From 983e548fde8b98ab4263572ad5d19bf61e5cf040 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 11 Nov 2024 07:03:20 +0000 Subject: [PATCH] Auto-Update: 2024-11-11T07:00:19.455712+00:00 --- CVE-2024/CVE-2024-388xx/CVE-2024-38826.json | 66 +++++++++++++++++++++ CVE-2024/CVE-2024-515xx/CVE-2024-51571.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-515xx/CVE-2024-51572.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-515xx/CVE-2024-51573.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-515xx/CVE-2024-51574.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-515xx/CVE-2024-51575.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-517xx/CVE-2024-51788.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-517xx/CVE-2024-51789.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-517xx/CVE-2024-51790.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-517xx/CVE-2024-51791.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-517xx/CVE-2024-51792.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-517xx/CVE-2024-51793.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-518xx/CVE-2024-51820.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-518xx/CVE-2024-51837.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-518xx/CVE-2024-51843.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-518xx/CVE-2024-51845.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-518xx/CVE-2024-51882.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-523xx/CVE-2024-52356.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-523xx/CVE-2024-52357.json | 56 +++++++++++++++++ CVE-2024/CVE-2024-523xx/CVE-2024-52358.json | 56 +++++++++++++++++ README.md | 32 +++++++--- _state.csv | 28 +++++++-- 22 files changed, 1178 insertions(+), 12 deletions(-) create mode 100644 CVE-2024/CVE-2024-388xx/CVE-2024-38826.json create mode 100644 CVE-2024/CVE-2024-515xx/CVE-2024-51571.json create mode 100644 CVE-2024/CVE-2024-515xx/CVE-2024-51572.json create mode 100644 CVE-2024/CVE-2024-515xx/CVE-2024-51573.json create mode 100644 CVE-2024/CVE-2024-515xx/CVE-2024-51574.json create mode 100644 CVE-2024/CVE-2024-515xx/CVE-2024-51575.json create mode 100644 CVE-2024/CVE-2024-517xx/CVE-2024-51788.json create mode 100644 CVE-2024/CVE-2024-517xx/CVE-2024-51789.json create mode 100644 CVE-2024/CVE-2024-517xx/CVE-2024-51790.json create mode 100644 CVE-2024/CVE-2024-517xx/CVE-2024-51791.json create mode 100644 CVE-2024/CVE-2024-517xx/CVE-2024-51792.json create mode 100644 CVE-2024/CVE-2024-517xx/CVE-2024-51793.json create mode 100644 CVE-2024/CVE-2024-518xx/CVE-2024-51820.json create mode 100644 CVE-2024/CVE-2024-518xx/CVE-2024-51837.json create mode 100644 CVE-2024/CVE-2024-518xx/CVE-2024-51843.json create mode 100644 CVE-2024/CVE-2024-518xx/CVE-2024-51845.json create mode 100644 CVE-2024/CVE-2024-518xx/CVE-2024-51882.json create mode 100644 CVE-2024/CVE-2024-523xx/CVE-2024-52356.json create mode 100644 CVE-2024/CVE-2024-523xx/CVE-2024-52357.json create mode 100644 CVE-2024/CVE-2024-523xx/CVE-2024-52358.json diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38826.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38826.json new file mode 100644 index 00000000000..14eef1e34f3 --- /dev/null +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38826.json @@ -0,0 +1,66 @@ +{ + "id": "CVE-2024-38826", + "sourceIdentifier": "security@vmware.com", + "published": "2024-11-11T06:15:04.963", + "lastModified": "2024-11-11T06:15:04.963", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Authenticated users can upload specifically crafted files to leak server resources. This behavior can potentially be used to run a denial of service attack against Cloud Controller.