diff --git a/CVE-2023/CVE-2023-253xx/CVE-2023-25364.json b/CVE-2023/CVE-2023-253xx/CVE-2023-25364.json new file mode 100644 index 00000000000..84f13a0c39f --- /dev/null +++ b/CVE-2023/CVE-2023-253xx/CVE-2023-25364.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-25364", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-27T07:15:47.340", + "lastModified": "2024-03-27T07:15:47.340", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Opswat Metadefender Core before 5.2.1 does not properly defend against potential HTML injection and XSS attacks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://docs.opswat.com/mdcore/release-notes/archived-release-notes#version-v521", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35086.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35086.json index cef4851a281..65d79f128e7 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35086.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35086.json @@ -2,12 +2,12 @@ "id": "CVE-2023-35086", "sourceIdentifier": "twcert@cert.org.tw", "published": "2023-07-21T07:15:10.143", - "lastModified": "2023-08-04T19:28:40.323", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-27T08:15:37.173", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. An unauthenticated remote attacker without privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\nThis issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.\n\n" + "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\nThis issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.\n\n" } ], "metrics": { @@ -17,19 +17,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39238.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39238.json index a7278b7ccb3..3487f1db37c 100644 --- a/CVE-2023/CVE-2023-392xx/CVE-2023-39238.json +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39238.json @@ -2,12 +2,16 @@ "id": "CVE-2023-39238", "sourceIdentifier": "twcert@cert.org.tw", "published": "2023-09-07T08:15:07.533", - "lastModified": "2023-09-12T20:47:01.077", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-27T07:15:47.557", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value\u00a0within its set_iperf3_svr.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" + "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value\u00a0within its set_iperf3_svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" + }, + { + "lang": "es", + "value": "Se ha identificado una vulnerabilidad de cadena de formato en ASUS RT-AX56U V2. Esta vulnerabilidad se debe a la falta de validaci\u00f3n de un valor espec\u00edfico dentro de su m\u00f3dulo set_iperf3_svr.cgi. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad sin privilegios para realizar la ejecuci\u00f3n remota de c\u00f3digo arbitrario, el funcionamiento arbitrario del sistema o interrumpir el servicio." } ], "metrics": { @@ -17,19 +21,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39239.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39239.json index af9b9c51ae8..be990b0156e 100644 --- a/CVE-2023/CVE-2023-392xx/CVE-2023-39239.json +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39239.json @@ -2,12 +2,16 @@ "id": "CVE-2023-39239", "sourceIdentifier": "twcert@cert.org.tw", "published": "2023-09-07T08:15:07.620", - "lastModified": "2023-09-12T20:47:18.443", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-27T08:15:37.867", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2\u2019s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n\n\n\n" + "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2\u2019s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" + }, + { + "lang": "es", + "value": "Se identific\u00f3 una vulnerabilidad de cadena de formato en la API de funci\u00f3n general de ASUS RT-AX56U V2. Esta vulnerabilidad se debe a la falta de validaci\u00f3n de un valor espec\u00edfico dentro de su m\u00f3dulo apply.cgi. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad sin privilegios para realizar la ejecuci\u00f3n remota de c\u00f3digo arbitrario, el funcionamiento arbitrario del sistema o interrumpir el servicio." } ], "metrics": { @@ -17,19 +21,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39240.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39240.json index 7a437b47d88..333f76794e9 100644 --- a/CVE-2023/CVE-2023-392xx/CVE-2023-39240.json +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39240.json @@ -2,12 +2,16 @@ "id": "CVE-2023-39240", "sourceIdentifier": "twcert@cert.org.tw", "published": "2023-09-07T08:15:07.710", - "lastModified": "2023-09-12T20:09:22.577", - "vulnStatus": "Analyzed", + "lastModified": "2024-03-27T07:15:48.047", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2\u2019s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" + "value": "\nIt is identified a format string vulnerability in ASUS RT-AX56U V2\u2019s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\n" + }, + { + "lang": "es", + "value": "Se identific\u00f3 una vulnerabilidad de cadena de formato en la API de funci\u00f3n de cliente iperf de ASUS RT-AX56U V2. Esta vulnerabilidad se debe a la falta de validaci\u00f3n para un valor espec\u00edfico dentro de su m\u00f3dulo set_iperf3_cli.cgi. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad sin privilegios para realizar la ejecuci\u00f3n remota de c\u00f3digo arbitrario, el funcionamiento arbitrario del sistema o interrumpir el servicio." } ], "metrics": { @@ -17,19 +21,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 1.2, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-437xx/CVE-2023-43768.json b/CVE-2023/CVE-2023-437xx/CVE-2023-43768.json new file mode 100644 index 00000000000..0b1c88bd229 --- /dev/null +++ b/CVE-2023/CVE-2023-437xx/CVE-2023-43768.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-43768", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-27T07:15:48.390", + "lastModified": "2024-03-27T07:15:48.390", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html", + "source": "cve@mitre.org" + }, + { + "url": "https://forums.couchbase.com/tags/security", + "source": "cve@mitre.org" + }, + { + "url": "https://www.couchbase.com/alerts/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.couchbase.com/downloads", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json new file mode 100644 index 00000000000..2817b850bf9 --- /dev/null +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1023.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2024-1023", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-03-27T08:15:38.140", + "lastModified": "2024-03-27T08:15:38.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-1023", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260840", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/eclipse-vertx/vert.x/issues/5078", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/eclipse-vertx/vert.x/pull/5080", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/eclipse-vertx/vert.x/pull/5082", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-13xx/CVE-2024-1364.json b/CVE-2024/CVE-2024-13xx/CVE-2024-1364.json new file mode 100644 index 00000000000..040055080fe --- /dev/null +++ b/CVE-2024/CVE-2024-13xx/CVE-2024-1364.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-1364", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-27T07:15:48.497", + "lastModified": "2024-03-27T07:15:48.497", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget's custom_id in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://elementor.com/pro/changelog/?utm_source=wp-plugins&utm_campaign=pro-changelog&utm_medium=wp-dash", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/531954dd-ed3f-4626-adab-c1bba8407c89?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1521.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1521.json new file mode 100644 index 00000000000..960e2e7ed69 --- /dev/null +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1521.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-1521", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-27T07:15:48.793", + "lastModified": "2024-03-27T07:15:48.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an SVGZ file uploaded via the Form widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability is only exploitable on web servers running NGINX. It is not exploitable on web servers running Apache HTTP Server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://elementor.com/pro/changelog/?utm_source=wp-plugins&utm_campaign=pro-changelog&utm_medium=wp-dash", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ecd01ea6-9476-47e1-9959-3f8d9ce1c1f3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2004.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2004.json new file mode 100644 index 00000000000..15f77dfcea8 --- /dev/null +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2004.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-2004", + "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9", + "published": "2024-03-27T08:15:41.173", + "lastModified": "2024-03-27T08:15:41.173", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://curl.se/docs/CVE-2024-2004.html", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://curl.se/docs/CVE-2024-2004.json", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://hackerone.com/reports/2384833", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2120.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2120.json new file mode 100644 index 00000000000..e5d2ecd4bde --- /dev/null +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2120.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-2120", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-27T07:15:53.447", + "lastModified": "2024-03-27T07:15:53.447", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Website Builder \u2013 More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Navigation widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://elementor.com/pro/changelog/?utm_source=wp-plugins&utm_campaign=pro-changelog&utm_medium=wp-dash", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de1742d4-f498-4ad4-b6a1-88cb60e83afc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-21xx/CVE-2024-2121.json b/CVE-2024/CVE-2024-21xx/CVE-2024-2121.json new file mode 100644 index 00000000000..84aa62c4dcd --- /dev/null +++ b/CVE-2024/CVE-2024-21xx/CVE-2024-2121.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-2121", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-27T07:15:53.760", + "lastModified": "2024-03-27T07:15:53.760", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://elementor.com/pro/changelog/?utm_source=wp-plugins&utm_campaign=pro-changelog&utm_medium=wp-dash", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8698d6dd-7376-4d29-8a5c-21c239a7aa03?