diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42406.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42406.json new file mode 100644 index 00000000000..93a27fbcf35 --- /dev/null +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42406.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42406", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2024-09-26T08:15:05.810", + "lastModified": "2024-09-26T08:15:05.810", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to properly authorize requests when viewing archived channels is disabled, which allows\u00a0an attacker to retrieve post and file information about archived channels. Examples are flagged or unread posts as well as files." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-458xx/CVE-2024-45843.json b/CVE-2024/CVE-2024-458xx/CVE-2024-45843.json new file mode 100644 index 00000000000..7f36a181a1a --- /dev/null +++ b/CVE-2024/CVE-2024-458xx/CVE-2024-45843.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-45843", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2024-09-26T08:15:06.020", + "lastModified": "2024-09-26T08:15:06.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mattermost versions 9.5.x <= 9.5.8 fail to include the\u00a0metadata endpoints of\u00a0Oracle Cloud and Alibaba in the SSRF denylist, which allows\u00a0an attacker to possibly cause an SSRF if Mattermost was deployed in Oracle Cloud or Alibaba." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47003.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47003.json new file mode 100644 index 00000000000..f46e2a14aa7 --- /dev/null +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47003.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47003", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2024-09-26T08:15:06.227", + "lastModified": "2024-09-26T08:15:06.227", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8 fail to validate that the message of the permalink post is a string,\u00a0which allows an attacker to send a non-string value as the message of a permalink post and crash the frontend." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47044.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47044.json new file mode 100644 index 00000000000..ad32016ae42 --- /dev/null +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47044.json @@ -0,0 +1,53 @@ +{ + "id": "CVE-2024-47044", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-09-26T09:15:02.317", + "lastModified": "2024-09-26T09:15:02.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerability is exploited, an attacker who identified WAN-side IPv6 address may access the product's Device Setting page via WAN-side. Note that, the same products are also provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION, but the vulnerability only affects products subscribed and used in NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION areas." