admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-10-01T10:00:16.923213+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-10-01 10:03:16 +00:00
parent 50e6120c59
commit 8c51e546ca
38 changed files with 2363 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-74xx/CVE-2024-7432.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7432",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:02.453",
"lastModified": "2024-10-01T08:15:02.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/themes/unseen-blog/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a14b86f-a5c8-4ec2-9940-68a37a6c4a86?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-74xx/CVE-2024-7433.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7433",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:02.727",
"lastModified": "2024-10-01T08:15:02.727",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.2 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/themes/empowerment/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3d96d38a-7f0e-4e47-ba49-727705eaaac6?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-74xx/CVE-2024-7434.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7434",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:02.943",
"lastModified": "2024-10-01T08:15:02.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.1 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/themes/ultrapress/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9cf97a6-38bb-4499-98f0-ca2b7111f654?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-78xx/CVE-2024-7869.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-7869",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:03.167",
"lastModified": "2024-10-01T08:15:03.167",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/123-chat-videochat/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1d4469e4-5d99-4a56-bde8-9a0aaca7794f?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-82xx/CVE-2024-8288.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-8288",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:02.850",
"lastModified": "2024-10-01T09:15:02.850",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Guten Post Layout \u2013 An Advanced Post Grid Collection for WordPress Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018align\u2019 attribute within the 'wp:guten-post-layout/post-grid' Gutenberg block in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/guten-post-layout/trunk/src/blocks/post-grid/post-grid.php#L27",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/guten-post-layout/trunk/src/blocks/post-grid/post-grid.php#L300",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/guten-post-layout/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5d6d9852-424a-4d98-9926-e849bef99c2d?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-83xx/CVE-2024-8324.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-8324",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:03.293",
"lastModified": "2024-10-01T09:15:03.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018get_slider\u2019 function in all versions up to, and including, 3.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/xo-liteslider/tags/3.8.6/inc/class-xo-slider.php#L247",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/xo-liteslider/tags/3.8.6/inc/class-xo-slider.php#L315",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be51c54d-b0f7-42b2-b9b3-1b5832e10a6b?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-84xx/CVE-2024-8430.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8430",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:03.790",
"lastModified": "2024-10-01T09:15:03.790",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Spice Starter Sites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the spice_starter_sites_importer_creater function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to import demo content."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/spice-starter-sites/tags/1.2.5/spice-starter-sites.php#L1123",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ec52337f-bdd1-4632-853b-da86d64751e7?source=cve",
"source": "security@wordfence.com"
}
]
}

104
CVE-2024/CVE-2024-85xx/CVE-2024-8548.json Normal file
View File

@ -0,0 +1,104 @@
{
"id": "CVE-2024-8548",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:03.400",
"lastModified": "2024-10-01T08:15:03.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KB Support \u2013 WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on several functions in all versions up to, and including, 1.6.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform multiple administrative actions, such as replying to arbitrary tickets, updating the status of any post, deleting any post, adding notes to tickets, flagging or unflagging tickets, and adding or removing ticket participants."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L138",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L172",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L211",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L240",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L458",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L531",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L580",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L605",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L630",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L649",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L801",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L869",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5fb90b3b-08bd-4887-a6bf-054b42d3e403?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-86xx/CVE-2024-8632.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-8632",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:03.610",
"lastModified": "2024-10-01T08:15:03.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KB Support \u2013 WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'kbs_ajax_load_front_end_replies' and 'kbs_ajax_mark_reply_as_read' functions in all versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to read replies of any ticket, and mark any reply as read."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L342",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/kb-support/trunk/includes/ajax-functions.php#L439",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/767b1234-5b4a-4baa-9048-7b2e413cdba5?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-86xx/CVE-2024-8675.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8675",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:03.820",