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2379.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2379.json new file mode 100644 index 00000000000..f010ca00901 --- /dev/null +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2379.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-2379", + "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9", + "published": "2024-03-27T08:15:41.230", + "lastModified": "2024-03-27T08:15:41.230", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://curl.se/docs/CVE-2024-2379.html", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://curl.se/docs/CVE-2024-2379.json", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://hackerone.com/reports/2410774", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-23xx/CVE-2024-2398.json b/CVE-2024/CVE-2024-23xx/CVE-2024-2398.json new file mode 100644 index 00000000000..bbfc490b8ee --- /dev/null +++ b/CVE-2024/CVE-2024-23xx/CVE-2024-2398.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-2398", + "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9", + "published": "2024-03-27T08:15:41.283", + "lastModified": "2024-03-27T08:15:41.283", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://curl.se/docs/CVE-2024-2398.html", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://curl.se/docs/CVE-2024-2398.json", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://hackerone.com/reports/2402845", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-24xx/CVE-2024-2466.json b/CVE-2024/CVE-2024-24xx/CVE-2024-2466.json new file mode 100644 index 00000000000..3b92db2afe2 --- /dev/null +++ b/CVE-2024/CVE-2024-24xx/CVE-2024-2466.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2024-2466", + "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9", + "published": "2024-03-27T08:15:41.343", + "lastModified": "2024-03-27T08:15:41.343", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://curl.se/docs/CVE-2024-2466.html", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://curl.se/docs/CVE-2024-2466.json", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + }, + { + "url": "https://hackerone.com/reports/2416725", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27188.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27188.json new file mode 100644 index 00000000000..5aba8b995af --- /dev/null +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27188.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-27188", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:49.100", + "lastModified": "2024-03-27T07:15:49.100", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloudways Breeze allows Stored XSS.This issue affects Breeze: from n/a through 2.1.3.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/breeze/wordpress-breeze-plugin-2-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-27xx/CVE-2024-2781.json b/CVE-2024/CVE-2024-27xx/CVE-2024-2781.json new file mode 100644 index 00000000000..78a981dd588 --- /dev/null +++ b/CVE-2024/CVE-2024-27xx/CVE-2024-2781.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-2781", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-27T07:15:54.073", + "lastModified": "2024-03-27T07:15:54.073", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the video_html_tag attribute in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://elementor.com/pro/changelog/?utm_source=wp-plugins&utm_campaign=pro-changelog&utm_medium=wp-dash", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/54970085-5206-45b6-adcf-11e6dd4cd633?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json new file mode 100644 index 00000000000..98a13f96ecc --- /dev/null +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28815.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-28815", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-27T07:15:49.493", + "lastModified": "2024-03-27T07:15:49.493", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the BluStar component of Mitel InAttend 2.6 SP4 through 2.7 and CMG 8.5 SP4 through 8.6 could allow access to sensitive information, changes to the system configuration, or execution of arbitrary commands within the context of the system." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.mitel.com/support/security-advisories", + "source": "cve@mitre.org" + }, + { + "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0003", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-298xx/CVE-2024-29820.json b/CVE-2024/CVE-2024-298xx/CVE-2024-29820.json new file mode 100644 index 00000000000..7e163ecfdfd --- /dev/null +++ b/CVE-2024/CVE-2024-298xx/CVE-2024-29820.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29820", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:49.580", + "lastModified": "2024-03-27T07:15:49.580", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RedNao PDF Builder for WPForms allows Stored XSS.This issue affects PDF Builder for WPForms: from n/a through 1.2.88.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/pdf-builder-for-wpforms/wordpress-pdf-builder-for-wpforms-plugin-1-2-88-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29906.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29906.json new file mode 100644 index 00000000000..7fba43f916c --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29906.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29906", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:49.933", + "lastModified": "2024-03-27T07:15:49.933", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-meta-data-filter-and-taxonomy-filter/wordpress-mdtf-meta-data-and-taxonomies-filter-plugin-1-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29907.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29907.json new file mode 100644 index 00000000000..7c00812702a --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29907.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29907", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:50.277", + "lastModified": "2024-03-27T07:15:50.277", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Active Websight SEO Backlink Monitor allows Reflected XSS.This issue affects SEO Backlink Monitor: from n/a through 1.5.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/seo-backlink-monitor/wordpress-seo-backlink-monitor-plugin-1-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29908.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29908.json new file mode 100644 index 00000000000..b9bd926c747 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29908.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29908", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:50.643", + "lastModified": "2024-03-27T07:15:50.643", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Stored XSS.This issue affects Co-marquage service-public.Fr: from n/a through 0.5.71.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/co-marquage-service-public/wordpress-co-marquage-service-public-fr-plugin-0-5-71-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29909.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29909.json new file mode 100644 index 00000000000..38e496a85da --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29909.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29909", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:50.980", + "lastModified": "2024-03-27T07:15:50.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Camille Verrier Travelers' Map allows Stored XSS.This issue affects Travelers' Map: from n/a through 2.2.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/travelers-map/wordpress-travelers-map-plugin-2-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29910.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29910.json new file mode 100644 index 00000000000..2bb006605d9 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29910.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29910", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:51.340", + "lastModified": "2024-03-27T07:15:51.340", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alordiel Dropdown Multisite selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through 0.9.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/dropdown-multisite-selector/wordpress-dropdown-multisite-selector-plugin-0-9-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29911.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29911.json new file mode 100644 index 00000000000..e535f6323d2 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29911.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29911", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:51.690", + "lastModified": "2024-03-27T07:15:51.690", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/master-addons/wordpress-master-addons-for-elementor-plugin-2-0-5-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29912.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29912.json new file mode 100644 index 00000000000..eebda15e04d --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29912.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29912", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:52.050", + "lastModified": "2024-03-27T07:15:52.050", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Baptiste Plac\u00e9 iCalendrier allows Stored XSS.This issue affects iCalendrier: from n/a through 1.80.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/icalendrier/wordpress-icalendrier-plugin-1-80-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29913.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29913.json new file mode 100644 index 00000000000..81e51f049f0 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29913.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29913", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:52.420", + "lastModified": "2024-03-27T07:15:52.420", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS Elementor Addons allows Stored XSS.This issue affects Tutor LMS Elementor Addons: from n/a through 2.1.3.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/tutor-lms-elementor-addons/wordpress-tutor-lms-elementor-addons-plugin-2-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29914.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29914.json new file mode 100644 index 00000000000..5729ab2b4d0 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29914.