\n\nThe Cloud Foundry project recommends upgrading the following releases:\n\n * Upgrade capi release version to 1.194.0 or greater\n * Upgrade cf-deployment version to v44.1.0 or greater. This includes a patched capi release" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:L/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "YES", + "recovery": "USER", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "LOW", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "references": [ + { + "url": "https://www.cloudfoundry.org/blog/cve-2024-38826-cloud-controller-denial-of-service-attack/", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-515xx/CVE-2024-51571.json b/CVE-2024/CVE-2024-515xx/CVE-2024-51571.json new file mode 100644 index 00000000000..919b8ce5a21 --- /dev/null +++ b/CVE-2024/CVE-2024-515xx/CVE-2024-51571.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51571", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:05.300", + "lastModified": "2024-11-11T06:15:05.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MasterBip MasterBip para Elementor allows DOM-Based XSS.This issue affects MasterBip para Elementor: from n/a through 1.6.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/masterbip-for-elementor/wordpress-masterbip-para-elementor-plugin-1-6-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-515xx/CVE-2024-51572.json b/CVE-2024/CVE-2024-515xx/CVE-2024-51572.json new file mode 100644 index 00000000000..53429c389db --- /dev/null +++ b/CVE-2024/CVE-2024-515xx/CVE-2024-51572.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51572", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:05.600", + "lastModified": "2024-11-11T06:15:05.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Peter Shaw LH QR Codes allows Stored XSS.This issue affects LH QR Codes: from n/a through 1.06." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/lh-qr-codes/wordpress-lh-qr-codes-plugin-1-06-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-515xx/CVE-2024-51573.json b/CVE-2024/CVE-2024-515xx/CVE-2024-51573.json new file mode 100644 index 00000000000..8f9deb7113a --- /dev/null +++ b/CVE-2024/CVE-2024-515xx/CVE-2024-51573.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51573", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:05.887", + "lastModified": "2024-11-11T06:15:05.887", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Matthew Lillistone ML Responsive Audio player with playlist Shortcode allows Stored XSS.This issue affects ML Responsive Audio player with playlist Shortcode: from n/a through 0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/mlr-audio/wordpress-ml-responsive-audio-plugin-0-2-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-515xx/CVE-2024-51574.json b/CVE-2024/CVE-2024-515xx/CVE-2024-51574.json new file mode 100644 index 00000000000..e32bd4c9549 --- /dev/null +++ b/CVE-2024/CVE-2024-515xx/CVE-2024-51574.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51574", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:06.160", + "lastModified": "2024-11-11T06:15:06.160", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Simple Goods allows Stored XSS.This issue affects Simple Goods: from n/a through 0.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/simple-goods/wordpress-simple-goods-plugin-0-1-3-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-515xx/CVE-2024-51575.json b/CVE-2024/CVE-2024-515xx/CVE-2024-51575.json new file mode 100644 index 00000000000..e08427c4b38 --- /dev/null +++ b/CVE-2024/CVE-2024-515xx/CVE-2024-51575.