From 9861a4f9d03c81773e78ae1232ca8610c395ef05 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 24 Jun 2024 20:03:10 +0000 Subject: [PATCH] Auto-Update: 2024-06-24T20:00:19.296356+00:00 --- CVE-2018/CVE-2018-53xx/CVE-2018-5389.json | 12 +- CVE-2021/CVE-2021-457xx/CVE-2021-45785.json | 20 ++ CVE-2022/CVE-2022-380xx/CVE-2022-38055.json | 63 +++++- CVE-2022/CVE-2022-402xx/CVE-2022-40225.json | 60 +++++- CVE-2022/CVE-2022-434xx/CVE-2022-43453.json | 51 ++++- CVE-2022/CVE-2022-445xx/CVE-2022-44587.json | 51 ++++- CVE-2022/CVE-2022-445xx/CVE-2022-44593.json | 63 +++++- CVE-2022/CVE-2022-458xx/CVE-2022-45803.json | 51 ++++- CVE-2023/CVE-2023-383xx/CVE-2023-38389.json | 51 ++++- CVE-2023/CVE-2023-451xx/CVE-2023-45197.json | 66 +++++- CVE-2023/CVE-2023-497xx/CVE-2023-49793.json | 59 +++++ CVE-2023/CVE-2023-513xx/CVE-2023-51375.json | 51 ++++- CVE-2024/CVE-2024-215xx/CVE-2024-21514.json | 68 +++++- CVE-2024/CVE-2024-215xx/CVE-2024-21515.json | 64 +++++- CVE-2024/CVE-2024-215xx/CVE-2024-21516.json | 64 +++++- CVE-2024/CVE-2024-215xx/CVE-2024-21517.json | 64 +++++- CVE-2024/CVE-2024-215xx/CVE-2024-21518.json | 63 +++++- CVE-2024/CVE-2024-215xx/CVE-2024-21519.json | 63 +++++- CVE-2024/CVE-2024-329xx/CVE-2024-32936.json | 4 +- CVE-2024/CVE-2024-32xx/CVE-2024-3264.json | 4 +- CVE-2024/CVE-2024-332xx/CVE-2024-33278.json | 4 +- CVE-2024/CVE-2024-336xx/CVE-2024-33687.json | 4 +- CVE-2024/CVE-2024-338xx/CVE-2024-33847.json | 4 +- CVE-2024/CVE-2024-338xx/CVE-2024-33879.json | 4 +- CVE-2024/CVE-2024-338xx/CVE-2024-33880.json | 4 +- CVE-2024/CVE-2024-338xx/CVE-2024-33881.json | 4 +- CVE-2024/CVE-2024-340xx/CVE-2024-34027.json | 4 +- CVE-2024/CVE-2024-340xx/CVE-2024-34030.json | 4 +- CVE-2024/CVE-2024-352xx/CVE-2024-35247.json | 4 +- CVE-2024/CVE-2024-355xx/CVE-2024-35537.json | 73 ++++++- CVE-2024/CVE-2024-357xx/CVE-2024-35757.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35758.json | 61 +++++- CVE-2024/CVE-2024-357xx/CVE-2024-35759.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35760.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35761.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35762.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35763.json | 47 +++- CVE-2024/CVE-2024-357xx/CVE-2024-35764.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35766.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35767.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35768.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35769.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35770.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35771.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35772.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35774.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35776.json | 63 +++++- CVE-2024/CVE-2024-357xx/CVE-2024-35778.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35779.json | 51 ++++- CVE-2024/CVE-2024-357xx/CVE-2024-35781.json | 51 ++++- CVE-2024/CVE-2024-362xx/CVE-2024-36288.json | 116 +++++++++- CVE-2024/CVE-2024-364xx/CVE-2024-36477.json | 100 ++++++++- CVE-2024/CVE-2024-364xx/CVE-2024-36479.json | 4 +- CVE-2024/CVE-2024-364xx/CVE-2024-36481.json | 100 ++++++++- CVE-2024/CVE-2024-370xx/CVE-2024-37021.json | 4 +- CVE-2024/CVE-2024-370xx/CVE-2024-37026.json | 4 +- CVE-2024/CVE-2024-370xx/CVE-2024-37092.json | 4 +- CVE-2024/CVE-2024-371xx/CVE-2024-37107.json | 4 +- CVE-2024/CVE-2024-371xx/CVE-2024-37109.json | 4 +- CVE-2024/CVE-2024-371xx/CVE-2024-37111.json | 4 +- CVE-2024/CVE-2024-371xx/CVE-2024-37118.json | 63 +++++- CVE-2024/CVE-2024-371xx/CVE-2024-37198.json | 61 +++++- CVE-2024/CVE-2024-372xx/CVE-2024-37212.json | 51 ++++- CVE-2024/CVE-2024-372xx/CVE-2024-37227.json | 63 +++++- CVE-2024/CVE-2024-372xx/CVE-2024-37228.json | 4 +- CVE-2024/CVE-2024-372xx/CVE-2024-37230.json | 51 ++++- CVE-2024/CVE-2024-372xx/CVE-2024-37231.json | 4 +- CVE-2024/CVE-2024-372xx/CVE-2024-37233.json | 4 +- CVE-2024/CVE-2024-376xx/CVE-2024-37671.json | 78 ++++++- CVE-2024/CVE-2024-376xx/CVE-2024-37672.json | 78 ++++++- CVE-2024/CVE-2024-376xx/CVE-2024-37673.json | 78 ++++++- CVE-2024/CVE-2024-376xx/CVE-2024-37675.json | 78 ++++++- CVE-2024/CVE-2024-376xx/CVE-2024-37677.json | 20 ++ CVE-2024/CVE-2024-376xx/CVE-2024-37679.json | 20 ++ CVE-2024/CVE-2024-376xx/CVE-2024-37680.json | 20 ++ CVE-2024/CVE-2024-377xx/CVE-2024-37732.json | 20 ++ CVE-2024/CVE-2024-378xx/CVE-2024-37825.json | 4 +- CVE-2024/CVE-2024-383xx/CVE-2024-38369.json | 4 +- CVE-2024/CVE-2024-383xx/CVE-2024-38373.json | 4 +- CVE-2024/CVE-2024-383xx/CVE-2024-38384.json | 4 +- CVE-2024/CVE-2024-386xx/CVE-2024-38662.json | 133 +++++++++++- CVE-2024/CVE-2024-386xx/CVE-2024-38663.json | 4 +- CVE-2024/CVE-2024-386xx/CVE-2024-38664.json | 4 +- CVE-2024/CVE-2024-386xx/CVE-2024-38667.json | 4 +- CVE-2024/CVE-2024-387xx/CVE-2024-38780.json | 165 +++++++++++++- CVE-2024/CVE-2024-392xx/CVE-2024-39277.json | 126 ++++++++++- CVE-2024/CVE-2024-392xx/CVE-2024-39291.json | 4 +- CVE-2024/CVE-2024-392xx/CVE-2024-39292.json | 4 +- CVE-2024/CVE-2024-44xx/CVE-2024-4477.json | 69 +++++- CVE-2024/CVE-2024-46xx/CVE-2024-4616.json | 69 +++++- CVE-2024/CVE-2024-47xx/CVE-2024-4748.json | 4 +- CVE-2024/CVE-2024-47xx/CVE-2024-4755.json | 69 +++++- CVE-2024/CVE-2024-48xx/CVE-2024-4839.json | 4 +- CVE-2024/CVE-2024-48xx/CVE-2024-4874.json | 64 +++++- CVE-2024/CVE-2024-49xx/CVE-2024-4969.json | 69 +++++- CVE-2024/CVE-2024-49xx/CVE-2024-4970.json | 69 +++++- CVE-2024/CVE-2024-50xx/CVE-2024-5058.json | 51 ++++- CVE-2024/CVE-2024-50xx/CVE-2024-5059.json | 61 +++++- CVE-2024/CVE-2024-51xx/CVE-2024-5191.json | 75 ++++++- CVE-2024/CVE-2024-54xx/CVE-2024-5447.json | 69 +++++- CVE-2024/CVE-2024-54xx/CVE-2024-5448.json | 69 +++++- CVE-2024/CVE-2024-56xx/CVE-2024-5639.json | 58 ++++- CVE-2024/CVE-2024-58xx/CVE-2024-5859.json | 48 ++++- CVE-2024/CVE-2024-58xx/CVE-2024-5862.json | 4 +- CVE-2024/CVE-2024-59xx/CVE-2024-5945.json | 80 ++++++- CVE-2024/CVE-2024-60xx/CVE-2024-6027.json | 80 ++++++- CVE-2024/CVE-2024-61xx/CVE-2024-6104.json | 4 +- CVE-2024/CVE-2024-62xx/CVE-2024-6225.json | 70 +++++- CVE-2024/CVE-2024-62xx/CVE-2024-6239.json | 93 +++++++- CVE-2024/CVE-2024-62xx/CVE-2024-6240.json | 51 ++++- CVE-2024/CVE-2024-62xx/CVE-2024-6241.json | 67 +++++- CVE-2024/CVE-2024-62xx/CVE-2024-6285.json | 4 +- CVE-2024/CVE-2024-62xx/CVE-2024-6287.json | 4 +- README.md | 52 +++-- _state.csv | 226 ++++++++++---------- 115 files changed, 4714 insertions(+), 505 deletions(-) create mode 100644 CVE-2021/CVE-2021-457xx/CVE-2021-45785.json create mode 100644 CVE-2023/CVE-2023-497xx/CVE-2023-49793.json create mode 100644 CVE-2024/CVE-2024-376xx/CVE-2024-37677.json create mode 100644 CVE-2024/CVE-2024-376xx/CVE-2024-37679.json create mode 100644 CVE-2024/CVE-2024-376xx/CVE-2024-37680.json create mode 100644 CVE-2024/CVE-2024-377xx/CVE-2024-37732.json diff --git a/CVE-2018/CVE-2018-53xx/CVE-2018-5389.json b/CVE-2018/CVE-2018-53xx/CVE-2018-5389.json index 293925352d2..605de1b277d 100644 --- a/CVE-2018/CVE-2018-53xx/CVE-2018-5389.json +++ b/CVE-2018/CVE-2018-53xx/CVE-2018-5389.json @@ -2,7 +2,7 @@ "id": "CVE-2018-5389", "sourceIdentifier": "cret@cert.org", "published": "2018-09-06T21:29:00.220", - "lastModified": "2019-10-09T23:41:16.953", + "lastModified": "2024-06-24T19:15:11.480", "vulnStatus": "Modified", "descriptions": [ { @@ -73,16 +73,6 @@ "value": "CWE-521" } ] - }, - { - "source": "cret@cert.org", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-323" - } - ] } ], "configurations": [ diff --git a/CVE-2021/CVE-2021-457xx/CVE-2021-45785.json b/CVE-2021/CVE-2021-457xx/CVE-2021-45785.json new file mode 100644 index 00000000000..58ba576176b --- /dev/null +++ b/CVE-2021/CVE-2021-457xx/CVE-2021-45785.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-45785", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-24T19:15:11.700", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, causing a DoS attack. The attacker must craft a webpage that would perform a GET request to the /api/v1/admin/restart endpoint, then the victim (who has sufficient privileges), would visit the page and the server restart would begin. The attacker must know the full URL that TruDesk is on in order to craft the webpage." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://1d8.github.io/cves/cve_2021_45785/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-380xx/CVE-2022-38055.json b/CVE-2022/CVE-2022-380xx/CVE-2022-38055.json index 14815941cc6..9058c9bff56 100644 --- a/CVE-2022/CVE-2022-380xx/CVE-2022-38055.json +++ b/CVE-2022/CVE-2022-380xx/CVE-2022-38055.json @@ -2,16 +2,40 @@ "id": "CVE-2022-38055", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T16:15:10.497", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:12:16.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpForo Forum allows Content Spoofing.This issue affects wpForo Forum: from n/a through 2.0.9." + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de etiquetas HTML relacionadas con scripts en una vulnerabilidad de p\u00e1gina web (XSS b\u00e1sico) en gVectors Team wpForo Forum permite la suplantaci\u00f3n de contenido. Este problema afecta a wpForo Forum: desde n/a hasta 2.0.9." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.1.0", + "matchCriteriaId": "100EAEDA-0A7C-4BC4-878B-20AE94F4BC9C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-forum-plugin-2-0-9-auth-html-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-402xx/CVE-2022-40225.json b/CVE-2022/CVE-2022-402xx/CVE-2022-40225.json index 3395ce4f8c6..2f5d106db9f 100644 --- a/CVE-2022/CVE-2022-402xx/CVE-2022-40225.json +++ b/CVE-2022/CVE-2022-402xx/CVE-2022-40225.json @@ -2,8 +2,8 @@ "id": "CVE-2022-40225", "sourceIdentifier": "productcert@siemens.com", "published": "2022-11-10T22:15:14.987", - "lastModified": "2024-06-13T18:36:45.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:39:38.440", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -50,10 +70,44 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:siplus_tim_1531_irc_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.4.8", + "matchCriteriaId": "A2943CE5-AD0E-43FF-B8D5-A07DBC04B7AC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:siplus_tim_1531_irc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "074FDC9C-CB36-4C67-82C8-1B930FF1269F" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-337522.html", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-434xx/CVE-2022-43453.json b/CVE-2022/CVE-2022-434xx/CVE-2022-43453.json index 5eac50b3d27..c7ef3cccc52 100644 --- a/CVE-2022/CVE-2022-434xx/CVE-2022-43453.json +++ b/CVE-2022/CVE-2022-434xx/CVE-2022-43453.json @@ -2,16 +2,40 @@ "id": "CVE-2022-43453", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:10.870", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:50:15.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n/a through 3.41." + }, + { + "lang": "es", + "value": "Vulnerabilidad de autorizaci\u00f3n faltante en Bill Minozzi WP Tools. Este problema afecta a WP Tools: desde n/a hasta 3.41." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:billminozzi:wp_tools:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.43", + "matchCriteriaId": "92795DE1-6067-43A3-952E-750F691FC27B" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wptools/wordpress-wp-tools-plugin-2-51-3-41-auth-broken-access-control-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-445xx/CVE-2022-44587.json b/CVE-2022/CVE-2022-445xx/CVE-2022-44587.json index aa69c0dfb45..e69ef2c6b02 100644 --- a/CVE-2022/CVE-2022-445xx/CVE-2022-44587.json +++ b/CVE-2022/CVE-2022-445xx/CVE-2022-44587.json @@ -2,16 +2,40 @@ "id": "CVE-2022-44587", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T16:15:10.763", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:12:42.033", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP 2FA: from n/a through 2.6.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de inserci\u00f3n de informaci\u00f3n confidencial en el archivo de registro en WP 2FA permite acceder a la funcionalidad no restringida adecuadamente por las ACL. Este problema afecta a WP 2FA: desde n/a hasta 2.6.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:melapress:wp_2fa:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.6.4", + "matchCriteriaId": "89EE231F-4C4B-47A8-80AE-63B982337D79" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp-2fa-plugin-2-6-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-445xx/CVE-2022-44593.json b/CVE-2022/CVE-2022-445xx/CVE-2022-44593.json index 1289b6def0e..defb9769d74 100644 --- a/CVE-2022/CVE-2022-445xx/CVE-2022-44593.json +++ b/CVE-2022/CVE-2022-445xx/CVE-2022-44593.json @@ -2,16 +2,40 @@ "id": "CVE-2022-44593", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T16:15:11.013", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:13:16.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1." + }, + { + "lang": "es", + "value": "El uso de la vulnerabilidad de fuente menos confiable en SolidWP Solid Security permite HTTP DoS. Este problema afecta a Solid Security: desde n/a hasta 9.3.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:solidwp:solid_security:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "9.3.2", + "matchCriteriaId": "07B13EE4-2B86-43F9-A944-99C50A12D4D1" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/better-wp-security/wordpress-solid-security-plugin-9-3-1-ip-spoofing-leading-to-denial-of-service-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-458xx/CVE-2022-45803.json b/CVE-2022/CVE-2022-458xx/CVE-2022-45803.json index 29233e34a3d..6cd085c0a55 100644 --- a/CVE-2022/CVE-2022-458xx/CVE-2022-45803.json +++ b/CVE-2022/CVE-2022-458xx/CVE-2022-45803.json @@ -2,16 +2,40 @@ "id": "CVE-2022-45803", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:11.103", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:51:29.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing Authorization vulnerability in Nikolay Strikhar WordPress Form Builder Plugin \u2013 Gutenberg Forms.This issue affects WordPress Form Builder Plugin \u2013 Gutenberg Forms: from n/a through 2.2.8.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de autorizaci\u00f3n faltante en el complemento Nikolay Strikhar WordPress Form Builder \u2013 Gutenberg Forms. Este problema afecta al complemento WordPress Form Builder \u2013 Gutenberg Forms: desde n/a hasta 2.2.8.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gutenbergforms:gutenberg_forms:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.2.9", + "matchCriteriaId": "748B8783-2626-4DCB-A5EC-FC26F5BC8433" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/forms-gutenberg/wordpress-gutenberg-forms-plugin-2-2-8-3-auth-broken-access-control-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38389.