"lastModified": "2024-10-01T08:15:03.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the soumettre_disconnect_gateway function in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disconnect the gateway and delete the API key."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/soumettre-fr/trunk/admin/class-soumettre-admin.php#L276",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad05b088-977e-4f24-b843-dc65f1aa60e9?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-87xx/CVE-2024-8718.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-8718",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:04.030",
"lastModified": "2024-10-01T08:15:04.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gravity-forms-toolbar/tags/1.7.0/admin/form.php#L25",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/gravity-forms-toolbar/tags/1.7.0/admin/form.php#L44",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d1c6daf-1799-4f8a-81e3-ef3968f41b8e?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8720.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8720",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:04.237",
"lastModified": "2024-10-01T08:15:04.237",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RumbleTalk Live Group Chat \u2013 HTML5 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rumbletalk-admin-button' shortcode in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/rumbletalk-chat-a-chat-with-themes/trank/public/class-rumbletalk-public.php#L128",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4e620ae8-03fc-43b5-8e8f-5b0884e8eefb?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8727.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8727",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:04.433",
"lastModified": "2024-10-01T08:15:04.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DK PDF plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.9.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/dk-pdf/trunk/includes/class-dkpdf-settings.php#L420",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d71cdd64-7cd6-4b1a-ae8d-e9bf78e630c7?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8728.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8728",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:04.637",
"lastModified": "2024-10-01T08:15:04.637",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/easy-load-more/trunk/includes/class-easy-load-more-settings.php#L268",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d890e7a5-ea9f-40e5-9549-a6f26421b043?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8786.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8786",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:04.300",
"lastModified": "2024-10-01T09:15:04.300",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Auto Featured Image from Title plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/auto-featured-image-from-title/trunk/auto-featured-image-from-title.php#L822",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a2bf6102-458f-4930-8880-baa96afb1c15?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8793.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8793",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:04.770",
"lastModified": "2024-10-01T09:15:04.770",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Store Exporter for WooCommerce \u2013 Export Products, Export Orders, Export Subscriptions, and More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.2.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-exporter/tags/2.7.2.1/includes/settings.php#L195",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d3c44eb-ef25-43f5-a872-6ef52c3d9c1f?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-87xx/CVE-2024-8799.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-8799",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:05.220",
"lastModified": "2024-10-01T09:15:05.220",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Custom Banners plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/custom-banners/trunk/include/tgmpa/init.php#L96",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/49618d9f-e6d8-40d5-b19f-7ce987939172?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2024/CVE-2024-89xx/CVE-2024-8989.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-8989",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:04.840",
"lastModified": "2024-10-01T08:15:04.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews \u2013 Stars Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stars_testimonials shortcode in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/stars-testimonials-with-slider-and-masonry-grid/trunk/plugin.class.php#L1281",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3159818/",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3159818/#file8",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/stars-testimonials-with-slider-and-masonry-grid/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b406f0b8-16b5-49ca-88d8-7717bef1ae61?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2024/CVE-2024-89xx/CVE-2024-8990.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-8990",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:05.060",
"lastModified": "2024-10-01T08:15:05.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Geo Mashup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's geo_mashup_visible_posts_list shortcode in all versions up to, and including, 1.13.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/geo-mashup/trunk/geo-mashup.php#L1755",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3159868/",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3159868/#file0",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/geo-mashup/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88e74cb2-7b6f-43ac-bb30-4763c5afe493?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-90xx/CVE-2024-9018.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9018",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:05.610",