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51575", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:06.463", + "lastModified": "2024-11-11T06:15:06.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Abdullah Extender All In One For Elementor allows Stored XSS.This issue affects Extender All In One For Elementor: from n/a through 1.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/extender-all-in-one-for-elementor/wordpress-extender-all-in-one-for-elementor-plugin-1-0-3-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51788.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51788.json new file mode 100644 index 00000000000..aae0e604b30 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51788.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51788", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:06.760", + "lastModified": "2024-11-11T06:15:06.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Wolfe The Novel Design Store Directory allows Upload a Web Shell to a Web Server.This issue affects The Novel Design Store Directory: from n/a through 4.3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/noveldesign-store-directory/wordpress-the-novel-design-store-directory-plugin-4-3-0-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51789.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51789.json new file mode 100644 index 00000000000..41e92bc38a7 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51789.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51789", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:07.130", + "lastModified": "2024-11-11T06:15:07.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in UjW0L Image Classify allows Upload a Web Shell to a Web Server.This issue affects Image Classify: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/image-classify/wordpress-image-classify-plugin-1-0-0-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51790.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51790.json new file mode 100644 index 00000000000..077904d9586 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51790.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51790", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:07.483", + "lastModified": "2024-11-11T06:15:07.483", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Team HB WEBSOL HB AUDIO GALLERY allows Upload a Web Shell to a Web Server.This issue affects HB AUDIO GALLERY: from n/a through 3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/hb-audio-gallery/wordpress-hb-audio-gallery-plugin-3-0-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51791.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51791.json new file mode 100644 index 00000000000..dca096917d7 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51791.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51791", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:07.787", + "lastModified": "2024-11-11T06:15:07.787", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through 2.8.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/forms-by-made-it/wordpress-forms-plugin-2-8-0-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51792.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51792.json new file mode 100644 index 00000000000..ff969610f1c --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51792.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51792", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:08.073", + "lastModified": "2024-11-11T06:15:08.