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38389.json index 8e42a9780b7..9109b1d5911 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38389.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38389.json @@ -2,16 +2,40 @@ "id": "CVE-2023-38389", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T16:15:11.310", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:13:48.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JupiterX Core: from n/a through 3.3.8." + }, + { + "lang": "es", + "value": "La vulnerabilidad de autorizaci\u00f3n incorrecta en Artbees JupiterX Core permite acceder a una funcionalidad que no est\u00e1 correctamente restringida por las ACL. Este problema afecta a JupiterX Core: desde n/a hasta 3.3.8." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:artbees:jupiter_x_core:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.3.8", + "matchCriteriaId": "E5B6F0E2-1DF6-47FD-B24E-5C38EF906D20" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/jupiterx-core/wordpress-jupiter-x-core-plugin-3-3-0-unauthenticated-account-takeover-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45197.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45197.json index c21e61e1140..744eecc680e 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45197.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45197.json @@ -2,16 +2,53 @@ "id": "CVE-2023-45197", "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725", "published": "2024-06-21T15:15:15.647", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:11:50.963", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table name of \u201c..\u201d to the root of the Adminer directory. The attacker can effectively guess the name of the uploaded file and execute it. Adminer is no longer supported, but this issue was fixed in AdminerEvo version 4.8.3." + }, + { + "lang": "es", + "value": "El complemento de carga de archivos en Adminer y AdminerEvo permite a un atacante cargar un archivo con un nombre de tabla \"...\" en la ra\u00edz del directorio de Adminer. El atacante puede adivinar efectivamente el nombre del archivo cargado y ejecutarlo. Adminer ya no es compatible, pero este problema se solucion\u00f3 en la versi\u00f3n 4.8.3 de AdminerEvo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, { "source": "9119a7d8-5eab-497f-8521-727c672e3725", "type": "Secondary", @@ -27,10 +64,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adminerevo:adminerevo:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.8.3", + "matchCriteriaId": "DCD7F783-BAAA-4824-AE44-CC5D0FE9D14F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/adminerevo/adminerevo/commit/1cc06d6a1005fd833fa009701badd5641627a1d4", - "source": "9119a7d8-5eab-497f-8521-727c672e3725" + "source": "9119a7d8-5eab-497f-8521-727c672e3725", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49793.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49793.json new file mode 100644 index 00000000000..e8021ff72a8 --- /dev/null +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49793.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-49793", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-06-24T18:15:10.437", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of `CodeChecker store` are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of `CodeChecker server`. The vulnerable endpoint is `/Default/v6.53/CodeCheckerService@massStoreRun`. The path traversal vulnerability allows reading data on the machine of the `CodeChecker server`, with the same permission level as the `CodeChecker server`.\nThe attack requires a user account on the `CodeChecker server`, with permission to store to a server, and view the stored report. This vulnerability has been patched in version 6.23." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Ericsson/codechecker/commit/46bada41e32f3ba0f6011d5c556b579f6dddf07a", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-h26w-r4m5-8rrf", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51375.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51375.json index 9c65da3593a..dcf437322df 100644 --- a/CVE-2023/CVE-2023-513xx/CVE-2023-51375.json +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51375.json @@ -2,16 +2,40 @@ "id": "CVE-2023-51375", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:11.363", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:52:00.293", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.8.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de autorizaci\u00f3n faltante en WPDeveloper EmbedPress. Este problema afecta a EmbedPress: desde n/a hasta 3.8.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpdeveloper:embedpress:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.8.4", + "matchCriteriaId": "A1119AAF-766A-4F5B-B08C-1057FEFB8BA0" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/embedpress/wordpress-embedpress-plugin-3-8-3-broken-access-control-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21514.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21514.json index 5635e6be0ce..adc3ab3e901 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21514.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21514.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21514", "sourceIdentifier": "report@snyk.io", "published": "2024-06-22T05:15:09.637", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:59:16.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "report@snyk.io", "type": "Secondary", @@ -50,18 +80,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opencart:opencart:3.0.3.9:*:*:*:*:*:*:*", + "matchCriteriaId": "FFAF17FE-8983-4CE6-BCFE-A6AA865E8FE2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opencart/opencart/blob/3.0.3.9/upload/catalog/model/extension/payment/divido.php%23L114", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Product" + ] }, { "url": "https://github.com/opencart/opencart/commit/46bd5f5a8056ff9aad0aa7d71729c4cf593d67e2", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Patch" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266565", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21515.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21515.json index 8cbabfd6dda..5c1e912e1d2 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21515.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21515.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21515", "sourceIdentifier": "report@snyk.io", "published": "2024-06-22T05:15:10.730", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:58:28.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.7 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "report@snyk.io", "type": "Secondary", @@ -50,14 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0.0", + "matchCriteriaId": "60390C89-394D-4A4E-BD1C-C91F57B73CFD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opencart/opencart/commit/c546199e8f100c1f3797a7a9d3cf4db1887399a2", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Patch" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266573", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21516.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21516.json index 7217a2fa7a8..950eead7a72 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21516.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21516.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21516", "sourceIdentifier": "report@snyk.io", "published": "2024-06-22T05:15:10.967", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:57:38.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.7 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "report@snyk.io", "type": "Secondary", @@ -50,14 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0.0", + "matchCriteriaId": "60390C89-394D-4A4E-BD1C-C91F57B73CFD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opencart/opencart/commit/c546199e8f100c1f3797a7a9d3cf4db1887399a2", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Patch" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266576", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21517.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21517.json index 346cb15148e..44ae903ada6 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21517.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21517.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21517", "sourceIdentifier": "report@snyk.io", "published": "2024-06-22T05:15:11.173", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:56:45.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "report@snyk.io", "type": "Secondary", @@ -50,14 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0.0", + "matchCriteriaId": "60390C89-394D-4A4E-BD1C-C91F57B73CFD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opencart/opencart/commit/0fd1ee4b6c94366bf3e5d3831a8336f3275d1860", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Patch" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266577", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21518.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21518.json index d0b17acac43..cf970c5f5ef 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21518.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21518.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21518", "sourceIdentifier": "report@snyk.io", "published": "2024-06-22T05:15:11.403", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:56:14.723", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "report@snyk.io", "type": "Secondary", @@ -50,14 +80,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0.0", + "matchCriteriaId": "60390C89-394D-4A4E-BD1C-C91F57B73CFD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opencart/opencart/blob/04c1724370ab02967d3b4f668c1b67771ecf1ff4/upload/admin/controller/marketplace/installer.php%23L383C1-L383C1", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Patch" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266578", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21519.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21519.json index f0eb17d2665..e19c7ddc7a4 100644 --- a/CVE-2024/CVE-2024-215xx/CVE-2024-21519.json +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21519.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21519", "sourceIdentifier": "report@snyk.io", "published": "2024-06-22T05:15:11.620", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:55:07.760", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "report@snyk.io", "type": "Secondary", @@ -50,14 +80,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0.0", + "matchCriteriaId": "60390C89-394D-4A4E-BD1C-C91F57B73CFD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opencart/opencart/blob/master/upload/admin/controller/tool/upload.php%23L353", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Broken Link" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266579", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-329xx/CVE-2024-32936.json b/CVE-2024/CVE-2024-329xx/CVE-2024-32936.json index e95cef6033f..85f96fc048b 100644 --- a/CVE-2024/CVE-2024-329xx/CVE-2024-32936.json +++ b/CVE-2024/CVE-2024-329xx/CVE-2024-32936.json @@ -2,8 +2,8 @@ "id": "CVE-2024-32936", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:11.600", - "lastModified": "2024-06-24T14:15:11.600", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-32xx/CVE-2024-3264.json b/CVE-2024/CVE-2024-32xx/CVE-2024-3264.json index 0e260c82bac..947fd8bbb12 100644 --- a/CVE-2024/CVE-2024-32xx/CVE-2024-3264.json +++ b/CVE-2024/CVE-2024-32xx/CVE-2024-3264.json @@ -2,8 +2,8 @@ "id": "CVE-2024-3264", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-06-24T13:15:11.627", - "lastModified": "2024-06-24T13:15:11.627", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-332xx/CVE-2024-33278.json b/CVE-2024/CVE-2024-332xx/CVE-2024-33278.json index 00c1ac94795..f91f89ffbad 100644 --- a/CVE-2024/CVE-2024-332xx/CVE-2024-33278.json +++ b/CVE-2024/CVE-2024-332xx/CVE-2024-33278.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33278", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-24T14:15:11.687", - "lastModified": "2024-06-24T14:15:11.687", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-336xx/CVE-2024-33687.json b/CVE-2024/CVE-2024-336xx/CVE-2024-33687.json index ec01b07227d..86238a6e182 100644 --- a/CVE-2024/CVE-2024-336xx/CVE-2024-33687.json +++ b/CVE-2024/CVE-2024-336xx/CVE-2024-33687.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33687", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-06-24T15:15:11.590", - "lastModified": "2024-06-24T15:15:11.590", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33847.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33847.json index 24ba66db669..e5b8d51fc83 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33847.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33847.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33847", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:11.803", - "lastModified": "2024-06-24T14:15:11.803", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33879.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33879.json index ba2b2627b68..8d3605e83ad 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33879.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33879.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33879", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-24T17:15:10.257", - "lastModified": "2024-06-24T17:15:10.257", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33880.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33880.json index 955ac5f8856..e716cfd8f25 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33880.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33880.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33880", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-24T17:15:10.353", - "lastModified": "2024-06-24T17:15:10.353", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-338xx/CVE-2024-33881.json b/CVE-2024/CVE-2024-338xx/CVE-2024-33881.json index 5f85cd56be3..b10d0ae63fb 100644 --- a/CVE-2024/CVE-2024-338xx/CVE-2024-33881.json +++ b/CVE-2024/CVE-2024-338xx/CVE-2024-33881.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33881", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-24T17:15:10.447", - "lastModified": "2024-06-24T17:15:10.447", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34027.