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-451" + } + ] + } + ], + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN78356367/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://web116.jp/ced/support/version/broadband/500mi/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://web116.jp/ced/support/version/broadband/600mi/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://web116.jp/ced/support/version/broadband/pr_400mi/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://web116.jp/ced/support/version/broadband/rt_400mi/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://web116.jp/ced/support/version/broadband/rv_440mi/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47145.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47145.json new file mode 100644 index 00000000000..6e64399753b --- /dev/null +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47145.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47145", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2024-09-26T08:15:06.403", + "lastModified": "2024-09-26T08:15:06.403", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when viewing archived channels is disabled, which allows\u00a0an attacker to view posts and files of archived channels via file links." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47197.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47197.json new file mode 100644 index 00000000000..648628f34ab --- /dev/null +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47197.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2024-47197", + "sourceIdentifier": "security@apache.org", + "published": "2024-09-26T08:15:06.587", + "lastModified": "2024-09-26T08:15:06.587", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Sensitive Information to an Unauthorized Actor, Insecure Storage of Sensitive Information vulnerability in Maven Archetype Plugin.\n\nThis issue affects Maven Archetype Plugin: from 3.2.1 before 3.3.0.\n\nUsers are recommended to upgrade to version 3.3.0, which fixes the issue.\n\nArchetype integration testing creates a file\ncalled ./target/classes/archetype-it/archetype-settings.xml\nThis file contains all the content from the users ~/.m2/settings.xml file,\nwhich often contains information they do not want to publish. We expect that on many developer machines, this also contains\ncredentials.\n\nWhen the user runs mvn verify again (without a mvn clean), this file becomes part of\nthe final artifact.\n\nIf a developer were to publish this into Maven Central or any other remote repository (whether as a release\nor a snapshot) their credentials would be published without them knowing." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + }, + { + "lang": "en", + "value": "CWE-922" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/ftg81np183wnyk0kg4ks95dvgxdrof96", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47337.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47337.json new file mode 100644 index 00000000000..8bc921fbf3f --- /dev/null +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47337.