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29914", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:52.767", + "lastModified": "2024-03-27T07:15:52.767", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/stratum/wordpress-stratum-elementor-widgets-plugin-1-3-15-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29915.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29915.json new file mode 100644 index 00000000000..451b3498b84 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29915.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29915", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:53.110", + "lastModified": "2024-03-27T07:15:53.110", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Reflected XSS.This issue affects Podlove Podcast Publisher: from n/a through 4.0.9.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/podlove-podcasting-plugin-for-wordpress/wordpress-podlove-podcast-publisher-plugin-4-0-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29917.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29917.json new file mode 100644 index 00000000000..5803967ea7d --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29917.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29917", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:38.230", + "lastModified": "2024-03-27T08:15:38.230", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Compact WP Audio Player allows Stored XSS.This issue affects Compact WP Audio Player: from n/a through 1.9.9.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/compact-wp-audio-player/wordpress-compact-wp-audio-player-plugin-1-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29918.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29918.json new file mode 100644 index 00000000000..a1c6d716fd4 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29918.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29918", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:38.530", + "lastModified": "2024-03-27T08:15:38.530", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Reflected XSS.This issue affects Survey Maker: from n/a through 4.0.6.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/survey-maker/wordpress-survey-maker-plugin-4-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29919.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29919.json new file mode 100644 index 00000000000..ec21ad14056 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29919.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29919", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:38.810", + "lastModified": "2024-03-27T08:15:38.810", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Reflected XSS.This issue affects Photo Gallery by Ays: from n/a through 5.5.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-plugin-5-5-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29920.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29920.json new file mode 100644 index 00000000000..4dfb964fc0b --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29920.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29920", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:39.137", + "lastModified": "2024-03-27T08:15:39.137", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.2.9.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/move-addons/wordpress-move-addons-for-elementor-plugin-1-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29921.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29921.json new file mode 100644 index 00000000000..4135ab5bc72 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29921.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29921", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:39.390", + "lastModified": "2024-03-27T08:15:39.390", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic Photo Gallery by Supsystic allows Stored XSS.This issue affects Photo Gallery by Supsystic: from n/a through 1.15.16.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/gallery-by-supsystic/wordpress-photo-gallery-by-supsystic-plugin-1-15-16-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29922.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29922.json new file mode 100644 index 00000000000..4cc482167c5 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29922.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29922", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:39.630", + "lastModified": "2024-03-27T08:15:39.630", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quantum Cloud Slider Hero allows Stored XSS.This issue affects Slider Hero: from n/a through 8.6.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/slider-hero/wordpress-slider-hero-plugin-8-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29923.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29923.json new file mode 100644 index 00000000000..115a7696e6b --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29923.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29923", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:39.840", + "lastModified": "2024-03-27T08:15:39.840", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PropertyHive allows Reflected XSS.This issue affects PropertyHive: from n/a through 2.0.8.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/propertyhive/wordpress-propertyhive-plugin-2-0-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29924.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29924.json new file mode 100644 index 00000000000..268a78cbcda --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29924.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29924", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:40.063", + "lastModified": "2024-03-27T08:15:40.063", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Premium Packages allows Reflected XSS.This issue affects Premium Packages: from n/a through 5.8.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wpdm-premium-packages/wordpress-premium-packages-plugin-5-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29925.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29925.json new file mode 100644 index 00000000000..ada1f8743f0 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29925.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29925", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:40.270", + "lastModified": "2024-03-27T08:15:40.270", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows Stored XSS.This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through 1.6.6.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/post-grid-carousel-ultimate/wordpress-post-grid-slider-carousel-ultimate-plugin-1-6-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29926.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29926.json new file mode 100644 index 00000000000..32ca12aa775 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29926.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29926", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:40.487", + "lastModified": "2024-03-27T08:15:40.487", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WC Builder allows Stored XSS.This issue affects WC Builder: from n/a through 1.0.18.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wc-builder/wordpress-wc-builder-plugin-1-0-18-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29927.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29927.json new file mode 100644 index 00000000000..86b9c8fb6cb --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29927.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29927", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:40.707", + "lastModified": "2024-03-27T08:15:40.707", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTheme WishSuite allows Stored XSS.This issue affects WishSuite: from n/a through 1.3.7.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wishsuite/wordpress-wishsuite-plugin-1-3-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29928.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29928.json new file mode 100644 index 00000000000..c5f41a9d8e7 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29928.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-29928", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T08:15:40.937", + "lastModified": "2024-03-27T08:15:40.937", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Reflected XSS.This issue affects Advanced Sermons: from n/a through 3.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/advanced-sermons/wordpress-advanced-sermons-plugin-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-29xx/CVE-2024-2954.json b/CVE-2024/CVE-2024-29xx/CVE-2024-2954.json new file mode 100644 index 00000000000..0db47aba53e --- /dev/null +++ b/CVE-2024/CVE-2024-29xx/CVE-2024-2954.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-2954", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-27T07:15:54.417", + "lastModified": "2024-03-27T07:15:54.417", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Action Network plugin for WordPress is vulnerable to SQL Injection via the 'bulk-action' parameter in version 1.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://blog.sth.sh/wordpress-action-network-1-4-3-authenticated-sql-injection-0-day-01fcd6e89e96", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fdf18ae2-f0d4-44d4-9dd1-6ac36d859d68?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-29xx/CVE-2024-2956.json b/CVE-2024/CVE-2024-29xx/CVE-2024-2956.json new file mode 100644 index 00000000000..109fb8e1900 --- /dev/null +++ b/CVE-2024/CVE-2024-29xx/CVE-2024-2956.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-2956", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-03-27T08:15:41.393", + "lastModified": "2024-03-27T08:15:41.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Simple Ajax Chat \u2013 Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20231101 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037001%40simple-ajax-chat&new=3037001%40simple-ajax-chat&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e9e0214-b88e-4125-8c10-850ca736e920?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30192.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30192.json new file mode 100644 index 00000000000..f430543677b --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30192.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-30192", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:54.717", + "lastModified": "2024-03-27T07:15:54.717", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/gs-pinterest-portfolio/wordpress-pinterest-plugin-1-8-2-cross-site-scripting-xss?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30193.