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34027.json index 92fa1318dcb..23c87b25ca1 100644 --- a/CVE-2024/CVE-2024-340xx/CVE-2024-34027.json +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34027.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34027", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:11.887", - "lastModified": "2024-06-24T14:15:11.887", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34030.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34030.json index ea4bd83419e..4c098d33473 100644 --- a/CVE-2024/CVE-2024-340xx/CVE-2024-34030.json +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34030.json @@ -2,8 +2,8 @@ "id": "CVE-2024-34030", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:11.977", - "lastModified": "2024-06-24T14:15:11.977", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-352xx/CVE-2024-35247.json b/CVE-2024/CVE-2024-352xx/CVE-2024-35247.json index 5e56f512088..f77c6acb376 100644 --- a/CVE-2024/CVE-2024-352xx/CVE-2024-35247.json +++ b/CVE-2024/CVE-2024-352xx/CVE-2024-35247.json @@ -2,8 +2,8 @@ "id": "CVE-2024-35247", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.050", - "lastModified": "2024-06-24T14:15:12.050", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35537.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35537.json index f2f425989d9..4ae849019b0 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35537.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35537.json @@ -2,19 +2,84 @@ "id": "CVE-2024-35537", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-21T17:15:10.697", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:40:04.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely handle the RSA key pair, allowing attackers to possibly access sensitive information via decryption." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que TVS Motor Company Limited TVS Connect Android v4.6.0 e IOS v5.0.0 manejan de forma insegura el par de claves RSA, lo que permite a los atacantes posiblemente acceder a informaci\u00f3n confidencial mediante el descifrado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-327" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tvsmotor:tvs_connect:4.6.0:*:*:*:*:android:*:*", + "matchCriteriaId": "B96C6E52-9DDB-4DD2-808D-E0E3A049CE6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tvsmotor:tvs_connect:5.0.0:*:*:*:*:iphone_os:*:*", + "matchCriteriaId": "80CB646A-DE5C-48FA-82C0-0338284141F8" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/aaravavi/TVS-Connect-Application-VAPT", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35757.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35757.json index 54e6c88affd..347e6279473 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35757.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35757.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35757", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:09.250", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:19:01.097", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in 5 Star Plugins Easy Age Verify allows Stored XSS.This issue affects Easy Age Verify: from n/a through 1.8.2." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en los complementos de 5 estrellas Easy Age Verify permite XSS Almacenado. Este problema afecta a Easy Age Verify: desde n/a hasta 1.8.2." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:5starplugins:easy_age_verify:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.8.3", + "matchCriteriaId": "A7F5928C-A982-4A70-9E7D-07C5F6FE1C0C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/easy-age-verify/wordpress-easy-age-verify-plugin-1-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35758.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35758.json index b44acfedda7..c3bb7c6ef0f 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35758.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35758.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35758", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:09.487", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:19:51.957", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Horse Interface allows Stored XSS.This issue affects Interface: from n/a through 3.1.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Theme Horse Interface permite XSS Almacenado. Este problema afecta a la Interface: desde n/a hasta 3.1.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themehorse:interface:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.1", + "matchCriteriaId": "6CFA38DC-3106-4154-9920-94DAED06C741" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/interface/wordpress-interface-theme-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35759.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35759.json index 56897dd0e80..12be4c7f12c 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35759.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35759.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35759", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:09.740", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:20:39.243", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through 2.1.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en WP Job Portal permite XSS Almacenado. Este problema afecta a WP Job Portal: desde n/a hasta 2.1.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.1.4", + "matchCriteriaId": "857E0867-2AD0-4A44-8C60-BCA65E34611C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-job-portal/wordpress-wp-job-portal-plugin-2-1-3-admin-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35760.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35760.json index 0da3814c2fa..e3f574a2562 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35760.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35760.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35760", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:09.977", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:21:04.613", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through 2.1.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en WP Job Portal permite XSS Almacenado. Este problema afecta a WP Job Portal: desde n/a hasta 2.1.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.1.4", + "matchCriteriaId": "857E0867-2AD0-4A44-8C60-BCA65E34611C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-job-portal/wordpress-wp-job-portal-a-complete-job-board-plugin-2-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35761.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35761.json index b4d6e29b253..0d15320e6a2 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35761.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35761.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35761", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:10.233", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:21:26.413", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Stored XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en vCita Online Booking & Scheduling Calendar para WordPress de vcita permite XSS Almacenado. Este problema afecta a Online Booking & Scheduling Calendar for WordPress by vcita: de n/ a hasta 4.4.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vcita:online_booking_\\&_scheduling_calendar_for_wordpress_by_vcita:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.4.1", + "matchCriteriaId": "0160182F-E5A5-4D21-BE4F-809588561C55" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/meeting-scheduler-by-vcita/wordpress-online-booking-scheduling-calendar-for-wordpress-by-vcita-plugin-4-4-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35762.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35762.json index cc28c55f149..cdc8bd612f2 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35762.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35762.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35762", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:10.460", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:21:47.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cryout Creations Serious Slider allows Stored XSS.This issue affects Serious Slider: from n/a through 1.2.4." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Cryout Creations Serious Slider permite XSS Almacenado. Este problema afecta a Serious Slider: desde n/a hasta 1.2.4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cryoutcreations:serious_slider:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.5", + "matchCriteriaId": "CAB26632-E6D6-4081-8D07-1D5B40F794A7" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/cryout-serious-slider/wordpress-serious-slider-plugin-1-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35763.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35763.json index 70b685cd6ed..fce2d6ada38 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35763.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35763.json @@ -2,8 +2,8 @@ "id": "CVE-2024-35763", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:10.700", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:22:44.850", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themefreesia:excellent:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.3.0", + "matchCriteriaId": "DDAB6769-0F55-4341-A573-37E0814F71EB" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/excellent/wordpress-excellent-theme-1-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35764.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35764.json index 0bb692a9e7e..02ce0d4832e 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35764.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35764.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35764", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:10.950", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:23:24.417", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through 4.4.4." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Andy Moyle Church Admin permite XSS Almacenado. Este problema afecta a Church Admin: desde n/a hasta 4.4.4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.4.5", + "matchCriteriaId": "92E3440F-06E1-4672-BBAF-01DC974FD83C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35766.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35766.json index e17dd4ee34c..704790fac2d 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35766.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35766.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35766", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:11.183", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:24:15.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS.This issue affects WPPizza: from n/a through 3.18.13." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en ollybach WPPizza permite el XSS reflejado. Este problema afecta a WPPizza: desde n/a hasta 3.18.13." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wp-pizza:wppizza:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.18.14", + "matchCriteriaId": "C73F22EC-019E-4F35-86B3-C7BA46E98C86" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wppizza/wordpress-wppizza-a-restaurant-plugin-plugin-3-18-13-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35767.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35767.json index f5be8712147..a86bf895701 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35767.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35767.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35767", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T16:15:11.670", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:14:34.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.This issue affects Squeeze: from n/a through 1.4." + }, + { + "lang": "es", + "value": "La carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Bogdan Bendziukov Squeeze permite la inyecci\u00f3n de c\u00f3digo. Este problema afecta a Squeeze: desde n/a hasta 1.4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:squeeze_project:squeeze:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.4.1", + "matchCriteriaId": "7D6C7DBA-DCCF-437B-B9EF-EF4070DBCC4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/squeeze/wordpress-squeeze-plugin-1-4-arbitrary-file-upload-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35768.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35768.json index 5f85226aebb..1359a798b1d 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35768.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35768.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35768", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:11.460", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:24:52.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through 1.5.42." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Live Composer Team Page Builder: Live Composer permite XSS Almacenado. Este problema afecta a Page Builder: Live Composer: desde n/a hasta 1.5.42." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:livecomposerplugin:live-composer-page-builder:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.5.42", + "matchCriteriaId": "253CA218-7FC5-4515-9C35-4FC8B7E4E923" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/live-composer-page-builder/wordpress-page-builder-live-composer-plugin-1-5-42-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35769.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35769.json index 7eec16e15c5..a1038e8876c 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35769.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35769.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35769", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T12:15:10.250", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:45:09.447", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in John West Slideshow SE allows Stored XSS.This issue affects Slideshow SE: from n/a through 2.5.17." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en John West Slideshow SE permite XSS Almacenado. Este problema afecta a Slideshow SE: desde n/a hasta 2.5.17." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:slideshow_se_project:slideshow_se:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.5.17", + "matchCriteriaId": "76A01BFC-CB20-4215-ABB4-9DBBB7E070F0" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/slideshow-se/wordpress-slideshow-se-plugin-2-5-17-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35770.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35770.json index d202d4401a5..b5e47dd1cfc 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35770.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35770.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35770", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:11.697", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:25:21.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery WordPress Plugin.This issue affects Vimeography: Vimeo Video Gallery WordPress Plugin: from n/a through 2.4.1." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Dave Kiss Vimeography: Vimeo Video Gallery WordPress Plugin. Este problema afecta a Vimeography: Vimeo Video Gallery WordPress Plugin: desde n/a hasta 2.4.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:davekiss:vimeography:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.4.2", + "matchCriteriaId": "1DD11648-5770-4F36-AF54-3A9347CC8A08" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/vimeography/wordpress-vimeography-plugin-2-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35771.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35771.json index 30ef0aa8186..cad4804e16d 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35771.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35771.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35771", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:11.950", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:25:46.967", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects Customizr: from n/a through 4.4.21." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en presscustomizr Customizr. Este problema afecta a Customizr: desde n/a hasta 4.4.21." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:presscustomizr:customizr:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.4.22", + "matchCriteriaId": "076D993D-0708-46C4-ABE3-D1582541BE9F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/customizr/wordpress-customizr-theme-4-4-21-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35772.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35772.json index 8daabaec83d..6a401fa8d3b 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35772.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35772.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35772", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:12.183", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:26:14.460", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects Hueman: from n/a through 3.7.24." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en presscustomizr Hueman. Este problema afecta a Hueman: desde n/a hasta 3.7.24." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:presscustomizr:hueman:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.7.25", + "matchCriteriaId": "902153E0-87F1-4616-B96E-2B5C11F6EDE3" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/hueman/wordpress-hueman-theme-3-7-24-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35774.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35774.json index 147a6b4b149..949cb73543e 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35774.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35774.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35774", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T12:15:10.500", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:43:57.633", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in D\u2019arteweb DImage 360 allows Stored XSS.This issue affects DImage 360: from n/a through 2.0." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en D'arteweb DImage 360 permite XSS Almacenado. Este problema afecta a DImage 360: desde n/a hasta 2.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:darteweb:dimage_360:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0", + "matchCriteriaId": "96710C7D-9508-4744-8B70-70D12D37A473" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/dimage-360/wordpress-dimage-360-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35776.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35776.json index 64d55a66629..cff85d02590 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35776.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35776.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35776", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:12.417", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:49:09.500", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP.This issue affects phpinfo() WP: from n/a through 5.0." + }, + { + "lang": "es", + "value": "Exposici\u00f3n de informaci\u00f3n confidencial a una vulnerabilidad de actor no autorizado en Exeebit phpinfo() WP. Este problema afecta a phpinfo() WP: desde n/a hasta 5.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:exeebit:phpinfo-wp:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "5.0", + "matchCriteriaId": "F913FFFB-5D6E-42A7-8B28-CCB4D2331158" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/phpinfo-wp/wordpress-phpinfo-wp-plugin-5-0-unauthenticated-data-exposure-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35778.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35778.json index ea287c842eb..14a6fc37ca1 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35778.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35778.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35778", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T16:15:11.910", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:15:07.360", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in John West Slideshow SE allows PHP Local File Inclusion.This issue affects Slideshow SE: from n/a through 2.5.17." + }, + { + "lang": "es", + "value": "La limitaci\u00f3n inadecuada de un nombre de ruta a una vulnerabilidad de directorio restringido (\"Path Traversal\") en John West Slideshow SE permite la inclusi\u00f3n de archivos locales PHP. Este problema afecta a Slideshow SE: desde n/a hasta 2.5.17." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:slideshow_se_project:slideshow_se:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.5.17", + "matchCriteriaId": "76A01BFC-CB20-4215-ABB4-9DBBB7E070F0" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/slideshow-se/wordpress-slideshow-se-plugin-2-5-17-author-limited-local-file-inclusion-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35779.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35779.json index 9d7f906a65a..97058094ea2 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35779.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35779.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35779", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T12:15:10.747", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:40:26.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through 1.5.42." + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Live Composer Team Page Builder: Live Composer permite XSS Almacenado. Este problema afecta a Page Builder: Live Composer: desde n/a hasta 1.5.42." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:livecomposerplugin:live-composer-page-builder:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.5.42", + "matchCriteriaId": "253CA218-7FC5-4515-9C35-4FC8B7E4E923" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/live-composer-page-builder/wordpress-page-builder-live-composer-plugin-1-5-42-contributor-shortcode-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-357xx/CVE-2024-35781.json b/CVE-2024/CVE-2024-357xx/CVE-2024-35781.json index 6aeb222ea3a..c8d030cf10e 100644 --- a/CVE-2024/CVE-2024-357xx/CVE-2024-35781.json +++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35781.json @@ -2,16 +2,40 @@ "id": "CVE-2024-35781", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T16:15:12.153", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:15:58.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in YAHMAN Word Balloon allows PHP Local File Inclusion.This issue affects Word Balloon: from n/a through 4.21.1." + }, + { + "lang": "es", + "value": "La limitaci\u00f3n inadecuada de un nombre de ruta a una vulnerabilidad de directorio restringido (\"Path Traversal\") en YAHMAN Word Balloon permite la inclusi\u00f3n de archivos locales PHP. Este problema afecta a Word Balloon: desde n/a hasta 4.21.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:back2nature:word_balloon:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.21.1", + "matchCriteriaId": "5C7F2CA7-8945-4955-A019-B6D0DAE49FAF" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/word-balloon/wordpress-word-balloon-plugin-4-21-1-local-file-inclusion-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-362xx/CVE-2024-36288.json b/CVE-2024/CVE-2024-362xx/CVE-2024-36288.json index f2d06c6235d..ba72af4b06a 100644 --- a/CVE-2024/CVE-2024-362xx/CVE-2024-36288.json +++ b/CVE-2024/CVE-2024-362xx/CVE-2024-36288.json @@ -2,47 +2,141 @@ "id": "CVE-2024-36288", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-21T12:15:10.967", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:39:00.683", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix loop termination condition in gss_free_in_token_pages()\n\nThe in_token->pages[] array is not NULL terminated. This results in\nthe following KASAN splat:\n\n KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f]" + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: SUNRPC: corrigi\u00f3 la condici\u00f3n de terminaci\u00f3n del bucle en gss_free_in_token_pages() La matriz in_token->pages[] no tiene terminaci\u00f3n NULL. Esto da como resultado el siguiente s\u00edmbolo KASAN: KASAN: quiz\u00e1s acceso a memoria salvaje en el rango [0x04a2013400000008-0x04a201340000000f]" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-835" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.9.4", + "matchCriteriaId": "329978FD-8C0A-434C-8A41-06341C7675F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/0a1cb0c6102bb4fd310243588d39461da49497ad", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4a77c3dead97339478c7422eb07bf4bf63577008", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4cefcd0af7458bdeff56a9d8dfc6868ce23d128a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/57ff6c0a175930856213b2aa39f8c845a53e5b1c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6ed45d20d30005bed94c8c527ce51d5ad8121018", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/af628d43a822b78ad8d4a58d8259f8bf8bc71115", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b4878ea99f2b40ef1925720b1b4ca7f4af1ba785", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f9977e4e0cd98a5f06f2492b4f3547db58deabf5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36477.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36477.json index d6dfb713738..748961947bd 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36477.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36477.json @@ -2,27 +2,115 @@ "id": "CVE-2024-36477", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-21T12:15:11.040", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:38:40.737", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer\n\nThe TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for computing the\nmaximum transfer length and the size of the transfer buffer. As such, it\ndoes not account for the 4 bytes of header that prepends the SPI data\nframe. This can result in out-of-bounds accesses and was confirmed with\nKASAN.\n\nIntroduce SPI_HDRSIZE to account for the header and use to allocate the\ntransfer buffer." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tpm_tis_spi: Cuenta para el encabezado SPI al asignar el b\u00fafer de transferencia TPM SPI El mecanismo de transferencia TPM SPI utiliza MAX_SPI_FRAMESIZE para calcular la longitud m\u00e1xima de transferencia y el tama\u00f1o del b\u00fafer de transferencia. Como tal, no tiene en cuenta los 4 bytes del encabezado que antepone el marco de datos SPI. Esto puede resultar en accesos fuera de los l\u00edmites y fue confirmado con KASAN. Introduzca SPI_HDRSIZE para tener en cuenta el encabezado y util\u00edcelo para asignar el b\u00fafer de transferencia." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6.0", + "matchCriteriaId": "FF299551-1C36-496E-820D-BB75E2D6E5C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.1", + "versionEndExcluding": "6.6.33", + "matchCriteriaId": "6277DEEA-F81C-4E0A-A6D8-AC6163A00A7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.9.4", + "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/1547183852dcdfcc25878db7dd3620509217b0cd", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/195aba96b854dd664768f382cd1db375d8181f88", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/de13c56f99477b56980c7e00b09c776d16b7563d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36479.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36479.json index ae701a599d2..ae612f1b07d 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36479.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36479.json @@ -2,8 +2,8 @@ "id": "CVE-2024-36479", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.157", - "lastModified": "2024-06-24T14:15:12.157", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-364xx/CVE-2024-36481.json b/CVE-2024/CVE-2024-364xx/CVE-2024-36481.json index 243f418b2ac..4476071691d 100644 --- a/CVE-2024/CVE-2024-364xx/CVE-2024-36481.json +++ b/CVE-2024/CVE-2024-364xx/CVE-2024-36481.json @@ -2,27 +2,115 @@ "id": "CVE-2024-36481", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-21T12:15:11.110", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:35:33.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/probes: fix error check in parse_btf_field()\n\nbtf_find_struct_member() might return NULL or an error via the\nERR_PTR() macro. However, its caller in parse_btf_field() only checks\nfor the NULL condition. Fix this by using IS_ERR() and returning the\nerror up the stack." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rastreo/sondas: correcci\u00f3n de verificaci\u00f3n de errores en parse_btf_field() btf_find_struct_member() puede devolver NULL o un error a trav\u00e9s de la macro ERR_PTR(). Sin embargo, su llamador en parse_btf_field() solo verifica la condici\u00f3n NULL. Solucione este problema usando IS_ERR() y devolviendo el error en la pila." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.6", + "matchCriteriaId": "9D42A7C6-CE38-4D73-B7AC-615F6D53F783" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.1", + "versionEndExcluding": "6.6.33", + "matchCriteriaId": "6277DEEA-F81C-4E0A-A6D8-AC6163A00A7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.9.4", + "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-370xx/CVE-2024-37021.json b/CVE-2024/CVE-2024-370xx/CVE-2024-37021.json index 049d681c229..fc8d3fa622f 100644 --- a/CVE-2024/CVE-2024-370xx/CVE-2024-37021.json +++ b/CVE-2024/CVE-2024-370xx/CVE-2024-37021.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37021", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.237", - "lastModified": "2024-06-24T14:15:12.237", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-370xx/CVE-2024-37026.json b/CVE-2024/CVE-2024-370xx/CVE-2024-37026.json index f51a797b140..2cbac7aea30 100644 --- a/CVE-2024/CVE-2024-370xx/CVE-2024-37026.json +++ b/CVE-2024/CVE-2024-370xx/CVE-2024-37026.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37026", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.307", - "lastModified": "2024-06-24T14:15:12.307", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-370xx/CVE-2024-37092.json b/CVE-2024/CVE-2024-370xx/CVE-2024-37092.json index 74d4b1bd925..6533c2e16ad 100644 --- a/CVE-2024/CVE-2024-370xx/CVE-2024-37092.json +++ b/CVE-2024/CVE-2024-370xx/CVE-2024-37092.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37092", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-24T13:15:10.010", - "lastModified": "2024-06-24T13:15:10.010", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:54.367", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37107.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37107.json index ad5148bfc3a..c44fa01d634 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37107.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37107.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37107", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-24T13:15:10.247", - "lastModified": "2024-06-24T13:15:10.247", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:54.367", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37109.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37109.json index 68bf21e1db9..a48990e2e83 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37109.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37109.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37109", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-24T13:15:10.483", - "lastModified": "2024-06-24T13:15:10.483", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37111.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37111.json index a56eac9f464..3c921d3d11a 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37111.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37111.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37111", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-24T13:15:10.720", - "lastModified": "2024-06-24T13:15:10.720", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37118.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37118.json index 1434a990a0b..76b45a5bb66 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37118.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37118.json @@ -2,16 +2,40 @@ "id": "CVE-2024-37118", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:12.477", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:55:07.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue affects Uncanny Automator Pro: from n/a through 5.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Uncanny Owl Uncanny Automator Pro. Este problema afecta a Uncanny Automator Pro: desde n/a hasta 5.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -34,10 +58,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:uncannyowl:uncanny_automator:*:*:*:*:pro:wordpress:*:*", + "versionEndIncluding": "5.3", + "matchCriteriaId": "F3CFABDF-A604-44E9-8556-1B5C39DA5DAC" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/uncanny-automator-pro/wordpress-uncanny-automator-pro-plugin-5-3-cross-site-request-forgery-csrf-leading-to-license-settings-reset-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Not Applicable" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37198.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37198.json index daaacdbf9da..e5c8051229b 100644 --- a/CVE-2024/CVE-2024-371xx/CVE-2024-37198.json +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37198.json @@ -2,16 +2,40 @@ "id": "CVE-2024-37198", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:12.667", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:55:25.417", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue affects Digital Newspaper: from n/a through 1.1.5." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en blazethemes Digital Newspaper. Este problema afecta a Digital Newspaper: desde n/a hasta 1.1.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blazethemes:digital_newspaper:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.6", + "matchCriteriaId": "BF363D9A-942E-47CD-84CE-DE1C0E7362C4" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/digital-newspaper/wordpress-digital-newspaper-theme-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37212.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37212.json index c35a3eda26d..cabf47bafdb 100644 --- a/CVE-2024/CVE-2024-372xx/CVE-2024-37212.json +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37212.json @@ -2,16 +2,40 @@ "id": "CVE-2024-37212", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:12.890", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:55:34.983", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lite.This issue affects Ali2Woo Lite: from n/a through 3.3.5." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Ali2Woo Ali2Woo Lite. Este problema afecta a Ali2Woo Lite: desde n/a hasta 3.3.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ali2woo:ali2woo:*:*:*:*:lite:wordpress:*:*", + "versionEndIncluding": "3.3.5", + "matchCriteriaId": "191F4381-3D88-4811-B8EB-E8A3A56642B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/ali2woo-lite/wordpress-aliexpress-dropshipping-with-alinext-lite-plugin-3-3-5-csrf-to-php-object-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37227.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37227.json index bb9ac33cce1..5c7de8b5b79 100644 --- a/CVE-2024/CVE-2024-372xx/CVE-2024-37227.json +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37227.json @@ -2,16 +2,40 @@ "id": "CVE-2024-37227", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:13.130", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:55:44.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects Newsletters: from n/a through 4.9.7." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Tribulant Newsletters. Este problema afecta a Newsletters: desde n/a hasta 4.9.7." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -34,10 +58,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribulant:newsletters:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.9.8", + "matchCriteriaId": "5806F656-BCAE-4AB9-B899-4F1595118849" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/newsletters-lite/wordpress-newsletters-plugin-4-9-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37228.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37228.json index 74b1bc90cb3..2d497021b9b 100644 --- a/CVE-2024/CVE-2024-372xx/CVE-2024-37228.json +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37228.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37228", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-24T13:15:10.947", - "lastModified": "2024-06-24T13:15:10.947", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37230.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37230.json index c11a9bb323a..0509e4dfc62 100644 --- a/CVE-2024/CVE-2024-372xx/CVE-2024-37230.json +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37230.json @@ -2,16 +2,40 @@ "id": "CVE-2024-37230", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T14:15:13.330", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:55:55.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Landing Page.This issue affects Book Landing Page: from n/a through 1.2.3." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Rara Theme Book Landing Page. Este problema afecta a Book Landing Page: desde n/a hasta 1.2.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rarathemes:book_landing_page:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.4", + "matchCriteriaId": "BC4354B6-EAFE-4CA1-A773-32EB1466C915" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/book-landing-page/wordpress-book-landing-page-theme-1-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37231.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37231.json index b75637bd7aa..aaed0273066 100644 --- a/CVE-2024/CVE-2024-372xx/CVE-2024-37231.json +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37231.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37231", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-24T13:15:11.177", - "lastModified": "2024-06-24T13:15:11.177", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37233.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37233.json index 2221dc2ebe7..98a046debc2 100644 --- a/CVE-2024/CVE-2024-372xx/CVE-2024-37233.json +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37233.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37233", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-24T13:15:11.400", - "lastModified": "2024-06-24T13:15:11.400", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37671.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37671.json index c44a3f706e4..5f5af240c79 100644 --- a/CVE-2024/CVE-2024-376xx/CVE-2024-37671.json +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37671.json @@ -2,27 +2,93 @@ "id": "CVE-2024-37671", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-21T17:15:10.867", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:40:48.993", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the page parameter." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management 5.x permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de p\u00e1gina." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://docubase.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "http://tessi.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37671.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37672.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37672.json index 52178b22d2a..8aa69acf1df 100644 --- a/CVE-2024/CVE-2024-376xx/CVE-2024-37672.json +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37672.json @@ -2,27 +2,93 @@ "id": "CVE-2024-37672", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-21T17:15:10.963", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:41:06.183", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity parameter." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management 5.x permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro idactivity." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://docubase.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "http://tessi.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37672.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37673.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37673.json index da97f50584e..ea6165a146d 100644 --- a/CVE-2024/CVE-2024-376xx/CVE-2024-37673.json +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37673.json @@ -2,27 +2,93 @@ "id": "CVE-2024-37673", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-21T17:15:11.053", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:41:19.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename parameter." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management versi\u00f3n 5.x permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro de nombre de archivo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://docubase.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "http://tessi.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37673.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37675.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37675.json index 37e1e2a6c40..d16c6326004 100644 --- a/CVE-2024/CVE-2024-376xx/CVE-2024-37675.json +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37675.json @@ -2,27 +2,93 @@ "id": "CVE-2024-37675", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-21T17:15:11.143", - "lastModified": "2024-06-21T19:15:20.857", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:41:31.713", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter \"sectionContent\" related to the functionality of adding notes to an uploaded file." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management versi\u00f3n 5.x permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro \"sectionContent\" relacionado con la funcionalidad de agregar notas a un archivo cargado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://docubase.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "http://tessi.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37677.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37677.json new file mode 100644 index 00000000000..f2aec6a2208 --- /dev/null +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37677.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-37677", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-24T19:15:15.527", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows a remote attacker to obtain sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/dabaizhizhu/123/issues/2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37679.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37679.json new file mode 100644 index 00000000000..dd89b3cf3e0 --- /dev/null +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37679.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-37679", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-24T19:15:15.617", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., LTd Finnesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/dabaizhizhu/123/issues/4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-376xx/CVE-2024-37680.json b/CVE-2024/CVE-2024-376xx/CVE-2024-37680.json new file mode 100644 index 00000000000..d5628bd7bc4 --- /dev/null +++ b/CVE-2024/CVE-2024-376xx/CVE-2024-37680.