,0,3d23036486de2cfd5c946a364af9798880f8285c7930da486574aaa8ca05b3f8,2024-10-28T13:58:09.230000 +CVE-2024-10447,0,1,20a77c16977cd86421b31dc7f8e87f37efdc79e51d4f78a901539c52dec6ae6c,2024-10-31T01:23:46.300000 CVE-2024-10448,0,0,8592ee07b49e81610af100bc63f005e0b694650efb1b3544bc63d15b3705903e,2024-10-29T14:34:50.257000 CVE-2024-10449,0,0,37c2bcaf33d85978782c73468306745d1914d0da52c07cf95c1e143ce9f51251,2024-10-29T14:34:50.257000 CVE-2024-10450,0,0,173344ccdd09f6157ee138e9e87d5e1e2468de9e6dcf03f6fb5d2387fc884b09,2024-10-29T14:34:50.257000 @@ -242650,9 +242650,14 @@ CVE-2024-1052,0,0,2826dc83bebd9032f48348a63ffd25025c2a6126abd483892ed79004a77aef CVE-2024-10525,0,0,9e13346b66b67fbaf979592729bd321664520056534d883bed51d4a9ecbb4714,2024-10-30T14:35:08.430000 CVE-2024-1053,0,0,3d9e5b8218feb39348551f4e96f20fbacd04f2b39830165bb00a553a3d3c5ccf,2024-02-22T19:07:27.197000 CVE-2024-1054,0,0,f8e7e53b5707aaecdfe1ea6fba53413ba04bed5cdf673762252b510775f984b1,2024-02-29T13:49:29.390000 +CVE-2024-10544,1,1,239e9ea296ac3b479a8dae68cc6a42a8d11e1ec00ae1acc9ec57259d367c9da2,2024-10-31T02:15:03.080000 CVE-2024-10546,0,0,c573da975f0d4e89e31d16998c7390fafcc8c0c55569fb0e69f9382dd232eb2e,2024-10-30T20:15:03.700000 CVE-2024-1055,0,0,ccc78f7d4bd63bcc448b5e62f7789de0e1a26ab036272b89eca521cba41a35e3,2024-02-14T18:59:33.780000 +CVE-2024-10556,1,1,61840ed637cbf1436634f6b358e80b28884f5ce56c38c4e75a11a9a8be92a2b2,2024-10-31T01:15:14.253000 +CVE-2024-10557,1,1,9a3a7264964edd46e0e86bc730435097e32b83a7bb59bc586db5f6b654bd7f67,2024-10-31T01:15:14.527000 +CVE-2024-10559,1,1,b15c5cef48b19793cc135dcefcd31a7ae1cf1d0b293c280fd67bc092c8b807ad,2024-10-31T02:15:03.370000 CVE-2024-1056,0,0,7aa227b1313326ef7e8b583bc7a3f0e84afbbd1f0f46388543b54cca53251293,2024-09-19T22:06:32.340000 +CVE-2024-10561,1,1,adc1b5788a7e287d410d5756cb2c8086d994832c36b5729249aa613428559544,2024-10-31T02:15:03.680000 CVE-2024-1057,0,0,afa16fae44234143422d3d8f32f1ab0c34f389c2f0ebb0a7139bb0ca7e4b1769,2024-04-22T13:28:43.747000 CVE-2024-1058,0,0,6b5e9e2c8572168cf164dc3fe2cb55f99ab49ff2791e71ab226d135ab3271443,2024-02-29T13:49:29.390000 CVE-2024-1059,0,0,76d1b9b40438f497b680a6494941e57752e942263b38e7996980a78bf67b658a,2024-02-05T20:50:26.783000 @@ -243934,7 +243939,7 @@ CVE-2024-20521,0,0,1256f22cccdc014ca7c6dcaf50cda0cfa20b26ee2ae968d316f808a9bafa0 CVE-2024-20522,0,0,4751fc0b46eb3f3442a4302d9aa0da06e525e7320f0f9f33ce2b1091dde97b23,2024-10-08T13:48:19.060000 CVE-2024-20523,0,0,c7bf45998c89086dd758eb4d3eeb25d63406d90c0a145566280d2888a4fab120,2024-10-08T13:48:29.500000 CVE-2024-20524,0,0,1ddae342fccf4faf6880cbe25cc035c1903428edec9e63909e1d89933e06b31e,2024-10-08T13:48:58.273000 -CVE-2024-20526,0,0,f137cef7bdf382970d0b1ec1fa0711aa3536fa2f71ea2637ee55ebb7f30374cb,2024-10-25T12:56:07.750000 +CVE-2024-20526,0,1,d5fdba07e116955c599b0e877c602ebb6ff11ffa39621c07ebd427a3890514dc,2024-10-31T01:08:26.047000 CVE-2024-2053,0,0,0d41c4e474c0960eb5e2399ded25845c51347c47ec843b53809f61d1e3d8fe3e,2024-08-06T15:35:13.397000 CVE-2024-2054,0,0,5af7272a2140be959232b9c889b5facdacd3c4cf8342e14293010d7ec8d01b60,2024-08-05T20:35:09.723000 CVE-2024-2055,0,0,07b933beaff1c6c6636c1d85ffcd111ff83285195075526678d7cb747831ae01,2024-08-26T16:35:08.047000 @@ -262237,7 +262242,7 @@ CVE-2024-47030,0,0,4a77795e4a3b3f4a63582694d27d2a63e81197d0b683c68b443f845ebbacf CVE-2024-47031,0,0,14254e0ce6b61cf33fae77c1438119d148db30d684fcb500ac1772ecd4d65e03,2024-10-28T20:35:17.223000 CVE-2024-47033,0,0,832da9d601d21dbf0e493cc5aa9c40ea841249f6ae7b39664e233ce5eaa2aa88,2024-10-28T17:57:30.110000 CVE-2024-47034,0,0,558e2a7d5a936fa44ec7effaff8334ac5e14654558ea39c45a930fd9a21cf5e2,2024-10-28T17:56:51.787000 -CVE-2024-47035,0,1,4e91a9b948b2436f3e1ce65f21bd6916987ebeb91709f80af87e58910e21de45,2024-10-31T00:05:18.113000 +CVE-2024-47035,0,0,4e91a9b948b2436f3e1ce65f21bd6916987ebeb91709f80af87e58910e21de45,2024-10-31T00:05:18.113000 CVE-2024-4704,0,0,9637a93e192a5f32142e05687e31ff3688b029254561fc4728d18bbfa1666d6b,2024-07-03T02:07:57.433000 CVE-2024-47041,0,0,badb113c52ad3f26fac9981faa6ebae8f0444af7e7657f49674083947f90d206,2024-10-25T16:35:10.220000 CVE-2024-47044,0,0,ee5fa186fb8ea19ca537298bbe2b5e712b21f44e9ac5aca4b5f7e41e68f91755,2024-10-17T02:15:02.840000 @@ -262495,8 +262500,8 @@ CVE-2024-47459,0,0,dc476e38be60b6a1efda7726261f4c9f051d293bb6f4f7193aea3c1108a67 CVE-2024-4746,0,0,764da2d2faf52d5d8b005efc01764a8e4bfb42f0a65f0b328618a43b312322fb,2024-06-12T16:17:42.223000 CVE-2024-4747,0,0,071c88b133efa29a5bceaf4f1781edaa635d35ede69008d4aad9361c37e95f56,2024-05-14T16:11:39.510000 CVE-2024-4748,0,0,5ce71114653bf2c9cc6586a0117b72827b192c4aa4e8e27ac2b81ed4a0b190af,2024-10-10T16:15:08.630000 -CVE-2024-47481,0,1,83505b26fa6eb758ddde8dc521f672e8bc2bacfc2db0ee1df66890f0ab8642bc,2024-10-31T00:01:40.487000 -CVE-2024-47483,0,1,da98222f22e89d9e61f65fd3ac619771e185cbdec7a679159eab7aec6c7cc7a0,2024-10-31T00:01:05.127000 +CVE-2024-47481,0,0,83505b26fa6eb758ddde8dc521f672e8bc2bacfc2db0ee1df66890f0ab8642bc,2024-10-31T00:01:40.487000 +CVE-2024-47483,0,0,da98222f22e89d9e61f65fd3ac619771e185cbdec7a679159eab7aec6c7cc7a0,2024-10-31T00:01:05.127000 CVE-2024-47485,0,0,70c31bc26651c666f1f81bb314c02989bd53a835a51d6fdce38b5fab47a41c05,2024-10-22T16:23:22.890000 CVE-2024-47486,0,0,43958a0e891d7258e97449cddb5a6fc0daab4c3d3966c24c551afbcbc8a15ca8,2024-10-29T15:35:31.557000 