diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40596.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40596.json new file mode 100644 index 00000000000..259c0938e42 --- /dev/null +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40596.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40596", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.067", + "lastModified": "2024-07-07T00:15:10.067", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. (TimelineService does not support properly suppressing.)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T326866", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40597.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40597.json new file mode 100644 index 00000000000..759aafb440f --- /dev/null +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40597.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40597", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.160", + "lastModified": "2024-07-07T00:15:10.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. (The log_deleted attribute is not respected.)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T326865", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40598.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40598.json new file mode 100644 index 00000000000..f6f114ecb35 --- /dev/null +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40598.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40598", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.240", + "lastModified": "2024-07-07T00:15:10.240", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T326867", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-405xx/CVE-2024-40599.json b/CVE-2024/CVE-2024-405xx/CVE-2024-40599.json new file mode 100644 index 00000000000..6c3e449fdd3 --- /dev/null +++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40599.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40599", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.313", + "lastModified": "2024-07-07T00:15:10.313", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T361448", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40600.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40600.json new file mode 100644 index 00000000000..ea5c8671325 --- /dev/null +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40600.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40600", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.397", + "lastModified": "2024-07-07T00:15:10.397", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T361449", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40601.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40601.json new file mode 100644 index 00000000000..326a2698f12 --- /dev/null +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40601.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40601", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.470", + "lastModified": "2024-07-07T00:15:10.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T362588", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40602.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40602.json new file mode 100644 index 00000000000..885f323ad51 --- /dev/null +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40602.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40602", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.543", + "lastModified": "2024-07-07T00:15:10.543", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T361451", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40603.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40603.json new file mode 100644 index 00000000000..87d97fb902b --- /dev/null +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40603.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40603", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.617", + "lastModified": "2024-07-07T00:15:10.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T363884", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40604.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40604.json new file mode 100644 index 00000000000..56500937e96 --- /dev/null +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40604.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40604", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.690", + "lastModified": "2024-07-07T00:15:10.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. There is Stored XSS via MediaWiki:Nimbus-sidebar menu and submenu entries." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T361450", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-406xx/CVE-2024-40605.json b/CVE-2024/CVE-2024-406xx/CVE-2024-40605.json new file mode 100644 index 00000000000..739a0ffb21f --- /dev/null +++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40605.