"lastModified": "2024-10-01T09:15:05.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Easy Gallery \u2013 WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018key\u2019 parameter in all versions up to, and including, 4.8.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-easy-gallery/trunk/wp-easy-gallery.php#L866",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/wp-easy-gallery/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a1c4c632-66f2-4987-b7da-048dbe4a3044?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-91xx/CVE-2024-9106.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9106",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:05.267",
"lastModified": "2024-10-01T08:15:05.267",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. This is only exploitable if the app secret is not set, so it has a default empty value."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wechat-social-login/trunk/add-ons/social-qq/class-xh-social-channel-qq.php?rev=2080785#L284",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1bd44471-1a9c-4465-a52a-be64d51e7ea1?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-91xx/CVE-2024-9108.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9108",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:05.480",
"lastModified": "2024-10-01T08:15:05.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'convert_remoteimage_to_local' function in versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wechat-social-login/trunk/includes/social/class-xh-social-wp-api.php?rev=2111074#L39",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/06881386-3c92-426b-948d-58e8a8bee624?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-91xx/CVE-2024-9119.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9119",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:05.690",
"lastModified": "2024-10-01T08:15:05.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SVG Complete plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/svg-complete/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f8e1495-c5e1-4bb9-92e9-b27b9b997a5f?source=cve",
"source": "security@wordfence.com"
}
]
}

86
CVE-2024/CVE-2024-91xx/CVE-2024-9145.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2024-9145",
"sourceIdentifier": "9947ef80-c5d5-474a-bbab-97341a59000e",
"published": "2024-10-01T08:15:05.913",
"lastModified": "2024-10-01T08:15:05.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked as a \"trusted folder\" within Visual Studio Code, and initiates a manual scan of the file."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "9947ef80-c5d5-474a-bbab-97341a59000e",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 7.1,
"baseSeverity": "HIGH"
}
}
]
},
"weaknesses": [
{
"source": "9947ef80-c5d5-474a-bbab-97341a59000e",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://marketplace.visualstudio.com/items/WizCloud.wiz-vscode/changelog",
"source": "9947ef80-c5d5-474a-bbab-97341a59000e"
},
{
"url": "https://marketplace.visualstudio.com/items/WizCloud.wizcli-vscode/changelog",
"source": "9947ef80-c5d5-474a-bbab-97341a59000e"
},
{
"url": "https://www.wiz.io/security-advisories",
"source": "9947ef80-c5d5-474a-bbab-97341a59000e"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9209.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9209",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:06.110",
"lastModified": "2024-10-01T09:15:06.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.10. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/search-analytics/tags/1.4.9/admin/includes/class.stats-table.php#L153",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/275268d6-5b08-441d-9924-3c99682b27d4?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9220.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9220",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:06.613",
"lastModified": "2024-10-01T09:15:06.613",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.08. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/lh-copy-media-file/trunk/lh-copy-media-file.php#L31",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9911e99e-0b3b-4be1-b8cd-28593b6d12ad?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-92xx/CVE-2024-9224.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9224",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:07.190",
"lastModified": "2024-10-01T09:15:07.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the hello_world_lyric() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/hello-world/tags/2.1.1/hello-world.php#L113",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/hello-world/tags/2.1.1/hello-world.php#L35",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2f58df1f-66f7-4e3d-af6d-08174653a2ad?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9228.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9228",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:07.750",
"lastModified": "2024-10-01T09:15:07.750",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Loggedin \u2013 Limit Active Logins plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This is only exploitable when the leave a review notice is present."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/loggedin/tags/1.3.1/includes/class-loggedin-admin.php#L255",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/59707c64-a34c-45bc-bbbe-d447fe2ca6ab?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9241.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9241",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:08.287",
"lastModified": "2024-10-01T09:15:08.287",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/pdf-image-generator/tags/1.5.6/pdf-image-generator.php#L329",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1454af30-319a-44b7-a83e-2d774cfbc8d1?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9265.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9265",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:08.810",
"lastModified": "2024-10-01T09:15:08.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles that can set during registration through the echo_check_post_header_sent() function. This makes it possible for unauthenticated attackers to register as an administrator."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/echo-rss-feed-post-generator-plugin-for-wordpress/19486974",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c099f401-4b05-4532-8e31-af1b1dea7eca?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-92xx/CVE-2024-9267.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-9267",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:06.103",