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30193.json new file mode 100644 index 00000000000..227cf3e6178 --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30193.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30193", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:54.853", + "lastModified": "2024-03-27T07:15:54.853", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through 4.1.17.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-1-17-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30194.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30194.json new file mode 100644 index 00000000000..4c9ea246478 --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30194.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30194", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:55.217", + "lastModified": "2024-03-27T07:15:55.217", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.1.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30195.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30195.json new file mode 100644 index 00000000000..c9ed1890850 --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30195.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30195", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:55.567", + "lastModified": "2024-03-27T07:15:55.567", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Semenov New RoyalSlider allows Reflected XSS.This issue affects New RoyalSlider: from n/a through 3.4.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/new-royalslider/wordpress-new-royalslider-plugin-3-4-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30196.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30196.json new file mode 100644 index 00000000000..f39354a2098 --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30196.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30196", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:56.197", + "lastModified": "2024-03-27T07:15:56.197", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appscreo Easy Social Share Buttons allows Reflected XSS.This issue affects Easy Social Share Buttons: from n/a through 9.4.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/easy-social-share-buttons3/wordpress-easy-social-share-buttons-plugin-9-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30197.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30197.json new file mode 100644 index 00000000000..dddf080cde3 --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30197.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30197", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:57.247", + "lastModified": "2024-03-27T07:15:57.247", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through 4.0.26.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-0-26-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30198.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30198.json new file mode 100644 index 00000000000..35b32ff394e --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30198.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30198", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:57.827", + "lastModified": "2024-03-27T07:15:57.827", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeKraft BuddyForms allows Reflected XSS.This issue affects BuddyForms: from n/a through 2.8.5.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-8-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-301xx/CVE-2024-30199.json b/CVE-2024/CVE-2024-301xx/CVE-2024-30199.json new file mode 100644 index 00000000000..4f665850fe8 --- /dev/null +++ b/CVE-2024/CVE-2024-301xx/CVE-2024-30199.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30199", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:58.497", + "lastModified": "2024-03-27T07:15:58.497", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for Amazon allows Reflected XSS.This issue affects WP-Lister Lite for Amazon: from n/a through 2.6.8.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-lister-for-amazon/wordpress-wp-lister-lite-for-amazon-plugin-2-6-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30201.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30201.json new file mode 100644 index 00000000000..e1a749f3b70 --- /dev/null +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30201.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-30201", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-27T07:15:59.157", + "lastModified": "2024-03-27T07:15:59.157", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Reflected XSS.This issue affects WordPress Importer: from n/a through 1.0.4.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-smart-import/wordpress-wp-smart-import-plugin-1-0-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index fb4c6b6b36d..fa056066231 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-27T07:00:38.059016+00:00 +2024-03-27T09:00:37.539316+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-27T06:15:19.447000+00:00 +2024-03-27T08:15:41.393000+00:00 ``` ### Last Data Feed Release @@ -33,45 +33,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -242870 +242918 ``` ### CVEs added in the last Commit -Recently added CVEs: `29` +Recently added CVEs: `48` -\* [CVE-2023-45919](CVE-2023/CVE-2023-459xx/CVE-2023-45919.json) (`2024-03-27T05:15:47.030`) -\* [CVE-2023-45920](CVE-2023/CVE-2023-459xx/CVE-2023-45920.json) (`2024-03-27T05:15:47.140`) -\* [CVE-2023-45922](CVE-2023/CVE-2023-459xx/CVE-2023-45922.json) (`2024-03-27T05:15:47.203`) -\* [CVE-2023-45924](CVE-2023/CVE-2023-459xx/CVE-2023-45924.json) (`2024-03-27T05:15:47.263`) -\* [CVE-2023-45925](CVE-2023/CVE-2023-459xx/CVE-2023-45925.json) (`2024-03-27T05:15:47.320`) -\* [CVE-2023-45935](CVE-2023/CVE-2023-459xx/CVE-2023-45935.json) (`2024-03-27T05:15:47.377`) -\* [CVE-2023-46046](CVE-2023/CVE-2023-460xx/CVE-2023-46046.json) (`2024-03-27T05:15:47.440`) -\* [CVE-2023-46047](CVE-2023/CVE-2023-460xx/CVE-2023-46047.json) (`2024-03-27T05:15:47.500`) -\* [CVE-2023-46048](CVE-2023/CVE-2023-460xx/CVE-2023-46048.json) (`2024-03-27T05:15:47.560`) -\* [CVE-2023-46049](CVE-2023/CVE-2023-460xx/CVE-2023-46049.json) (`2024-03-27T06:15:10.037`) -\* [CVE-2023-46051](CVE-2023/CVE-2023-460xx/CVE-2023-46051.json) (`2024-03-27T06:15:10.243`) -\* [CVE-2023-46052](CVE-2023/CVE-2023-460xx/CVE-2023-46052.json) (`2024-03-27T06:15:10.403`) -\* [CVE-2023-49815](CVE-2023/CVE-2023-498xx/CVE-2023-49815.json) (`2024-03-27T06:15:10.627`) -\* [CVE-2023-52228](CVE-2023/CVE-2023-522xx/CVE-2023-52228.json) (`2024-03-27T06:15:11.387`) -\* [CVE-2024-22149](CVE-2024/CVE-2024-221xx/CVE-2024-22149.json) (`2024-03-27T06:15:12.890`) -\* [CVE-2024-22288](CVE-2024/CVE-2024-222xx/CVE-2024-22288.json) (`2024-03-27T06:15:13.670`) -\* [CVE-2024-22299](CVE-2024/CVE-2024-222xx/CVE-2024-22299.json) (`2024-03-27T06:15:14.273`) -\* [CVE-2024-22300](CVE-2024/CVE-2024-223xx/CVE-2024-22300.json) (`2024-03-27T06:15:14.883`) -\* [CVE-2024-22311](CVE-2024/CVE-2024-223xx/CVE-2024-22311.json) (`2024-03-27T06:15:15.450`) -\* [CVE-2024-24700](CVE-2024/CVE-2024-247xx/CVE-2024-24700.json) (`2024-03-27T06:15:16.127`) -\* [CVE-2024-24800](CVE-2024/CVE-2024-248xx/CVE-2024-24800.json) (`2024-03-27T06:15:16.700`) -\* [CVE-2024-24842](CVE-2024/CVE-2024-248xx/CVE-2024-24842.json) (`2024-03-27T06:15:17.420`) -\* [CVE-2024-25920](CVE-2024/CVE-2024-259xx/CVE-2024-25920.json) (`2024-03-27T06:15:18.200`) -\* [CVE-2024-25926](CVE-2024/CVE-2024-259xx/CVE-2024-25926.json) (`2024-03-27T06:15:18.710`) -\* [CVE-2024-28335](CVE-2024/CVE-2024-283xx/CVE-2024-28335.json) (`2024-03-27T06:15:19.447`) +\* [CVE-2024-29912](CVE-2024/CVE-2024-299xx/CVE-2024-29912.json) (`2024-03-27T07:15:52.050`) +\* [CVE-2024-29913](CVE-2024/CVE-2024-299xx/CVE-2024-29913.json) (`2024-03-27T07:15:52.420`) +\* [CVE-2024-29914](CVE-2024/CVE-2024-299xx/CVE-2024-29914.json) (`2024-03-27T07:15:52.767`) +\* [CVE-2024-29915](CVE-2024/CVE-2024-299xx/CVE-2024-29915.json) (`2024-03-27T07:15:53.110`) +\* [CVE-2024-29917](CVE-2024/CVE-2024-299xx/CVE-2024-29917.json) (`2024-03-27T08:15:38.230`) +\* [CVE-2024-29918](CVE-2024/CVE-2024-299xx/CVE-2024-29918.json) (`2024-03-27T08:15:38.530`) +\* [CVE-2024-29919](CVE-2024/CVE-2024-299xx/CVE-2024-29919.json) (`2024-03-27T08:15:38.810`) +\* [CVE-2024-29920](CVE-2024/CVE-2024-299xx/CVE-2024-29920.json) (`2024-03-27T08:15:39.137`) +\* [CVE-2024-29921](CVE-2024/CVE-2024-299xx/CVE-2024-29921.json) (`2024-03-27T08:15:39.390`) +\* [CVE-2024-29922](CVE-2024/CVE-2024-299xx/CVE-2024-29922.json) (`2024-03-27T08:15:39.630`) +\* [CVE-2024-29923](CVE-2024/CVE-2024-299xx/CVE-2024-29923.json) (`2024-03-27T08:15:39.840`) +\* [CVE-2024-29924](CVE-2024/CVE-2024-299xx/CVE-2024-29924.json) (`2024-03-27T08:15:40.063`) +\* [CVE-2024-29925](CVE-2024/CVE-2024-299xx/CVE-2024-29925.json) (`2024-03-27T08:15:40.270`) +\* [CVE-2024-29926](CVE-2024/CVE-2024-299xx/CVE-2024-29926.json) (`2024-03-27T08:15:40.487`) +\* [CVE-2024-29927](CVE-2024/CVE-2024-299xx/CVE-2024-29927.json) (`2024-03-27T08:15:40.707`) +\* [CVE-2024-29928](CVE-2024/CVE-2024-299xx/CVE-2024-29928.json) (`2024-03-27T08:15:40.937`) +\* [CVE-2024-30192](CVE-2024/CVE-2024-301xx/CVE-2024-30192.json) (`2024-03-27T07:15:54.717`) +\* [CVE-2024-30193](CVE-2024/CVE-2024-301xx/CVE-2024-30193.json) (`2024-03-27T07:15:54.853`) +\* [CVE-2024-30194](CVE-2024/CVE-2024-301xx/CVE-2024-30194.json) (`2024-03-27T07:15:55.217`) +\* [CVE-2024-30195](CVE-2024/CVE-2024-301xx/CVE-2024-30195.json) (`2024-03-27T07:15:55.567`) +\* [CVE-2024-30196](CVE-2024/CVE-2024-301xx/CVE-2024-30196.json) (`2024-03-27T07:15:56.197`) +\* [CVE-2024-30197](CVE-2024/CVE-2024-301xx/CVE-2024-30197.json) (`2024-03-27T07:15:57.247`) +\* [CVE-2024-30198](CVE-2024/CVE-2024-301xx/CVE-2024-30198.json) (`2024-03-27T07:15:57.827`) +\* [CVE-2024-30199](CVE-2024/CVE-2024-301xx/CVE-2024-30199.json) (`2024-03-27T07:15:58.497`) +\* [CVE-2024-30201](CVE-2024/CVE-2024-302xx/CVE-2024-30201.json) (`2024-03-27T07:15:59.157`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `4` -\* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-03-27T06:15:11.940`) +\* [CVE-2023-35086](CVE-2023/CVE-2023-350xx/CVE-2023-35086.json) (`2024-03-27T08:15:37.173`) +\* [CVE-2023-39238](CVE-2023/CVE-2023-392xx/CVE-2023-39238.json) (`2024-03-27T07:15:47.557`) +\* [CVE-2023-39239](CVE-2023/CVE-2023-392xx/CVE-2023-39239.json) (`2024-03-27T08:15:37.867`) +\* [CVE-2023-39240](CVE-2023/CVE-2023-392xx/CVE-2023-39240.json) (`2024-03-27T07:15:48.047`) ## Download and Usage diff --git a/_state.csv b/_state.csv index f1ff972aa8d..e845d87aa85 100644 --- a/_state.csv +++ b/_state.csv @@ -217790,6 +217790,7 @@ CVE-2023-25360,0,0,6f7e6547508ecc2f45c9c67eac84c3108422eeee282989bbf6d86ea16fd4c CVE-2023-25361,0,0,1d42f187df8edede928becb3620d086316886e2c9651dc04277119d32dc137b2,2023-05-30T06:16:22.163000 CVE-2023-25362,0,0,9c438c3f8a5955c165491f4894d687d0a81e5d4f5a6a3ebfe8cd50c5191069a5,2023-05-30T06:16:22.917000 CVE-2023-25363,0,0,6884a9546af4b7bf40683ed58f635720056383d70b3303242354c34ad8bb53ff,2023-05-30T06:16:23.723000 +CVE-2023-25364,1,1,1c34d7f420153803a0ec2579b154e9bf7f62b9470725ad51163c63f861da3f0a,2024-03-27T07:15:47.340000 CVE-2023-25365,0,0,6484b36ddcd7f6df11e8ce7205c494e4ebfa22629d60a40af794d6ea111a3b52,2024-02-15T16:01:16.433000 CVE-2023-25366,0,0,8988f3e6e31ad7ed602169278c8800126a41a9f6adb9e2b5f57755f668ff5da3,2023-07-07T14:14:53.760000 CVE-2023-25367,0,0,77ced86cfb0fac3bd3c2fe5f6a19e9e472f942e4a1a7e08cd92e0b36acfd3dc9,2023-06-28T17:56:58.883000 @@ -220827,7 +220828,7 @@ CVE-2023-2913,0,0,02dee29626edea9e3692b4ee8987d5b42660a0449111b53a4cdfe400db3a08 CVE-2023-29130,0,0,0e471cfd0340965bd77e08811b946207fc0bf928aa390cc2978599eb2bf9d800,2023-07-18T15:53:09.663000 CVE-2023-29131,0,0,75220e5127e112061e4e9768161a155f51624a13220b4387b5d923f12ae2b9db,2023-07-18T16:30:33.707000 CVE-2023-29132,0,0,efed6d0adc9eb73d0b5769aebb45f2586a61e4d08a5b6546086b77a70354ffe2,2023-04-24T13:24:18.997000 -CVE-2023-29134,1,1,3d35c1344bf7e71c46382329b14af49f7e8ffacf7ec072dc36123392155ed100,2024-03-27T06:15:08.280000 +CVE-2023-29134,0,0,3d35c1344bf7e71c46382329b14af49f7e8ffacf7ec072dc36123392155ed100,2024-03-27T06:15:08.280000 CVE-2023-29137,0,0,e5c1b10ab2558731f371a1374bf948aebe1fe55da1e8c7c2fdbfef8863a2f74c,2023-04-10T17:08:31.030000 CVE-2023-29139,0,0,a0f50beb37ce41952b1fe655ddb38dee8596f866689e48b8141a0f18fb12ac55,2023-04-11T06:07:08.580000 CVE-2023-2914,0,0,808493420a9fc0aa33f58da9c1d9936a70854af622ca68d642a44c530230ec6f,2023-08-23T15:46:19.610000 @@ -222557,7 +222558,7 @@ CVE-2023-31629,0,0,654a0e5e1f15b6dda3d957a405c7ef82af9e6daec989334a0d8e37557fff2 CVE-2023-3163,0,0,e0d545f9c69cc583e6badf52318a2e2d22d1331a58f63b9414fd087c0f704d0a,2024-03-21T02:48:26.253000 CVE-2023-31630,0,0,582b9e3b4f542a22ac9086dedf1f1007cdfcc74f1e9ac2d7509df307784b842e,2023-05-22T13:30:38.413000 CVE-2023-31631,0,0,f46647db34231163f4886beb8605c4f6fa8b5836bcfe819f67e2cf4725e8bfa3,2023-05-22T13:30:53.093000 -CVE-2023-31634,1,1,c7f019f622c1e24583320130bef7bcc16d39f89dc17bec5a5a3380a805f2e445,2024-03-27T06:15:08.807000 +CVE-2023-31634,0,0,c7f019f622c1e24583320130bef7bcc16d39f89dc17bec5a5a3380a805f2e445,2024-03-27T06:15:08.807000 CVE-2023-3164,0,0,61eebf4ee2e8624d68717b8fd112efb5e0c843b4b0b951bcb3f5033cefc612fd,2024-03-08T19:38:13.920000 CVE-2023-3165,0,0,9110669f3528d21a65acf7dcdacb6b4e6dbcdb67673ef7e82c401891dfe4c127,2024-03-21T02:48:26.367000 CVE-2023-31654,0,0,2d2918653d29a59e127117cacf7796b26ed08787f7418631684e48c64cdb378e,2024-01-31T16:26:12.397000 @@ -222660,7 +222661,7 @@ CVE-2023-31848,0,0,6bc78d65f5ed2eaa06e296777b9b4592ee2ea5be41843234781e4261aa04a CVE-2023-31851,0,0,3e853e1d66ca75c30a6bc8ff7ff6e8a4787ac4e3cae329df8131b9a96b849868,2023-07-26T00:38:11.730000 CVE-2023-31852,0,0,d784b1a175893975f4dfe9e0cdd925a9eb483fcb3358bc9b040a28aff25564a5,2023-07-26T01:22:23.670000 CVE-2023-31853,0,0,bd5cd0c37ed1b17382d4a5fb15ac8a668367d67f1b2d3139e681e8f11cc57038,2023-07-26T00:38:02.020000 -CVE-2023-31854,1,1,7b2ff9862a55ec68361ef4c24fa30dec0cb1912a79d1b3c9d4adea84dac12832,2024-03-27T06:15:09.023000 +CVE-2023-31854,0,0,7b2ff9862a55ec68361ef4c24fa30dec0cb1912a79d1b3c9d4adea84dac12832,2024-03-27T06:15:09.023000 CVE-2023-31856,0,0,04b4b73d33dc51d56e41384c786cc5967477ceacf0c59f81abca4084fc3a12b1,2023-05-25T18:59:36.043000 CVE-2023-31857,0,0,cf64368a6d81b1b5ce5e2158d231348ff30291646fa440e91bebbebf31ed450d,2023-10-04T15:07:27.313000 CVE-2023-3186,0,0,a0cdd0b0eb175d5457e24956c4286567478b1fe6e5464224ca05be16af4ddff4,2023-11-07T04:18:09.863000 @@ -225037,7 +225038,7 @@ CVE-2023-35082,0,0,96616cc20f55a3693255216c8f2f060aaa7a62952d79f9f84b77fc7f26e31 CVE-2023-35083,0,0,9ab6e34413e581ae15547359d7914d7f6b4d21fd180c3b0f671e2af0a1e8a4c3,2023-10-25T00:14:42.067000 CVE-2023-35084,0,0,a31404e2ed78611a2bd87277d8d47bd8a7443f7d8e941034b14b15c7ab03bb5b,2023-10-25T00:17:27.200000 CVE-2023-35085,0,0,f2ce5c155cd392f84e6d341eb8f9c06fe5c53f41978224a5aa208345524bbea7,2023-08-17T14:42:14.493000 -CVE-2023-35086,0,0,726a6b2b9d34ca586559a345305810d825179c931ddfd15efeb94ad0f9a31738,2023-08-04T19:28:40.323000 +CVE-2023-35086,0,1,624d37ee8b3f19031ca1ef331197a8001e718f83e26d0d6f20a4c1acbf6c92f9,2024-03-27T08:15:37.173000 CVE-2023-35087,0,0,25e272dbad61bdc6473bc0cfb2cdefe8e1112911bdd2b384a518dc18f63d5502,2023-08-03T18:43:53.560000 CVE-2023-35088,0,0,5079e46e50ee539fd9d00f94ce26dff23e31ace108697c7d9b749519a59183df,2023-08-02T03:53:04.510000 CVE-2023-35089,0,0,9233839d2cb26d97cadc4227dd9134914aa3fd4056b69048cddef52e599157e7,2023-07-26T00:53:17.233000 @@ -227901,9 +227902,9 @@ CVE-2023-39234,0,0,f4f7cdf43ae3c580a8a8fc7af7781d856bc094009b3d8c501f5894c92e579 CVE-2023-39235,0,0,04d157e97cf0fe795bf9fb5bb7c88666953c63761417607dd293180ed9a0f2ce,2024-01-11T18:08:55.967000 CVE-2023-39236,0,0,b7809342e4892ed1426b3e5931df022f7d21b1a1cb9ec222403b61a3d8fa68ec,2023-09-12T20:46:29.193000 CVE-2023-39237,0,0,b7ef15492949ca047adb5150420516a9deec4700ecf1b73f5b04fd3af2e03fc9,2023-09-12T20:46:41.957000 -CVE-2023-39238,0,0,72f4de2737b66da05458ac6281b36a483c0823955e7b1183b3aa40b35c7c2390,2023-09-12T20:47:01.077000 -CVE-2023-39239,0,0,2386df6df8762142d408221da64eaec72e45197ab0493242e66e2476cff3e1d5,2023-09-12T20:47:18.443000 -CVE-2023-39240,0,0,1e6e055bcb6d9d95dd8e0daf00c44101858fd5fd920f7cb615524ea16b45514a,2023-09-12T20:09:22.577000 +CVE-2023-39238,0,1,258cb6b8e57cea43490cfe6e2afb98fd8941f07526883c9b1e0f0bc938b2357d,2024-03-27T07:15:47.557000 +CVE-2023-39239,0,1,810445b657dc00fec2d73b6537629f2ff56a539e1f91c65e5e2c93043e31a580,2024-03-27T08:15:37.867000 +CVE-2023-39240,0,1,b236c975b55503c9e30d5f6a09c34fe1d7c15459996e9698d92951be3154a676,2024-03-27T07:15:48.047000 CVE-2023-39244,0,0,9f285af0f9f410fc75cd65a6f6c9b447e7733bd157a2eced84f2c8d76a66f500,2024-02-20T14:15:07.910000 CVE-2023-39245,0,0,b5d8eeac0af1643eda0efb4e676c7303bef80b5a8ad1ff597780460fc83aed5f,2024-02-15T14:28:26.433000 CVE-2023-39246,0,0,dca8c7073401995470b334ba7411fce2fe87b7053965d987e8df140a7c92010e,2023-11-29T19:33:13.640000 @@ -227955,7 +227956,7 @@ CVE-2023-39299,0,0,4a4fe470a2bcfff30902e0b9d0b07fed9c3238f5a3ae755d2d216adf6ed07 CVE-2023-39301,0,0,f99ca5c14f2281e592a0eb5c38c92820cdd533a72f6c4acb102a1e81f6e4c87e,2023-11-14T15:29:43.047000 CVE-2023-39302,0,0,db9cae95c32f91811eb0f0ecdd3b63c519262646f87f4bc925e27b437fe46983,2024-02-06T19:54:10.380000 CVE-2023-39303,0,0,d81a0865c899018b1bf357d592ab28d95ab5876f93fb600c5e62942433b060c9,2024-02-06T19:57:03.963000 -CVE-2023-39306,1,1,d2726551073761fa4fa5b3c6b8b7beeb3ce786dc537e351bcfe4440e47f62d3b,2024-03-27T06:15:09.263000 +CVE-2023-39306,0,0,d2726551073761fa4fa5b3c6b8b7beeb3ce786dc537e351bcfe4440e47f62d3b,2024-03-27T06:15:09.263000 CVE-2023-39307,0,0,9c5bb6bcaa0e4070eaada5953d292b439b97b8adf03b545b0ad50aa15f9f843a,2024-03-26T21:15:51.330000 CVE-2023-39308,0,0,0a6368135905c51e4bfc8658e86115693ae2beb292d59faa84b5dcfe3424348f,2023-10-02T19:36:52.837000 CVE-2023-39314,0,0,ea740e75552d6dc1c0cf1f6c4b3f96de5bf219ab1a6cac778aaf3dfb58fa2dc3,2023-08-15T00:14:54.643000 @@ -230836,6 +230837,7 @@ CVE-2023-43764,0,0,47d311525688ffcbd92b3032d9b506eebc6f53ae3d8564f3e2e1f100edad8 CVE-2023-43765,0,0,b3545df71681ed01e9bb4e2988ac76b18cf833d747050ce7a3734afcc5f96c4e,2023-09-26T14:52:04.797000 CVE-2023-43766,0,0,c3d94b17d2392ff09b084a320fd1fc8561aef9620231c6123d5d5b274c6c06e9,2023-09-26T14:51:56.633000 CVE-2023-43767,0,0,d64e561a1c17c316e6afd120956b606e2b04bebdf6cf0733e0c8ab3f6dee8101,2023-09-26T14:51:32.377000 +CVE-2023-43768,1,1,697288ab94c35737dab24edd24c82cf3f7eacfb63d613e7e4979b43930dd0cab,2024-03-27T07:15:48.390000 CVE-2023-43769,0,0,8a9468590748146a71cded148013655e0f6d836db6406d4cc1576abfe45a1c00,2024-02-29T13:49:47.277000 CVE-2023-43770,0,0,4d03f5a49044ae7b1bf7e63c7fded1226329481138e6fbbc5a637c75be3534a8,2024-02-13T02:00:01.627000 CVE-2023-43771,0,0,b763e3326e80cea8f70a57d10f56b8ce7d4f44b5bc136e95cf6b451d994cda2a,2023-09-26T13:09:31.350000 @@ -232104,14 +232106,14 @@ CVE-2023-45912,0,0,e7b70d01df1e6b7ed29be6cef3a5d24a0188fc4204e45db25f76f5dd91970 CVE-2023-45913,0,0,8be194ab60fd9b92fb32f6e65f6c99753648f40f89b88348a8965ce203db31b4,2024-03-27T04:15:10.590000 CVE-2023-45916,0,0,b4de35a31730ce89637c5d93cae2af2c0f6956624ee8cf845871fb361731df75,2024-01-29T09:15:42.327000 CVE-2023-45918,0,0,33f00f55399e9410b66f853b2e07c334232e97a2facaeb394e496c0ea19cdb2e,2024-03-15T11:15:08.510000 -CVE-2023-45919,1,1,009ca7a40335c8f2f1b3e9fffe78e92322bb86a712e3b732ee85bfb5f7acc56b,2024-03-27T05:15:47.030000 +CVE-2023-45919,0,0,009ca7a40335c8f2f1b3e9fffe78e92322bb86a712e3b732ee85bfb5f7acc56b,2024-03-27T05:15:47.030000 CVE-2023-4592,0,0,81f9ec9c7754df484556128f55402d2b2e5da813e76693d6a2e51c67954d6e8c,2023-11-13T18:46:52.950000 -CVE-2023-45920,1,1,6d8dc389ece27d90b0daf882a2ebe5d888750ae26dabba4676a67261c116c965,2024-03-27T05:15:47.140000 +CVE-2023-45920,0,0,6d8dc389ece27d90b0daf882a2ebe5d888750ae26dabba4676a67261c116c965,2024-03-27T05:15:47.140000 CVE-2023-45921,0,0,645fcaff78feed0e43ec127059f0dcc7feb6d53759818ded268f99ff2c3f84f3,2024-01-29T09:15:42.547000 -CVE-2023-45922,1,1,b8e727a77688611a01ca29bb154fa3ae19b825949cb0bd9d068b360f5338bff5,2024-03-27T05:15:47.203000 +CVE-2023-45922,0,0,b8e727a77688611a01ca29bb154fa3ae19b825949cb0bd9d068b360f5338bff5,2024-03-27T05:15:47.203000 CVE-2023-45923,0,0,5946dd1d30e5db85cc88e2299cbbf78c4c1c23d4d9e7d4f1539852b51a3b5d93,2024-01-30T06:15:45.300000 -CVE-2023-45924,1,1,df2d9b447e6dda526823f43733f5db93deb2bf6a9992aa88619ca6ff4df1a8d5,2024-03-27T05:15:47.263000 -CVE-2023-45925,1,1,51df2c002997e7f823ac76430a7727bdb7092758020c5c4ae5820bde9138a4b5,2024-03-27T05:15:47.320000 +CVE-2023-45924,0,0,df2d9b447e6dda526823f43733f5db93deb2bf6a9992aa88619ca6ff4df1a8d5,2024-03-27T05:15:47.263000 +CVE-2023-45925,0,0,51df2c002997e7f823ac76430a7727bdb7092758020c5c4ae5820bde9138a4b5,2024-03-27T05:15:47.320000 CVE-2023-45926,0,0,b31fd162068a0734b2b75498e371bf05938747f0b8d935b26b2fd650b2446211,2024-01-30T06:15:45.480000 CVE-2023-45927,0,0,ae56f4590fd9d07d5b8c867e3b755884cd97a70364b7eced99294c867133d1ce,2024-03-27T04:15:10.847000 CVE-2023-45928,0,0,47558c1eca203c24f69589e30fb4f90aaef8f6b0bba4ad813aa029274f5783ce,2024-01-30T06:15:45.520000 @@ -232120,7 +232122,7 @@ CVE-2023-4593,0,0,3ea98d1462e60e86f08f26c4ce82616d1986809830750d8163ae88a206cf2a CVE-2023-45930,0,0,a38e7fb36c8eb8727531b4f64a404afbf67a9bcec1356bd838a6e5e8aa652ae6,2024-01-30T06:15:45.560000 CVE-2023-45931,0,0,4749ada89cf5946eb8000ae610ebad21250ad68cefdb4f6f6ab27120ca7b1611,2024-03-27T04:15:11.250000 