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-40605", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-07T00:15:10.770", + "lastModified": "2024-07-07T00:15:10.770", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://phabricator.wikimedia.org/T361452", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 1be4efc3c4a..01e4400e3a2 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-06T20:01:03.890131+00:00 +2024-07-07T02:00:19.362936+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-06T18:15:02.277000+00:00 +2024-07-07T00:15:10.770000+00:00 ``` ### Last Data Feed Release @@ -27,20 +27,29 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-07-06T00:00:08.648772+00:00 +2024-07-07T00:00:08.648162+00:00 ``` ### Total Number of included CVEs ```plain -255966 +255976 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `10` -- [CVE-2024-6095](CVE-2024/CVE-2024-60xx/CVE-2024-6095.json) (`2024-07-06T18:15:02.277`) +- [CVE-2024-40596](CVE-2024/CVE-2024-405xx/CVE-2024-40596.json) (`2024-07-07T00:15:10.067`) +- [CVE-2024-40597](CVE-2024/CVE-2024-405xx/CVE-2024-40597.json) (`2024-07-07T00:15:10.160`) +- [CVE-2024-40598](CVE-2024/CVE-2024-405xx/CVE-2024-40598.json) (`2024-07-07T00:15:10.240`) +- [CVE-2024-40599](CVE-2024/CVE-2024-405xx/CVE-2024-40599.json) (`2024-07-07T00:15:10.313`) +- [CVE-2024-40600](CVE-2024/CVE-2024-406xx/CVE-2024-40600.json) (`2024-07-07T00:15:10.397`) +- [CVE-2024-40601](CVE-2024/CVE-2024-406xx/CVE-2024-40601.json) (`2024-07-07T00:15:10.470`) +- [CVE-2024-40602](CVE-2024/CVE-2024-406xx/CVE-2024-40602.json) (`2024-07-07T00:15:10.543`) +- [CVE-2024-40603](CVE-2024/CVE-2024-406xx/CVE-2024-40603.json) (`2024-07-07T00:15:10.617`) +- [CVE-2024-40604](CVE-2024/CVE-2024-406xx/CVE-2024-40604.json) (`2024-07-07T00:15:10.690`) +- [CVE-2024-40605](CVE-2024/CVE-2024-406xx/CVE-2024-40605.json) (`2024-07-07T00:15:10.770`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index a7041a1bdd2..17e4bd310b9 100644 --- a/_state.csv +++ b/_state.csv @@ -254303,7 +254303,17 @@ CVE-2024-4057,0,0,26b46aa52b04f4ef8890033772544e5e99ad730f84e9e0e97b479cd36cf89a CVE-2024-4058,0,0,c4c95455d6e76cbbdb3e2ad2bd6d39a0a74b9da8ef4ac622e44ffc5e8b4fb2cc,2024-06-07T15:40:49.707000 CVE-2024-4059,0,0,f7356d83fe5fccf2c54f421bb90f2c15bd9bf33edb756392f4236a5836d7af45,2024-05-03T03:16:29.430000 CVE-2024-40594,0,0,597f8dc65950340ecc007d3a49a39dace07c61b6a108a7836ee9c56ff74539a8,2024-07-06T05:15:09.670000 +CVE-2024-40596,1,1,92f45a0b47d0eb8ff67705cb2c5b78b99d10c5cad9a8dbbc2a281950c490492b,2024-07-07T00:15:10.067000 +CVE-2024-40597,1,1,7b54b0b58b1a58bd74481a20b44ada02c51203e6548479656c16307c36609df7,2024-07-07T00:15:10.160000 +CVE-2024-40598,1,1,d7ced54fa9e615f4b6400884df376e8072d40d475b2c252a3aa3027e3edf3f37,2024-07-07T00:15:10.240000 +CVE-2024-40599,1,1,e1b9a64637e884acb6880ef8c51dc77072c4a433f4b4d347a15357f2fa599ec7,2024-07-07T00:15:10.313000 CVE-2024-4060,0,0,c4df35b4ba03f25ce9e66ccd2a0f6342dcbc5f1e886657ca582640ee8747c7ed,2024-07-03T02:07:02.533000 +CVE-2024-40600,1,1,5a6f28a6001b234955d3d2063c8c860d96691db682efed30e244330cc730bd57,2024-07-07T00:15:10.397000 +CVE-2024-40601,1,1,b2c775d4c85abc6a23bcb27bf4299df822455b2625ae9c2afbf85e041b1913bb,2024-07-07T00:15:10.470000 +CVE-2024-40602,1,1,31d212d5ee0bbadb99aa587ddae3be36af26e3e592bc85d2309d1ccc6d661a05,2024-07-07T00:15:10.543000 +CVE-2024-40603,1,1,a59eb09c112c52f2f41fff991543251e420e8ed1adcc447fe75b7105e7759065,2024-07-07T00:15:10.617000 +CVE-2024-40604,1,1,06c9fcfeda33a92aaaf0864f242969e9767dfcef607901c977ee31765ab64188,2024-07-07T00:15:10.690000 +CVE-2024-40605,1,1,63f2796aa96da63d2a64510dcc3ffc1fba4cca74f8258df71034a13d64b69abc,2024-07-07T00:15:10.770000 CVE-2024-4061,0,0,731822e6f24cd811e7f06812f39ade81c9a66c6b1046f4d45903066a1f181f99,2024-05-21T12:37:59.687000 CVE-2024-4062,0,0,7fcbe6e50148b9b5e05d3025a893191a4aca3bb309243ec182c3df8f6e2a0587,2024-06-04T19:20:29.007000 CVE-2024-4063,0,0,10c24a204d439c4cd3340a486d9bc67fc982c548c71c2d3a385738d7e6499dc1,2024-06-04T19:20:29.120000 @@ -255789,7 +255799,7 @@ CVE-2024-6085,0,0,9ec0c5a378f12acda708e36f1fd937b6a37e47da0cf78939f5184a1970e8c2 CVE-2024-6086,0,0,14860ec6fbd88099fa44eea5d54e4e6e3888339b61c575153074e11ddcd05154,2024-06-27T19:25:12.067000 CVE-2024-6088,0,0,a9d7c0ac6c95b2bd9561bfed56970b72620e229b5cd314eccacff68acf7494cb,2024-07-02T18:08:38.550000 CVE-2024-6090,0,0,bdfb03b5dff367089b0030453781624b3aa54f3ea84f8c38b9ecc3c69b89e51c,2024-06-27T19:25:12.067000 -CVE-2024-6095,1,1,59aad99247ec3736081af1b90f269de40d6f80252e4d9c35f7de2e7a5354a737,2024-07-06T18:15:02.277000 +CVE-2024-6095,0,0,59aad99247ec3736081af1b90f269de40d6f80252e4d9c35f7de2e7a5354a737,2024-07-06T18:15:02.277000 CVE-2024-6099,0,0,08d6fd232c5f13b0914a67a7bc8e701fe1f9a81567c563142a725dcdef9d6a6d,2024-07-02T18:08:53.233000 CVE-2024-6100,0,0,22a1633b125d31ae1c260507b63f1a44d0021fa11eedbf918d3886af2f39e630,2024-07-03T02:09:40.497000 CVE-2024-6101,0,0,aeaca54f07e7b493faae55d17ed3267b0a1d9b8a80e43a682711cd93d1a2da27,2024-07-03T02:09:41.493000