Auto-Update: 2024-07-07T02:00:19.362936+00:00

2025-07-09 16:05:11 +00:00 · 2024-07-07 02:03:13 +00:00 · 2024-07-07 02:03:13 +00:00 · 7c829abc29
commit 7c829abc29
parent 639ece8e20
12 changed files with 236 additions and 7 deletions
--- a/CVE-2024/CVE-2024-405xx/CVE-2024-40596.json
+++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40596.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40596",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.067",
+  "lastModified": "2024-07-07T00:15:10.067",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. (TimelineService does not support properly suppressing.)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T326866",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-405xx/CVE-2024-40597.json
+++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40597.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40597",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.160",
+  "lastModified": "2024-07-07T00:15:10.160",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. (The log_deleted attribute is not respected.)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T326865",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-405xx/CVE-2024-40598.json
+++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40598.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40598",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.240",
+  "lastModified": "2024-07-07T00:15:10.240",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T326867",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-405xx/CVE-2024-40599.json
+++ b/CVE-2024/CVE-2024-405xx/CVE-2024-40599.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40599",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.313",
+  "lastModified": "2024-07-07T00:15:10.313",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T361448",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-406xx/CVE-2024-40600.json
+++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40600.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40600",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.397",
+  "lastModified": "2024-07-07T00:15:10.397",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T361449",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-406xx/CVE-2024-40601.json
+++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40601.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40601",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.470",
+  "lastModified": "2024-07-07T00:15:10.470",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T362588",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-406xx/CVE-2024-40602.json
+++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40602.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40602",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.543",
+  "lastModified": "2024-07-07T00:15:10.543",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T361451",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-406xx/CVE-2024-40603.json
+++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40603.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40603",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.617",
+  "lastModified": "2024-07-07T00:15:10.617",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T363884",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-406xx/CVE-2024-40604.json
+++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40604.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40604",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.690",
+  "lastModified": "2024-07-07T00:15:10.690",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. There is Stored XSS via MediaWiki:Nimbus-sidebar menu and submenu entries."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T361450",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-406xx/CVE-2024-40605.json
+++ b/CVE-2024/CVE-2024-406xx/CVE-2024-40605.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-40605",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-07-07T00:15:10.770",
+  "lastModified": "2024-07-07T00:15:10.770",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://phabricator.wikimedia.org/T361452",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-07-06T20:01:03.890131+00:00
+2024-07-07T02:00:19.362936+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-07-06T18:15:02.277000+00:00