"lastModified": "2024-10-01T08:15:06.103",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Easy WordPress Subscribe \u2013 Optin Hound plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/opt-in-hound/trunk/includes/subscribers/views/view-submenu-page-subscribers.php#L17",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/opt-in-hound/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b91ec428-8444-4304-8901-4bc3ef146e3e?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9269.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9269",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:06.313",
"lastModified": "2024-10-01T08:15:06.313",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Relogo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/relogo/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12515236-753e-49e8-b8c8-b0c8831c6005?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9272.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9272",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:06.510",
"lastModified": "2024-10-01T08:15:06.510",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The R Animated Icon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/r-animated-icon/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/56fd8166-da22-4a0b-a23f-41817acba6df?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9274.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9274",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:06.723",
"lastModified": "2024-10-01T08:15:06.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Elastik Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.27.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/elastik-page-builder/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/315687d4-9125-440b-9d53-81d71e56d4ef?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-92xx/CVE-2024-9289.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9289",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T09:15:09.320",
"lastModified": "2024-10-01T09:15:09.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 8.4.1. This is due to the rtwwwap_login_request_callback() function not properly validating a user's identity prior to authenticating them to the site. This makes it possible for unauthenticated attackers to log in as any user, including administrators, granted they have access to the administrator's email."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/wordpress-woocommerce-affiliate-program/23580333",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed19835f-2718-41d8-95af-47c8b9589529?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-93xx/CVE-2024-9304.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-9304",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-01T08:15:06.943",
"lastModified": "2024-10-01T08:15:06.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LocateAndFilter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/locateandfilter/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a10ee67a-7f5f-43dd-8f5c-c0e92706c453?source=cve",
"source": "security@wordfence.com"
}
]
}

46
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-10-01T08:00:18.031558+00:00
2024-10-01T10:00:16.923213+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-10-01T07:15:06.263000+00:00
2024-10-01T09:15:09.320000+00:00
```
### Last Data Feed Release
@ -33,30 +33,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
264188
264224
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `36`
- [CVE-2024-8107](CVE-2024/CVE-2024-81xx/CVE-2024-8107.json) (`2024-10-01T07:15:06.263`)
- [CVE-2024-8421](CVE-2024/CVE-2024-84xx/CVE-2024-8421.json) (`2024-10-01T06:15:02.357`)
- [CVE-2024-8720](CVE-2024/CVE-2024-87xx/CVE-2024-8720.json) (`2024-10-01T08:15:04.237`)
- [CVE-2024-8727](CVE-2024/CVE-2024-87xx/CVE-2024-8727.json) (`2024-10-01T08:15:04.433`)
- [CVE-2024-8728](CVE-2024/CVE-2024-87xx/CVE-2024-8728.json) (`2024-10-01T08:15:04.637`)
- [CVE-2024-8786](CVE-2024/CVE-2024-87xx/CVE-2024-8786.json) (`2024-10-01T09:15:04.300`)
- [CVE-2024-8793](CVE-2024/CVE-2024-87xx/CVE-2024-8793.json) (`2024-10-01T09:15:04.770`)
- [CVE-2024-8799](CVE-2024/CVE-2024-87xx/CVE-2024-8799.json) (`2024-10-01T09:15:05.220`)
- [CVE-2024-8989](CVE-2024/CVE-2024-89xx/CVE-2024-8989.json) (`2024-10-01T08:15:04.840`)
- [CVE-2024-8990](CVE-2024/CVE-2024-89xx/CVE-2024-8990.json) (`2024-10-01T08:15:05.060`)
- [CVE-2024-9018](CVE-2024/CVE-2024-90xx/CVE-2024-9018.json) (`2024-10-01T09:15:05.610`)
- [CVE-2024-9106](CVE-2024/CVE-2024-91xx/CVE-2024-9106.json) (`2024-10-01T08:15:05.267`)
- [CVE-2024-9108](CVE-2024/CVE-2024-91xx/CVE-2024-9108.json) (`2024-10-01T08:15:05.480`)
- [CVE-2024-9119](CVE-2024/CVE-2024-91xx/CVE-2024-9119.json) (`2024-10-01T08:15:05.690`)
- [CVE-2024-9145](CVE-2024/CVE-2024-91xx/CVE-2024-9145.json) (`2024-10-01T08:15:05.913`)
- [CVE-2024-9209](CVE-2024/CVE-2024-92xx/CVE-2024-9209.json) (`2024-10-01T09:15:06.110`)
- [CVE-2024-9220](CVE-2024/CVE-2024-92xx/CVE-2024-9220.json) (`2024-10-01T09:15:06.613`)
- [CVE-2024-9224](CVE-2024/CVE-2024-92xx/CVE-2024-9224.json) (`2024-10-01T09:15:07.190`)
- [CVE-2024-9228](CVE-2024/CVE-2024-92xx/CVE-2024-9228.json) (`2024-10-01T09:15:07.750`)
- [CVE-2024-9241](CVE-2024/CVE-2024-92xx/CVE-2024-9241.json) (`2024-10-01T09:15:08.287`)
- [CVE-2024-9265](CVE-2024/CVE-2024-92xx/CVE-2024-9265.json) (`2024-10-01T09:15:08.810`)
- [CVE-2024-9267](CVE-2024/CVE-2024-92xx/CVE-2024-9267.json) (`2024-10-01T08:15:06.103`)
- [CVE-2024-9269](CVE-2024/CVE-2024-92xx/CVE-2024-9269.json) (`2024-10-01T08:15:06.313`)
- [CVE-2024-9272](CVE-2024/CVE-2024-92xx/CVE-2024-9272.json) (`2024-10-01T08:15:06.510`)
- [CVE-2024-9274](CVE-2024/CVE-2024-92xx/CVE-2024-9274.json) (`2024-10-01T08:15:06.723`)
- [CVE-2024-9289](CVE-2024/CVE-2024-92xx/CVE-2024-9289.json) (`2024-10-01T09:15:09.320`)
- [CVE-2024-9304](CVE-2024/CVE-2024-93xx/CVE-2024-9304.json) (`2024-10-01T08:15:06.943`)
### CVEs modified in the last Commit
Recently modified CVEs: `9`
Recently modified CVEs: `0`
- [CVE-2023-46144](CVE-2023/CVE-2023-461xx/CVE-2023-46144.json) (`2024-10-01T07:15:02.540`)
- [CVE-2024-41176](CVE-2024/CVE-2024-411xx/CVE-2024-41176.json) (`2024-10-01T07:15:03.147`)
- [CVE-2024-43389](CVE-2024/CVE-2024-433xx/CVE-2024-43389.json) (`2024-10-01T07:15:03.560`)
- [CVE-2024-43390](CVE-2024/CVE-2024-433xx/CVE-2024-43390.json) (`2024-10-01T07:15:04.083`)
- [CVE-2024-43391](CVE-2024/CVE-2024-433xx/CVE-2024-43391.json) (`2024-10-01T07:15:04.530`)
- [CVE-2024-43392](CVE-2024/CVE-2024-433xx/CVE-2024-43392.json) (`2024-10-01T07:15:04.953`)