CVE-2024-47487,0,0,89e5f946b42ae69712fe53b468ea8b777288a7068d88dd6a3031473d76e487d6,2024-10-22T16:10:08.027000 @@ -262970,6 +262975,8 @@ CVE-2024-48280,0,0,3fccbb43adc0eac89fff4a77fa6463e9ab8591cb5e7aecf8a80efbe6484b9 CVE-2024-48282,0,0,053fa49ae9967fbc35cea64fb50742395541b443f63ba6361e4836107ed1b694,2024-10-16T16:38:43.170000 CVE-2024-48283,0,0,c5c95d36f4cc9b3b4716d94f26715484ab471510ba26541a1f3c47bce371907e,2024-10-16T16:38:43.170000 CVE-2024-48291,0,0,3c4533b920a9f2edb3f01b1757898b30516db1528ffb114ee1df5dcc338084ea,2024-10-29T14:34:50.257000 +CVE-2024-48307,1,1,df3a00e7bacafe2786ff0786147fc98c044a5f54c62a06ecd6885c5296cde834,2024-10-31T01:15:14.803000 +CVE-2024-48311,1,1,f8315d3fcfeb51f8d634590cfad7c9156e5f3a43334fac5e1e306e6acb4b1d2f,2024-10-31T02:15:04.003000 CVE-2024-48343,0,0,6b50c2f4f6b1096ee0c17db257557835a9194bfca6ac184c217bfb38c59667b0,2024-10-29T19:35:23.657000 CVE-2024-48346,0,0,e9ae7cc0b0e1a356f05a97d8deeb8d9dc84f4c9c61fc4af7c52397b9719f02d9,2024-10-30T21:15:14.450000 CVE-2024-4835,0,0,b63c1e2c2f2232a6ba415444f30303ee4e5ea1a45d737d79b2133d2755ec709c,2024-05-24T01:15:30.977000 @@ -262989,7 +262996,7 @@ CVE-2024-48423,0,0,8c282145a9dde1964a7595668e5968537e68f0c62ec8f7f792ca8b027908f CVE-2024-48424,0,0,40269a486047942b0c54d704b8b037cd3035d9ce415f6a7c6672231218b45918,2024-10-28T18:35:03.257000 CVE-2024-48425,0,0,b7eeb0390e7509460e2ea67ebb1efb7a20815aad1587b963750ef8a2fc35ee7d,2024-10-28T19:35:28.823000 CVE-2024-48426,0,0,22eae115788dfb6a3644903c8f26a6434c39a09ebbab312f7ce1d4567eeebedc,2024-10-29T20:35:31.967000 -CVE-2024-48427,0,1,7d45011eb8c4b754b119852367badea7e81893db34682583fff9c26b665752d1,2024-10-31T00:07:25.997000 +CVE-2024-48427,0,0,7d45011eb8c4b754b119852367badea7e81893db34682583fff9c26b665752d1,2024-10-31T00:07:25.997000 CVE-2024-48428,0,0,b055cb9e49a105018eb6bba42b6452d165d40b51996ef2595e224525a6c11c1d,2024-10-28T13:58:09.230000 CVE-2024-4843,0,0,b365eeabe96e8dec3f961357ff342df21bbefef716d14e64f95fe3929d1e363a,2024-05-16T13:03:05.353000 CVE-2024-4844,0,0,b1cdfd63abb8075cb2a12dc44eacca2f75c6048adf9c4ea8b8b7c6072669030d,2024-05-16T13:03:05.353000 @@ -263854,20 +263861,20 @@ CVE-2024-50461,0,0,e926adc646135f96a8c30b094b43a59a8c4d2ffe68507adf959cf049381e2 CVE-2024-50462,0,0,4ccfb8409add318d1d381a3ba39c166e299f826cc0027453ac31d88195954a9c,2024-10-29T14:34:50.257000 CVE-2024-50463,0,0,41f5357ec154cc687872e4ff2451d70da03c70ee2d1be893e9fa2dcf4c51e71e,2024-10-29T16:25:01.827000 CVE-2024-50464,0,0,cf609d0bd47c8857d574d513c156d84098d01d1e1d4103f4808d20a068af8082,2024-10-29T14:34:50.257000 -CVE-2024-50465,0,0,00483e074c079de056773fdab6eb221b7f1834669791e4a86b920536bcd400c0,2024-10-28T13:58:09.230000 +CVE-2024-50465,0,1,097e179489956305a27910d70c101d7ea5e4303159e4ab9b514ad21722dd01b4,2024-10-31T01:27:11.423000 