+2024-07-07T00:15:10.770000+00:00
 ```

 ### Last Data Feed Release
@ -27,20 +27,29 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2024-07-06T00:00:08.648772+00:00
+2024-07-07T00:00:08.648162+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-255966
+255976
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `10`

- [CVE-2024-6095](CVE-2024/CVE-2024-60xx/CVE-2024-6095.json) (`2024-07-06T18:15:02.277`)
+- [CVE-2024-40596](CVE-2024/CVE-2024-405xx/CVE-2024-40596.json) (`2024-07-07T00:15:10.067`)
+- [CVE-2024-40597](CVE-2024/CVE-2024-405xx/CVE-2024-40597.json) (`2024-07-07T00:15:10.160`)
+- [CVE-2024-40598](CVE-2024/CVE-2024-405xx/CVE-2024-40598.json) (`2024-07-07T00:15:10.240`)
+- [CVE-2024-40599](CVE-2024/CVE-2024-405xx/CVE-2024-40599.json) (`2024-07-07T00:15:10.313`)
+- [CVE-2024-40600](CVE-2024/CVE-2024-406xx/CVE-2024-40600.json) (`2024-07-07T00:15:10.397`)
+- [CVE-2024-40601](CVE-2024/CVE-2024-406xx/CVE-2024-40601.json) (`2024-07-07T00:15:10.470`)
+- [CVE-2024-40602](CVE-2024/CVE-2024-406xx/CVE-2024-40602.json) (`2024-07-07T00:15:10.543`)
+- [CVE-2024-40603](CVE-2024/CVE-2024-406xx/CVE-2024-40603.json) (`2024-07-07T00:15:10.617`)
+- [CVE-2024-40604](CVE-2024/CVE-2024-406xx/CVE-2024-40604.json) (`2024-07-07T00:15:10.690`)
+- [CVE-2024-40605](CVE-2024/CVE-2024-406xx/CVE-2024-40605.json) (`2024-07-07T00:15:10.770`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -254303,7 +254303,17 @@ CVE-2024-4057,0,0,26b46aa52b04f4ef8890033772544e5e99ad730f84e9e0e97b479cd36cf89a
 CVE-2024-4058,0,0,c4c95455d6e76cbbdb3e2ad2bd6d39a0a74b9da8ef4ac622e44ffc5e8b4fb2cc,2024-06-07T15:40:49.707000
 CVE-2024-4059,0,0,f7356d83fe5fccf2c54f421bb90f2c15bd9bf33edb756392f4236a5836d7af45,2024-05-03T03:16:29.430000
 CVE-2024-40594,0,0,597f8dc65950340ecc007d3a49a39dace07c61b6a108a7836ee9c56ff74539a8,2024-07-06T05:15:09.670000
+CVE-2024-40596,1,1,92f45a0b47d0eb8ff67705cb2c5b78b99d10c5cad9a8dbbc2a281950c490492b,2024-07-07T00:15:10.067000
+CVE-2024-40597,1,1,7b54b0b58b1a58bd74481a20b44ada02c51203e6548479656c16307c36609df7,2024-07-07T00:15:10.160000
+CVE-2024-40598,1,1,d7ced54fa9e615f4b6400884df376e8072d40d475b2c252a3aa3027e3edf3f37,2024-07-07T00:15:10.240000
+CVE-2024-40599,1,1,e1b9a64637e884acb6880ef8c51dc77072c4a433f4b4d347a15357f2fa599ec7,2024-07-07T00:15:10.313000
 CVE-2024-4060,0,0,c4df35b4ba03f25ce9e66ccd2a0f6342dcbc5f1e886657ca582640ee8747c7ed,2024-07-03T02:07:02.533000
+CVE-2024-40600,1,1,5a6f28a6001b234955d3d2063c8c860d96691db682efed30e244330cc730bd57,2024-07-07T00:15:10.397000
+CVE-2024-40601,1,1,b2c775d4c85abc6a23bcb27bf4299df822455b2625ae9c2afbf85e041b1913bb,2024-07-07T00:15:10.470000
+CVE-2024-40602,1,1,31d212d5ee0bbadb99aa587ddae3be36af26e3e592bc85d2309d1ccc6d661a05,2024-07-07T00:15:10.543000
+CVE-2024-40603,1,1,a59eb09c112c52f2f41fff991543251e420e8ed1adcc447fe75b7105e7759065,2024-07-07T00:15:10.617000
+CVE-2024-40604,1,1,06c9fcfeda33a92aaaf0864f242969e9767dfcef607901c977ee31765ab64188,2024-07-07T00:15:10.690000
+CVE-2024-40605,1,1,63f2796aa96da63d2a64510dcc3ffc1fba4cca74f8258df71034a13d64b69abc,2024-07-07T00:15:10.770000
 CVE-2024-4061,0,0,731822e6f24cd811e7f06812f39ade81c9a66c6b1046f4d45903066a1f181f99,2024-05-21T12:37:59.687000
 CVE-2024-4062,0,0,7fcbe6e50148b9b5e05d3025a893191a4aca3bb309243ec182c3df8f6e2a0587,2024-06-04T19:20:29.007000
 CVE-2024-4063,0,0,10c24a204d439c4cd3340a486d9bc67fc982c548c71c2d3a385738d7e6499dc1,2024-06-04T19:20:29.120000
@ -255789,7 +255799,7 @@ CVE-2024-6085,0,0,9ec0c5a378f12acda708e36f1fd937b6a37e47da0cf78939f5184a1970e8c2
 CVE-2024-6086,0,0,14860ec6fbd88099fa44eea5d54e4e6e3888339b61c575153074e11ddcd05154,2024-06-27T19:25:12.067000
 CVE-2024-6088,0,0,a9d7c0ac6c95b2bd9561bfed56970b72620e229b5cd314eccacff68acf7494cb,2024-07-02T18:08:38.550000
 CVE-2024-6090,0,0,bdfb03b5dff367089b0030453781624b3aa54f3ea84f8c38b9ecc3c69b89e51c,2024-06-27T19:25:12.067000
-CVE-2024-6095,1,1,59aad99247ec3736081af1b90f269de40d6f80252e4d9c35f7de2e7a5354a737,2024-07-06T18:15:02.277000
+CVE-2024-6095,0,0,59aad99247ec3736081af1b90f269de40d6f80252e4d9c35f7de2e7a5354a737,2024-07-06T18:15:02.277000
 CVE-2024-6099,0,0,08d6fd232c5f13b0914a67a7bc8e701fe1f9a81567c563142a725dcdef9d6a6d,2024-07-02T18:08:53.233000
 CVE-2024-6100,0,0,22a1633b125d31ae1c260507b63f1a44d0021fa11eedbf918d3886af2f39e630,2024-07-03T02:09:40.497000
 CVE-2024-6101,0,0,aeaca54f07e7b493faae55d17ed3267b0a1d9b8a80e43a682711cd93d1a2da27,2024-07-03T02:09:41.493000