- [CVE-2024-43393](CVE-2024/CVE-2024-433xx/CVE-2024-43393.json) (`2024-10-01T07:15:05.443`)
- [CVE-2024-6876](CVE-2024/CVE-2024-68xx/CVE-2024-6876.json) (`2024-10-01T07:15:05.890`)
- [CVE-2024-8445](CVE-2024/CVE-2024-84xx/CVE-2024-8445.json) (`2024-10-01T06:15:02.650`)
## Download and Usage

58
_state.csv
View File

@ -234551,7 +234551,7 @@ CVE-2023-4614,0,0,48582db52caa833023c22becbfe97b66601953ec6bd1ee30a7b5e9ca1820d1
CVE-2023-46141,0,0,c5f273a16ddecbce5dba1c7f57708a733529e7eb71e0ea3caf81e42882abba20,2023-12-21T17:14:56.770000
CVE-2023-46142,0,0,3fb6a0861e35fc09ecd0298ad20e5d7a8d5b6455fb61a2037ae1846cac22d64c,2023-12-21T17:15:15.170000
CVE-2023-46143,0,0,e3bc6bf1bb4c8c0f9d3ac70e1c134375256c14ec8394d0b3c4d1d049a67021ad,2023-12-21T17:15:46.577000
CVE-2023-46144,0,1,28e54b912c0831ce77f02362c8d0cb49ff749450334118efa496438fceb2310a,2024-10-01T07:15:02.540000
CVE-2023-46144,0,0,28e54b912c0831ce77f02362c8d0cb49ff749450334118efa496438fceb2310a,2024-10-01T07:15:02.540000
CVE-2023-46145,0,0,349c8808057410d251a89302413901d028ae7fdfdc2fab73cab5d33fd808c463,2024-05-17T18:36:05.263000
CVE-2023-46146,0,0,674968e0b09709c1de659f46455142d49d86eaca8817754c044e40c734f63cb6,2024-09-16T13:40:24.777000
CVE-2023-46147,0,0,b82be5e5d045675023a8fc4f0aac846ce0e3426dc9461912b9f889c9950e280c,2024-09-16T14:11:43.620000
@ -257828,7 +257828,7 @@ CVE-2024-41172,0,0,7f370211b6a2ed7e58844e8bf12bc0dae731f676537ceaaec3667e5da63dc
CVE-2024-41173,0,0,2a967ba5e095ab1e47f786a956c1f076df7830bb3f39a08c0b36771178149730,2024-09-12T14:52:20.820000
CVE-2024-41174,0,0,46f7512448f854e48ad9da184e7c8ef9b0c8ebf22c2d6d526796b00f1d907a8d,2024-09-12T14:33:54.917000
CVE-2024-41175,0,0,35e860a2d31eb21e3779e1686be69664a02d6ab1bab83d6168914f472f9b9f73,2024-09-12T14:25:10.307000
CVE-2024-41176,0,1,54a27b7d242a59ee004d70d03c3c2f94f53556ca2727d85ff4c509bc25fb8e36,2024-10-01T07:15:03.147000
CVE-2024-41176,0,0,54a27b7d242a59ee004d70d03c3c2f94f53556ca2727d85ff4c509bc25fb8e36,2024-10-01T07:15:03.147000
CVE-2024-41178,0,0,5da27e6bd4cfecb3274c0413ac77a628456bf2e70cb97b3347c2830cb191bae8,2024-08-01T13:58:24.173000
CVE-2024-4118,0,0,261b7c2db2db4c5bd0863007ba022afd6141eeb3c40d43094e801a457a5edb93,2024-06-04T19:20:30.147000
CVE-2024-41184,0,0,460d3d6d07916ac0f7c6ce162599c802c196ea0f25bca5ddf54b8e8b249634fe,2024-08-02T05:15:47.217000
@ -259157,12 +259157,12 @@ CVE-2024-43385,0,0,9f5d38d74a52e4aff95c66a9fe01102de802f5b76b33bec488a6c4b7e7096
CVE-2024-43386,0,0,bc2a848fad787eef345813d2c4720d9d2393c8e1df983aa7b4f1b2025bcec15b,2024-09-27T19:33:22.077000
CVE-2024-43387,0,0,4ccf94a52793dd24dc0376add620cfdf8d8ec8b86efb2e3a9e2719aaace5a025,2024-09-27T19:33:37.497000
CVE-2024-43388,0,0,3a919f125f0d033e58d76594811e5e9eda62fdacecf5b54a65461d36b7a50c81,2024-09-27T19:32:48.683000
CVE-2024-43389,0,1,40bac5f42e49b4f928d773122acf92c0e227abcdb9ce9d6f6ecf3322182450ec,2024-10-01T07:15:03.560000
CVE-2024-43389,0,0,40bac5f42e49b4f928d773122acf92c0e227abcdb9ce9d6f6ecf3322182450ec,2024-10-01T07:15:03.560000
CVE-2024-4339,0,0,240ed7230e0a6e458ae0cd6534f1dc024d6c16f3537e0357643e823e6aa09596,2024-05-14T16:11:39.510000
CVE-2024-43390,0,1,8d9acab4763dee913e02b982e6f2e7c4da6de627398ae2e58565c91696ad6dfd,2024-10-01T07:15:04.083000
CVE-2024-43391,0,1,beb52d75af1ca2e051422364b0d066ee98e8e66a0e2a2826f84a624a57c5d1aa,2024-10-01T07:15:04.530000
CVE-2024-43392,0,1,9eb1651e4862013b9015d62a0d55c31a661dc5148edd61e3e284f4dd02058e4c,2024-10-01T07:15:04.953000
CVE-2024-43393,0,1,0b4e4752b1d1624f63c9f36234acbde90cd0d47d6abeb2bcd5368b0a996ac98c,2024-10-01T07:15:05.443000
CVE-2024-43390,0,0,8d9acab4763dee913e02b982e6f2e7c4da6de627398ae2e58565c91696ad6dfd,2024-10-01T07:15:04.083000
CVE-2024-43391,0,0,beb52d75af1ca2e051422364b0d066ee98e8e66a0e2a2826f84a624a57c5d1aa,2024-10-01T07:15:04.530000
CVE-2024-43392,0,0,9eb1651e4862013b9015d62a0d55c31a661dc5148edd61e3e284f4dd02058e4c,2024-10-01T07:15:04.953000
CVE-2024-43393,0,0,0b4e4752b1d1624f63c9f36234acbde90cd0d47d6abeb2bcd5368b0a996ac98c,2024-10-01T07:15:05.443000
CVE-2024-43395,0,0,e2392bf6475b12db51f31adf2ecd9f40f62cf7ccf326ac732a93b8b209786a49,2024-08-19T13:00:23.117000
CVE-2024-43396,0,0,d3e4db1d56053a512790a84d8c3ae6e21035877ac8c09fe39077f7231484b09e,2024-09-03T18:19:33.167000
CVE-2024-43397,0,0,5caa94926889523c153ff1aaf47669fe6c71771da877710063b3b97c2bc5d0dc,2024-08-26T18:28:42.230000
@ -262648,7 +262648,7 @@ CVE-2024-6870,0,0,b8787438d65804a2db5bbc8c04084c34ae58bc1819956a7afefdca8ed2b919
CVE-2024-6872,0,0,9eb628e3a6d1ea0380e94dd099512f5a2f74ddb0ba75bf9a102e83ab13e260f5,2024-08-05T12:41:45.957000
CVE-2024-6873,0,0,8e5db8bfa0491746f29814d1d8249a1850325cbcdbd09b52dbf90709e95d212c,2024-08-01T16:45:25.400000
CVE-2024-6874,0,0,805a0b27cbdf811d96209b292e2d5909e967f9d3161226db1f6fe45d6b995555,2024-09-10T15:27:04.190000
CVE-2024-6876,0,1,583f30283a5d24592d6b6307c031cb111ef10b29cd5778033f08bcc8e7270d88,2024-10-01T07:15:05.890000
CVE-2024-6876,0,0,583f30283a5d24592d6b6307c031cb111ef10b29cd5778033f08bcc8e7270d88,2024-10-01T07:15:05.890000
CVE-2024-6877,0,0,02c2ad8b7328ed9f86319b9c0a10ec2b70408d6e2f96471b9aea8deebf9f2ed4,2024-09-25T18:57:54.607000
CVE-2024-6878,0,0,f5582059b5d1bf17731a698db689103b20b34785921cd291277cac7bea80d487,2024-09-20T12:30:17.483000
CVE-2024-6879,0,0,6dd99f7574923c6a0220f28a1253b4ac8ff29b09a2650b86b7b021e79b9e4f08,2024-08-28T15:35:24.120000
@ -263080,6 +263080,9 @@ CVE-2024-7423,0,0,683032207cd0b1b10abe49d0a408feb34a406022ce5c9940510e7ae64734c4
CVE-2024-7426,0,0,6a71007700c4116b380e5f6e6a7f1695f7459185616f96253328245521427764,2024-09-30T14:17:51.317000
CVE-2024-7427,0,0,db7ee0ecad2784af038bf44c17fdbe281451988802f60a362e8cf5f513055a51,2024-08-23T18:46:31.730000
CVE-2024-7428,0,0,6dbc394d0d800a640022319856b0e52c143a4490c0eebfb1fe7dd2cce04fb45f,2024-08-23T18:46:31.730000
CVE-2024-7432,1,1,e8c6980a5de949268c22b41f4a294a2122522b07700201e933a89167a22f2bf2,2024-10-01T08:15:02.453000
CVE-2024-7433,1,1,1f36438e32a329d426ce3b1a344fd708160f730e4dd49f098610bf45f4b8ee41,2024-10-01T08:15:02.727000
CVE-2024-7434,1,1,637194103f3b7db513b02082bb024dbbfefe9f606ab31523040243a3a42a17b6,2024-10-01T08:15:02.943000
CVE-2024-7435,0,0,66fc1a447d06c1e8d0a9056fadb7b0070b6d69677ecdcc565c829d3d11041847,2024-09-03T12:59:02.453000
CVE-2024-7436,0,0,77bc4c95d4063144d84cdea1af238ebd00099087f7001defb370c91c51096e64,2024-09-11T14:41:56.753000
CVE-2024-7437,0,0,246b693ce6552391d868b958ff9b746dcace18b15d81fb9e08c275fb53819b64,2024-09-11T14:39:10.557000
@ -263422,6 +263425,7 @@ CVE-2024-7864,0,0,8cb55f9c6813f7ebb3e411de07404fd2812a548c1112fcc9ece6be38f8f1e9
CVE-2024-7866,0,0,4c0cb0c858c0ff2de3d3bc9c6187348080bb51d5934bb16167513e626d441be5,2024-08-20T19:23:02.780000