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47337", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-09-26T09:15:02.660", + "lastModified": "2024-09-26T09:15:02.660", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Stuart Wilson Joy Of Text Lite.This issue affects Joy Of Text Lite: from n/a through 2.3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/joy-of-text/wordpress-joy-of-text-lite-plugin-2-3-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8861.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8861.json new file mode 100644 index 00000000000..ef73c54c94a --- /dev/null +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8861.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-8861", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-26T08:15:06.697", + "lastModified": "2024-09-26T08:15:06.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The ProfileGrid \u2013 User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.9.3.2 due to incorrect use of the wp_kses_allowed_html function, which allows the 'onclick' attribute for certain HTML elements without sufficient restriction or context validation. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/trunk/admin/class-profile-magic-admin.php#L2065", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/trunk/includes/class-profile-magic.php#L268", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3157510/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d3188c2-e5b0-4d83-8c92-ae6b409c92f9?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8872.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8872.json new file mode 100644 index 00000000000..1674b8fbe74 --- /dev/null +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8872.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8872", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-26T09:15:03.310", + "lastModified": "2024-09-26T09:15:03.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.3.20. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/order-hours-scheduler-for-woocommerce/tags/4.3.20/includes/Aspect/Page.php#L155", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3157721/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cbb51fe-ae7f-4fe8-89ad-38f6d3238cea?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9025.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9025.json new file mode 100644 index 00000000000..3c5a947a6ae --- /dev/null +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9025.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9025", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-26T09:15:03.970", + "lastModified": "2024-09-26T09:15:03.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Sight \u2013 Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handler_post_title' function in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to expose private, pending, trashed, and draft post titles. Successful exploitation requires the Elementor plugin to be installed and activated." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3156405/sight", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f889342e-03fb-44eb-b5cb-acf115a526c3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ef608ccc6c5..cb4ae08ff41 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-26T08:00:18.485882+00:00 +2024-09-26T10:00:18.451188+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-26T07:15:03.193000+00:00 +2024-09-26T09:15:03.970000+00:00 ``` ### Last Data Feed Release @@ -33,27 +33,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -263810 +263820 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `10` -- [CVE-2024-0132](CVE-2024/CVE-2024-01xx/CVE-2024-0132.json) (`2024-09-26T06:15:02.397`) -- [CVE-2024-0133](CVE-2024/CVE-2024-01xx/CVE-2024-0133.json) (`2024-09-26T06:15:04.053`) -- [CVE-2024-4278](CVE-2024/CVE-2024-42xx/CVE-2024-4278.json) (`2024-09-26T07:15:02.603`) -- [CVE-2024-6517](CVE-2024/CVE-2024-65xx/CVE-2024-6517.json) (`2024-09-26T06:15:04.767`) +- [CVE-2024-42406](CVE-2024/CVE-2024-424xx/CVE-2024-42406.json) (`2024-09-26T08:15:05.810`) +- [CVE-2024-45843](CVE-2024/CVE-2024-458xx/CVE-2024-45843.json) (`2024-09-26T08:15:06.020`) +- [CVE-2024-47003](CVE-2024/CVE-2024-470xx/CVE-2024-47003.json) (`2024-09-26T08:15:06.227`) +- [CVE-2024-47044](CVE-2024/CVE-2024-470xx/CVE-2024-47044.json) (`2024-09-26T09:15:02.317`) +- [CVE-2024-47145](CVE-2024/CVE-2024-471xx/CVE-2024-47145.json) (`2024-09-26T08:15:06.403`) +- [CVE-2024-47197](CVE-2024/CVE-2024-471xx/CVE-2024-47197.json) (`2024-09-26T08:15:06.587`) +- [CVE-2024-47337](CVE-2024/CVE-2024-473xx/CVE-2024-47337.json) (`2024-09-26T09:15:02.660`) +- [CVE-2024-8861](CVE-2024/CVE-2024-88xx/CVE-2024-8861.json) (`2024-09-26T08:15:06.697`) +- [CVE-2024-8872](CVE-2024/CVE-2024-88xx/CVE-2024-8872.json) (`2024-09-26T09:15:03.310`) +- [CVE-2024-9025](CVE-2024/CVE-2024-90xx/CVE-2024-9025.json) (`2024-09-26T09:15:03.970`) ### CVEs modified in the last Commit -Recently modified CVEs: `4` +Recently modified CVEs: `0` -- [CVE-2024-47045](CVE-2024/CVE-2024-470xx/CVE-2024-47045.json) (`2024-09-26T07:15:02.387`) -- [CVE-2024-6785](CVE-2024/CVE-2024-67xx/CVE-2024-6785.json) (`2024-09-26T07:15:02.953`) -- [CVE-2024-6786](CVE-2024/CVE-2024-67xx/CVE-2024-6786.json) (`2024-09-26T07:15:03.100`) -- [CVE-2024-6787](CVE-2024/CVE-2024-67xx/CVE-2024-6787.json) (`2024-09-26T07:15:03.193`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 167d47ad182..bfce4c1ecc3 100644 --- a/_state.csv +++ b/_state.csv @@ -241331,8 +241331,8 @@ CVE-2024-0110,0,0,9d3ea028d3dde672136c07e8d052ddc3ffee906b5f050cc97127e00fa31f77 CVE-2024-0111,0,0,745fe4fa8ac2297a871814d16ec0cf5bf56a98c3501448d82308b7dc75a74f20,2024-09-18T15:22:14.727000 CVE-2024-0113,0,0,30ea5d78769c707d77ab5e88a1087a3bf4be86e316909498095d743b94b19e08,2024-09-11T17:34:37.667000 CVE-2024-0115,0,0,90525cb6d1df6f268f81b58c98763d2a78ce3017a9779cdc04eec9f2dd2bca4d,2024-09-11T17:24:27.393000 -CVE-2024-0132,1,1,80845b763b98c0f9666e60c5034f81f4b72e4fdf208f2f7335b1a9d4ffcb816e,2024-09-26T06:15:02.397000 -CVE-2024-0133,1,1,59d1fc566287419b2985f412957f74689f1d9be4e425e92cef21b613dd3e38f2,2024-09-26T06:15:04.053000 +CVE-2024-0132,0,0,80845b763b98c0f9666e60c5034f81f4b72e4fdf208f2f7335b1a9d4ffcb816e,2024-09-26T06:15:02.397000 +CVE-2024-0133,0,0,59d1fc566287419b2985f412957f74689f1d9be4e425e92cef21b613dd3e38f2,2024-09-26T06:15:04.053000 