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Dang Ngoc Binh Audio Record allows Upload a Web Shell to a Web Server.This issue affects Audio Record: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/audio-record/wordpress-audio-record-plugin-1-0-arbitrary-file-upload-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51793.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51793.json new file mode 100644 index 00000000000..3e7091fe941 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51793.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51793", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:08.360", + "lastModified": "2024-11-11T06:15:08.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair Shop allows Upload a Web Shell to a Web Server.This issue affects Computer Repair Shop: from n/a through 3.8115." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/computer-repair-shop/wordpress-repairbuddy-plugin-3-8115-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51820.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51820.json new file mode 100644 index 00000000000..c775df74e5b --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51820.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51820", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:08.660", + "lastModified": "2024-11-11T06:15:08.660", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in L Squared Support L Squared Hub WP allows SQL Injection.This issue affects L Squared Hub WP: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/l-squared-hub-wp-virtual-device/wordpress-l-squared-hub-wp-plugin-1-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51837.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51837.json new file mode 100644 index 00000000000..519a9f7b5b0 --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51837.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51837", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:08.950", + "lastModified": "2024-11-11T06:15:08.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SONS Creative Development WP Contest allows SQL Injection.This issue affects WP Contest: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-contest/wordpress-wp-contest-plugin-1-0-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51843.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51843.json new file mode 100644 index 00000000000..8370b38602b --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51843.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51843", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:09.243", + "lastModified": "2024-11-11T06:15:09.243", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Olland.Biz Horsemanager allows Blind SQL Injection.This issue affects Horsemanager: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/fruitcake-horsemanager/wordpress-horsemanager-plugin-1-3-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51845.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51845.json new file mode 100644 index 00000000000..2374dc08aca --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51845.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51845", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:09.547", + "lastModified": "2024-11-11T06:15:09.547", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Richteam Share Buttons \u2013 Social Media allows Blind SQL Injection.This issue affects Share Buttons \u2013 Social Media: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/rich-web-share-button/wordpress-share-buttons-social-media-plugin-1-0-2-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51882.