From 9016d463c3ad96db18211c3dbd95012b13cd6f1a Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 9 Dec 2024 07:03:44 +0000 Subject: [PATCH] Auto-Update: 2024-12-09T07:00:22.381125+00:00 --- CVE-2023/CVE-2023-342xx/CVE-2023-34246.json | 6 +- CVE-2024/CVE-2024-123xx/CVE-2024-12357.json | 141 +++++++++++++++++++ CVE-2024/CVE-2024-123xx/CVE-2024-12358.json | 141 +++++++++++++++++++ CVE-2024/CVE-2024-123xx/CVE-2024-12359.json | 145 ++++++++++++++++++++ CVE-2024/CVE-2024-123xx/CVE-2024-12360.json | 145 ++++++++++++++++++++ CVE-2024/CVE-2024-96xx/CVE-2024-9651.json | 21 +++ README.md | 27 ++-- _state.csv | 29 ++-- 8 files changed, 626 insertions(+), 29 deletions(-) create mode 100644 CVE-2024/CVE-2024-123xx/CVE-2024-12357.json create mode 100644 CVE-2024/CVE-2024-123xx/CVE-2024-12358.json create mode 100644 CVE-2024/CVE-2024-123xx/CVE-2024-12359.json create mode 100644 CVE-2024/CVE-2024-123xx/CVE-2024-12360.json create mode 100644 CVE-2024/CVE-2024-96xx/CVE-2024-9651.json diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34246.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34246.json index 6bb52c3a90c..1f418c0c356 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34246.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34246.json @@ -2,7 +2,7 @@ "id": "CVE-2023-34246", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-12T17:15:09.967", - "lastModified": "2024-11-21T08:06:51.260", + "lastModified": "2024-12-09T05:15:04.823", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -169,6 +169,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00016.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00010.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, { "url": "https://www.rfc-editor.org/rfc/rfc8252#section-8.6", "source": "af854a3a-2127-422b-91ae-364da2661108", diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12357.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12357.json new file mode 100644 index 00000000000..1bc887240b3 --- /dev/null +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12357.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-12357", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-09T05:15:06.973", + "lastModified": "2024-12-09T05:15:06.973", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://pastebin.com/Qupf8YbH", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.287276", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.287276", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.457505", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12358.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12358.json new file mode 100644 index 00000000000..07f222016c6 --- /dev/null +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12358.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-12358", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-09T05:15:07.320", + "lastModified": "2024-12-09T05:15:07.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/jxp98/VulResearch/blob/main/2024/12/1.Datax-Web%20-%20Remote%20Code%20Execution.