CVE-2024-0151,0,0,e688008e47f7f2b2995cf15f9fce74bb525b3898f5e47db0ad5b6ce2aa86a255,2024-08-09T19:35:02.910000 CVE-2024-0153,0,0,27805279095cb051183cab09aac75c2d46b1759d5204833928b95d85cf667e87,2024-07-03T01:44:37.677000 CVE-2024-0154,0,0,e0c538dbc1a8e60b09b037cacd452435c496c209b1106146ca859e110f3efaa6,2024-03-13T18:15:58.530000 @@ -258525,6 +258525,7 @@ CVE-2024-42399,0,0,b2d8d291d138c04491424e6796bb04940f5bfb5f03fc0a00b681faa84689b CVE-2024-4240,0,0,c278b752586c1bf53091999087140c7ddb924945ab9e2c19f82d090171b2b4e6,2024-06-04T19:20:33.263000 CVE-2024-42400,0,0,bada445f5210525c2b124a846736c128f6bdefeabff1b80f8c8c07a166ac65a5,2024-08-23T15:06:00 CVE-2024-42404,0,0,258bbe9a8fc30a08f303346ac087df8a3b0eda2e13e09e67b46abeb3b548974a,2024-09-20T12:30:51.220000 +CVE-2024-42406,1,1,8fc357cd8a5b765d3bedf27da6524ade65d6bf6529c5d3d83fb395dc374526ec,2024-09-26T08:15:05.810000 CVE-2024-42408,0,0,4d58de4373d6b44540fc0d8799a258082f4b72e8c10ed3de4134395815aaf808,2024-08-29T14:22:45.603000 CVE-2024-4241,0,0,1e8cfaace7e8ae3194846b1351a77e14aef6cd3a07b429e780198fa55ccad7c3,2024-05-17T02:40:19.957000 CVE-2024-42411,0,0,3fcf900cd705b45045cb94d8edb3d48eeb6b58809490fd9c74760d8ca62aa9ff,2024-08-23T16:04:26.227000 @@ -258749,7 +258750,7 @@ CVE-2024-42776,0,0,49df09a24f284e86d715f5abaeb464734905bffafaa3c39e989586ce48e5c CVE-2024-42777,0,0,2d230367a378a9892fa5e7e584a572024e69880eb5ef983adbd6c5d7ede9cb62,2024-08-23T16:09:28.690000 CVE-2024-42778,0,0,d764d72d39cc4183a1af0d7e19f09d7d0960ab591232c3ea88adf9b672102c66,2024-08-22T17:46:56.953000 CVE-2024-42779,0,0,ae01f66ce27224f61751e4dafb37d2b39d06767c7fe94153b5b7da202b1526ce,2024-08-23T16:09:23.920000 -CVE-2024-4278,1,1,a130519ee8df459b1c0b6f90c0cc327365693598160ad1fdb22acde8e3978450,2024-09-26T07:15:02.603000 +CVE-2024-4278,0,0,a130519ee8df459b1c0b6f90c0cc327365693598160ad1fdb22acde8e3978450,2024-09-26T07:15:02.603000 CVE-2024-42780,0,0,537c9f50d7bf7aff4a7dcaebb00f14c413786f21facf19fc25a8c5636cf9e75f,2024-08-23T16:10:40.947000 CVE-2024-42781,0,0,5fe3337a96f08751b7c7216bb6725505d019cc107e8415ab36e312b9eeb7008d,2024-08-23T16:15:43.970000 CVE-2024-42782,0,0,3c8ffc34a25045001d9e172592762ed86784c661fcffd202cee24448d96b5daa,2024-08-23T16:16:03.363000 @@ -260154,6 +260155,7 @@ CVE-2024-45833,0,0,d66bcdb35ef05ab6c240a22f01c308be4dcef309fd562be6507d54a47e854 CVE-2024-45835,0,0,2bbb89ffd28b8dc1adee7dde89d168866e6c50e525c50f0b4fc33c67b9ff7524,2024-09-17T12:11:48.833000 CVE-2024-45836,0,0,ea61abf99d55de9b0f1ff52c1bd3ff38ea2ef9e4914cda606ea656efc74e12d6,2024-09-26T05:15:12.190000 CVE-2024-4584,0,0,4d639afeee5354fec0a7cf3023bb849f2437d78f7cd875e4a49ac03b46b9ec82,2024-06-17T19:15:58.903000 +CVE-2024-45843,1,1,25be0b31b1e14b51454055a4715fef73687e770510cd9c516d3d6db74b369e80,2024-09-26T08:15:06.020000 CVE-2024-45845,0,0,b549a9e321160df47bcb67d5d4737d4567fe304513c57d25b052b060dcd0ae25,2024-09-12T20:15:05.273000 CVE-2024-45846,0,0,782f0b5f63081997ef94c1cb8ba21c320f06f7c0fb7ff9d780e670296be45516,2024-09-16T17:30:06.747000 CVE-2024-45847,0,0,9f95d0a04a61f9456f0fb197ef2c92a68bfb8a1719c90da8845bc4b8201dc12e,2024-09-16T17:31:04.850000 @@ -260512,11 +260514,13 @@ CVE-2024-46999,0,0,3f752cfc2057db8c9e88a86dc03848f68cfeb464ea96f96eaca0cf77bb84d CVE-2024-4700,0,0,fa1a582bbd6e4a675ead2d89728236d2ca7c92c15fe998cffa14cb24a4febb9d,2024-05-21T12:37:59.687000 CVE-2024-47000,0,0,d44e65f26ff5211f3ae15f921442088284d2de145a1f7d23069c9caedddf80a6,2024-09-24T20:25:30.493000 CVE-2024-47001,0,0,2bb4bf673c202add583b3cb6aa8d87ad17a722980665125974c3d12c60f8fe21,2024-09-20T12:30:51.220000 +CVE-2024-47003,1,1,efcf188cb8a57a60f3b6031bc2c3a7151c8afec18d547f26beb2330aaa4e0096,2024-09-26T08:15:06.227000 CVE-2024-4701,0,0,5f841f0540b46f49c80d409ca526b0c08d190fe4f1f5bc2d7cfb115b5ba38647,2024-05-14T16:11:39.510000 CVE-2024-4702,0,0,dd020b59844aa3c2b904a852a1e5f578b8784127317756ef97f595c083848ea0,2024-05-15T16:40:19.330000 CVE-2024-4703,0,0,7e57d47de6048bcd912b4c77aa51d488946887d89315e68305481f1a25780324,2024-06-11T18:06:31.967000 CVE-2024-4704,0,0,9637a93e192a5f32142e05687e31ff3688b029254561fc4728d18bbfa1666d6b,2024-07-03T02:07:57.433000 -CVE-2024-47045,0,1,21984abba1d4af68ef6d1b3f571c77ee412a6dff6dd145cc104c25b8a536a8ef,2024-09-26T07:15:02.387000 +CVE-2024-47044,1,1,e8f9feb7e0920d7c62c6f211e75a00e7d837e315d329d75454950b67c282a176,2024-09-26T09:15:02.317000 +CVE-2024-47045,0,0,21984abba1d4af68ef6d1b3f571c77ee412a6dff6dd145cc104c25b8a536a8ef,2024-09-26T07:15:02.387000 CVE-2024-47047,0,0,0a4a15ee2fb8d94ee7dbf9b3ee25f3c32a7e76c7b103a0dd6583489587dbacd4,2024-09-20T12:30:51.220000 CVE-2024-47048,0,0,265a1bb88f56672fe6fc9d071fab120e6873b45c92f5f41894d8c83d39bca9a8,2024-09-25T01:15:44.810000 CVE-2024-47049,0,0,bc768f951de25f2d3b7ee4ed4c1188c49a1568cca5cfdd9dc385ac790402738a,2024-09-20T12:30:51.220000 @@ -260547,6 +260551,7 @@ CVE-2024-4711,0,0,d363465dc42b9acab3c0c0b87ab6c465a5fbabc481e6b69ff97f983a499169 CVE-2024-4712,0,0,3843a22d246b1dcd1f463ab35db131587d98590206b11784167b4cf4df51610c,2024-09-26T02:15:02.550000 CVE-2024-4713,0,0,a3c96b0a67396332ccb3b3b7da032ec990741228737b0623d292fd0ff6dd150b,2024-06-04T19:20:46.913000 CVE-2024-4714,0,0,d7e9d9d95d84a12a856ae94c0b47f221a8b241db6b1f0d94ea74b84fa1b36764,2024-06-04T19:20:47.027000 +CVE-2024-47145,1,1,0ac0a873482708afc2530f1cdc7af0876d5410bb56654c2c6dac340d4cac1e98,2024-09-26T08:15:06.403000 CVE-2024-4715,0,0,8280b54df57d141f79c5c5ba7edbd4b8610f06a30ecbd5ba39cd6c268b4b3f05,2024-06-04T19:20:47.130000 CVE-2024-47159,0,0,f629ab8645ae2d3b373e84498ebe22f56e42f569db9052d68376aa856c847502,2024-09-24T18:09:50.877000 CVE-2024-4716,0,0,17dd73abada87214ed7c4da9787dcdd43aa5089416e4d3395c3029d4b8a776fa,2024-06-04T19:20:47.230000 @@ -260555,6 +260560,7 @@ CVE-2024-47162,0,0,322233fc16cb60b7afacb06e9a8b8faccd2cf3bd8a5ab8537cf655de3bfbf CVE-2024-4717,0,0,7921e256cd1b57dcd690590999b44ca8d29db58a18405deda5f12fdfca691aaa,2024-05-17T02:40:34.317000 CVE-2024-4718,0,0,2fda56f630ea417950b3260007ed553b407a44c514b05be289e283a21ee915c1,2024-06-06T20:15:14.717000 CVE-2024-4719,0,0,5f15010ce3da97593d62bd8e5cbd7e4df0db8fec077945fcbb72e898184ff8a0,2024-06-20T20:15:19.763000 +CVE-2024-47197,1,1,a1e8b22dad06e6bf89b4b20f184d638873088e8eea5aebddd470aac9ebdbb2ce,2024-09-26T08:15:06.587000 