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51882.json new file mode 100644 index 00000000000..398c95b7110 --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51882.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51882", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:09.837", + "lastModified": "2024-11-11T06:15:09.837", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ehues Gboy Custom Google Map allows Blind SQL Injection.This issue affects Gboy Custom Google Map: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/gboy-custom-google-map/wordpress-gboy-custom-google-map-plugin-1-2-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52356.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52356.json new file mode 100644 index 00000000000..3958cfd7cb0 --- /dev/null +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52356.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52356", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:10.153", + "lastModified": "2024-11-11T06:15:10.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/the-pack-addon/wordpress-the-pack-elementor-addons-plugin-2-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52357.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52357.json new file mode 100644 index 00000000000..09257b3c625 --- /dev/null +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52357.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52357", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:10.440", + "lastModified": "2024-11-11T06:15:10.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LIQUID DESIGN Ltd. LIQUID BLOCKS allows Stored XSS.This issue affects LIQUID BLOCKS: from n/a through 1.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/liquid-blocks/wordpress-liquid-blocks-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52358.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52358.json new file mode 100644 index 00000000000..b50faf98bcd --- /dev/null +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52358.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-52358", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-11-11T06:15:10.737", + "lastModified": "2024-11-11T06:15:10.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through 1.5.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/responsive-addons-for-elementor/wordpress-responsive-addons-for-elementor-plugin-1-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ba5ddf89a59..7e243db7a44 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-11T03:00:19.938808+00:00 +2024-11-11T07:00:19.455712+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-11T01:15:04.890000+00:00 +2024-11-11T06:15:10.737000+00:00 ``` ### Last Data Feed Release @@ -33,17 +33,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -268965 +268985 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `20` -- [CVE-2024-11060](CVE-2024/CVE-2024-110xx/CVE-2024-11060.json) (`2024-11-11T01:15:04.233`) -- [CVE-2024-11061](CVE-2024/CVE-2024-110xx/CVE-2024-11061.json) (`2024-11-11T01:15:04.523`) -- [CVE-2024-41992](CVE-2024/CVE-2024-419xx/CVE-2024-41992.json) (`2024-11-11T01:15:04.813`) -- [CVE-2024-48939](CVE-2024/CVE-2024-489xx/CVE-2024-48939.json) (`2024-11-11T01:15:04.890`) +- [CVE-2024-38826](CVE-2024/CVE-2024-388xx/CVE-2024-38826.json) (`2024-11-11T06:15:04.963`) +- [CVE-2024-51571](CVE-2024/CVE-2024-515xx/CVE-2024-51571.json) (`2024-11-11T06:15:05.300`) +- [CVE-2024-51572](CVE-2024/CVE-2024-515xx/CVE-2024-51572.json) (`2024-11-11T06:15:05.600`) +- [CVE-2024-51573](CVE-2024/CVE-2024-515xx/CVE-2024-51573.json) (`2024-11-11T06:15:05.887`) +- [CVE-2024-51574](CVE-2024/CVE-2024-515xx/CVE-2024-51574.json) (`2024-11-11T06:15:06