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.287277", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.287277", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.457865", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12359.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12359.json new file mode 100644 index 00000000000..940ec5c51cb --- /dev/null +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12359.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-12359", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-09T05:15:07.630", + "lastModified": "2024-12-09T05:15:07.630", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Admin Dashboard 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /vendor_management.php. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting product names." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://hackmd.io/@salt9487/HyTgLR-V1l", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.287278", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.287278", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.458634", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-123xx/CVE-2024-12360.json b/CVE-2024/CVE-2024-123xx/CVE-2024-12360.json new file mode 100644 index 00000000000..2626f00b8e8 --- /dev/null +++ b/CVE-2024/CVE-2024-123xx/CVE-2024-12360.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-12360", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-09T05:15:07.920", + "lastModified": "2024-12-09T05:15:07.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as critical. This issue affects some unknown processing of the file class_update.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 6.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/bjtyyy/CVE/blob/main/Online%20Class%20and%20Exam%20Scheduling%20System.docx", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.287279", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.287279", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.458891", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9651.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9651.json new file mode 100644 index 00000000000..1cbcf3b3f71 --- /dev/null +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9651.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-9651", + "sourceIdentifier": "contact@wpscan.com", + "published": "2024-12-09T06:15:04.397", + "lastModified": "2024-12-09T06:15:04.397", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Fluent Forms WordPress plugin before 5.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/a2c56e42-3b3a-4e23-933f-40cf63e222c0/", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 3a64aefacf3..0aebb27e41e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-09T05:00:44.628685+00:00 +2024-12-09T07:00:22.381125+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-09T04:15:05.387000+00:00 +2024-12-09T06:15:04.397000+00:00 ``` ### Last Data Feed Release @@ -33,30 +33,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -272627 +272632 