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-37680", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-24T19:15:15.697", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the URL:weburl." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/dabaizhizhu/123/issues/5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-377xx/CVE-2024-37732.json b/CVE-2024/CVE-2024-377xx/CVE-2024-37732.json new file mode 100644 index 00000000000..1875c37387d --- /dev/null +++ b/CVE-2024/CVE-2024-377xx/CVE-2024-37732.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-37732", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-06-24T19:15:15.780", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitee.com/Aa272899/CHG-sec/issues/I9UO7X", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-378xx/CVE-2024-37825.json b/CVE-2024/CVE-2024-378xx/CVE-2024-37825.json index bed9313b462..fdce3223a92 100644 --- a/CVE-2024/CVE-2024-378xx/CVE-2024-37825.json +++ b/CVE-2024/CVE-2024-378xx/CVE-2024-37825.json @@ -2,8 +2,8 @@ "id": "CVE-2024-37825", "sourceIdentifier": "cve@mitre.org", "published": "2024-06-24T14:15:12.430", - "lastModified": "2024-06-24T14:15:12.430", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38369.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38369.json index c22dac2ba5d..36283e12e38 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38369.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38369.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38369", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-24T17:15:10.593", - "lastModified": "2024-06-24T17:15:10.593", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38373.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38373.json index 1703a9d0533..c99f0afdd1b 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38373.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38373.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38373", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-24T17:15:10.830", - "lastModified": "2024-06-24T17:15:10.830", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38384.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38384.json index 96b7276b6d8..6d842329e30 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38384.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38384.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38384", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.547", - "lastModified": "2024-06-24T14:15:12.547", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38662.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38662.json index 716eb725990..e8cf69ac8c2 100644 --- a/CVE-2024/CVE-2024-386xx/CVE-2024-38662.json +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38662.json @@ -2,39 +2,154 @@ "id": "CVE-2024-38662", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-21T12:15:11.180", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:34:17.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Allow delete from sockmap/sockhash only if update is allowed\n\nWe have seen an influx of syzkaller reports where a BPF program attached to\na tracepoint triggers a locking rule violation by performing a map_delete\non a sockmap/sockhash.\n\nWe don't intend to support this artificial use scenario. Extend the\nexisting verifier allowed-program-type check for updating sockmap/sockhash\nto also cover deleting from a map.\n\nFrom now on only BPF programs which were previously allowed to update\nsockmap/sockhash can delete from these map types." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bpf: permitir la eliminaci\u00f3n de sockmap/sockhash solo si se permite la actualizaci\u00f3n. Hemos visto una afluencia de informes de syzkaller donde un programa BPF adjunto a un punto de seguimiento desencadena una violaci\u00f3n de la regla de bloqueo al realizar un map_delete en un mapa de calcetines/sockhash. No pretendemos apoyar este escenario de uso artificial. Ampl\u00ede la verificaci\u00f3n de tipo de programa permitido del verificador existente para actualizar sockmap/sockhash para cubrir tambi\u00e9n la eliminaci\u00f3n de un mapa. De ahora en adelante, s\u00f3lo los programas BPF a los que anteriormente se les permit\u00eda actualizar sockmap/sockhash pueden eliminar de estos tipos de mapas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.219", + "matchCriteriaId": "5311C980-4CDF-4C10-8875-F04ED0F03398" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.161", + "matchCriteriaId": "E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1", + "versionEndExcluding": "6.1.93", + "matchCriteriaId": "7446FC33-DC4F-4D31-94B5-FB577CFA66F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.33", + "matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.9.4", + "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/11e8ecc5b86037fec43d07b1c162e233e131b1d9", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/29467edc23818dc5a33042ffb4920b49b090e63d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6693b172f008846811f48a099f33effc26068e1e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b81e1c5a3c70398cf76631ede63a03616ed1ba3c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38663.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38663.json index d145f913fe2..e9b7a4afbba 100644 --- a/CVE-2024/CVE-2024-386xx/CVE-2024-38663.json +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38663.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38663", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.630", - "lastModified": "2024-06-24T14:15:12.630", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38664.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38664.json index b9c1a785260..18ab06cb92a 100644 --- a/CVE-2024/CVE-2024-386xx/CVE-2024-38664.json +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38664.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38664", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.707", - "lastModified": "2024-06-24T14:15:12.707", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38667.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38667.json index fce219fb19d..3cedbb3019b 100644 --- a/CVE-2024/CVE-2024-386xx/CVE-2024-38667.json +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38667.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38667", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.790", - "lastModified": "2024-06-24T14:15:12.790", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38780.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38780.json index 6e6bc4adc38..fb571bcc9d9 100644 --- a/CVE-2024/CVE-2024-387xx/CVE-2024-38780.json +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38780.json @@ -2,47 +2,190 @@ "id": "CVE-2024-38780", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-21T12:15:11.253", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:17:28.313", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sw-sync: don't enable IRQ from sync_print_obj()\n\nSince commit a6aa8fca4d79 (\"dma-buf/sw-sync: Reduce irqsave/irqrestore from\nknown context\") by error replaced spin_unlock_irqrestore() with\nspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite\nsync_print_obj() is called from sync_debugfs_show(), lockdep complains\ninconsistent lock state warning.\n\nUse plain spin_{lock,unlock}() for sync_print_obj(), for\nsync_debugfs_show() is already using spin_{lock,unlock}_irq()." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dma-buf/sw-sync: no habilitar IRQ desde sync_print_obj() Desde el commit a6aa8fca4d79 (\"dma-buf/sw-sync: reducir irqsave/irqrestore desde el contexto conocido\" ) por error reemplaz\u00f3 spin_unlock_irqrestore() con spin_unlock_irq() tanto para sync_debugfs_show() como para sync_print_obj() a pesar de que sync_print_obj() se llama desde sync_debugfs_show(), lockdep se queja de una advertencia de estado de bloqueo inconsistente. Utilice spin_{lock,unlock}() simple para sync_print_obj(), ya que sync_debugfs_show() ya est\u00e1 usando spin_{lock,unlock}_irq()." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.14", + "matchCriteriaId": "B315D019-A13E-4F3D-A112-34814763334F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19", + "versionEndExcluding": "4.19.316", + "matchCriteriaId": "34445C8D-D7E6-4796-B792-C9257E89257B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4", + "versionEndExcluding": "5.4.278", + "matchCriteriaId": "8E2371B0-4787-4038-B526-021D4CF93B31" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.219", + "matchCriteriaId": "5311C980-4CDF-4C10-8875-F04ED0F03398" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.161", + "matchCriteriaId": "E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1", + "versionEndExcluding": "6.1.93", + "matchCriteriaId": "7446FC33-DC4F-4D31-94B5-FB577CFA66F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.33", + "matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.9.4", + "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-392xx/CVE-2024-39277.json b/CVE-2024/CVE-2024-392xx/CVE-2024-39277.json index 3c06080c84a..baa120ae50c 100644 --- a/CVE-2024/CVE-2024-392xx/CVE-2024-39277.json +++ b/CVE-2024/CVE-2024-392xx/CVE-2024-39277.json @@ -2,35 +2,145 @@ "id": "CVE-2024-39277", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-21T12:15:11.330", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:17:48.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-mapping: benchmark: handle NUMA_NO_NODE correctly\n\ncpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark()\nresulting in the following sanitizer report:\n\nUBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28\nindex -1 is out of range for type 'cpumask [64][1]'\nCPU: 1 PID: 990 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \ndump_stack_lvl (lib/dump_stack.c:117)\nubsan_epilogue (lib/ubsan.c:232)\n__ubsan_handle_out_of_bounds (lib/ubsan.c:429)\ncpumask_of_node (arch/x86/include/asm/topology.h:72) [inline]\ndo_map_benchmark (kernel/dma/map_benchmark.c:104)\nmap_benchmark_ioctl (kernel/dma/map_benchmark.c:246)\nfull_proxy_unlocked_ioctl (fs/debugfs/file.c:333)\n__x64_sys_ioctl (fs/ioctl.c:890)\ndo_syscall_64 (arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nUse cpumask_of_node() in place when binding a kernel thread to a cpuset\nof a particular node.\n\nNote that the provided node id is checked inside map_benchmark_ioctl().\nIt's just a NUMA_NO_NODE case which is not handled properly later.\n\nFound by Linux Verification Center (linuxtesting.org)." + }, + { + "lang": "es", + "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dma-mapping: benchmark: maneja NUMA_NO_NODE correctamente. Se puede llamar a cpumask_of_node() para NUMA_NO_NODE dentro de do_map_benchmark(), lo que genera el siguiente informe de sanitizaci\u00f3n: UBSAN: array-index-out-of- Los l\u00edmites en ./arch/x86/include/asm/topology.h:72:28 el \u00edndice -1 est\u00e1n fuera del rango para el tipo 'cpumask [64][1]' CPU: 1 PID: 990 Comm: dma_map_benchma No contaminado 6.9. 0-rc6 #29 Nombre de hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996) Seguimiento de llamadas: dump_stack_lvl (lib/dump_stack.c:117) ubsan_epilogue (lib/ubsan.c:232) __ubsan_handle_out_of_bounds (lib/ubsan. c:429) cpumask_of_node (arch/x86/include/asm/topology.h:72) [en l\u00ednea] do_map_benchmark (kernel/dma/map_benchmark.c:104) map_benchmark_ioctl (kernel/dma/map_benchmark.c:246) full_proxy_unlocked_ioctl (fs /debugfs/file.c:333) __x64_sys_ioctl (fs/ioctl.c:890) do_syscall_64 (arch/x86/entry/common.c:83) Entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Utilice cpumask_of_node( ) en su lugar al vincular un subproceso del kernel a un cpuset de un nodo en particular. Tenga en cuenta que la identificaci\u00f3n del nodo proporcionada se verifica dentro de map_benchmark_ioctl(). Es s\u00f3lo un caso NUMA_NO_NODE que no se maneja adecuadamente m\u00e1s adelante. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.11", + "matchCriteriaId": "89EC14A5-9B15-472C-A870-D93968B329AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.161", + "matchCriteriaId": "E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1", + "versionEndExcluding": "6.1.93", + "matchCriteriaId": "7446FC33-DC4F-4D31-94B5-FB577CFA66F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6", + "versionEndExcluding": "6.6.33", + "matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.9", + "versionEndExcluding": "6.9.4", + "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/50ee21bfc005e69f183d6b4b454e33f0c2571e1f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-392xx/CVE-2024-39291.json b/CVE-2024/CVE-2024-392xx/CVE-2024-39291.json index 371ec7d1ba9..a1d4ca428ea 100644 --- a/CVE-2024/CVE-2024-392xx/CVE-2024-39291.json +++ b/CVE-2024/CVE-2024-392xx/CVE-2024-39291.json @@ -2,8 +2,8 @@ "id": "CVE-2024-39291", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.863", - "lastModified": "2024-06-24T14:15:12.863", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-392xx/CVE-2024-39292.json b/CVE-2024/CVE-2024-392xx/CVE-2024-39292.json index e5509b6ae39..303996636b5 100644 --- a/CVE-2024/CVE-2024-392xx/CVE-2024-39292.json +++ b/CVE-2024/CVE-2024-392xx/CVE-2024-39292.json @@ -2,8 +2,8 @@ "id": "CVE-2024-39292", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-06-24T14:15:12.943", - "lastModified": "2024-06-24T14:15:12.943", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4477.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4477.json index 610d11e607e..b45cf0f4905 100644 --- a/CVE-2024/CVE-2024-44xx/CVE-2024-4477.json +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4477.json @@ -2,19 +2,80 @@ "id": "CVE-2024-4477", "sourceIdentifier": "contact@wpscan.com", "published": "2024-06-21T06:15:12.347", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:34:12.440", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data before outputting them back in an admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting" + }, + { + "lang": "es", + "value": "El complemento WP Logs Book WordPress hasta la versi\u00f3n 1.0.1 no sanitiza ni escapa algunos de sus datos de registro antes de devolverlos a un panel de administraci\u00f3n, lo que genera un Cross-Site Scripting Almacenado no autenticado." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:onetarek:wp_logs_book:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.1", + "matchCriteriaId": "6741B07F-84FB-4D46-815E-275BBAD5D6B4" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/ab551552-944c-4e2a-9355-7011cbe553b0/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-46xx/CVE-2024-4616.json b/CVE-2024/CVE-2024-46xx/CVE-2024-4616.json index 3daed2adb29..9ff541a670b 100644 --- a/CVE-2024/CVE-2024-46xx/CVE-2024-4616.json +++ b/CVE-2024/CVE-2024-46xx/CVE-2024-4616.json @@ -2,19 +2,80 @@ "id": "CVE-2024-4616", "sourceIdentifier": "contact@wpscan.com", "published": "2024-06-21T06:15:12.427", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:34:00.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Widget Bundle WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users" + }, + { + "lang": "es", + "value": "El complemento Widget Bundle de WordPress hasta la versi\u00f3n 2.0.0 no sanitiza ni escapa un par\u00e1metro antes de devolverlo a la p\u00e1gina, lo que genera un Cross-Site Scripting Reflejado que podr\u00eda usarse solo contra usuarios no autenticados." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:devnath_verma:widget_bundle:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "BE45C4D0-99DA-495C-A032-A329C38D5963" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/d203bf3b-aee9-4755-b429-d6bbdd940890/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-47xx/CVE-2024-4748.json b/CVE-2024/CVE-2024-47xx/CVE-2024-4748.json index 6f6be450e1d..f339eff290e 100644 --- a/CVE-2024/CVE-2024-47xx/CVE-2024-4748.json +++ b/CVE-2024/CVE-2024-47xx/CVE-2024-4748.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4748", "sourceIdentifier": "cvd@cert.pl", "published": "2024-06-24T14:15:13.030", - "lastModified": "2024-06-24T14:15:13.030", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-47xx/CVE-2024-4755.json b/CVE-2024/CVE-2024-47xx/CVE-2024-4755.json index ec8b8ae0508..86b7783ae57 100644 --- a/CVE-2024/CVE-2024-47xx/CVE-2024-4755.json +++ b/CVE-2024/CVE-2024-47xx/CVE-2024-4755.json @@ -2,19 +2,80 @@ "id": "CVE-2024-4755", "sourceIdentifier": "contact@wpscan.com", "published": "2024-06-21T06:15:12.507", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:31:03.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Google CSE WordPress plugin through 1.0.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + }, + { + "lang": "es", + "value": "El complemento Google CSE WordPress hasta la versi\u00f3n 1.0.7 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:erikeng:google_cse:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.7", + "matchCriteriaId": "FFDB6E6C-5D13-47A8-9A87-EF3094CA1671" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/adc6ea6d-29d8-4ad0-b0db-2540e8b3f9a9/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-48xx/CVE-2024-4839.json b/CVE-2024/CVE-2024-48xx/CVE-2024-4839.json index 5dbe7cad53a..c9fc74e35d4 100644 --- a/CVE-2024/CVE-2024-48xx/CVE-2024-4839.json +++ b/CVE-2024/CVE-2024-48xx/CVE-2024-4839.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4839", "sourceIdentifier": "security@huntr.dev", "published": "2024-06-24T13:15:11.900", - "lastModified": "2024-06-24T13:15:11.900", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-48xx/CVE-2024-4874.json b/CVE-2024/CVE-2024-48xx/CVE-2024-4874.json index f34c7ea08ee..8c00143cdd3 100644 --- a/CVE-2024/CVE-2024-48xx/CVE-2024-4874.json +++ b/CVE-2024/CVE-2024-48xx/CVE-2024-4874.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4874", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-22T05:15:11.837", - "lastModified": "2024-06-24T12:57:36.513", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:41:12.293", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -38,14 +58,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bricksbuilder:bricks:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.9.9", + "matchCriteriaId": "07E03076-E07E-4943-A79F-E3FD5CE283E0" + } + ] + } + ] + } + ], "references": [ { "url": "https://bricksbuilder.io/release/bricks-1-9-9/#access-control-fix-for-user-role-contributor", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d63e898-43e5-42b5-96b6-1453352e0cae?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-49xx/CVE-2024-4969.json b/CVE-2024/CVE-2024-49xx/CVE-2024-4969.json index 18e79c5412b..3661599eaff 100644 --- a/CVE-2024/CVE-2024-49xx/CVE-2024-4969.json +++ b/CVE-2024/CVE-2024-49xx/CVE-2024-4969.json @@ -2,19 +2,80 @@ "id": "CVE-2024-4969", "sourceIdentifier": "contact@wpscan.com", "published": "2024-06-21T06:15:12.587", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:30:53.110", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets, which could allow attackers to make logged in admin enable/disable widgets via a CSRF attack" + }, + { + "lang": "es", + "value": "El complemento Widget Bundle de WordPress hasta la versi\u00f3n 2.0.0 no tiene comprobaciones CSRF al registrar widgets, lo que podr\u00eda permitir a los atacantes habilitar/deshabilitar los widgets del administrador registrado a trav\u00e9s de un ataque CSRF." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:devnath_verma:widget_bundle:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "BE45C4D0-99DA-495C-A032-A329C38D5963" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/1a7ec5dc-eda4-4fed-9df9-f41d2b937fed/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-49xx/CVE-2024-4970.json b/CVE-2024/CVE-2024-49xx/CVE-2024-4970.json index f4f3347f008..687d3d203c4 100644 --- a/CVE-2024/CVE-2024-49xx/CVE-2024-4970.json +++ b/CVE-2024/CVE-2024-49xx/CVE-2024-4970.json @@ -2,19 +2,80 @@ "id": "CVE-2024-4970", "sourceIdentifier": "contact@wpscan.com", "published": "2024-06-21T06:15:12.670", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:30:39.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Widget Bundle WordPress plugin through 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + }, + { + "lang": "es", + "value": "El complemento Widget Bundle de WordPress hasta la versi\u00f3n 2.0.0 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:devnath_verma:widget_bundle:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "BE45C4D0-99DA-495C-A032-A329C38D5963" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/4a9fc352-7ec2-4992-9cda-7bdca4f42788/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5058.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5058.json index 636a0884e3c..0e7da3c32b1 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5058.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5058.json @@ -2,16 +2,40 @@ "id": "CVE-2024-5058", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T12:15:11.443", - "lastModified": "2024-06-21T15:58:51.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:18:35.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through 1.2.5." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en WPDeveloper Typing Text permite XSS Almacenado. Este problema afecta a Typing Text: desde n/a hasta 1.2.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpdeveloper:typing_text:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.6", + "matchCriteriaId": "3AEBE339-1429-45D5-80F6-6FC12D86000D" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/typing-text/wordpress-typing-text-plugin-1-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-50xx/CVE-2024-5059.json b/CVE-2024/CVE-2024-50xx/CVE-2024-5059.json index 8455ded231b..5141639014e 100644 --- a/CVE-2024/CVE-2024-50xx/CVE-2024-5059.json +++ b/CVE-2024/CVE-2024-50xx/CVE-2024-5059.json @@ -2,16 +2,40 @@ "id": "CVE-2024-5059", "sourceIdentifier": "audit@patchstack.com", "published": "2024-06-21T13:15:12.727", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T18:49:29.467", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects Event Management Tickets Booking: from n/a through 1.4.0." + }, + { + "lang": "es", + "value": "Exposici\u00f3n de informaci\u00f3n confidencial a una vulnerabilidad de actor no autorizado en A WP Life Event Management Tickets Booking. Este problema afecta a Event Management Tickets Booking: desde n/a hasta 1.4.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:awplife:event_monster:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.4.0", + "matchCriteriaId": "8B2AB4C2-3AC7-4A9D-B8AA-20C72EA37E19" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/event-monster/wordpress-event-monster-plugin-1-4-0-sensitive-data-exposure-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-51xx/CVE-2024-5191.json b/CVE-2024/CVE-2024-51xx/CVE-2024-5191.json index 57a95aeba96..c016dfa11a2 100644 --- a/CVE-2024/CVE-2024-51xx/CVE-2024-5191.json +++ b/CVE-2024/CVE-2024-51xx/CVE-2024-5191.json @@ -2,19 +2,43 @@ "id": "CVE-2024-5191", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-21T07:15:10.420", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:25:23.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Branda \u2013 White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018mime_types\u2019 parameter in all versions up to, and including, 3.4.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Branda \u2013 White Label WordPress, Custom Login Page Customizer para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'mime_types' en todas las versiones hasta la 3.4.17 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de autor y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", @@ -34,18 +58,57 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmudev:branda:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.4.18", + "matchCriteriaId": "FABF85B8-0B1C-4050-BE76-254B421DA27F" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/branda-white-labeling/tags/3.4.17/inc/modules/utilities/images.php#L58", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3104910/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/31f4bad5-3a11-42c6-a336-6bd178ab5113?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-54xx/CVE-2024-5447.json b/CVE-2024/CVE-2024-54xx/CVE-2024-5447.json index f42d3dbb1c6..7fbcdf77d8a 100644 --- a/CVE-2024/CVE-2024-54xx/CVE-2024-5447.json +++ b/CVE-2024/CVE-2024-54xx/CVE-2024-5447.json @@ -2,19 +2,80 @@ "id": "CVE-2024-5447", "sourceIdentifier": "contact@wpscan.com", "published": "2024-06-21T06:15:12.757", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:27:17.300", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + }, + { + "lang": "es", + "value": "El complemento PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode de WordPress hasta la versi\u00f3n 1.7 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenadoincluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en configuraci\u00f3n multisitio)" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mohsinrasool:paypal_pay_now\\,_buy_now\\,_donation_and_cart_buttons_shortcode:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.7", + "matchCriteriaId": "A28078A9-0A0F-4191-8C1C-54BE39B0EF6C" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/a692b869-1666-42d1-b56d-dfcccd68ab67/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-54xx/CVE-2024-5448.json b/CVE-2024/CVE-2024-54xx/CVE-2024-5448.json index ccb5ffaca2f..c2364bf0746 100644 --- a/CVE-2024/CVE-2024-54xx/CVE-2024-5448.json +++ b/CVE-2024/CVE-2024-54xx/CVE-2024-5448.json @@ -2,19 +2,80 @@ "id": "CVE-2024-5448", "sourceIdentifier": "contact@wpscan.com", "published": "2024-06-21T06:15:12.837", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:26:43.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin through 1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" + }, + { + "lang": "es", + "value": "El complemento PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode de WordPress hasta la versi\u00f3n 1.7 no valida ni escapa algunos de sus atributos de shortcode antes de devolverlos a una p\u00e1gina/publicaci\u00f3n donde est\u00e1 incrustado el shortcode, lo que podr\u00eda permitir a los usuarios con el rol de colaborador y superiores para realizar ataques de Cross-Site Scripting Almacenado" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mohsinrasool:paypal_pay_now\\,_buy_now\\,_donation_and_cart_buttons_shortcode:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.7", + "matchCriteriaId": "A28078A9-0A0F-4191-8C1C-54BE39B0EF6C" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/c482fe19-b643-41ea-8194-22776b388290/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5639.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5639.json index 6c245ad0776..8aaf72d25dc 100644 --- a/CVE-2024/CVE-2024-56xx/CVE-2024-5639.json +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5639.json @@ -2,12 +2,16 @@ "id": "CVE-2024-5639", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-21T07:15:10.640", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:24:23.883", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The User Profile Picture plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.1 via the 'rest_api_change_profile_image' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to update the profile picture of any user." + }, + { + "lang": "es", + "value": "El complemento User Profile Picture para WordPress es vulnerable a Insecure Direct Object Reference en todas las versiones hasta la 2.6.1 incluida a trav\u00e9s de la funci\u00f3n 'rest_api_change_profile_image' debido a la falta de validaci\u00f3n en una clave controlada por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de autor y superior, actualicen la imagen de perfil de cualquier usuario." } ], "metrics": { @@ -34,22 +38,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cozmoslabs:user_profile_picture:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.6.2", + "matchCriteriaId": "87685CE0-3130-4BE4-B1CD-5F6BA8418095" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/metronet-profile-picture/tags/2.6.1/metronet-profile-picture.php#L1122", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/metronet-profile-picture/tags/2.6.1/metronet-profile-picture.php#L989", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3105132/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/01a3b9ba-b18a-48d9-8365-d10f79fc6a6b?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5859.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5859.json index 97f96b083f3..8ec3a31f7f1 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5859.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5859.json @@ -2,12 +2,16 @@ "id": "CVE-2024-5859", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-21T09:15:09.657", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:21:07.