CVE-2024-7867,0,0,cc4e8e2cbae6cc9c2393332b56b3dc1a7160836d4b3b7919e8d1234e73599a3b,2024-08-28T21:59:33.973000
CVE-2024-7868,0,0,c4ea1bb97a13baa8d231995b3d29c0db15f328b428d9b25a1a7a0b4c8b9c1d1a,2024-09-11T12:40:01.817000
CVE-2024-7869,1,1,45609c63caff2a26adcc7ef2195d5ac5e058ebc9157c26bc66abdd8f75364a4a,2024-10-01T08:15:03.167000
CVE-2024-7870,0,0,4141f264a23149fdea486ca620816f1c3f41138cabf6c23297e955fee3254fb2,2024-09-04T13:05:36.067000
CVE-2024-7871,0,0,d47ede6ca23d1578a9b705a8257da890832c1e69392e6414a190c6fb054ce14f,2024-09-04T17:34:14.630000
CVE-2024-7873,0,0,206d8282726d748a6a41b367b674a966213f9d6e3053dc261b740ef29ffe8ab7,2024-09-20T12:30:51.220000
@ -263573,7 +263577,7 @@ CVE-2024-8103,0,0,77d380cca7da7a9ea520d1266aaf7f8f8fa25bf0cd8d701002339aafa2f0f3
CVE-2024-8104,0,0,e0dd7af2b8170ad0cb122178cc67d0512cc1eb1562d671a3c4e0173a78c8b550,2024-09-05T13:28:06.817000
CVE-2024-8105,0,0,fdab1a8bdde46d997c9a9800b483d676df23e449425d94531660960b3c42e376,2024-09-09T21:35:17.320000
CVE-2024-8106,0,0,918839130e1d38968c976a0bfdbedb93d4d38744e55b3c51d6882ceb90663b73,2024-09-05T13:05:52.540000
CVE-2024-8107,1,1,788b47747c80bea0b0fc54cf26df2214d345b7e328d1fbd193f93f6f4f832fad,2024-10-01T07:15:06.263000
CVE-2024-8107,0,0,788b47747c80bea0b0fc54cf26df2214d345b7e328d1fbd193f93f6f4f832fad,2024-10-01T07:15:06.263000
CVE-2024-8108,0,0,8f1cde3e4e080de95c0957ccbabc0a49f644f40a04612484228affb54375e534,2024-09-19T13:37:32.203000
CVE-2024-8110,0,0,35b29aa278bc186f939dacbb87981e7b3283cd41ccc0818c634be4d5c87818aa,2024-09-20T12:31:20.110000
CVE-2024-8112,0,0,68d19c324dfb08f42fbaae63f6c41217ad9d464e632ed1f450780261e0cb818a,2024-09-12T18:23:22.507000
@ -263696,6 +263700,7 @@ CVE-2024-8281,0,0,6e64aec5696815efe009b246052ca974dfd6e9415a9b5d9826067281cc5ba1
CVE-2024-8283,0,0,63c897f82dabc8d84136a694d903018ce23d93f10e485ba2d6b5e962b5c03172,2024-09-30T12:45:57.823000
CVE-2024-8285,0,0,b03f6a28365b23ccdd28cfaabc1a4440173ac6451ac16c91954a645332d3ac9d,2024-09-25T18:48:21.620000
CVE-2024-8287,0,0,a69e7cb2d3c0316abfeaff67da311f8b23d877ec163f8b4d2f35a96004b37bbb,2024-09-24T15:52:38.047000
CVE-2024-8288,1,1,6cb904cd7e1f4abc1a8bdb293706226bea2d11c5ae05634444833f3b0c873d05,2024-10-01T09:15:02.850000
CVE-2024-8289,0,0,900bfbd861154484ed59254bdbec992d28a9742381ab830cf631e50b7fa985ab,2024-09-05T17:41:58.350000
CVE-2024-8290,0,0,63d92c77191032f40cbea4b8210ec288fe5f42eda168ed122e114c38be3ba3ea,2024-09-26T13:32:02.803000
CVE-2024-8291,0,0,bef998780f6620f6853e2fbe1c217978f29dbad19bd579536275bf3c982f8c1b,2024-09-30T15:59:11.073000
@ -263719,6 +263724,7 @@ CVE-2024-8319,0,0,19bee7e43deb1719502aef7eb4c05b0fb28cffea0ae04999821f01ddbcc0e2
CVE-2024-8320,0,0,67cff6908a40f6de0a5d55f45cee63784fe7b54f56159b5877dcd792142b0c2f,2024-09-12T21:51:58.960000
CVE-2024-8321,0,0,595129502821252825346a9a34e636ff1fd5806e1274bb50a0e529e9f41ab2d6,2024-09-12T21:53:22.677000
CVE-2024-8322,0,0,b55b95a67ef7974aa4139f663f04b216243350777f41a8ecf84d71c9fac2a097,2024-09-12T21:56:43.673000
CVE-2024-8324,1,1,4fd8e5a587aad0782d1e2a2d777adbc10231fd0a1a8d2218f6d298b7dd04f412,2024-10-01T09:15:03.293000
CVE-2024-8325,0,0,6acbe28b7e23bada826026212a2fb1b0115adaa2c5e690e584f377990b0f6742,2024-09-04T13:05:36.067000
CVE-2024-8327,0,0,6596679653e59e232d9a636653bb7ef76ebcd0b7674f3704360634000a96dff3,2024-09-04T17:11:23.533000
CVE-2024-8328,0,0,108819f537a57d4b33892521031f4d00462659f72abf40066992dd6f06ea1545,2024-09-04T17:11:19.827000
@ -263789,9 +263795,10 @@ CVE-2024-8415,0,0,ab2184731c9f97a955dc07eba7cdff71ad9ccc33249e750d3db8dd063bdd30
CVE-2024-8416,0,0,135a04ecfe4373dd7e99d043d76128d31e33f9197f002be9000b3ee4a6fb8417,2024-09-06T16:38:44.053000
CVE-2024-8417,0,0,8580cbd844a53cf335c90d7b0b427ee4c081c6060c525d72a654406a58e7a040,2024-09-19T19:53:12.383000
CVE-2024-8418,0,0,45db7c5e32209561e336e52f972f2bde6e59f6364560666284054dcf874b8fe1,2024-09-17T20:15:06.710000
CVE-2024-8421,1,1,baa012ceabfe4a98c027974c6cb50310b5e1c6dd28d23e9e37c50e0d90a41b43,2024-10-01T06:15:02.357000
CVE-2024-8421,0,0,baa012ceabfe4a98c027974c6cb50310b5e1c6dd28d23e9e37c50e0d90a41b43,2024-10-01T06:15:02.357000
CVE-2024-8427,0,0,57dcbf97b68dfdac544ef9faf52bed3587edeaacde16f067da96879677802837,2024-09-11T17:41:18.733000
CVE-2024-8428,0,0,224fe311bf12d06d4c690b8d9ea3bc4f42261bcb370dc3457883b86fb932f74d,2024-09-26T21:58:45.393000
CVE-2024-8430,1,1,de3b67a4916feceb0eaac5d01380b94825ca04564095cedc02abe04981e18fc5,2024-10-01T09:15:03.790000
CVE-2024-8432,0,0,8868d9b36bd238df6f75f7287d6bafac4ff3b898eed233d7b4ed5ce985d677d0,2024-09-27T12:58:58.433000
CVE-2024-8434,0,0,a7dd938925c560d2c4358a00a748e9c070db95d94d7906c441d33bc026b679c8,2024-09-26T13:32:02.803000
CVE-2024-8436,0,0,0d153a053863f3621c53c1e26deb2ddde74385c0ccdd737c792b34eb9af883c1,2024-09-26T13:32:02.803000
@ -263800,7 +263807,7 @@ CVE-2024-8439,0,0,b4eacb6a11dc14d7212cfdbe9629a765b4f24ad00bc9c4fc2289184c4fdae5
CVE-2024-8440,0,0,8dcfa58740a8b45172e18897b2d796d55a68f35b9034374864c3da0c6b77c079,2024-09-25T19:34:19.683000
CVE-2024-8441,0,0,0efac0f95475c5b753f85a6e07784bad0c26116c06bdd47c81e7d9e5f2143687,2024-09-12T21:53:43.387000
CVE-2024-8443,0,0,3c60ad7b83386f919c8526ae161201f0c09636191f73ee0cc137a0cb5f793af8,2024-09-26T14:34:03.157000
CVE-2024-8445,0,1,a7f7ba812fc058686a7ce9617c544a5ef0aa1db28a47ee616a0e4041709a6c78,2024-10-01T06:15:02.650000
CVE-2024-8445,0,0,a7f7ba812fc058686a7ce9617c544a5ef0aa1db28a47ee616a0e4041709a6c78,2024-10-01T06:15:02.650000
CVE-2024-8448,0,0,a5ecbda13e54e62f08aad0fb96b46ee6676b77e076cfa11ddb79678d5c149797,2024-09-30T12:45:57.823000
CVE-2024-8449,0,0,abd472db671ae2c583e74e98c342c94b8a5a9f987684dd21bb2b434bdad834ec,2024-09-30T12:45:57.823000
CVE-2024-8450,0,0,2f10ea74f337b4e5e3d54aecde245c4e719ad338c5a035141a0dccc4aed1fbcf,2024-09-30T12:45:57.823000
@ -263855,6 +263862,7 @@ CVE-2024-8543,0,0,1827ebc325d7546f1e75a8e16ffad13bc42c9eac828d9fdcb95bbdde0c532b
CVE-2024-8544,0,0,029a23631e96ee15c1045dd3fa22aca85d39405998de7d891aefcd30e632fd70,2024-09-27T12:57:21.617000
CVE-2024-8546,0,0,21c437f0d9de25e8960a2d9fbc9927a015111c992509c4b53747f59b9615f4f7,2024-09-26T13:32:02.803000
CVE-2024-8547,0,0,29fe82b8c0ab38b765e0be3ae3ce18e6ec7de58c1b556459781d617a88c52c89,2024-09-30T12:45:57.823000
CVE-2024-8548,1,1,cca495c452a8db9d34b67e92dde5b83e8275bbf017fdb41e2dc638aa49309d62,2024-10-01T08:15:03.400000
CVE-2024-8549,0,0,26824bba4a7be5d3e1980cceb3f14676382c512f326742b207079a7edab4cb14,2024-09-26T13:32:02.803000
CVE-2024-8552,0,0,6594d79506dd28071c715cfa6c7597507b339576bdff1f377ea688092ea69413,2024-09-26T13:32:02.803000