CVE-2024-4720,0,0,eb5b6c06efbc2e8e5b700d46905e09781ba603e4dc4e18ff8664640e85fa6762,2024-06-04T19:20:47.440000 CVE-2024-4721,0,0,58190a4c7e114543454f0451ab9386f5b2fe1b56ab67d3c8b011dbecb251f4fd,2024-05-17T02:40:34.750000 CVE-2024-47210,0,0,0912a487d5daeed626dcd74f4415cecd1eb468c441d638b636aa1a85523b3432,2024-09-23T16:35:13.890000 @@ -260581,6 +260587,7 @@ CVE-2024-47315,0,0,806f359f72a06920b81ba1ee4bcc9b7d2863d9202ff1492c78f9ed1c318bb CVE-2024-4732,0,0,2f9d1622a74bcf5d144d47d69a297d840c0353e903036f272ef15e7560aa5dbf,2024-06-04T19:20:48.237000 CVE-2024-4733,0,0,bab73609d3aaa55dacedcdd69b9c9d83fbc709adf98853b3adb423b13daf2498,2024-05-17T18:36:31.297000 CVE-2024-47330,0,0,aee96dfe3b2a24a7a0add2b33c82f3503b8340fef13c82cd4946e8411902491c,2024-09-26T03:15:02.670000 +CVE-2024-47337,1,1,9bbd9ed3850c11171c1b75c0f7d46621ce4b3124a0f3118cd3e94716467288f8,2024-09-26T09:15:02.660000 CVE-2024-4734,0,0,0eefea1299cd16be8adb4bc3a22d24ee524acae6c15e2191dca2420e7021d6ef,2024-05-15T16:40:19.330000 CVE-2024-4735,0,0,74f4fbd101bb46efdc880f338cfb70c8fd3a6ef365bd7732d2107c79fb3d78b8,2024-06-04T19:20:48.397000 CVE-2024-4736,0,0,d66d2cb2e0afad57d9d4fb0dd29db1ae480425b093ff5e46c35972ad67bf1599,2024-06-04T19:20:48.497000 @@ -262122,7 +262129,7 @@ CVE-2024-6510,0,0,271701171f98244795ebd972ebc5048aac2cefcf02c3610beea189409c6fb6 CVE-2024-6511,0,0,053f3089b06a0cd915df79eb3301836b5db5c9fe4d3ed571ee6923d36f4d1832,2024-07-05T12:55:51.367000 CVE-2024-6512,0,0,a7f19bb418f3681251a83d8c7152609787c1d8d7aa73dc4d789c2213bedbc546,2024-09-25T14:15:05.560000 CVE-2024-6513,0,0,bb977a38eaef5aa918756b3907c97d9805111d3bc118dcf2b0096d1bbd202aea,2024-07-04T16:15:03.103000 -CVE-2024-6517,1,1,753136c1b2a2dc9ff8eb2903c0f319320ed06ae881399df239980dec9db0aa93,2024-09-26T06:15:04.767000 +CVE-2024-6517,0,0,753136c1b2a2dc9ff8eb2903c0f319320ed06ae881399df239980dec9db0aa93,2024-09-26T06:15:04.767000 CVE-2024-6518,0,0,7382529f36b9b37e0acec24889e25676a677588945f854438be53c4cb8bd58b0,2024-08-27T13:15:20.033000 CVE-2024-6520,0,0,788783a471766cea8e4d7400c47ef97ab3609f9b749a996b82510813b15dd35e,2024-08-27T13:15:39.697000 CVE-2024-6521,0,0,3aa5a2c2ac838fced00e2bfb97108d19e91480ed8940bd254983de5af0ee5d87,2024-08-27T13:14:02.300000 @@ -262341,9 +262348,9 @@ CVE-2024-6780,0,0,ad87716761d57bba157b9bc6302fd56c93db87ccc83552a263372092cb4e84 CVE-2024-6781,0,0,678fc4d6db3dccbbb40576923dc15e296dd0a3cca23bbb526dd93d0dbc8a0cec,2024-08-19T17:15:34.797000 CVE-2024-6782,0,0,623508ea52e56d6a6e227168366ca2cd7770a1a0850e95e080f5f12fc915b728,2024-08-06T16:30:24.547000 CVE-2024-6783,0,0,6f1f4a0fa578d50da4a4853fdfd24c63ba19a8604300ab142edf0f6cb8d9a812,2024-08-30T15:15:18.623000 -CVE-2024-6785,0,1,18e3ec6aae6f4c078b466314713216b72686af09453a25fad7eb3b896bcceb1a,2024-09-26T07:15:02.953000 -CVE-2024-6786,0,1,89ca1851049c9697c4c1f501875e36672f04ba6174c3be9444f7a708606ec302,2024-09-26T07:15:03.100000 -CVE-2024-6787,0,1,f130551e855f1fbfaf9f24da758d1e6441417dc69874674ee23ab882499e8c78,2024-09-26T07:15:03.193000 +CVE-2024-6785,0,0,18e3ec6aae6f4c078b466314713216b72686af09453a25fad7eb3b896bcceb1a,2024-09-26T07:15:02.953000 +CVE-2024-6786,0,0,89ca1851049c9697c4c1f501875e36672f04ba6174c3be9444f7a708606ec302,2024-09-26T07:15:03.100000 +CVE-2024-6787,0,0,f130551e855f1fbfaf9f24da758d1e6441417dc69874674ee23ab882499e8c78,2024-09-26T07:15:03.193000 CVE-2024-6788,0,0,369ef896034f113597a96208fca075acd0c3bdd5e82bf3987939f5fd20470069,2024-08-13T17:11:53.553000 CVE-2024-6789,0,0,e33e978edc987b98e576665a6bdb79eb993fb5854279dc068f6ea120541693df,2024-09-16T07:15:03.877000 CVE-2024-6791,0,0,6ce79f46aa2ab35d9212f59a5703ed0b8f9ce029cc93e4591d5b48478ec576f2,2024-09-17T14:44:39.387000 @@ -263700,6 +263707,7 @@ CVE-2024-8803,0,0,809586222f389dc5f26d6896a0cd66484a84cd4f430a4ec0aa479ed335f55b CVE-2024-8850,0,0,60f99c260767f82bf00cc7954ec3e058985003b965020b8d3dac7a45b3ea5f64,2024-09-25T18:49:53.397000 CVE-2024-8853,0,0,b5a3b0675f8f2657c7381537f08c47ae3a3694c18acf1b18976370e35c278f0e,2024-09-25T17:49:25.653000 CVE-2024-8858,0,0,0d529df68aab7882afa1c5531609cd4c3cd7930c85ebac7f6f37123e0eea3aa1,2024-09-25T11:15:12.730000 +CVE-2024-8861,1,1,97e6d2dfb9df990e7c2c22f7679d411e98dce2db2b6151f1ce14b006790bb73f,2024-09-26T08:15:06.697000 CVE-2024-8862,0,0,d2fbbde6c386af624a5ae935a7a4eac6c09ff6dabefe8b3cf0bd8d2bf80b0d66,2024-09-20T15:47:10.697000 CVE-2024-8863,0,0,1a5131e94b007579c37dce9de5dfd5f9d496b886a484aa9376e9e793818d4aa7,2024-09-20T15:43:43.927000 CVE-2024-8864,0,0,3bc8b301985cc40353022de4e4744e73398cd0188f617195b9d24ac6f8e8e30d,2024-09-17T10:38:13.410000 @@ -263708,6 +263716,7 @@ CVE-2024-8866,0,0,8e10905107e65798915532a0fd7237746a2479c311a608a0e275edbccb2c74 CVE-2024-8867,0,0,379e34cf940a9b1358241a2155237c1f9d3d38d48143e1ed89b8af75caf7d4cf,2024-09-17T10:55:05.913000 CVE-2024-8868,0,0,90fb6fa23c2a5505d69614ac49fd1c537f25b76ba9e82d49d07e437e4df1c667,2024-09-17T10:59:28.233000 CVE-2024-8869,0,0,eaa7c70f03f38bcd808caaf5c9917ef912247cecdfb7f5fef4110fc2bf4de330,2024-09-20T16:59:22.560000 +CVE-2024-8872,1,1,181c54533d587d924b82b362e94170665d48e247a98a28e438d9fbe40e61ab26,2024-09-26T09:15:03.310000 CVE-2024-8875,0,0,285b537766851a72a752adea85efa81abdeba3e4c5af2afdcf8485ecb658237e,2024-09-20T22:44:16.077000 CVE-2024-8876,0,0,adf401fb4b8b2c24f06ac7d28fd2360497bd835317abc655be39e3ccb04a97b8,2024-09-20T16:58:24.333000 CVE-2024-8877,0,0,ca152484093e8941c510114c5a75373aafb04159b9ed70f8060e78345e32ca9a,2024-09-25T01:15:47.267000 @@ -263761,6 +263770,7 @@ CVE-2024-9009,0,0,8ca9aa7668c5d5c77c4f8dc75f965a1fc61562deadeb769eddb6e3d475ae86 CVE-2024-9011,0,0,31757df34dd4fee90035c8c1e734eec12ab6ab10926115bc714ff7e9ad5eeaab,2024-09-25T17:48:14.820000 CVE-2024-9014,0,0,689b3f70b90906bf8ba0602332ae74caaaa0c51086cb80a3227272766ee5db1f,2024-09-23T20:35:16.443000 CVE-2024-9024,0,0,ce1bb5c58ae8358f32b8d7a74d1640e1cb3618b27a26351c51ff86354e3cfa3d,2024-09-25T03:15:06.237000 +CVE-2024-9025,1,1,db6db194cb6d20889c7047e935a4c531fc0fe82d9072f416c5b27d0988233c57,2024-09-26T09:15:03.970000 CVE-2024-9027,0,0,fcb1425076b717576a38c922e16397fccba079ed4817a8340fd7f86be38aeb10,2024-09-25T03:15:06.440000 CVE-2024-9028,0,0,4474f0826e6fda308b8dc8e7d1eb64f116bb3b00c60f0de54c4d42c1285efa77,2024-09-25T03:15:06.643000 CVE-2024-9030,0,0,c11a97e3409538e48c43922920e3ccde8c323ec97995f0c28aa92b45cd65fb6b,2024-09-25T18:01:19.270000