CVE-2023-45932,0,0,98a0e114fa5b0548d7699473110f851a5f41bbf08881d91fe84141ff1183f83f,2024-01-29T09:15:42.593000 -CVE-2023-45935,1,1,05c56a17a13aa268ffff8b8372c4a56eba6481527ca0b1836cf414ff07f45aab,2024-03-27T05:15:47.377000 +CVE-2023-45935,0,0,05c56a17a13aa268ffff8b8372c4a56eba6481527ca0b1836cf414ff07f45aab,2024-03-27T05:15:47.377000 CVE-2023-4594,0,0,1724d709b98492bcbeea6886be2201bc3d2e779f95aff0daccd52f3a83f41cb0,2023-11-29T21:23:22.717000 CVE-2023-4595,0,0,d94b04dcb798ddb91c74a5e68df1ab4ecfdb9f34a3301555c5768b6471809428,2023-11-29T21:23:11.087000 CVE-2023-45951,0,0,130fe21a590852e9409eef3fa295cd94ae015bb62d25bdd6d239a5a7d9e16e95,2023-10-24T20:49:24.337000 @@ -232170,13 +232172,13 @@ CVE-2023-46033,0,0,3723a139615af604b5ca14fb5c3e684c31947597c1900b12a84557b3c06d0 CVE-2023-46040,0,0,bc2dd68090ab0171072ac4e1cee625bb2a5dc5f32672f05368e414ab60b5dccc,2023-11-08T02:48:09.133000 CVE-2023-46042,0,0,aae5cf8d9ddc3c18f23846cd9ec2a6a53bd9ff8ce9f620be6dbc63133d9cccd2,2023-10-25T15:20:17.570000 CVE-2023-46045,0,0,0e8abce2cbeee2bf608426602c7398443e9d61c9d45f545bf4f725e8132500eb,2024-03-21T02:49:19.427000 -CVE-2023-46046,1,1,6466bd19f29738594e6e43aa85d979e5a4307c6106784335cd47916b4af50bea,2024-03-27T05:15:47.440000 -CVE-2023-46047,1,1,18f79197542c57c7d83d7dd02c287a06e284d86849af4ea09a0a376a7e84c5bf,2024-03-27T05:15:47.500000 -CVE-2023-46048,1,1,4d33c2fa7aaa5cd244801b0cf7e8bc3c0bb523c4fe90daa6537204bf754e562b,2024-03-27T05:15:47.560000 -CVE-2023-46049,1,1,0a4c8ecb67262bd10e75421a404d95f10fcc7d0217a0eeeaee2e52bf42863756,2024-03-27T06:15:10.037000 +CVE-2023-46046,0,0,6466bd19f29738594e6e43aa85d979e5a4307c6106784335cd47916b4af50bea,2024-03-27T05:15:47.440000 +CVE-2023-46047,0,0,18f79197542c57c7d83d7dd02c287a06e284d86849af4ea09a0a376a7e84c5bf,2024-03-27T05:15:47.500000 +CVE-2023-46048,0,0,4d33c2fa7aaa5cd244801b0cf7e8bc3c0bb523c4fe90daa6537204bf754e562b,2024-03-27T05:15:47.560000 +CVE-2023-46049,0,0,0a4c8ecb67262bd10e75421a404d95f10fcc7d0217a0eeeaee2e52bf42863756,2024-03-27T06:15:10.037000 CVE-2023-46050,0,0,6ff5ea8f1dc5991c203b0679fc5f46c04b4a3ef6ae70c787c24e6bec0c9c29e6,2024-01-29T09:15:42.640000 -CVE-2023-46051,1,1,7f61ace4debe0e9bd3915e6bf6d78687f7b3fdb0c8595af9afd8f8bfc4d4a4d9,2024-03-27T06:15:10.243000 -CVE-2023-46052,1,1,b36a35cd68746ae9c1bfa6702f148b2c015cf43c74ef58b70d23e42daa662b39,2024-03-27T06:15:10.403000 +CVE-2023-46051,0,0,7f61ace4debe0e9bd3915e6bf6d78687f7b3fdb0c8595af9afd8f8bfc4d4a4d9,2024-03-27T06:15:10.243000 +CVE-2023-46052,0,0,b36a35cd68746ae9c1bfa6702f148b2c015cf43c74ef58b70d23e42daa662b39,2024-03-27T06:15:10.403000 CVE-2023-46054,0,0,dabfd66e957ad3f5f26c5e95b90dc66ccfb7ef09c807c244e2a9055c36c0030b,2023-10-27T19:35:22.627000 CVE-2023-46055,0,0,fdf1d245240a975fe0c288b57f8a59d44c9d185d042258dbbbcef27fafed4558,2023-10-28T03:35:48.520000 CVE-2023-46058,0,0,60caa10856250aa45ff6a614c1529ac57a3c57157cecbc316e05d8e91d2dc6dc,2023-10-30T11:37:02.710000 @@ -234729,7 +234731,7 @@ CVE-2023-49811,0,0,4e190f1f7c30b4a6367758fc1f79b0ddbdd1f8e185b5f280a2ae2611070d9 CVE-2023-49812,0,0,8fa4a431ad64240170499cbd49826f16b213d4a29e5fc3795dbfd103b7608f1c,2023-12-30T03:09:49.700000 CVE-2023-49813,0,0,6b3eba1bed8ab5596309a74ad2850014de6b45a8344266d60c4ebe316e2c38f5,2023-12-18T19:47:50.223000 CVE-2023-49814,0,0,fb8559cc48199d312a79d13bffb0106f86043abcaa9913859981e57bd498bbd9,2023-12-27T19:46:23.767000 -CVE-2023-49815,1,1,633696f09b89bddbd6015337adf076818022ac1f8c43ac44aff0dc47a4c287e7,2024-03-27T06:15:10.627000 +CVE-2023-49815,0,0,633696f09b89bddbd6015337adf076818022ac1f8c43ac44aff0dc47a4c287e7,2024-03-27T06:15:10.627000 CVE-2023-49816,0,0,4c1e876401edd7b269c2166d73388fec395a77c557788df983770fc415871c7d,2023-12-20T04:09:04.143000 CVE-2023-49819,0,0,547af230d15dfd9c5dd18465c1156e2cd30992e5bd1e74e9c3b0138634a11982,2024-01-02T15:31:44.860000 CVE-2023-4982,0,0,41bf569dca1252afc469aa49798e49aceff83425feac1cab042002f01a9fbb29,2023-09-20T13:13:16.680000 @@ -235963,7 +235965,7 @@ CVE-2023-52222,0,0,1142f590e1a21aeacceaabe68ed8ad5f9063502f197fc05ff7c0c8e41c0a9 CVE-2023-52223,0,0,6fdc1b7a674c90966c902b1c7f4480c7b54a014493fbc5a5c655f685d94f2cfe,2024-02-29T13:49:47.277000 CVE-2023-52225,0,0,2ca194296b25b1b3395926084606e130dfcad223288ee55b43b2e07e117eca23,2024-01-11T18:42:30.967000 CVE-2023-52226,0,0,bec54c3a403e6716c905a73fe61cb26421b406b0f857a8c600ba8e5d92dc034a,2024-02-29T13:49:47.277000 -CVE-2023-52228,1,1,16e9af9ab7fc263117cb85d586b9d03112d37e91467c0a00cd618c66eb68960a,2024-03-27T06:15:11.387000 +CVE-2023-52228,0,0,16e9af9ab7fc263117cb85d586b9d03112d37e91467c0a00cd618c66eb68960a,2024-03-27T06:15:11.387000 CVE-2023-52229,0,0,dac0e0017cf7b5bd3ad23ab32b4a438874655ec8284d97ff890efd1fdcb9f180,2024-03-20T13:00:16.367000 CVE-2023-5223,0,0,d4a40595d4f1d8080f1581088e20f1b299c6ee6a6069f0d33e7fa33bdfae6ed3,2024-03-21T02:50:11.113000 CVE-2023-52239,0,0,53232ab6cc2fc288fa443c530cf5456f2ca2ee6e47506bdc07862ff96f4b1242,2024-02-13T22:50:50.313000 @@ -238295,7 +238297,7 @@ CVE-2024-0561,0,0,4fcd2b1a1686f5a7ccc1135479dcaeb89389297fceae9ac1b6010f58e6b61a CVE-2024-0562,0,0,ed47443cd929d7814f11d99ba9bb79fcc79e3e65687a5137f73cbe072b2edbfb,2024-01-25T20:15:40.210000 CVE-2024-0563,0,0,0bf4472860925ed3661b4122ec1942a93e652e3291878b51071ea3e4cbbc7ec9,2024-02-23T16:14:43.447000 CVE-2024-0564,0,0,2ea7d9789fe2bf2c5202f04a8796f5e81286b91703a6d170c1fa28f2224224c4,2024-02-08T16:36:48.837000 -CVE-2024-0565,0,1,4289f67bdd3b0f4d908bc28471c202ce9f1b0e6eda24bcf3bb7c9761f422418d,2024-03-27T06:15:11.940000 +CVE-2024-0565,0,0,4289f67bdd3b0f4d908bc28471c202ce9f1b0e6eda24bcf3bb7c9761f422418d,2024-03-27T06:15:11.940000 CVE-2024-0566,0,0,681abfc9b7e46c2ac8977fa82721f99415c45ed13e9d55c5c1afcf0cdcb8b495,2024-02-12T17:31:21.670000 CVE-2024-0567,0,0,1e02444873c1fe10a496f7f22c004ec6553f166b1c2f1a8e061b54f1c92e9745,2024-03-05T11:15:08.783000 CVE-2024-0568,0,0,d5e10765679dc87408e9afd357bef5ea79b4bd9fdde5134372f0a54d2826f684,2024-02-14T18:04:50.373000 @@ -238657,6 +238659,7 @@ CVE-2024-1019,0,0,27c6fed97db80e9684966512d657c2ae1b8d86be0f46f2f894fd714e51d0d5 CVE-2024-1020,0,0,9b7eeacadd4d76ec76728605c0db8aae240ef1fc144c6257f9c7e65cb09dd2fa,2024-03-21T02:51:32.967000 CVE-2024-1021,0,0,d3fe4312df2bfe064f4941a21f6f4666a77fafb9f2d9afcc4b51020ac4568dfa,2024-03-21T02:51:33.050000 CVE-2024-1022,0,0,92eabd9a227ab16e8407856a694e7e9e01a324b423fd407ba70bb701f1be5779,2024-03-21T02:51:33.147000 +CVE-2024-1023,1,1,d20214b095a48e1d621eaa527659e9f6700715a4971929329247e3be9b7eb9cf,2024-03-27T08:15:38.140000 CVE-2024-1024,0,0,ea71a00c45aa5902a3b0fb02fb7404209bfff88d5df9e8810a0e7b2f9f86b516,2024-03-21T02:51:33.253000 CVE-2024-1026,0,0,48873cd93146d9f73c9e135123d6db65c6e220d0cb92b24addaf7f355e44fc3c,2024-03-21T02:51:33.340000 CVE-2024-1027,0,0,8609c6f04ef7471989f7ab4db06446961f2059452d94ca5a358bdb526d5f18fb,2024-03-21T02:51:33.427000 @@ -238917,6 +238920,7 @@ CVE-2024-1360,0,0,c38d2c5ac11d100cefb5af1387d1e4e25b28335fbaa6d0c6e411837b2ffbcd CVE-2024-1361,0,0,93d6142e634961db79d5b23a80f1f61ba806dc890c3dd55d9eac3f4c0577b093,2024-02-23T16:14:43.447000 CVE-2024-1362,0,0,40ae4820191210e9711d19790c4057fec96e362046a81c93d7e2036883f30b10,2024-02-23T16:14:43.447000 CVE-2024-1363,0,0,2f789b1dfe9343bab285ad6dd573fe434400a5c91edc60606a55328f9b50feff,2024-03-13T18:16:18.563000 +CVE-2024-1364,1,1,a6b664bbf09d5ff8fcb0f437f45b3e3a41dcdbe8574ffa0a3d191ad3e744cd0f,2024-03-27T07:15:48.497000 CVE-2024-1365,0,0,5f213ccde2b639c2cb66c1b3010fe0f9f4cf9b30548d42633611a484aed649f5,2024-03-13T18:16:18.563000 CVE-2024-1366,0,0,756ad513683fafdc81816d71f6f2330e90069e645d4d10220a75762d063de9d0,2024-03-07T13:52:27.110000 CVE-2024-1367,0,0,c7d0c61b44ec49f91e60f0f66492f38fa7ca52e01168f39d5ee8a77f3ed2b955,2024-02-15T06:23:39.303000 @@ -239022,6 +239026,7 @@ CVE-2024-1514,0,0,d2fbc2ea79f24fb3edb2e52944d3d629922ad42815d62dfe622b8d66c1b627 CVE-2024-1515,0,0,10b8f7584c1d46b0c128529ff6f70b319305352d97cad9adba528cb892ba5a73,2024-02-16T18:15:07.820000 CVE-2024-1516,0,0,0682d9e420aa946a0984c09969b8a3678dc3bf8e7ee03099492a3120e2d66ebf,2024-02-28T14:06:45.783000 CVE-2024-1519,0,0,c896f4900048f4c20516f0867e21ed67ad610a4383bb1c6f7418db09defb6991,2024-02-29T13:49:29.390000 +CVE-2024-1521,1,1,48e9e3091558b04d571049090431903a4d10708efec40c1a716f21e6f981941a,2024-03-27T07:15:48.793000 CVE-2024-1523,0,0,721970163db9a6dae0df03cedd71fdd66f1e0962f7f754fea5cd28f457c2c9b4,2024-02-15T06:23:39.303000 CVE-2024-1525,0,0,fff84c6c726ad730b73a3bd54bd21496a1cae79f6fe36efed68cabad049a1519,2024-03-04T20:14:59.457000 CVE-2024-1527,0,0,8f06fe1c17bff39e91c6d3012913ea5f8070ff383b8a0b61bb88d3bd435f1fdc,2024-03-12T17:46:17.273000 @@ -239331,6 +239336,7 @@ CVE-2024-20034,0,0,fd89b31b6f5c03623ba0368f79766d1ac1fdc820087d4a23f47c421371df7 CVE-2024-20036,0,0,6aa0aaf0f816e5c28025ff632ab4f045edf0cde4015cad23ab9efb02c5b10e0a,2024-03-04T13:58:23.447000 CVE-2024-20037,0,0,3394e4e5b536d07af9e060d111a2ccc408dd821a80abb589ecfb6a715771c30d,2024-03-04T13:58:23.447000 CVE-2024-20038,0,0,072c8099a3f9e48ba0836247d93bf5084e67d525de83ee6f0e8db29ddac35b4d,2024-03-04T13:58:23.447000 +CVE-2024-2004,1,1,b9a73949a27e0c2c930c6d2882a53815495973dd4e96dc95e765002fa1a3028e,2024-03-27T08:15:41.173000 CVE-2024-2005,0,0,0a204161c9448048cd66fbf91bafa8438461c235083297fff577722cc214206d,2024-03-06T15:18:08.093000 CVE-2024-2006,0,0,52d776ed20a145230028cfc4b5ce5b374d35ec688b7308ce8a79b923b7ac4a29,2024-03-13T18:15:58.530000 CVE-2024-2007,0,0,f47e32ba52cda7faacb8492f7684b94da5833a1e1d397bb70c366c91108ebbd0,2024-03-21T12:58:51.093000 @@ -239634,6 +239640,8 @@ CVE-2024-20986,0,0,55fd916bbc66a048aba24029df1cdbff6d17cbdc5963bc85efdc3f349c48d CVE-2024-20987,0,0,e6a4199f934ca8909c51db00ae903048e2b51791ebdf6565c06b10750c7af3ef,2024-01-20T18:30:16.877000 CVE-2024-2106,0,0,36a22e42a96a914c41992c81c774d6efd7bfa3b0b0b3c330a2d2cbc45a2a449b,2024-03-13T18:15:58.530000 CVE-2024-2107,0,0,b116f601239eee1477d732dcdf4bd402d2ca5c711c20a89df0a8e9dd54cd4cd1,2024-03-13T12:33:51.697000 +CVE-2024-2120,1,1,ec2926fa1ddf225955e3ffdb037a76f5655f207b1f185b1e6c5f80b6df6e6081,2024-03-27T07:15:53.447000 +CVE-2024-2121,1,1,80660d1206fe3e275a9ce16c4524d5574892ccff4c093a3597ab629c33f30e7a,2024-03-27T07:15:53.760000 CVE-2024-2123,0,0,73501544f7a3558963420aa67d952b80e94655e9088396c3288ccd604d8029fd,2024-03-13T12:33:51.697000 CVE-2024-2124,0,0,5cb1a1dba54bfae6b238ae6d7609c275856c9f27073c0f527e51958081050649,2024-03-20T13:00:16.367000 CVE-2024-2126,0,0,1a2d519f6abab42f7d576fb3e34114eea427e6991325933ecd5d353439d42412,2024-03-13T18:15:58.530000 @@ -240072,7 +240080,7 @@ CVE-2024-22143,0,0,adccc14524111072286cffd424e6560dcad4b1e2e3b7161d3a46107433633 CVE-2024-22146,0,0,8a44d2f783f8546b1d5e9fc855a9089455ad2fafc8ab97139269e47d5d414f01,2024-02-06T15:51:01.533000 