CVE-2024-8554,0,0,46c32adbe15332664cfc930fe8c32bff96db8190902ab789492b593fa03348f1,2024-09-10T13:52:23.250000
@ -263905,6 +263913,7 @@ CVE-2024-8624,0,0,1732629a73b0f7a73256425937c92b86f35ca441eabdeb398d592189eec066
CVE-2024-8628,0,0,eae51dc9330e4c3449bbbf5b2aafba06ad0db1b999ee8c88380618befb3102be,2024-09-26T16:42:16.700000
CVE-2024-8630,0,0,171e223312e05c108be17689ae4f899562cfc4dd591123d96527e97a9f5e9c7e,2024-09-30T12:45:57.823000
CVE-2024-8631,0,0,ec0f3e499204fe8b3096f23de4c15b4f57ab537964111dc6b7313fbad5d35ea5,2024-09-14T15:22:31.717000
CVE-2024-8632,1,1,f172cc8ff5cb9fd95e95849b1f701d969353d04f602f42c70851f5333736bf3d,2024-10-01T08:15:03.610000
CVE-2024-8633,0,0,b5b3cb7bf92993a95877e5bb9de5f9fe762b28b46c227d23bc70c2891d4703fa,2024-09-26T13:32:02.803000
CVE-2024-8635,0,0,7a33169aa1c56166fecdf7f4d906662353a5e22f1362c34800f026c91df08470,2024-09-14T15:24:45.657000
CVE-2024-8636,0,0,0c59a94a620a4c5a9ca1b46d0e9c59ab3787ae337f0eaa0364c7e33937f31aa2,2024-09-13T14:35:08.313000
@ -263935,6 +263944,7 @@ CVE-2024-8665,0,0,f6c99a5ec710565eecc74e7ed4fc9df52dc9e331e2cca577b8f47d511b3aa8
CVE-2024-8668,0,0,c353986416e0a4c46c78ecf60b727782bfce62870f6e122356299be7e7438e9c,2024-09-26T13:32:02.803000
CVE-2024-8669,0,0,a540528fa4f0bbb5defe17259c589787942e6df5d18ff3bf79d91bf53c9aac43,2024-09-27T16:08:15.487000
CVE-2024-8671,0,0,44eb9fc4ae83bda74c805da6c8f69132f0b0ddef607b7afc290779058022b5c0,2024-09-26T16:38:24.447000
CVE-2024-8675,1,1,4e67a00d00eda6d3913dc1b843cec7abe2f647dde9eaf0f5b9e89fc8ca663b54,2024-10-01T08:15:03.820000
CVE-2024-8678,0,0,889d21ef247546a6f2ba4419351284ba9f2f3727a17d89355bbfe7a36fdacaf2,2024-09-26T13:32:02.803000
CVE-2024-8680,0,0,f92fa58a804f571c1e7bcf32a74c84f918657d6176f24d169d6d6fd1db54ec14,2024-09-27T13:53:47.910000
CVE-2024-8681,0,0,2484646e871f9b5ca6a59ede5b5ef399a66580b77d3877c591e127c40a1ace52,2024-09-30T12:46:20.237000
@ -263963,9 +263973,13 @@ CVE-2024-8713,0,0,77e6eb32497c4838ab6eff0729860dc19e9280431833bec790cbdd0c191045
CVE-2024-8714,0,0,2bf1d2039d26904f97b1e8fc522abe5916905f0e0d26ed18e01afb2d802fce13,2024-09-26T20:06:46.330000
CVE-2024-8715,0,0,304c326f65febbbc8f7632ccde75c6cb540626ca7b3f92b1e87ea6c962675cd3,2024-09-30T12:45:57.823000
CVE-2024-8716,0,0,1bb41aeeebe4e896420adf3cdaff53e3d88a64a7e4d1f07d25f8bcb2da122bf8,2024-09-26T17:03:05.487000
CVE-2024-8718,1,1,52332c777c4318a883c04078e91634a6ef8ae6a5900124887917d48dd5005b5e,2024-10-01T08:15:04.030000
CVE-2024-8720,1,1,289b8fb0fc4d8050af052d36e1efbd05b6c287bfb2c648706b6f45f067f38dc4,2024-10-01T08:15:04.237000
CVE-2024-8723,0,0,778d0a0398aed78fe986c3e106c93b2232e3d42b0102981078399ce3c143c0f8,2024-09-26T13:32:02.803000
CVE-2024-8724,0,0,41e3dd453fbe3c0072e7ab470e5d529ac122f059bb60a2be671564b989c49676,2024-09-27T15:56:00.073000
CVE-2024-8725,0,0,e7161ff8e5bddb34d8cb70331e4764a7c296e8dd27bc773fb9d18a06e20edb11,2024-09-26T13:32:02.803000
CVE-2024-8727,1,1,dbb2d03b3a0ceaa8f4191f7e51c855a7d6e37cf9570fe18e85d885b4a36917be,2024-10-01T08:15:04.433000
CVE-2024-8728,1,1,4c3b895218a9215bbba5cc18fc76f8f771ca28b92ff840e97f9e5836a58a2ef9,2024-10-01T08:15:04.637000
CVE-2024-8730,0,0,ff380ede7d530472d7457d72280d0377e58fe499631b78029fd0dcbdd667a7f4,2024-09-26T19:58:33.353000
CVE-2024-8731,0,0,17c6adda5eb698d4c05886ce56b7c8d24eb85ac20af08445719f350b3f8c3e38,2024-09-26T19:43:33.110000
CVE-2024-8732,0,0,fdb5356750581bee2cd15ce9454648108e6d01424f144ebcf561e47c2245eaa8,2024-09-26T20:01:02.290000
@ -263997,12 +264011,15 @@ CVE-2024-8780,0,0,390f3cd9aeaa4212ebd65fe7e603fc1df2783bc2afd801c860ac757dc6f099
CVE-2024-8782,0,0,ec0da4baac22ae9eceb8ce2507375e0a71b6a51926de3cc40576bcd259fd7175,2024-09-19T01:46:07.003000
CVE-2024-8783,0,0,b434dfc5f50cf2811a1f5688ac574f745dec48e5af54cf5f568ce8560b0e2702,2024-09-19T01:38:57.033000
CVE-2024-8784,0,0,7bc5ed86fd42122481efd27561493828acec6a50cb9d34c0b1c40453c943431f,2024-09-19T01:38:35.177000
CVE-2024-8786,1,1,76e564ac65d5a50b3044629ff82d809b4d486cea166ab2e4fb6f9972a580d321,2024-10-01T09:15:04.300000
CVE-2024-8788,0,0,0c1c31433060e0573e6670d95af66fa7676c5096baf38d35fa0fd856e69a1acd,2024-09-30T12:45:57.823000
CVE-2024-8791,0,0,fb5b0ac36efac34bc9b2b46a1f471f8bc629f8b19dafbbe4161ffb4834ecffd5,2024-09-26T16:25:34.120000
CVE-2024-8793,1,1,acf44e3c3be625419fa9a69cf4331a61ce393d1a39a3030b553b223d637c6858,2024-10-01T09:15:04.770000
CVE-2024-8794,0,0,71d6f226610d884ee512fa4051f8594e0cafa29b4878c9ac672c3de2ccd4c022,2024-09-26T16:23:46.740000
CVE-2024-8795,0,0,f7b3fc89482c22947a1a26e63d2f04d7dee1f77ad827021897b332709b04072d,2024-09-26T16:46:55.587000
CVE-2024-8796,0,0,3072a1878c469640ca1580f40189a95dca902784c81c016c261f3bdcec04f58c,2024-09-30T14:10:38.937000
CVE-2024-8797,0,0,bc71120ba9c562037001bef5ed49069a2fb96f9263b3c8e2a617e34946a91f4d,2024-09-27T14:02:23.700000
CVE-2024-8799,1,1,00121647efdfbda1953f2b1e9dcd564fbf00607f157bcfec6188d74e35b1233b,2024-10-01T09:15:05.220000
CVE-2024-8801,0,0,b5bc4f982a594acb6aaf56b2e8a82653b32de0b2ae7bfdf440e37c28bdd34de7,2024-09-30T14:23:46.140000
CVE-2024-8803,0,0,1e21e2187793442a371c4b65c97d90253ace224e18e6d0a30f5421631b4c2a19,2024-09-26T13:32:02.803000
CVE-2024-8850,0,0,60f99c260767f82bf00cc7954ec3e058985003b965020b8d3dac7a45b3ea5f64,2024-09-25T18:49:53.397000
@ -264064,6 +264081,8 @@ CVE-2024-8974,0,0,d4bcc9476e440aef15c3a18c780e18e6939f5911111a1f36c9f70c7d14bcd4
CVE-2024-8975,0,0,6182f1c2aabebf93149118ffbf69a7c7fbdd0fa2fe06938640fbc8c09a95a52c,2024-09-26T17:15:04.283000
CVE-2024-8981,0,0,a6dff398f54eed438863305f0063a0cfe917abfa14511ee9bceae99f41bf945c,2024-10-01T03:15:02.470000
CVE-2024-8986,0,0,072cf1f180fb390d1b4b3d2d50dea4c4259a9c38757ddb70b883e21ef9d81f01,2024-09-20T12:30:17.483000
CVE-2024-8989,1,1,6ab2546ec964e99a431fecbc3726785c0f1928620ca5ffdda7abd4a623d7c876,2024-10-01T08:15:04.840000
CVE-2024-8990,1,1,5f3121a9544cb00fa60db849505a5187b12f6013895f285bda1d0b2e597f3595,2024-10-01T08:15:05.060000
CVE-2024-8991,0,0,09885cc5ee50368e772186dae89932abe94e78de6f22233b671ca629cda9542e,2024-09-30T12:46:20.237000
CVE-2024-8996,0,0,1db2f409b274638c0f9c246162c3dd0fbc2dbe210d25860090dd9c3c8a087a10,2024-09-26T17:15:04.373000
CVE-2024-9001,0,0,3414d6649893c69be27afcf1e3dc2327433e2ecaa7ac9013879a0b1b05bf0f03,2024-09-24T16:14:30.190000
@ -264075,6 +264094,7 @@ CVE-2024-9008,0,0,52622a85f30c63eabac86e540eb777bb56ea4ab0b052ff445cc04b0bad1ec8
CVE-2024-9009,0,0,8ca9aa7668c5d5c77c4f8dc75f965a1fc61562deadeb769eddb6e3d475ae864f,2024-09-25T17:46:59.077000
CVE-2024-9011,0,0,31757df34dd4fee90035c8c1e734eec12ab6ab10926115bc714ff7e9ad5eeaab,2024-09-25T17:48:14.820000
CVE-2024-9014,0,0,a8e29b928e7c02e09a31b50dee33eaa8cea5cb50c9cc022c5089f67468915a88,2024-09-26T13:32:55.343000