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `5` -- [CVE-2024-53279](CVE-2024/CVE-2024-532xx/CVE-2024-53279.json) (`2024-12-09T04:15:04.477`) -- [CVE-2024-53280](CVE-2024/CVE-2024-532xx/CVE-2024-53280.json) (`2024-12-09T04:15:04.650`) -- [CVE-2024-53281](CVE-2024/CVE-2024-532xx/CVE-2024-53281.json) (`2024-12-09T04:15:04.793`) -- [CVE-2024-53282](CVE-2024/CVE-2024-532xx/CVE-2024-53282.json) (`2024-12-09T04:15:04.937`) -- [CVE-2024-53283](CVE-2024/CVE-2024-532xx/CVE-2024-53283.json) (`2024-12-09T04:15:05.073`) -- [CVE-2024-53284](CVE-2024/CVE-2024-532xx/CVE-2024-53284.json) (`2024-12-09T04:15:05.220`) -- [CVE-2024-53285](CVE-2024/CVE-2024-532xx/CVE-2024-53285.json) (`2024-12-09T04:15:05.387`) -- [CVE-2024-55578](CVE-2024/CVE-2024-555xx/CVE-2024-55578.json) (`2024-12-09T03:15:04.530`) -- [CVE-2024-55579](CVE-2024/CVE-2024-555xx/CVE-2024-55579.json) (`2024-12-09T03:15:05.197`) -- [CVE-2024-55580](CVE-2024/CVE-2024-555xx/CVE-2024-55580.json) (`2024-12-09T03:15:05.400`) -- [CVE-2024-55582](CVE-2024/CVE-2024-555xx/CVE-2024-55582.json) (`2024-12-09T03:15:05.550`) +- [CVE-2024-12357](CVE-2024/CVE-2024-123xx/CVE-2024-12357.json) (`2024-12-09T05:15:06.973`) +- [CVE-2024-12358](CVE-2024/CVE-2024-123xx/CVE-2024-12358.json) (`2024-12-09T05:15:07.320`) +- [CVE-2024-12359](CVE-2024/CVE-2024-123xx/CVE-2024-12359.json) (`2024-12-09T05:15:07.630`) +- [CVE-2024-12360](CVE-2024/CVE-2024-123xx/CVE-2024-12360.json) (`2024-12-09T05:15:07.920`) +- [CVE-2024-9651](CVE-2024/CVE-2024-96xx/CVE-2024-9651.json) (`2024-12-09T06:15:04.397`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2023-34246](CVE-2023/CVE-2023-342xx/CVE-2023-34246.json) (`2024-12-09T05:15:04.823`) ## Download and Usage diff --git a/_state.csv b/_state.csv index c5b69765dbf..e79cc6e863c 100644 --- a/_state.csv +++ b/_state.csv @@ -226454,7 +226454,7 @@ CVE-2023-34242,0,0,db2fbe9cf3619d26a32c6c524ba36480556f1d997a7e0d3c93310e0c41b15 CVE-2023-34243,0,0,01b9ba06437ed92dcbe252076b4be9a3093a0b1f5d680768ddc3bc97b13c9202,2024-11-21T08:06:50.877000 CVE-2023-34244,0,0,d748e22d790bbe28b3c438b0d1f1f4c5c990e4e4032b0cd3c9b44a9abf75e654,2024-11-21T08:06:51 CVE-2023-34245,0,0,ce6505508858d5902aba9cf8dba198c33159bf99ce6adb7a5a635da507ebb819,2024-11-21T08:06:51.123000 -CVE-2023-34246,0,0,b89aa22d9df1ad4f26fa378a34313d1b5e9352dfb45ce8c1b8b9060756c2f7bc,2024-11-21T08:06:51.260000 +CVE-2023-34246,0,1,6502d56c519d44e919330b8710454374582286d4490a446c9539d6834bafd182,2024-12-09T05:15:04.823000 CVE-2023-34247,0,0,f6f23211178bb3594b9ae893ff3c2a68414c22aa35433a907b84fda3af5a80eb,2024-11-21T08:06:51.397000 CVE-2023-34249,0,0,6f923e4e6db780452a56222d169353011dcde3b6f1393ce30bc894b33c960357,2024-11-21T08:06:51.527000 CVE-2023-3425,0,0,1dea7ff674e73f2d66cef9a61a7f6355e59923eed92a8a68cc44a827c05d064e,2024-11-21T08:17:14.357000 @@ -244229,7 +244229,11 @@ CVE-2024-12352,0,0,df6e6e438031ecc98e4060be996123925a2d11714cbf6d67b70dfc73b77f0 CVE-2024-12353,0,0,cdfb3d26fac16a1a5d998eb3be106173119f8a00dbfb4191025a22992ab16e5a,2024-12-09T02:15:18.920000 CVE-2024-12354,0,0,9cd087b8f40c9a4013f29fb518d260911b2e8d8a0b8a192d987032812a26f2d7,2024-12-09T02:15:19.120000 