CVE-2024-22147,0,0,0b0e8745bfea72bbfa1b747625dc2bbdeefcf97593cd8b6f4d26d36641e1e2b9,2024-02-01T04:13:36.740000 CVE-2024-22148,0,0,eb4d4a193f2153f5fe3df79c79a6ba27f52e6d1edc409f8c9f4419f061b12f8c,2024-02-03T00:30:56.520000 -CVE-2024-22149,1,1,dad6cca4e2097b9ff36c822d64821c9a4bf4745cac6796cae3057b0a7dbe312a,2024-03-27T06:15:12.890000 +CVE-2024-22149,0,0,dad6cca4e2097b9ff36c822d64821c9a4bf4745cac6796cae3057b0a7dbe312a,2024-03-27T06:15:12.890000 CVE-2024-2215,0,0,3d9ef80b29c445f284679f526548415fd716f1838cb37b317b2ffdffe485f4ff,2024-03-06T21:42:54.697000 CVE-2024-22150,0,0,73a6449bdd862cb4aceb7dfcabf00926f0730684d1b40796cd1922a1d89122f5,2024-02-06T15:42:52.927000 CVE-2024-22152,0,0,77741f5ed7ba0cff2726117ba8b408bddeb0ad8028c0019d800ba91134fb10eb,2024-01-30T17:36:20.533000 @@ -240155,7 +240163,7 @@ CVE-2024-22284,0,0,6bdde6ee668a94e34697b63e60243d3bba5e1198be225d5e35c53bee95324 CVE-2024-22285,0,0,d83553698dde53f7db1ed77900398085668ab39cd18713da980682ba03026fa6,2024-02-03T00:22:41.607000 CVE-2024-22286,0,0,82c36f3e950fb6487da5e34e2a74ac4e34c04a30cc54b184352f8852ec25bda9,2024-02-06T15:08:36.300000 CVE-2024-22287,0,0,9688e4b2f355a6f341af8d9f093d2662719ffb38811809f7483a97bd83c48642,2024-02-29T01:44:06.090000 -CVE-2024-22288,1,1,dd62e213e6f88323f5906dace130c729f3bf801f056415508625e35aedf52fd7,2024-03-27T06:15:13.670000 +CVE-2024-22288,0,0,dd62e213e6f88323f5906dace130c729f3bf801f056415508625e35aedf52fd7,2024-03-27T06:15:13.670000 CVE-2024-22289,0,0,6fea499141ae17f7c355da4e36d7874e9bbf7da4f26ebfc2105fb8b31e73e9b1,2024-02-06T15:15:04.717000 CVE-2024-2229,0,0,2cc94eae1b53e1bf4e6f156faa673a14c9009bd66755ae95a6e43b3f67551c74,2024-03-18T19:40:00.173000 CVE-2024-22290,0,0,ac36a6f65512e1d45333cdbe87ebe3b09537865956645a352e9c5e6e5aad3d30,2024-02-13T00:57:51.120000 @@ -240165,8 +240173,8 @@ CVE-2024-22293,0,0,66b18b2ec523327037fe7697def25b6fe810892caaa2642efef338fa7d6fa CVE-2024-22294,0,0,2d6088f59e8b9087805c2c637ab58edad520cd7f6a5cd091778e4377e15ff718,2024-01-30T17:44:30.747000 CVE-2024-22295,0,0,79eba3745b8ee4d5ff9d56f3066d8459c9cee5eb8c12175ae43be27752ace43e,2024-02-06T15:49:30.457000 CVE-2024-22297,0,0,577fc11ad5b0d749376591ad16a375dfa540e32ffa2e1012a2392bbaefc0287d,2024-02-06T15:38:07.050000 -CVE-2024-22299,1,1,570d127a2d4d8b37279ba6eaf761d12c4473b550f5d36ef4d89791ab4c2ded45,2024-03-27T06:15:14.273000 -CVE-2024-22300,1,1,14b41bc4dfc92d3a692becbde2d4f0b2569638d64cebf1a7f39060b9a6171a70,2024-03-27T06:15:14.883000 +CVE-2024-22299,0,0,570d127a2d4d8b37279ba6eaf761d12c4473b550f5d36ef4d89791ab4c2ded45,2024-03-27T06:15:14.273000 +CVE-2024-22300,0,0,14b41bc4dfc92d3a692becbde2d4f0b2569638d64cebf1a7f39060b9a6171a70,2024-03-27T06:15:14.883000 CVE-2024-22301,0,0,5c83b0c07edb476e78cc7de384bddf72fcd86e319684689177ab1f8ee28c611d,2024-01-30T17:44:59.847000 CVE-2024-22302,0,0,18ed1122bd0976f0a4301ea9eae7070b9d3278277ba02d3b706dc015d0fd056d,2024-02-06T15:03:44.550000 CVE-2024-22304,0,0,2f7991c69c1ca145eba445403e522b9ab4940581c28cc0d930c5747ff8bac74b,2024-02-03T00:21:59.163000 @@ -240176,7 +240184,7 @@ CVE-2024-22307,0,0,612500eeac06983bafbc014843c236d8c463241187c2baf6a06b160bc5b16 CVE-2024-22308,0,0,f72408efdea3f3f2120dbeafd0b38992093a473ba2aa0a2b4bc8ffb90cf9e200,2024-01-30T17:45:59.927000 CVE-2024-22309,0,0,1093afc20ffe4dba6071bc2d2a5c666f7d5a7f27092b0aa5704b12fac569bad5,2024-01-30T22:18:55.947000 CVE-2024-22310,0,0,97f58d74bad578babbc5c2fb902488ef3a20e73ec8d238c07475dac86db860dd,2024-02-06T16:08:42.910000 -CVE-2024-22311,1,1,a0d308ad4d833ce515780354067c6c6bccb592a03636fb7c0158ffc1e900bd90,2024-03-27T06:15:15.450000 +CVE-2024-22311,0,0,a0d308ad4d833ce515780354067c6c6bccb592a03636fb7c0158ffc1e900bd90,2024-03-27T06:15:15.450000 CVE-2024-22312,0,0,502cad1c70aca19be54f1a146a057702eb2ad6518581e46eff801281d9dde1eb,2024-02-15T04:38:23.153000 CVE-2024-22313,0,0,581ba52e07b483762530f796da1fdd8ed91dc09ecab9c2bbd9844d27990b4acd,2024-02-15T04:38:32.877000 CVE-2024-22317,0,0,0a3ac55ff5c06ef346851be23d60948af7af4d1952d43ddd2a3df902d975add3,2024-01-24T21:43:09.457000 @@ -240775,6 +240783,7 @@ CVE-2024-23786,0,0,f0548d6455615b31e441396852cc60231d477b27683b34ec1ee12909c1e69 CVE-2024-23787,0,0,550b780d50d57208fe379d24065848eee5f8142b4ed39778858a9c134ae1aaef,2024-02-14T13:59:35.580000 CVE-2024-23788,0,0,75be770e0e2efc2f7993f838332f3e01e537fea893f750f10acebc19dd167e36,2024-02-14T13:59:35.580000 CVE-2024-23789,0,0,3b4db7a41679f26cc368bd1c49ec72a4c5b201ec22c9db34ddcc4bf8ed60e635,2024-02-14T13:59:35.580000 +CVE-2024-2379,1,1,f70d7dd29d23e102f0607aa9762dadbd3e596a214377daf73fb7ade038a80ad6,2024-03-27T08:15:41.230000 CVE-2024-23790,0,0,7ba3f3405b9715b21075870dd17edc1b272dd4e87222d425504db7f4a99e95bf,2024-02-02T02:07:58.653000 CVE-2024-23791,0,0,c711bd16bc2b93f8129a30e7c99fc43bfcabcb8a5551dfbc3ff83e50af57cbe1,2024-02-02T02:07:28.850000 CVE-2024-23792,0,0,823333c5891a061b077a4f3d40e902cf5f11b40107f758ca80ff5a2ef6d8876f,2024-02-02T02:07:40.577000 @@ -240898,6 +240907,7 @@ CVE-2024-23975,0,0,baeca8d4c06e1a18eea86da121d0a833b4b39a471498d57fc82722b025e37 CVE-2024-23976,0,0,c6327f87e3c19d6c46c6a7ff9e0644c74688322bbd7d7b77f1f15872b56e20b5,2024-02-14T18:04:45.380000 CVE-2024-23978,0,0,50b9b56dcf99994468c287c3928875335c0c7eb104dcf6bd6ec21318911061dd,2024-03-21T02:52:09.667000 CVE-2024-23979,0,0,5e1dc647eec92472a586c7319077fa782b48d632d4a171a926ee19c9f0ee9a24,2024-02-14T18:04:45.380000 +CVE-2024-2398,1,1,224219f1d0abf9826b0c3496948571a48ecf7a42a8b59d41d02ae5b18ce8b3d8,2024-03-27T08:15:41.283000 CVE-2024-23982,0,0,b14ba0205dd1f33ce2faf143ef8b9750d0c0a19e31571fc2532f719ca5f2eec3,2024-02-14T18:04:45.380000 CVE-2024-23985,0,0,258f4468fe9f37b9a6c2732e57d96bdd80375c2f3603af19ad729cbcccfb8b72,2024-02-01T17:33:41.777000 CVE-2024-2399,0,0,6f8fb1e3be26b1339d174325c835cf0d1371f9e848d17aa9846a8738e0086de0,2024-03-15T12:53:06.423000 @@ -241114,6 +241124,7 @@ CVE-2024-2460,0,0,ae8df8f819284d0f0ea1a2589261357f393234fec195be42118065d37d0212 CVE-2024-2463,0,0,d32eed22bf8a5fcf19609631d56de6b5b6d90eae3a6bf9f710f87e5bdc1555f5,2024-03-21T15:24:35.093000 CVE-2024-2464,0,0,56f44447e0d256990841443a68df981cd7582a3850793a83bd5ba95f65e47e1c,2024-03-21T15:24:35.093000 CVE-2024-2465,0,0,2a77d33e3025e3f4f2328d9cfb33df2ea3c6a07d249ae9c526b18aebbde46668,2024-03-21T15:24:35.093000 +CVE-2024-2466,1,1,5129f3eb502f259092766708f0d8826303f1945d04b75a2ec769a4e23ef19ad0,2024-03-27T08:15:41.343000 CVE-2024-2468,0,0,ce97dda338a377ca94d499a9b2052223f84f7bfd7d8b30e987eea7f5dbb39ee8,2024-03-25T01:51:01.223000 CVE-2024-24680,0,0,00c6b06cbd399fac9a1cb69a45fdeee991ea9572aae73c195704c3555b436eb7,2024-02-15T18:46:48.693000 CVE-2024-24681,0,0,705110c1a0575ef95794934b23101ccc4a6f384f7c61c4db9f4dbf9a8c528dd4,2024-02-26T13:42:22.567000 @@ -241128,7 +241139,7 @@ CVE-2024-24696,0,0,340219d088caaa9660211943b96c2739fe7ed93b849c938b38d29441b9ee7 CVE-2024-24697,0,0,61551c1d57df2d326f3c36bc68e06a9320623a0f54e789a8374a92406f147d56,2024-02-14T13:59:35.580000 CVE-2024-24698,0,0,d61dd3567fca7693e893d971d6168372ef8ebc95d25f0d4242d6dec09624a98e,2024-02-14T13:59:35.580000 CVE-2024-24699,0,0,8d1632e494ddb3341056b84cf63fd50fcdfadb067d88dca7a5152a6be6a1ccea,2024-02-14T13:59:35.580000 -CVE-2024-24700,1,1,a64277764719a62002a1510d69f65d864d4210cfe9475e112489240fecfee53e,2024-03-27T06:15:16.127000 +CVE-2024-24700,0,0,a64277764719a62002a1510d69f65d864d4210cfe9475e112489240fecfee53e,2024-03-27T06:15:16.127000 CVE-2024-24701,0,0,c388b86a0d2431583cec02e78e4c710434d60dfd05269a5125b21a1498f265ee,2024-02-29T13:49:29.390000 CVE-2024-24702,0,0,68169c2ba8781d542981a3a82b3dbedd86a42bda996e358152d83922edc27359,2024-02-29T13:49:47.277000 CVE-2024-24705,0,0,ec2ce8236049f46f3eb88b140e7ef49b1684c75c01d49904df6e6b36582e7ddd,2024-02-29T13:49:47.277000 @@ -241194,7 +241205,7 @@ CVE-2024-24797,0,0,c19a8ac8bc5c78a5206d6c6bb45c357c3a8b7076e1d1a067b2d060905019e CVE-2024-24798,0,0,27adaa65a015e65d65b2afdd5c0a25214a188429d30f4388b6afc3dde21fa6d1,2024-02-22T19:07:27.197000 CVE-2024-24799,0,0,66b87dbf4712d897a80a6fd15f9be6859f6da4dbf0f2bf47a09701906b00e05c,2024-03-26T12:55:05.010000 CVE-2024-2480,0,0,18e5d9dd5007a1e03c1eb604204799de3a86309ed081b462f1877b3c18e0b19f,2024-03-21T02:52:34.667000 -CVE-2024-24800,1,1,0f75bcfecd2e3b163728d139158c8f459ae6463776d163a8fbd2da0e28893532,2024-03-27T06:15:16.700000 +CVE-2024-24800,0,0,0f75bcfecd2e3b163728d139158c8f459ae6463776d163a8fbd2da0e28893532,2024-03-27T06:15:16.700000 CVE-2024-24801,0,0,47915f71445069b208f35a7935b9c510a17f8f452a570f52726f8c5c81b5b647,2024-02-16T16:17:01.713000 CVE-2024-24802,0,0,a1a79b4d1a40c19f0b1fd783e577af4a06bd7c4a6081e664509b96e8417dd1d1,2024-02-22T19:07:27.197000 CVE-2024-24803,0,0,fc5d4f4cab51b4c20d7b6e3bf5587ec068edf5c72abf706c2f7a07ca396460a8,2024-02-16T16:19:58.613000 @@ -241237,7 +241248,7 @@ CVE-2024-24838,0,0,4afcde48d14164adfc15cf4d7f939a164717f3393f5f9be45549860895bc5 CVE-2024-24839,0,0,37b5c6617fe0fcff7aec5339a27f9a6c16c22aca80044b82a4026771c3eca093,2024-02-07T23:29:44.520000 CVE-2024-24840,0,0,9706e14381e5c17a1b5efeeb16573a7628a64ffcfe4d8c430fd495d768168f25,2024-03-25T01:51:01.223000 CVE-2024-24841,0,0,8d08a6d1ed3e8a8d7ebad26c8c83a1c96f0b8da3465bfb5372729a0bb8fb45ab,2024-02-07T23:30:01.510000 -CVE-2024-24842,1,1,858a347e41650b1602fe12bf4cdfec6e9b9faea2169e9b3ece547898773c2452,2024-03-27T06:15:17.420000 +CVE-2024-24842,0,0,858a347e41650b1602fe12bf4cdfec6e9b9faea2169e9b3ece547898773c2452,2024-03-27T06:15:17.420000 CVE-2024-24843,0,0,d33f62c2fdd6946ba4b8fb91b37e89cefca84076f23118f1b3a493aaa92d98d6,2024-02-22T19:07:27.197000 CVE-2024-24845,0,0,fbed6cf9d50e5e598f1a5999b78f5ca2c702f343bfae7256ff1795481674d581,2024-03-17T22:38:29.433000 CVE-2024-24846,0,0,6890a12a2a75edd735a365e4f936d5236ba568d73a773641099ac2fe0c58dc08,2024-02-07T23:30:10.557000 @@ -241739,10 +241750,10 @@ CVE-2024-25915,0,0,2b3eb3b61519c3cc7ec9c696d86f766a5ba91455b2def2592d7df0099d9b7 CVE-2024-25916,0,0,fd67fe38751dcee5e685d1168694fd860012e656006cfe93ceab898ad49c641f,2024-03-15T16:26:49.320000 CVE-2024-25919,0,0,5218810224fbf56f6083cabf959c1cac12534ba7273f9a4eb37375eb636b2ae1,2024-03-15T16:26:49.320000 CVE-2024-2592,0,0,82585bae4fa7f314917b7ba7f0e03f283a0c4f763802d50150853f7239d1bc1b,2024-03-18T19:40:00.173000 -CVE-2024-25920,1,1,91579eb3870c7035d8eb58c894347f32156353762c4c8ee52852b6eab881fed2,2024-03-27T06:15:18.200000 +CVE-2024-25920,0,0,91579eb3870c7035d8eb58c894347f32156353762c4c8ee52852b6eab881fed2,2024-03-27T06:15:18.200000 CVE-2024-25921,0,0,aafe4e8b3e8f047fc939e364c43e005d94eff7eb4d8c733629d0e6fc6ded5cba,2024-03-15T16:26:49.320000 CVE-2024-25925,0,0,01bc086e03bbafe0dfede980aebb8a87a98cfcf8d010c13e69a9feac35eb7490,2024-02-26T16:32:25.577000 -CVE-2024-25926,1,1,2ede02d6f93e5ceca24e0b14e2650f7cc0aac848581ab28c6598785060511429,2024-03-27T06:15:18.710000 +CVE-2024-25926,0,0,2ede02d6f93e5ceca24e0b14e2650f7cc0aac848581ab28c6598785060511429,2024-03-27T06:15:18.710000 