CVE-2024-50466,0,0,28d02b3d6bf24b3bb895029fd1d597a0dbe23f51eb3bd7b79c96bee1ce74f4ef,2024-10-29T17:15:04.640000 CVE-2024-50467,0,0,4552ef78134a17bc23e57cbfd601f4e3eea4839d3e1dfc8a1846ef7af61ace53,2024-10-29T14:34:50.257000 CVE-2024-50468,0,0,dcb5fc7c0ad36e7911e6c02d0d96134d3b094fc419a37a9b5d1969d6d7f9c083,2024-10-29T14:34:50.257000 CVE-2024-50469,0,0,abcf4835413ee0cc04940d284cf5f3c90b0ebd44c44430c8cbae403d769d726a,2024-10-29T14:34:50.257000 CVE-2024-5047,0,0,e6e20cd833e11113812d3bb3ced9f49583bfb3bc949749c30a550d4892cec52a,2024-06-20T20:15:20.333000 -CVE-2024-50470,0,0,5685398d77bb3f31bce3d88bb8c36f240b8c7ab9a21b6213181df8a6331e7011,2024-10-28T13:58:09.230000 -CVE-2024-50471,0,0,406365b17b52e654e612cf21ddf745c489dfe09eaf29c3be1d5776cb8f893d37,2024-10-28T13:58:09.230000 -CVE-2024-50472,0,0,e16f1dbafc2e4404bab26f152aa15712653fbf049d57c18bb5a66aec9b12d63d,2024-10-28T13:58:09.230000 +CVE-2024-50470,0,1,b519d369cec5d06efd85af3641d4f8ffba2353d14cb26db12826869d42c61a4c,2024-10-31T01:30:24.100000 +CVE-2024-50471,0,1,a62f7c1c888ce496cc3e2db1ec9ee92dab0278adfb6489263e24953984531e5a,2024-10-31T01:37:07.183000 +CVE-2024-50472,0,1,ec9b574e58dbef9dcc5032bc05ed071302e019810ccf43831182e6372892bc01,2024-10-31T01:42:02.520000 CVE-2024-50473,0,0,b8199066d4d70afabe47990a677527c466f525d32bde81f9c86c2253d3676d86,2024-10-29T14:34:04.427000 CVE-2024-50475,0,0,36f0716dcab36685f56e76af410832e5c6a209caa40371aa54bc3fa36e47c3b4,2024-10-29T14:34:04.427000 CVE-2024-50476,0,0,03d0282cf6fe1ea02e5a0236d992f96a633bb2360c708089005fbef43f31b2f1,2024-10-29T14:34:04.427000 -CVE-2024-50477,0,1,1eb2d0ec96fdf2e84fa349e4821a23717cbd3586359498a97ff2ce76b3c3b98c,2024-10-31T00:24:28.160000 -CVE-2024-50478,0,0,1e570d69b0d1cd5285899bfea517d9a94df7267e4da40c94d674c6e166eb27e4,2024-10-28T13:58:09.230000 +CVE-2024-50477,0,0,1eb2d0ec96fdf2e84fa349e4821a23717cbd3586359498a97ff2ce76b3c3b98c,2024-10-31T00:24:28.160000 +CVE-2024-50478,0,1,5004f952218ac00d59752232714de2cfa65ca0b36f3a44b13e8a91d54761ed2a,2024-10-31T01:44:47.407000 CVE-2024-50479,0,0,e9f5da762cccd3d6b96aaa1a931d48759479a75251159238dd8b5a49149bddce,2024-10-28T13:58:09.230000 CVE-2024-5048,0,0,1988e01de8a973c004f1ed34b391d1facc45cbb912e138052c0f7d6310398087,2024-06-04T19:20:57.353000 CVE-2024-50480,0,0,9c6e44b2ad8cf235f8be06fa94bbc4d18226aff4b3790f429ce6a0c7315d34ce,2024-10-29T14:34:04.427000 @@ -263877,19 +263884,19 @@ CVE-2024-50483,0,0,dc34782ca3b1404a071528e59ae2af91e68795a468368cf730f902ebe6c7f CVE-2024-50484,0,0,fb5831468b35cba53c55a495474b64b7a8b6ec35859af8dabef2b71806e20ffa,2024-10-29T14:34:04.427000 CVE-2024-50485,0,0,9ed12dd296d38fb6cbdb7c8752c66128ce6bd15ef5deace517d3530a40748c87,2024-10-29T14:34:04.427000 