.160`) +- [CVE-2024-51575](CVE-2024/CVE-2024-515xx/CVE-2024-51575.json) (`2024-11-11T06:15:06.463`) +- [CVE-2024-51788](CVE-2024/CVE-2024-517xx/CVE-2024-51788.json) (`2024-11-11T06:15:06.760`) +- [CVE-2024-51789](CVE-2024/CVE-2024-517xx/CVE-2024-51789.json) (`2024-11-11T06:15:07.130`) +- [CVE-2024-51790](CVE-2024/CVE-2024-517xx/CVE-2024-51790.json) (`2024-11-11T06:15:07.483`) +- [CVE-2024-51791](CVE-2024/CVE-2024-517xx/CVE-2024-51791.json) (`2024-11-11T06:15:07.787`) +- [CVE-2024-51792](CVE-2024/CVE-2024-517xx/CVE-2024-51792.json) (`2024-11-11T06:15:08.073`) +- [CVE-2024-51793](CVE-2024/CVE-2024-517xx/CVE-2024-51793.json) (`2024-11-11T06:15:08.360`) +- [CVE-2024-51820](CVE-2024/CVE-2024-518xx/CVE-2024-51820.json) (`2024-11-11T06:15:08.660`) +- [CVE-2024-51837](CVE-2024/CVE-2024-518xx/CVE-2024-51837.json) (`2024-11-11T06:15:08.950`) +- [CVE-2024-51843](CVE-2024/CVE-2024-518xx/CVE-2024-51843.json) (`2024-11-11T06:15:09.243`) +- [CVE-2024-51845](CVE-2024/CVE-2024-518xx/CVE-2024-51845.json) (`2024-11-11T06:15:09.547`) +- [CVE-2024-51882](CVE-2024/CVE-2024-518xx/CVE-2024-51882.json) (`2024-11-11T06:15:09.837`) +- [CVE-2024-52356](CVE-2024/CVE-2024-523xx/CVE-2024-52356.json) (`2024-11-11T06:15:10.153`) +- [CVE-2024-52357](CVE-2024/CVE-2024-523xx/CVE-2024-52357.json) (`2024-11-11T06:15:10.440`) +- [CVE-2024-52358](CVE-2024/CVE-2024-523xx/CVE-2024-52358.json) (`2024-11-11T06:15:10.737`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 100c00cca2f..75eb5de3720 100644 --- a/_state.csv +++ b/_state.csv @@ -242962,8 +242962,8 @@ CVE-2024-11057,0,0,a5800f82f061d1ad6f5682014c58d51ff756f3c210f42f4633c2f0dde988a CVE-2024-11058,0,0,45ee5c2c3e782b6e528b2a5ebd9a1df09e71040696e6c54587f55db5a31eb4ed,2024-11-10T23:15:04.570000 CVE-2024-11059,0,0,4701f67edbe381eeaf9aee2ff329a7f7c3dee9bcc39cff6c54d2e0d0b473d86f,2024-11-11T00:15:13.957000 CVE-2024-1106,0,0,20cb4a0a045157ac9e013fd166b9513d5a44a1304cf8a8ccabd3185b4a52ab40,2024-10-27T23:35:01.747000 -CVE-2024-11060,1,1,ae6231a406a1fd5610f9cf7c5ceeb4bdd25f4c48ad30275dd841c0c6b22ad009,2024-11-11T01:15:04.233000 -CVE-2024-11061,1,1,6fa245e1ab0816939be164d71268563d1e94aa2fe2c1a714e0c865f2942b8e9d,2024-11-11T01:15:04.523000 +CVE-2024-11060,0,0,ae6231a406a1fd5610f9cf7c5ceeb4bdd25f4c48ad30275dd841c0c6b22ad009,2024-11-11T01:15:04.233000 +CVE-2024-11061,0,0,6fa245e1ab0816939be164d71268563d1e94aa2fe2c1a714e0c865f2942b8e9d,2024-11-11T01:15:04.523000 CVE-2024-1107,0,0,7fae6df9cdce298be180c2cb6d3dacceb0e976e847fc87cce19a7d73f37dfe2b,2024-09-16T19:08:27.840000 CVE-2024-1108,0,0,72e8aa7ee320c630f0cd3020b574b902dcf572a1d2888f0afb29692e74e18247,2024-02-22T19:07:37.840000 CVE-2024-1109,0,0,54a246b33f975a42367e7b2f8f64c59b5c20293302ad365ae743bbdf357522c9,2024-02-10T04:13:21.610000 @@ -257800,6 +257800,7 @@ CVE-2024-38818,0,0,622849f8ff4dfc75febef96b69e498222845497635b94ea6c1bb47520700e CVE-2024-3882,0,0,8cf286ca42c3a62eccb821d9ac0678dabad594eee248c127390ddaf169987d46,2024-05-17T02:40:10.457000 CVE-2024-38820,0,0,50758758d32f5bb9d0664ab5254e279459d398846823826c47d2a8b01a7200dc,2024-11-05T21:35:09.393000 CVE-2024-38821,0,0,bb251b2231aa5ec8776de9aee89d7b4c729d7a41bc68ac186fa12d01aa093b81,2024-10-28T13:58:09.230000 +CVE-2024-38826,1,1,d8027d70723870c02461cc79e9f7e14ca39833be1e964ada158bd1de26def718,2024-11-11T06:15:04.963000 CVE-2024-3883,0,0,e6bda202b9fd54c10f25f29dd8ae0cebb83b1538aee636944c2fd66bf4045fff,2024-05-02T13:27:25.103000 CVE-2024-3885,0,0,9b28a2ee85edfe77753e71858fb1438bd68a9b6ee299843f3a5752cca4753d01,2024-05-02T18:00:37.360000 CVE-2024-38856,0,0,cf2c30abb1c3c3e6b03acfa253b7bd98efa464ab76b49fddc2034ce3ce8a3be1,2024-08-28T16:15:58.043000 @@ -259696,7 +259697,7 @@ CVE-2024-41989,0,0,e902f47b7607adc4839df00802ec4b9f801f5195050e557f24fe6e1b06bac CVE-2024-4199,0,0,fcf36265d6a610d83a178901804339aadd89406ac8a1349d6da6f71c3e13bfe9,2024-05-15T16:40:19.330000 CVE-2024-41990,0,0,a9d3bfe1152ea007eb5df4a4d15c3972fabe2ab7cf6c4dc84957655472913a10,2024-08-07T20:49:50.480000 CVE-2024-41991,0,0,c38f7b679bd3e48c46db9fd1c6390ab9383b0c22d8669d807f374055f46ee42b,2024-08-07T20:48:22.403000 -CVE-2024-41992,1,1,75e1f591ab9455730a7d403ff7394289848c4456f97665c54cd1f7290216eb30,2024-11-11T01:15:04.813000 +CVE-2024-41992,0,0,75e1f591ab9455730a7d403ff7394289848c4456f97665c54cd1f7290216eb30,2024-11-11T01:15:04.813000 CVE-2024-41995,0,0,79638f0d10c16b237f07db3242d98d294e87bf4205be8c6d9c3c7b90790704bd,2024-08-06T16:30:24.547000 CVE-2024-41996,0,0,29b8c50df43b1c66bff4b5734acbca34adccc097a107dedf36398e589357d13d,2024-08-26T16:35:11.247000 CVE-2024-41997,0,0,84a3f0ea395077fa02b4a334ab8509ff391bef43bdcea38ddd875b5794f83bfd,2024-10-16T20:35:12.430000 @@ -263831,7 +263832,7 @@ CVE-2024-48933,0,0,eab55cc4133fd12eb852707496206c0c064cf1bfef188e95346821cf2dadf CVE-2024-48936,0,0,202c3a156bee1b2512b5fe2822e4aae4f593d6287e38823043400d9ff6e54ff7,2024-10-30T21:35:10.387000 CVE-2024-48937,0,0,53216fc8a6fbe5febb4c086d6958028e95a58513bdf6caced98eaac34038db0e,2024-10-17T19:48:11.163000 CVE-2024-48938,0,0,42546c0230f7c9740d6f2b303141b0c584cd79f3d515c30c7b8554d560fc1ee9,2024-10-17T19:49:56.327000 -CVE-2024-48939,1,1,278ccbc68387482c6abfcb1fcf3b306955b2b499e87b5dda095e31089962d6d9,2024-11-11T01:15:04.890000 +CVE-2024-48939,0,0,278ccbc68387482c6abfcb1fcf3b306955b2b499e87b5dda095e31089962d6d9,2024-11-11T01:15:04.890000 CVE-2024-4894,0,0,1906244d072f236ffca4e7ab82222b86cb7f201e42e01d4517f3ab933ca907f5,2024-05-15T16:40:19.330000 CVE-2024-48941,0,0,96d5eae18aed5942dcf07fb408430a3860f6be4f858a12cc1546cac40f719d2f,2024-10-11T21:36:46.327000 CVE-2024-48942,0,0,8e0a2bf9dd24a5a385f196f7b0656ab299e53cb741eb92aa617f57ef48ee5dff,2024-10-11T21:36:47.090000 @@ -265078,6 +265079,11 @@ CVE-2024-51567,0,0,9629c1871377d5b3a8fc7e24f37cf5fff8c7d9ecc5af9890fa03e865aa78a CVE-2024-51568,0,0,ef96c64ab696ce1dd0f4d9f421838b3895b55219506da5bc264e22e1b5e0e5b2,2024-11-01T12:57:03.417000 CVE-2024-5157,0,0,24d31b037c5fbef35f77d9be746cd537f78e6f1e98b9c21955d97a62fe59949f,2024-07-03T02:08:34.407000 CVE-2024-51570,0,0,039ecc17621b1db181f9096c9a875f2b9973a9cc57be3840bb82f92f55e97e7f,2024-11-09T09:15:03.520000 +CVE-2024-51571,1,1,41ccf63bb3b0b3ddf40df5ff7e749b0672a24b626f857f242cc3e93f7f95ef9f,2024-11-11T06:15:05.300000 +CVE-2024-51572,1,1,20d90174e9a21d4c7fd8cef4b7489770d63354f30c48858de7680a0a50fe7826,2024-11-11T06:15:05.600000 +CVE-2024-51573,1,1,3defddb0e63ca1f86a8b578de590d6422421a8d3d1f258aabca98ccf4fe59dfc,2024-11-11T06:15:05.887000 +CVE-2024-51574,1,1,eed528b85a0bf8e25eff7180b1de31b7d3cdf4bc0e064fcaaa40937d1f34d6f0,2024-11-11T06:15:06.160000 +CVE-2024-51575,1,1,b281eb604aca1e345115ea23964bcd40269ca142b394d819eda8265d20a8b8b2,2024-11-11T06:15:06.463000 CVE-2024-51576,0,0,a401de41abd8574bb548a71c8fd11720ef3b4ee5f5fd82fc244607328ff684a3,2024-11-10T12:15:19.290000 CVE-2024-51577,0,0,d0ec203417f086b0461ea98ce73b532fa7574e308c18cd79bf8790574f0a3173,2024-11-10T10:15:04.877000 CVE-2024-51578,0,0,c1360c7172cbee5cc357cca65f2404f3c3f06119fe32e88a6590c342673fc1db,2024-11-10T10:15:05.270000 @@ -265229,14 +265235,25 @@ CVE-2024-51784,0,0,7aa64ce206753d31a72fc90e88d3fdaf79faaa63fb5fbf0db7f004a9c8d65 CVE-2024-51785,0,0,662526c0576f391b30458bfb35a6f73c500de5c3ca4181662c9f60655c3abc4a,2024-11-09T09:15:06.647000 CVE-2024-51786,0,0,c8c231843ca097429e2240c89b37bd7321c861a0358df50f0830851b988e027b,2024-11-09T09:15:06.903000 