CVE-2024-12355,0,0,59de9253426a92e27e7c3904943024aa25fb561f82b61f281cb2411b05b4fc81,2024-12-09T02:15:19.300000 +CVE-2024-12357,1,1,2e3ace4329dee544759b3943ce02a194d6d82c92302601be13110040a3e78f1c,2024-12-09T05:15:06.973000 +CVE-2024-12358,1,1,6ddb1068585d936786ad516cf6a6bcc212677513e0b470b785f791b17192fa88,2024-12-09T05:15:07.320000 +CVE-2024-12359,1,1,1b9eca10a0eb8c61148d2c180bd16045cbf319152c6d0689f3b60739161e9047,2024-12-09T05:15:07.630000 CVE-2024-1236,0,0,98cf8c8d0d2027d41420e47ce0e54a62c55b6c82b55779fb1975380b5e094f29,2024-11-21T08:50:07.797000 +CVE-2024-12360,1,1,73fc0231527ad06f2d47ddb3328eb56e1d3966ef0dded4f11416bdaabed92b1f,2024-12-09T05:15:07.920000 CVE-2024-1237,0,0,7608b762d209f55f10a23dbde634d086adad1d6240344714ec7de5c458d836b6,2024-11-21T08:50:07.910000 CVE-2024-1238,0,0,61e2d99ce6e3dfa86afb8331abcc236f68b5fa34f245659f4f6216db5239b32e,2024-11-21T08:50:08.053000 CVE-2024-1239,0,0,a515a367dab4b48d00e7f390a15c0d107266b53b28358b9f5ebf3476b0a625f5,2024-11-21T08:50:08.180000 @@ -268417,14 +268421,14 @@ CVE-2024-53267,0,0,accd32a67a608848754723b681c6e9dcbc299572dceeb0ccc536e90037eb3 CVE-2024-53268,0,0,a408af8f5ee18e6e866628a8181262e5b345f36ec790e37835b95d7b67c7ce70,2024-11-25T20:15:10.583000 CVE-2024-5327,0,0,c9fe7d7fa06a5d3d75a080dba8857bf423c18144dc7f53781589989842b7c438,2024-11-21T09:47:25.873000 CVE-2024-53278,0,0,6f30b711eaa2519505a8ae7e3cc5077447b747b2c4a9b5a5e0658f524894f224,2024-11-26T05:15:10.563000 -CVE-2024-53279,1,1,dfc5f096a36d29d0f8644df8f6c1c9487efce3642c797493ad061622e50e96a6,2024-12-09T04:15:04.477000 +CVE-2024-53279,0,0,dfc5f096a36d29d0f8644df8f6c1c9487efce3642c797493ad061622e50e96a6,2024-12-09T04:15:04.477000 CVE-2024-5328,0,0,6202213e4923d2ad4b73c742ef3cdb1565340ec9be018d39ba9d29068bc91119,2024-11-21T09:47:25.977000 -CVE-2024-53280,1,1,94cd42f02ce96cd7a177ff077c199f97139d3641f4165d88b07a5f1389caf401,2024-12-09T04:15:04.650000 -CVE-2024-53281,1,1,0ee53cb8321dffec27b92e1b96e3180a048477f32c26ab2b27492fb7c9d0a5f5,2024-12-09T04:15:04.793000 -CVE-2024-53282,1,1,7c15b09f47539f2801b9ffd5119e50b7caab692bd395943ee3e6dd74694f6681,2024-12-09T04:15:04.937000 -CVE-2024-53283,1,1,fce78cde726b7a65b1fbdf73ae6f09a3f73353b419256d77bfdc27d25fc2bdd1,2024-12-09T04:15:05.073000 -CVE-2024-53284,1,1,45eec706662496fabc9e8cb42b80581fe3303e2b7ad39a80f66810b843e633b6,2024-12-09T04:15:05.220000 -CVE-2024-53285,1,1,e84db3deebb14a58d6854f327cd3b7c086afe148e543eaafbb15e4ea1a4cbc6b,2024-12-09T04:15:05.387000 +CVE-2024-53280,0,0,94cd42f02ce96cd7a177ff077c199f97139d3641f4165d88b07a5f1389caf401,2024-12-09T04:15:04.650000 +CVE-2024-53281,0,0,0ee53cb8321dffec27b92e1b96e3180a048477f32c26ab2b27492fb7c9d0a5f5,2024-12-09T04:15:04.793000 +CVE-2024-53282,0,0,7c15b09f47539f2801b9ffd5119e50b7caab692bd395943ee3e6dd74694f6681,2024-12-09T04:15:04.937000 +CVE-2024-53283,0,0,fce78cde726b7a65b1fbdf73ae6f09a3f73353b419256d77bfdc27d25fc2bdd1,2024-12-09T04:15:05.073000 +CVE-2024-53284,0,0,45eec706662496fabc9e8cb42b80581fe3303e2b7ad39a80f66810b843e633b6,2024-12-09T04:15:05.220000 +CVE-2024-53285,0,0,e84db3deebb14a58d6854f327cd3b7c086afe148e543eaafbb15e4ea1a4cbc6b,2024-12-09T04:15:05.387000 CVE-2024-5329,0,0,daffb0d0cde1b0a7abdef85d122cb231171a58845d7b7cc2d00de14c5f127b92,2024-11-21T09:47:26.100000 CVE-2024-5330,0,0,d644a32144d291678dd5bb7f21b934bb851a049e1a1dcad7ed14bbc2171615fb,2024-11-21T22:46:26.800000 CVE-2024-5331,0,0,ad9f3e021008e1f906a9999a71be6645de37906a8f88b5de79caa7d877855b39,2024-11-21T23:07:26.067000 @@ -268913,11 +268917,11 @@ CVE-2024-55564,0,0,89d08bbaa9773327e34d324e47d50ef5b3dfb5fd75dcd16dc2c4f2bbf9ee5 CVE-2024-55565,0,0,b2313ae44da999d8fc4520a410050c1fd6fff1d9541329ab2ea86f782d8cd857,2024-12-09T02:15:19.607000 CVE-2024-55566,0,0,cc8f9a9eac78b44e982dc79609c73b93636b40b02e823d798c83261284bf0a10,2024-12-09T02:15:19.720000 CVE-2024-5557,0,0,09bbd8b47f01ef9851d897d35b7273fae6e6c153562df19beb41c55eeb7521a0,2024-11-21T09:47:55.560000 -CVE-2024-55578,1,1,20c731157c69055e7769ca27d0621e2d376edcf0d0159177c1cfedd63f521740,2024-12-09T03:15:04.530000 -CVE-2024-55579,1,1,d4dcd9ce953cd587b5da850c1ce43b8deb42005ab9d3feceb72cd5f7325507e2,2024-12-09T03:15:05.197000 +CVE-2024-55578,0,0,20c731157c69055e7769ca27d0621e2d376edcf0d0159177c1cfedd63f521740,2024-12-09T03:15:04.530000 +CVE-2024-55579,0,0,d4dcd9ce953cd587b5da850c1ce43b8deb42005ab9d3feceb72cd5f7325507e2,2024-12-09T03:15:05.197000 CVE-2024-5558,0,0,b9640ac59698561d1e2153bd708b9d8ca2d328fcb61a159842590b547b4c1a0f,2024-11-21T09:47:55.700000 -CVE-2024-55580,1,1,23d1d0ce78dee9055e27646456d6f5dae42c71f66b9dcde2db05efdab828343a,2024-12-09T03:15:05.400000 -CVE-2024-55582,1,1,3c23376685adf2edae29527c3668429e6b653ce512d692f8394663104b24d5b7,2024-12-09T03:15:05.550000 +CVE-2024-55580,0,0,23d1d0ce78dee9055e27646456d6f5dae42c71f66b9dcde2db05efdab828343a,2024-12-09T03:15:05.400000 +CVE-2024-55582,0,0,3c23376685adf2edae29527c3668429e6b653ce512d692f8394663104b24d5b7,2024-12-09T03:15:05.550000 CVE-2024-5559,0,0,da875044adc3709281edfed6e696b593f02a48923f7270d2350dbdeb9c3f0186,2024-11-21T09:47:55.840000 CVE-2024-5560,0,0,5aa7f1759c9eb53992bc8fa45515cc25adc477b89cd6554f8c0736d42239dd24,2024-11-21T09:47:55.983000 CVE-2024-5561,0,0,4022800ab031c19c97b7a8f23f8f937de2c70091af69e68157c4f9d46ea4b02c,2024-10-07T17:45:29.950000 @@ -272340,6 +272344,7 @@ CVE-2024-9642,0,0,e785c942bfa480a7574dc49561aef989c60cf4146a0b8eb964f23c4e5169b9 CVE-2024-9647,0,0,fcdcaf92364c0d2df50a52f6773b32a5c3346fda1bdd5380b00168c49162a8b6,2024-10-16T16:38:14.557000 CVE-2024-9649,0,0,aef177183a046c3f046fd6be8c976f15a331c30746d190b980aa15df26ed1b01,2024-10-16T16:38:14.557000 CVE-2024-9650,0,0,2327d0b00f83aa6287d8e0fc737d152f9293bbe0c165388e74c80db5393555e5,2024-10-25T12:56:07.750000 +CVE-2024-9651,1,1,536e45c35e04c2256d0d4e91197fb142051ed50ae950fff1974779180122eefd,2024-12-09T06:15:04.397000 CVE-2024-9652,0,0,2278cc3d85ab1e64d09ab82bc023556b887dca2b4a3045a553483dbbc6e7952b,2024-10-16T16:38:14.557000 CVE-2024-9653,0,0,f158e4ac0dd55a24d4b3927fa7e93113f3b2a80fd6a1d97e078c1fc3c150282b,2024-11-26T20:37:07.913000 CVE-2024-9655,0,0,f949df8d6e7799757a56c3413a4960a9956ec7f349370b1e9da1784dc8394ce3,2024-11-01T12:57:03.417000