CVE-2024-25927,0,0,70ec221cb23fdd951e839b39a19a816e5c7a4881399308a30cbec9cd2c6f2d65,2024-02-28T14:06:45.783000 CVE-2024-25928,0,0,a6060327df403c3c616b275f710271564f7f2534d45ed96b3571c5b2e5121575,2024-02-23T16:14:43.447000 CVE-2024-2593,0,0,0bc9083981d4926b54b124aa7b97b3f88ea31807cedffcfc7eef9f9222e4c27f,2024-03-18T19:40:00.173000 @@ -242156,6 +242167,7 @@ CVE-2024-2715,0,0,eebdfaa5dc67c1980f3671cde00851b9115e7a0881eb760d72bee7810b6a67 CVE-2024-2716,0,0,bf2e5646ee20fd7ff667a04d6fc2601b5891fa05fb3d9ca77bb7fafde73c42e5,2024-03-21T12:58:51.093000 CVE-2024-2717,0,0,60956d204776e8fc2f79250d188a534a8f231639d58b0eebc608181972adc923,2024-03-21T12:58:51.093000 CVE-2024-2718,0,0,69219abfd430b6a0a0008d330dbe89494263528e572419109c92a9fc419b6f63,2024-03-21T12:58:51.093000 +CVE-2024-27188,1,1,3bfe7595e4e83f779e5a6cbb60ec7aed5895227c71582e560a2a5fa8be27eb83,2024-03-27T07:15:49.100000 CVE-2024-27189,0,0,515e61fa1831b3fd92525b0004dfafde618646c72fb29e4527e0a2fb9466806f,2024-03-15T16:26:49.320000 CVE-2024-2719,0,0,a4ab17264d9d4de02148162ae470cd2b2fdd972306f561edebd77c0e41dd9d7a,2024-03-21T12:58:51.093000 CVE-2024-27190,0,0,1aa0bf9b04d8ad0cd0d83da443ced72d3db96666d7e8636691ac4635aaeee635,2024-03-21T19:47:03.943000 @@ -242336,6 +242348,7 @@ CVE-2024-27774,0,0,faaf7adce2033b4161afd1d606bbef075c5b779f6cc928fc6a617e115b936 CVE-2024-2778,0,0,606da7002eecf8b4a69d2bd07186555e4fbaaa2eba41bedbde660e768d517807,2024-03-22T12:45:36.130000 CVE-2024-2779,0,0,a46cbcced54f990ec3ab00dcc310828877345eeeff0a3332adcf6734f8a63516,2024-03-22T12:45:36.130000 CVE-2024-2780,0,0,bdcceeee0c00953c03148d72ca9c4da28e2649db6e5c4d572065a841b8ee9aa9,2024-03-22T12:45:36.130000 +CVE-2024-2781,1,1,9eb2854f15baa775ec617699db573a157a2faf3754b3444eca145ac53b32b86b,2024-03-27T07:15:54.073000 CVE-2024-27889,0,0,a24eb09c70fc8e243900497cf84a2002dc9fb9fdcf0cc7381ab2bee2e01200d8,2024-03-05T13:41:01.900000 CVE-2024-27894,0,0,249999fc9487c1b63574e09bae3fbcbcdf7b20ef335df69d9151a0f5ea4d74a1,2024-03-13T12:33:51.697000 CVE-2024-27900,0,0,00f9885d5a06fec36b56a14fdc3be21ddc255c1561a408e91e09aee1b7ac8b37,2024-03-12T12:40:13.500000 @@ -242529,7 +242542,7 @@ CVE-2024-28318,0,0,4464c0d64b943a4f9205011ad1109527e8aa088cb5ff5456cd49e911c2d1f CVE-2024-28319,0,0,e376890f5ff8761a0926623e9576a5238806c37f36258b3aec951592cbe60412,2024-03-15T16:26:49.320000 CVE-2024-2832,0,0,c0595131e5541a8be72f1d70fae1bd7e01d992e2b0a39fa4ee293a8a9e77db61,2024-03-25T01:51:01.223000 CVE-2024-28323,0,0,50ef03c499763d9e671e8f7abe3ff1d91993b3f242ed25d0b2f15c0783d9b2e2,2024-03-14T14:21:20.217000 -CVE-2024-28335,1,1,f9a5148c5952b28a1ed2369fc6611bc0670c01b4ce7cda9b5c7cc7d905a299a1,2024-03-27T06:15:19.447000 +CVE-2024-28335,0,0,f9a5148c5952b28a1ed2369fc6611bc0670c01b4ce7cda9b5c7cc7d905a299a1,2024-03-27T06:15:19.447000 CVE-2024-28338,0,0,9985a0b99abb928b9c829cb29ecce6039c07964aad6d9841c1477c6680f4f9b5,2024-03-12T17:46:17.273000 CVE-2024-28339,0,0,06a7f15d55f22a965683bef17c82587bc073ddf9fa5edb33c38c4cd82d5f37f7,2024-03-12T17:46:17.273000 CVE-2024-28340,0,0,89775fa07d73d115a7392603111ecb04f65799be74b8d41063e67ed0eb97d0cf,2024-03-12T17:46:17.273000 @@ -242648,6 +242661,7 @@ CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526 CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3b2c,2024-03-11T01:32:39.697000 CVE-2024-28756,0,0,25c89ab9b64cbd69060fc1b1f68e4f1c76ee574185097dbf9146fc8b2b315bf5,2024-03-22T12:45:36.130000 CVE-2024-28757,0,0,6f674e74da8b1d303f1997061736a8f7699c424c20f0aba68e441f140f441071,2024-03-23T03:15:11.920000 +CVE-2024-28815,1,1,ebfb6c37cc3fa6e027bec6996ebebbb703bc0b0db732369ccdb69249a540aa83,2024-03-27T07:15:49.493000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000 CVE-2024-28824,0,0,29abf61aa992ee5bcede73dcd8363195f5ccb0f240073ed24aaff3a2acefaab4,2024-03-22T12:45:36.130000 @@ -242822,7 +242836,9 @@ CVE-2024-29474,0,0,cd74b93fedbacc13ab911c0f2a2b89e07d9e578953f3b262ce40503b72930 CVE-2024-29499,0,0,bc8db29a97bf5517e5213278d0d5f5ecdec4b51f00adea3262848d25f6e735bc,2024-03-22T19:02:10.300000 CVE-2024-2951,0,0,196d384afa50e4915b3f7f1abd72164195ad83bb49221af960f012f0ea91cf3f,2024-03-26T18:15:12.160000 CVE-2024-29515,0,0,79c9f65757e49bdb19c4dcff88d6ba2d524b1951e790ac90d5ffb4f302abcf45,2024-03-26T12:55:05.010000 +CVE-2024-2954,1,1,3d070b82b635f267ee3baaad5b3f84d45975251a96ba95c9e18428be8c114e7f,2024-03-27T07:15:54.417000 CVE-2024-2955,0,0,434af8129d851694dcadd562a7be8c132241e357c2c6c3abcd25089475e2299a,2024-03-26T20:15:11.710000 +CVE-2024-2956,1,1,49aafa3744253fa7a7da9195501d735dc6fba90127ff7d7a4458e6a58d277c41,2024-03-27T08:15:41.393000 CVE-2024-29644,0,0,386d9404cd9a66783fab4191d99526a9e5bea1176409bc071a51d532c36af3ad,2024-03-26T12:55:05.010000 CVE-2024-29650,0,0,3de71c7e130cece9a4956a25a7008efc5004a21e047c073aea3bd083423d5a0e,2024-03-25T16:43:06.137000 CVE-2024-29666,0,0,a8926fce030310567330d9b7c126003f732556a2ce979a6a3fd232707f8bbd99,2024-03-26T12:55:05.010000 @@ -242833,6 +242849,7 @@ CVE-2024-29735,0,0,1640123dfaaf4d3d57b29169fabd73ad7d0d319282e875da918e047f81344 CVE-2024-29808,0,0,1a083356e9d0f501470cdfed0d1c85987d8c8667e4684d7b2ae73ab2fb9e2d44,2024-03-26T17:09:53.043000 CVE-2024-29809,0,0,21a6514e4479b2af7c07059597ccbdef1cddc762bb223c6efd7d97d6a6cee8d3,2024-03-26T17:09:53.043000 CVE-2024-29810,0,0,eff91a2f0d80ceae6d9d4c914195c5a044b82fbe1cafb4a26b6b9c2e1aa693cf,2024-03-26T17:09:53.043000 +CVE-2024-29820,1,1,bc2a1d0083b758f6711febad6df9f92326644a1dd5ccfd6688ecffccec18b492,2024-03-27T07:15:49.580000 CVE-2024-29832,0,0,e21971089d12a8b67bd5dc57f7dea93be0cc79e81378beb3ae2f03d4ff6e4c14,2024-03-26T17:09:53.043000 CVE-2024-29833,0,0,4c9a8c532b47162f5aea1ac06e294c5bbf9e597d7d17a1d16e86b5dc1293a53a,2024-03-26T17:09:53.043000 CVE-2024-29858,0,0,585719d860c91771e96e52d882eed744121f21e899f727afe6b381f4ffbb308d,2024-03-21T12:58:51.093000 @@ -242854,12 +242871,43 @@ CVE-2024-29879,0,0,f281e5565c18f62981e30c243c39ad05583d9bbab1631a620c93b3c78846e CVE-2024-29880,0,0,e4ba47a3336aba44b26bc2b767c682c9997cfe6f0e16a9457e7fe50a3abeaa1c,2024-03-21T15:24:35.093000 CVE-2024-29881,0,0,7eaff78a6eecd508372203508f2ecab97ebc62cfd94b7af6101b5d7b6ca209b2,2024-03-26T17:09:53.043000 CVE-2024-29883,0,0,2444d321a867d6f4cdf63bf8a1bc6af3b407752f2134c1f64a1d02545242c426,2024-03-26T17:09:53.043000 +CVE-2024-29906,1,1,7483ea3a678087cde30cc519cab410b0cc475d79b25be136af06e51a711e9a43,2024-03-27T07:15:49.933000 +CVE-2024-29907,1,1,3278f3c133fbd7979a3bf9c546ef2006ecc35797509acc24debef79cb75cda4d,2024-03-27T07:15:50.277000 +CVE-2024-29908,1,1,e03f4a655094563ad64476ca268bd042a027d9a0fe4ab4971d84233082e5f8a6,2024-03-27T07:15:50.643000 +CVE-2024-29909,1,1,e5421dac9cd559655c69b5a8de6feeaf97ef3d261b6311e1ffc5cb6e02ab5807,2024-03-27T07:15:50.980000 +CVE-2024-29910,1,1,27ca4aa324787958e7ab0dec5b81575ae41ec66b592482911f5822a4d616443f,2024-03-27T07:15:51.340000 +CVE-2024-29911,1,1,f326c83978ca665e60dc60f529a6ce9e1c65faae90e70d2e47b34e8e6d11d2d6,2024-03-27T07:15:51.690000 +CVE-2024-29912,1,1,4ed77c13fc57178d2786991d3e8044deba3c5349c94724764803ea7148b565f7,2024-03-27T07:15:52.050000 +CVE-2024-29913,1,1,baba6e1086df6dbef08d9f7aafece54e65299e06ed6902a48767a17b208df6bc,2024-03-27T07:15:52.420000 +CVE-2024-29914,1,1,b70c91eb7bdd8a39d5182320478817250710ada1e4471cf98c184a7500bd4124,2024-03-27T07:15:52.767000 +CVE-2024-29915,1,1,c9ec54c4aa22e3f9439fedac9853d7eae61169df4aba1695fb299be1aef8fd20,2024-03-27T07:15:53.110000 CVE-2024-29916,0,0,dd300e18b662f862d3dd0881eace85d81be3f3aaeb79c908bcef100a80a89dd1,2024-03-21T19:47:03.943000 +CVE-2024-29917,1,1,43e518e0bbec2dca01be894cfaa542286f47f6911813d02e7e3dd8f69edc0424,2024-03-27T08:15:38.230000 +CVE-2024-29918,1,1,1fea58804c3e98e1217e0e90967a1df211cde221e05fb56b3326cdb50326384a,2024-03-27T08:15:38.530000 +CVE-2024-29919,1,1,e8bf87c7130977e8f45835b4fe4607240a4d7d079de371c41f7a82f892fff338,2024-03-27T08:15:38.810000 +CVE-2024-29920,1,1,ad64ab9ca2e7ee14f5dde3bc74af1546df2acebe7b0280bb3b2fc257448213d3,2024-03-27T08:15:39.137000 +CVE-2024-29921,1,1,45ae8beaa74f6dd34d2307f50dbd328b9b11570caea3195ece93308448c5f6e9,2024-03-27T08:15:39.390000 +CVE-2024-29922,1,1,605f995dd98ffd8b97bb12d5f4724b01f252e6225f1172a23f5124559b46a521,2024-03-27T08:15:39.630000 +CVE-2024-29923,1,1,4c48006f4e5f348e23b53777f41d66da66861892ff7577eaf9713b2836b85df4,2024-03-27T08:15:39.840000 +CVE-2024-29924,1,1,7beb02c81ec8d2d0bc8c4e99ae2e991e4380817c590eb8771afe21360264cb5e,2024-03-27T08:15:40.063000 +CVE-2024-29925,1,1,5b2f8a48adecb6e7aee4ae3ffffd962d462c3292784134cf15b2e6705600bc07,2024-03-27T08:15:40.270000 +CVE-2024-29926,1,1,6da79902b30ef27d090a49b0e8e295d7f4b68cc53c3b4956f1770b41c3b11b6f,2024-03-27T08:15:40.487000 +CVE-2024-29927,1,1,f76b453b41cd327dcf17757c5f1baec1302049c25273b111d57c776d40fdea54,2024-03-27T08:15:40.707000 +CVE-2024-29928,1,1,ac0ecf4589884928367a23583c009a1a532b265adc89041fe808fe2140ff88de,2024-03-27T08:15:40.937000 CVE-2024-29943,0,0,39d573a490fc5d2b219e8af270d3feeff9aa72e4341ddd52f10b0ddfa677f78e,2024-03-22T15:34:43.663000 CVE-2024-29944,0,0,4d21f9c7c1ab1ff30cce77b261f7b06b8e28526248b968d986726dab452f24fc,2024-03-25T17:15:51.670000 CVE-2024-30156,0,0,aff0cd27a6d4ebd55e03f44f61cc23ee9163e094843acbac5af736e684ab9391,2024-03-25T01:51:01.223000 CVE-2024-30161,0,0,f6d00094643508d05d1e5626fca4ef83c82ab69ba4696adb329c49eff6d0ab4a,2024-03-25T01:51:01.223000 CVE-2024-30187,0,0,f8d37ff5304c8d102184c9586047a497264eab63488a1192b60bf85807ce2976,2024-03-25T13:47:14.087000 +CVE-2024-30192,1,1,fc950214f08d8aa955308217aaafe4dd13b07c6e07c38344d7857022230990b4,2024-03-27T07:15:54.717000 +CVE-2024-30193,1,1,bd9545020b620c22b2731e7978cd3ee2739c9122e245e1687f34faa7226d0a49,2024-03-27T07:15:54.853000 +CVE-2024-30194,1,1,b0844fc35a1eac48d409196f4dc7bb5c54441d5307c4a2ae37f57a006097a80f,2024-03-27T07:15:55.217000 +CVE-2024-30195,1,1,8c897801dc109f1f403c3b03a9557ad3a6ae0b6cf2b864f0c1ebabff8bfd88de,2024-03-27T07:15:55.567000 +CVE-2024-30196,1,1,ac141989ab82de452766c538783d0b75ab6cd78a1e890fa32a856598d1ecf8c8,2024-03-27T07:15:56.197000 +CVE-2024-30197,1,1,79448d379a34494c3883f88888a43fd2386d71ae59c3fc1382450a0bd0de15da,2024-03-27T07:15:57.247000 +CVE-2024-30198,1,1,a01dd260e33e1b694109505c6b76f9bb16213158804aa2ee31753d76ad1dd97f,2024-03-27T07:15:57.827000 +CVE-2024-30199,1,1,c5cded0d51143bc4cfd72f3e976c4df27dc67e75b85027549682f493cef3ca85,2024-03-27T07:15:58.497000 +CVE-2024-30201,1,1,505d590856de1ec6363bd23139d064ecbc9a8518890727937f83f72d5e2d89a0,2024-03-27T07:15:59.157000 CVE-2024-30202,0,0,8f653afa9be834d6068a82d15d250296f87495118f4f1c30c90cbc157fddce34,2024-03-25T16:43:06.137000 CVE-2024-30203,0,0,a1d664e0e9a71620a1b21449b8bc268488489a282580bac90b40062a439c83a7,2024-03-25T16:43:06.137000 CVE-2024-30204,0,0,bf1cbd8aaa2b36eb1f7808443cd1dc94c2d123df04230a458090af1180122865,2024-03-25T16:43:06.137000