CVE-2024-9018,1,1,7e4cc53232e01438a4fee218a1a2899aac8e0271cd2222ff64914c9456965ad6,2024-10-01T09:15:05.610000
CVE-2024-9023,0,0,791ecf17c09683ef3ebffb71174cce8e121540e79fef0c6a3bb0a2d8d2ba42c0,2024-09-30T12:45:57.823000
CVE-2024-9024,0,0,a169982dad174bdcc00c2c78e9efcbc44e6a47176e89361fcc86b05c73e5527a,2024-09-26T13:32:02.803000
CVE-2024-9025,0,0,4a3763d182986e8a9ef475614c0f7e993d3440f162fb5fd30f9debf5502d2386,2024-09-26T13:32:02.803000
@ -264120,8 +264140,11 @@ CVE-2024-9091,0,0,3bfc998290a11bc8fab6cf9f3d600eed6ee69250246e343c9bb59fcaa6e75f
CVE-2024-9092,0,0,1c2c646de9ea2ba79bd5c01f3c6adbd97c309ff9880a784404443eb5dc670a7e,2024-09-27T16:23:56.710000
CVE-2024-9093,0,0,9c381a723dcd5a5c3a6becb1e39558bfddcf6d2d39bab32327672c3bb7182479,2024-09-27T16:26:27.163000
CVE-2024-9094,0,0,0e308d006c94a8d09d0a4caea6001ec02d11744a78c5f3fdfc5f94ed1a0ea22c,2024-09-27T15:54:09.463000
CVE-2024-9106,1,1,b4be78e84ae8affb4a6d454a9d1990e653bbd687f661444a18343032f03a5c6f,2024-10-01T08:15:05.267000
CVE-2024-9108,1,1,b104d3449df77c856d6774bc902449a0006458d06f65471d2757d674caf86c47,2024-10-01T08:15:05.480000
CVE-2024-9115,0,0,677b007e44c6a6850476d54cab99d703d388e1f6185b1413799fecf3ba008a07,2024-09-26T13:32:02.803000
CVE-2024-9117,0,0,96ff801e5a2869848fd4e3dd25cc9a878f8aef2f8675658f7019828cd326dfe8,2024-09-26T13:32:02.803000
CVE-2024-9119,1,1,73a4506c64bc55136a82fd67049c5f1a65495ab03a2bb02fdd68a84266b1cfd8,2024-10-01T08:15:05.690000
CVE-2024-9120,0,0,741803f92bc286dd2201245dc8ffb354e00af92f2ccee9f63963d21a0888db6b,2024-09-26T13:32:02.803000
CVE-2024-9121,0,0,eed3fa8b5aa214ac1e28e4851470b90d1a58e721a279141f5883437250a9a8a8,2024-09-26T13:32:02.803000
CVE-2024-9122,0,0,8303a0c1b693e1f9637d76c62abb1e6e7e78f3941c479dc3e2dfaa8a5c17fa42,2024-09-26T13:32:02.803000
@ -264132,6 +264155,7 @@ CVE-2024-9130,0,0,5bd25b655f8e7a913dbf125185040ed90a768cc24bf73a5555fb1985c6ebc2
CVE-2024-9136,0,0,3a2123a7313620918321ccc10071ef5907ddec267af09127e6959a072bce8ae3,2024-09-30T12:45:57.823000
CVE-2024-9141,0,0,1186d93c71ba2b76e7029b0455d3828535e51a6f22b721a65c3963a052cae512,2024-09-26T13:32:02.803000
CVE-2024-9142,0,0,f41ad411b11065ca581c6c09a7cdbabb7231f7d077f84444580389a46c43e76b,2024-09-26T13:32:02.803000
CVE-2024-9145,1,1,6ec68101174eef6ea8d6a443ccd44e10d28aa0d3a7c8706b3cf313003f831f12,2024-10-01T08:15:05.913000
CVE-2024-9148,0,0,54e87e3f2b6f69d5080b11c080fcfce17264899c6147cd6032f168b6e8923e92,2024-09-30T17:34:12.760000
CVE-2024-9155,0,0,e7852dec1d1a0cf6fb02c65df23cf83432ff26399350f16bb6b49f28f4d3005e,2024-09-30T12:46:20.237000
CVE-2024-9158,0,0,409612c4b8cb4a3f347d3e6118bf18cfe60f695c2a9fbb2e38a16b5a656c0709,2024-09-30T17:15:05.407000
@ -264147,8 +264171,18 @@ CVE-2024-9198,0,0,dc0289b7baa714eeb93a27fa0b615eecbc27114f3616c98feb15bac80300ac
CVE-2024-9199,0,0,3ca7b00968012de33482b7967da315774f8cea9a5b3070fbe655db855473b739,2024-09-26T13:32:02.803000
CVE-2024-9202,0,0,808b8091e3582386849f2f7767feb40805cba585b6581ba135c1d621ab219188,2024-09-30T12:46:20.237000
CVE-2024-9203,0,0,e6eb6874bd83da6550f594261cd60c3d082a0ed5dbc17d4c1b083dd114dee5d8,2024-09-30T12:46:20.237000
CVE-2024-9209,1,1,7d3bad6781486e2f4da7df129717b8a491edccf73b369d5a2d34b95179369883,2024-10-01T09:15:06.110000
CVE-2024-9220,1,1,6f67adeba0c71de630c7e77880260d455139ec3e28b2bcf4d37b6c2e1b517adb,2024-10-01T09:15:06.613000
CVE-2024-9224,1,1,daeac54c8a106a2cdf4131c378f84c7cfa1b831c70c575638327c37ab147ad9b,2024-10-01T09:15:07.190000
CVE-2024-9228,1,1,9405c3cfc45dca66268ec52ff9d3afd2509e4b32bf0c50779cb731b661651911,2024-10-01T09:15:07.750000
CVE-2024-9241,1,1,c97fba2c7aa884bcdd52fc5811a712b361d655a1df561d8ca3d939dedb183a39,2024-10-01T09:15:08.287000
CVE-2024-9265,1,1,a960537dfc00aa7287cda3b344edaa9968d5f1c511cd23e19840dec685ffedab,2024-10-01T09:15:08.810000
CVE-2024-9267,1,1,dc0e2a16aa688a38c35f6b9ffae7fc1a73b41beb5eb56dfb80ff17744ee58cdd,2024-10-01T08:15:06.103000
CVE-2024-9268,0,0,7e7771d589d5219f5f8e1d4b856d8a4ecc833e195b34661fddc76da01954ef5a,2024-09-27T17:15:14.497000
CVE-2024-9269,1,1,17a005cc0d3d32766c2354e4e21cb5a6af989b17ac72800bc0de449fb0f65c28,2024-10-01T08:15:06.313000
CVE-2024-9272,1,1,3bcc3e0378e59bc6d6daede197b60eb874d387818f18424bcf6330089754e28e,2024-10-01T08:15:06.510000
CVE-2024-9273,0,0,d541667891e816199f828382e531f52a986321fd7f85b5856a4bc94c161620a8,2024-09-27T17:15:14.550000
CVE-2024-9274,1,1,cc5814507328948ef506c997bdd3cfe686c60b8346a4520f66a47bfd431a0fe5,2024-10-01T08:15:06.723000
CVE-2024-9275,0,0,2d363e7e722e63cd2661e2a98149b3adb868d16d23141b985f0c74f5c5c9c2f4,2024-09-30T12:45:57.823000
CVE-2024-9276,0,0,f734c634e0a6a6bec2ec58d8e7062cd3473bc99a18d0bd4e8d6373e8c6062747,2024-09-30T12:45:57.823000
CVE-2024-9277,0,0,f1e655f47eee936d686b54fb8b9515ecc545b62a1b1d9dc4ecb649b1a6422fb1,2024-09-30T12:45:57.823000
@ -264159,6 +264193,7 @@ CVE-2024-9281,0,0,c535ba93d476c27150ada599110947211096684c7f9bbe8d00abfb427ea61a
CVE-2024-9282,0,0,28da861d055c9625e1f872cd5351aaa1e1bfe131c026ad30a30cf3906bc154e7,2024-09-30T12:45:57.823000
CVE-2024-9283,0,0,a5233c3b589826e3e09dfcafb866e56b060b301af37e2de0e699930a9008fdfe,2024-09-30T12:45:57.823000
CVE-2024-9284,0,0,e077aa9b3331db7cd8049b8d7f3273d870b80909d1916943a385cf9659e49d1c,2024-09-30T12:45:57.823000
CVE-2024-9289,1,1,5a6ef07324af885b8b6ee8509695949d93228d97c4f373664f14e04aa2e1395c,2024-10-01T09:15:09.320000
CVE-2024-9291,0,0,b88fea8223aa63c1df245ec34d5a9ae6249acdcbf799f14cbc2ab52d8c1fa2a6,2024-09-30T12:45:57.823000
CVE-2024-9293,0,0,cfc68c60c376b348e2db1dfc60e29304979c6f29bbb8e9627dd9fb163636b5c5,2024-09-30T12:45:57.823000
CVE-2024-9294,0,0,df4e8ca812056069ce686ccc519c918f454c6a35b9074b986ab12abfbd42a42d,2024-09-30T12:45:57.823000
@ -264169,6 +264204,7 @@ CVE-2024-9298,0,0,f6a0d8d5b76d1aca4b69e13596b3400394f23f0dc87d91cebd3e86c263b5e9
CVE-2024-9299,0,0,2773a88eca4ad2b201e410f54eb34e7be4ec55a7df5adc0de816905a9bc67c8b,2024-09-30T12:45:57.823000
CVE-2024-9300,0,0,88b79df48ae91214ef2b5e7a373c5f9d2b02a0d6ce5a7c0140d5fcd61004ba7d,2024-09-30T12:45:57.823000
CVE-2024-9301,0,0,73ba33e42a5a66e63775d86ddfdf57e7a04bcd9ceda925406fc4894f153c084a,2024-09-30T12:45:57.823000
CVE-2024-9304,1,1,77296627b4e73471315e7e445cf2a4183f5c2120111f84509ea16b607bc5907e,2024-10-01T08:15:06.943000
CVE-2024-9315,0,0,6afda6e8d97f7cdbf8ace9f41e8c225dffbff5865ed3f741b65fa4f76a307c30,2024-09-30T12:45:57.823000
CVE-2024-9316,0,0,af6982dcd9c7f4909113b26e934c15a53c63fefb9a4ab04a604458d8e878131e,2024-09-30T12:45:57.823000
CVE-2024-9317,0,0,3c9218a807df8c095b3daeae2a193534fba5ac123ab4c2c0d37100757693fc05,2024-09-30T12:45:57.823000

Can't render this file because it is too large.