CVE-2024-51787,0,0,61f4c49129eae5dbb717fc49549e9a3e0e2149851d5b56ce5575c491d7f74243,2024-11-09T09:15:07.133000 +CVE-2024-51788,1,1,f789db6dd731ec81a60a04477c53b1c2efcf4a2a3cabe1f99227c0aaa73700db,2024-11-11T06:15:06.760000 +CVE-2024-51789,1,1,749d3c90873021152aeb307c1564a1b0ee4725bc9e6263cc021457aee74863f6,2024-11-11T06:15:07.130000 CVE-2024-5179,0,0,ea665152b8c9953ad6e84eb904f7eac78af7e075a45f2a4da51451b13f6b9cb3,2024-10-09T16:57:08.317000 +CVE-2024-51790,1,1,1fb2da026cbbe6cd75ef25fdbcc16b3c17c991ce75150b47ddac6c20234d72bd,2024-11-11T06:15:07.483000 +CVE-2024-51791,1,1,5d7d941d22d8e336aaf0cfe73f385a367ca6f4ac9bc090314fdb30dfb8cb2832,2024-11-11T06:15:07.787000 +CVE-2024-51792,1,1,60b83c73f83b39845b85769f87dc4bfdbc693b8698d2a5925d9b4235910a495a,2024-11-11T06:15:08.073000 +CVE-2024-51793,1,1,cb51d6335dcca254873981f72be2128415b19fa3041a4e58821c7c5d730b2de1,2024-11-11T06:15:08.360000 CVE-2024-5181,0,0,bbf6825e1d5f360a1a58b67dff2bf4d85afbf0a93fef4d4bb8dfd7975bcf0e60,2024-06-26T12:44:29.693000 CVE-2024-5182,0,0,58b8232fd0b5e70f15eeeb5297ff44723ef92c555fd120d8b123a01ca786d63b,2024-08-27T17:30:21.127000 +CVE-2024-51820,1,1,50929fc8e5daec4d2772e90cae08c97c632365abd35ec7f85c8039f090a366a9,2024-11-11T06:15:08.660000 +CVE-2024-51837,1,1,12a0c371e84220aa2676857016f4b77aaf949c78e7e5c38cbd61a27208efb919,2024-11-11T06:15:08.950000 CVE-2024-5184,0,0,913e376e9213bf80a4ef6a0008bd230beba5d0e3fbd42416956e3dc16ba16e7b,2024-06-18T17:06:20.257000 +CVE-2024-51843,1,1,14364596433a0f04d5505007d9a992bf3b825505925257e3fe0899390af39352,2024-11-11T06:15:09.243000 +CVE-2024-51845,1,1,f7fb6e0d1495701358cad5d0f49f428717ff737ff653f0a847c78cb59b4ddae3,2024-11-11T06:15:09.547000 CVE-2024-5185,0,0,0c09010aee9423412314c9f1cbba57fc2fd9ee19c760646e6502f5738cacb7fd,2024-08-30T19:15:16.340000 CVE-2024-5186,0,0,7baed0c201f742c44896dec767d6237c8df7ae961ab3d7ec09eb8b65736716f7,2024-09-24T14:04:47.170000 CVE-2024-5187,0,0,88fb29ce759c452b913d57a873a63220e31c82d475ca2c84fa3b804bf9736023,2024-10-23T13:36:11.643000 CVE-2024-5188,0,0,b2a939863f7779e6dba1e0e2aecd4047c60710495b7cac734003aec732566505,2024-06-11T17:41:17.087000 +CVE-2024-51882,1,1,ddebd31fa75b18eaf622a7f6454d45f7aead749ca3c7febfce3b2a4a229a61a5,2024-11-11T06:15:09.837000 CVE-2024-5189,0,0,87ea6bb70c0f4e8e0e95d6725175819a83c6ff33cc484fc5f525db9ad5e385e9,2024-06-13T18:36:45.417000 CVE-2024-5190,0,0,d58b9fdaecdb1abec20ccf7764e52a460a4959870ee8917a6c4a9f4c686657e6,2024-05-22T03:15:08.273000 CVE-2024-5191,0,0,855a566258b8b88a588ebc49e507f9db3fa3e450b83819e0fe6599e7fdad210b,2024-06-24T19:25:23.943000 @@ -265320,6 +265337,9 @@ CVE-2024-5232,0,0,8d68905f3b69b3dadb32694d2c73f30dc32ad3c794d56bacf5b1c8bfed3d3b CVE-2024-5233,0,0,d230ff373762a089849cb791769c151d4d1eb1a364270894bffa0dbac945e679,2024-06-04T19:21:02.993000 CVE-2024-5234,0,0,14a09ab7485c5dff6a0e2d37ff7f584b26da4a8cf075e00d5ab541632ac32bbb,2024-06-04T19:21:03.100000 CVE-2024-5235,0,0,98bbbe6acfd408ea35eab71055bef5859edfdf3c3c90f82fa44b5b2f0c597f28,2024-06-04T19:21:03.207000 +CVE-2024-52356,1,1,0553acbf2e8e39a312cff7320beec0b9bcbfe62f41a3f3b85802b78b1abedebd,2024-11-11T06:15:10.153000 +CVE-2024-52357,1,1,e8fdb161598d26c1fc31a1b648593dd8160fca2dcc96e2a7336c53a573f39fc4,2024-11-11T06:15:10.440000 +CVE-2024-52358,1,1,4e891ee49c0a084a921d2e6a3c04a1bbfa51eca5c1025b9c9f9183cd5dd21da2,2024-11-11T06:15:10.737000 CVE-2024-5236,0,0,3a876190aab882c0110e09fef49a5c72516897cda47bddba2de12251cfa9a5e8,2024-05-24T01:15:30.977000 CVE-2024-5237,0,0,8803efe45da93d97b55082adbd1bb29281c1282514c20ec3608a648081cd56be,2024-06-04T19:21:03.317000 CVE-2024-5238,0,0,a03a95be1868c6bee6318b11858946fc155e156e4fa75ea27b59162de04fd53f,2024-06-04T19:21:03.413000