CVE-2024-50486,0,0,2469de3018a70da3d3ba9f22de0bba39364400ac5239e2e8af62e693ee3e1607,2024-10-29T16:07:03.833000 -CVE-2024-50487,0,1,44b8467c1e55727f7935d9f24cdee5667d7a113233aebc17eeecc3d83f2f2ef5,2024-10-31T00:17:48.153000 +CVE-2024-50487,0,0,44b8467c1e55727f7935d9f24cdee5667d7a113233aebc17eeecc3d83f2f2ef5,2024-10-31T00:17:48.153000 CVE-2024-50488,0,0,40d73b73129fb31724f8cd6a2898439824447d424f82ee41cc22f4a5e1f15204,2024-10-28T13:58:09.230000 -CVE-2024-50489,0,1,052390e832091de8b4e86a61a6aab7bbd00e0054fa2778c6e9529e093b8eee4d,2024-10-31T00:16:07.977000 +CVE-2024-50489,0,0,052390e832091de8b4e86a61a6aab7bbd00e0054fa2778c6e9529e093b8eee4d,2024-10-31T00:16:07.977000 CVE-2024-5049,0,0,5a3f3841afc31b2308320d9a79229ff3b2e78886b62ff0b6a021008032b5bd1d,2024-05-17T18:35:35.070000 CVE-2024-50490,0,0,df5308d43aea0811e64f7f34c1741602a9a3be24440d41ba19ac9b091f537e4b,2024-10-29T14:34:04.427000 CVE-2024-50491,0,0,d45e80298b2cd498e088c8e8fd696359aaf1f4ee17096c915de4f90118bf6c0d,2024-10-28T13:58:09.230000 -CVE-2024-50492,0,0,0384fa23daa22133a07ff5e59a6b63c0a184d9a706db63fa7a2352fae491a288,2024-10-28T13:58:09.230000 +CVE-2024-50492,0,1,f159cac56066cb0613fe7474254cab2a396f1953a0559edf2bfc816cec9b09e6,2024-10-31T01:12:02.283000 CVE-2024-50493,0,0,1b86e41beced3d67b90f334d27db11237a706dc3447bbfcf4216e988a60b9a9c,2024-10-29T14:34:04.427000 CVE-2024-50494,0,0,9569aa1d34f7229fbd2091c58d08802086f733f20697c3538e6874d12444dba9,2024-10-29T14:34:04.427000 CVE-2024-50495,0,0,dbb01d9e1ce3a0d2a398c602b6c55fb03dd093568dcc101086f2d71c70104b40,2024-10-29T14:34:04.427000 CVE-2024-50496,0,0,8759135a902bd5e1d547f7a30947e1e84eb491a378f48e131323791258ffeb16,2024-10-29T14:34:04.427000 CVE-2024-50497,0,0,235457ebd93f01c24a3c8c9023bb2f110341f8129e7743d0ff22d3f8a38b91aa,2024-10-28T13:58:09.230000 -CVE-2024-50498,0,0,912d320d5bc70abc44f5433160c1e04f0fceafbecfd579c4c0bff65ce91ca00d,2024-10-28T13:58:09.230000 +CVE-2024-50498,0,1,33bc7bd73e04ec5df59dd34db418e6cd48c39a64b196d0dbfa582dde1e112356,2024-10-31T01:16:41.317000 CVE-2024-5050,0,0,619081545361528557d824107c37f32918188d04adf33ba524a4859e2e6341a3,2024-06-04T19:20:57.457000 CVE-2024-50501,0,0,3009841a02c80bd32c281df72b6a52b29e26d99d130d3c37662482082652f337,2024-10-28T13:58:09.230000 CVE-2024-50502,0,0,b6996108031602b4520dc09d5c4426949241742b74714ef43301340cf3d6368f,2024-10-28T13:58:09.230000 @@ -263928,7 +263935,7 @@ CVE-2024-5061,0,0,acb15fde0f7701ee7d55862ecbc276a299a2eba41aa60a0bce397763155cd9 CVE-2024-50610,0,0,2336f18018549d31226ad5c4df53b32342f6a9adf12b0e16f4241999fbebe853,2024-10-30T19:35:30.033000 CVE-2024-50611,0,0,b7b71f84afa520bfc084b6a09c3810b4876c4c81fbfb17c3b55f0862f176f6f3,2024-10-30T19:35:30.853000 CVE-2024-50612,0,0,8fb0977fe082421ff803cec88898adea8d2e70eae459b8f2ad413f329f7561f4,2024-10-30T20:35:33.603000 -CVE-2024-50613,0,0,68d9f83b567b641e006522fb33a733ff1890531d0e574c6ef69ecdd3e177db23,2024-10-30T20:35:34.920000 +CVE-2024-50613,0,1,bf676b3a43077a0ee34fb8417ceaef37dc50ebc7743e99afa1aa7876f584a20d,2024-10-31T00:58:54.497000 CVE-2024-50614,0,0,58fc61c3561083518ba20d0c6298423e4c7c149ae93e39c4b741966c5b5d683c,2024-10-30T20:35:36.237000 CVE-2024-50615,0,0,edb24b44339da7b63cc1e067bf2709cb5d14555e24295a1bc3757208997ee938,2024-10-30T20:35:37.310000 CVE-2024-50616,0,0,e123de96868e8818da5b7d193dee2e816ee0e81fabf6e652a87cb9726aad9098,2024-10-30T20:35:38.380000 @@ -267351,7 +267358,7 @@ CVE-2024-9350,0,0,aa8e581f7289e7bd37e76e94e3964b82de5f4fbd95aa75417bef570e71a86c CVE-2024-9351,0,0,33d034faa3e6b0aeb71bafa0ae8b2ea418555ae0b07eef9d890e7c43507fa47b,2024-10-18T12:53:04.627000 CVE-2024-9352,0,0,788f5bf16f633f8f02e340b198528b062bcda6aeec70a897601eaf656cd6ab6a,2024-10-18T12:52:33.507000 CVE-2024-9353,0,0,64ddffc3239a0d67e3b79e48af9889b2f8d89027aa9c53de3cc5595dbd6f2fd7,2024-10-08T18:50:51.357000 -CVE-2024-9355,0,1,974e153dbe15729d3182ad04031ebe9bac0de8378d13ad345c0b83f229c12d9f,2024-10-30T23:15:13.917000 +CVE-2024-9355,0,0,974e153dbe15729d3182ad04031ebe9bac0de8378d13ad345c0b83f229c12d9f,2024-10-30T23:15:13.917000 CVE-2024-9358,0,0,ad1311c8435fb7ce092ff9c8b7c1abe83209465bc92e72b7b733a8ea9fa4bf3c,2024-10-04T13:51:25.567000 CVE-2024-9359,0,0,c3e20cb7feaf9e2d5c48c39f4d484e16226f28d5df197104e70b6a5f0b84dc00,2024-10-04T18:54:12.417000 CVE-2024-9360,0,0,9328fb4e6135929e3835e5c835fd869b8491fb46bae32eb4c5f02c6fc86a7446,2024-10-04T18:53:58.020000 @@ -267535,7 +267542,7 @@ CVE-2024-9656,0,0,0baa2843f7043c4ebd829d23f2741f972b762b755442a0f0f83539eb776103 CVE-2024-9670,0,0,f306c0fbbcbde1e6a65006fd3bdd50d366f02be816ff2a6f00ef3348b3b76328,2024-10-15T12:57:46.880000 CVE-2024-9671,0,0,421f1b0ad6825ff096efd81ac122f33bafcdf7b21693a85f65613389bca55f89,2024-10-10T12:51:56.987000 CVE-2024-9674,0,0,99b8206db3c3741ff50725aa3969c36280edf4a37082b6473da1336e00a39d59,2024-10-22T14:02:50.473000 -CVE-2024-9675,0,1,4a8f6f9ea94a00e784bdc3345750a0a0f71d8d3965047777f0f7ffc8d94dfe4c,2024-10-30T23:15:14.133000 +CVE-2024-9675,0,0,4a8f6f9ea94a00e784bdc3345750a0a0f71d8d3965047777f0f7ffc8d94dfe4c,2024-10-30T23:15:14.133000 CVE-2024-9676,0,0,388826e2f736cae6407dafbf37e070d02b7de19b7221232ae54333a7a67ea4ed,2024-10-30T09:15:02.860000 CVE-2024-9677,0,0,944e049c847e061867c66e6b586a0cd99260b04bc2e2059d736567bf47cae00c,2024-10-23T15:12:34.673000 CVE-2024-9680,0,0,db0e4e19e09673238ffe3dfbb8e95974e9346a75b4fd6d9319c03e5970bb644e,2024-10-16T15:07:36.123000