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018d\u2019 parameter in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + }, + { + "lang": "es", + "value": "El complemento Online Booking & Scheduling Calendar for WordPress by vcita para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro 'd' en todas las versiones hasta la 4.4.2 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace." } ], "metrics": { @@ -34,14 +38,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vcita:online_booking_\\&_scheduling_calendar_for_wordpress_by_vcita:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.2.3", + "matchCriteriaId": "7026BCAB-2BBA-473C-8B89-3F2E8BCA3739" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3104980%40meeting-scheduler-by-vcita&new=3104980%40meeting-scheduler-by-vcita&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8ea0559-dec7-4c20-956d-dbfe7bc67634?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-58xx/CVE-2024-5862.json b/CVE-2024/CVE-2024-58xx/CVE-2024-5862.json index 11818e86028..e0b93584797 100644 --- a/CVE-2024/CVE-2024-58xx/CVE-2024-5862.json +++ b/CVE-2024/CVE-2024-58xx/CVE-2024-5862.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5862", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-06-24T13:15:12.120", - "lastModified": "2024-06-24T13:15:12.120", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:47.037", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-59xx/CVE-2024-5945.json b/CVE-2024/CVE-2024-59xx/CVE-2024-5945.json index 2518fc6f672..61f66072da0 100644 --- a/CVE-2024/CVE-2024-59xx/CVE-2024-5945.json +++ b/CVE-2024/CVE-2024-59xx/CVE-2024-5945.json @@ -2,19 +2,43 @@ "id": "CVE-2024-5945", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-21T08:15:09.860", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:24:00.433", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018type\u2019 parameter in all versions up to, and including, 4.2 due to insufficient input sanitization. This makes it possible for authenticated attackers, with Author-level access and above, who have permissions to upload sanitized files, to bypass SVG sanitization and inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento WP SVG Images para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'tipo' en todas las versiones hasta la 4.2 incluida debido a una sanitizaci\u00f3n de entrada insuficiente. Esto hace posible que los atacantes autenticados, con acceso de nivel de autor y superior, que tienen permisos para cargar archivos sanitizados, eviten la sanitizaci\u00f3n de SVG e inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", @@ -34,22 +58,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kubiq:wp_svg_images:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.3", + "matchCriteriaId": "E14AAAD4-FA7D-40B8-8DF7-BC5EE2818788" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wp-svg-images/trunk/wp-svg-images.php#L111", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/wp-svg-images/trunk/wp-svg-images.php#L313", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3105276/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/389d96e9-1fad-49a6-89b6-8f7f108d8117?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-60xx/CVE-2024-6027.json b/CVE-2024/CVE-2024-60xx/CVE-2024-6027.json index 18dcdbb7e58..9ae5b71487b 100644 --- a/CVE-2024/CVE-2024-60xx/CVE-2024-6027.json +++ b/CVE-2024/CVE-2024-60xx/CVE-2024-6027.json @@ -2,19 +2,43 @@ "id": "CVE-2024-6027", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-21T10:15:12.437", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:17:50.240", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Themify \u2013 WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018conditions\u2019 parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + }, + { + "lang": "es", + "value": "El complemento Themify \u2013 WooCommerce Product Filter para WordPress es vulnerable a la inyecci\u00f3n SQL basada en tiempo a trav\u00e9s del par\u00e1metro 'condiciones' en todas las versiones hasta la 1.4.9 incluida debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos." } ], "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", @@ -34,22 +58,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themify:product_filter:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.5.0", + "matchCriteriaId": "3A41AFF5-93BB-4FF6-96C3-6BBFEE4F4FA2" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/themify-wc-product-filter/trunk/public/class-wpf-public.php#L604", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3104239%40themify-wc-product-filter%2Ftrunk&old=3100861%40themify-wc-product-filter%2Ftrunk&sfp_email=&sfph_mail=#file2", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://themify.org/changelogs/themify-wc-product-filter.txt", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/451db756-9d62-4c8e-b735-e5e5207b81e3?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-61xx/CVE-2024-6104.json b/CVE-2024/CVE-2024-61xx/CVE-2024-6104.json index 4a2f2d0e8b1..92935dab83b 100644 --- a/CVE-2024/CVE-2024-61xx/CVE-2024-6104.json +++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6104.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6104", "sourceIdentifier": "security@hashicorp.com", "published": "2024-06-24T17:15:11.087", - "lastModified": "2024-06-24T17:15:11.087", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6225.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6225.json index 6d730fa1527..c2384e48d5c 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6225.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6225.json @@ -2,19 +2,43 @@ "id": "CVE-2024-6225", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-21T08:15:10.057", - "lastModified": "2024-06-21T11:22:01.687", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-06-24T19:21:28.450", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Booking for Appointments and Events Calendar \u2013 Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.5 (and 7.5.1 for the Pro version) due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + }, + { + "lang": "es", + "value": "El complemento Booking for Appointments and Events Calendar \u2013 Amelia para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 1.1.5 incluida (y 7.5.1 para la versi\u00f3n Pro) debido a una sanitizaci\u00f3n de entrada insuficiente y un escape de salida. Esto hace posible que atacantes autenticados, con permisos de nivel de administrador y superiores, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a las instalaciones multisitio y a las instalaciones en las que se ha deshabilitado unfiltered_html." } ], "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", @@ -34,14 +58,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.6", + "matchCriteriaId": "9915DCF4-DF4F-4C42-8E68-2747FB89A464" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3092932%40ameliabooking&new=3092932%40ameliabooking&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/04597908-7086-4158-ae2b-8aa634a217c6?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6239.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6239.json index 4fb89bd0ffc..e400d3751a0 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6239.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6239.json @@ -2,16 +2,40 @@ "id": "CVE-2024-6239", "sourceIdentifier": "secalert@redhat.com", "published": "2024-06-21T14:15:14.007", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:06:27.537", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una falla en la utilidad Pdfinfo de Poppler. Este problema ocurre cuando se usa el par\u00e1metro -dests con la utilidad pdfinfo. Al utilizar ciertos archivos de entrada con formato incorrecto, un atacante podr\u00eda provocar que la utilidad fallara, lo que provocar\u00eda una denegaci\u00f3n de servicio." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,14 +80,65 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", + "versionEndExcluding": "24.06.0", + "matchCriteriaId": "0D378E45-D903-4883-931C-871444E32714" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2024-6239", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293594", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6240.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6240.json index 7de3150aff4..e3309468ab3 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6240.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6240.json @@ -2,16 +2,40 @@ "id": "CVE-2024-6240", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-06-21T14:15:14.240", - "lastModified": "2024-06-21T15:58:38.553", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:10:38.983", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper privilege management vulnerability in Parallels Desktop Software, which affects versions earlier than 19.3.0. An attacker could add malicious code in a script and populate the BASH_ENV environment variable with the path to the malicious script, executing on application startup. An attacker could exploit this vulnerability to escalate privileges on the system." + }, + { + "lang": "es", + "value": "Vulnerabilidad de gesti\u00f3n de privilegios incorrecta en Parallels Desktop Software, que afecta a versiones anteriores a la 19.3.0. Un atacante podr\u00eda agregar c\u00f3digo malicioso en un script y completar la variable de entorno BASH_ENV con la ruta al script malicioso, ejecut\u00e1ndose al iniciar la aplicaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad para aumentar los privilegios en el sistema." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:macos:*:*", + "versionEndExcluding": "19.3.0", + "matchCriteriaId": "C8A30945-3C3C-4341-96FB-E64872B6559E" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/improper-privilege-management-vulnerability-parallels-desktop", - "source": "cve-coordination@incibe.es" + "source": "cve-coordination@incibe.es", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6241.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6241.json index a0b115520f3..562fb541122 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6241.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6241.json @@ -2,16 +2,40 @@ "id": "CVE-2024-6241", "sourceIdentifier": "cna@vuldb.com", "published": "2024-06-21T17:15:11.453", - "lastModified": "2024-06-22T14:15:09.497", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-06-24T19:42:44.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Pear Admin Boot up to 2.0.2 and classified as critical. This issue affects the function getDictItems of the file /system/dictData/getDictItems/. The manipulation with the input ,user(),1,1 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269375." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en Pear Admin Boot hasta 2.0.2 y clasificada como cr\u00edtica. Este problema afecta la funci\u00f3n getDictItems del archivo /system/dictData/getDictItems/. La manipulaci\u00f3n con la entrada, usuario(),1,1 conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-269375." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,22 +95,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pearadmin:pear_admin_boot:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.2", + "matchCriteriaId": "7090DEE1-B02D-46BE-81FE-DDE63085B5F1" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitee.com/pear-admin/Pear-Admin-Boot/issues/IA5IPQ", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://gitee.com/pear-admin/Pear-Admin-Boot/issues/IA5KBS", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.269375", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.269375", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6285.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6285.json index abc8a018121..73806641a70 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6285.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6285.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6285", "sourceIdentifier": "cve@asrg.io", "published": "2024-06-24T16:15:10.763", - "lastModified": "2024-06-24T16:15:10.763", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-62xx/CVE-2024-6287.json b/CVE-2024/CVE-2024-62xx/CVE-2024-6287.json index 57b22728b3a..e08f51aa5fc 100644 --- a/CVE-2024/CVE-2024-62xx/CVE-2024-6287.json +++ b/CVE-2024/CVE-2024-62xx/CVE-2024-6287.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6287", "sourceIdentifier": "cve@asrg.io", "published": "2024-06-24T16:15:11.003", - "lastModified": "2024-06-24T16:15:11.003", - "vulnStatus": "Received", + "lastModified": "2024-06-24T19:26:35.967", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index eda7713dc59..59d6309a91e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-06-24T18:00:18.769889+00:00 +2024-06-24T20:00:19.296356+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-06-24T17:15:11.087000+00:00 +2024-06-24T19:59:16.767000+00:00 ``` ### Last Data Feed Release @@ -33,30 +33,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -255026 +255032 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `6` -- [CVE-2024-33879](CVE-2024/CVE-2024-338xx/CVE-2024-33879.json) (`2024-06-24T17:15:10.257`) -- [CVE-2024-33880](CVE-2024/CVE-2024-338xx/CVE-2024-33880.json) (`2024-06-24T17:15:10.353`) -- [CVE-2024-33881](CVE-2024/CVE-2024-338xx/CVE-2024-33881.json) (`2024-06-24T17:15:10.447`) -- [CVE-2024-38369](CVE-2024/CVE-2024-383xx/CVE-2024-38369.json) (`2024-06-24T17:15:10.593`) -- [CVE-2024-38373](CVE-2024/CVE-2024-383xx/CVE-2024-38373.json) (`2024-06-24T17:15:10.830`) -- [CVE-2024-6104](CVE-2024/CVE-2024-61xx/CVE-2024-6104.json) (`2024-06-24T17:15:11.087`) -- [CVE-2024-6285](CVE-2024/CVE-2024-62xx/CVE-2024-6285.json) (`2024-06-24T16:15:10.763`) -- [CVE-2024-6287](CVE-2024/CVE-2024-62xx/CVE-2024-6287.json) (`2024-06-24T16:15:11.003`) +- [CVE-2021-45785](CVE-2021/CVE-2021-457xx/CVE-2021-45785.json) (`2024-06-24T19:15:11.700`) +- [CVE-2023-49793](CVE-2023/CVE-2023-497xx/CVE-2023-49793.json) (`2024-06-24T18:15:10.437`) +- [CVE-2024-37677](CVE-2024/CVE-2024-376xx/CVE-2024-37677.json) (`2024-06-24T19:15:15.527`) +- [CVE-2024-37679](CVE-2024/CVE-2024-376xx/CVE-2024-37679.json) (`2024-06-24T19:15:15.617`) +- [CVE-2024-37680](CVE-2024/CVE-2024-376xx/CVE-2024-37680.json) (`2024-06-24T19:15:15.697`) +- [CVE-2024-37732](CVE-2024/CVE-2024-377xx/CVE-2024-37732.json) (`2024-06-24T19:15:15.780`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `107` -- [CVE-2010-2739](CVE-2010/CVE-2010-27xx/CVE-2010-2739.json) (`2024-06-24T17:15:09.680`) -- [CVE-2022-48750](CVE-2022/CVE-2022-487xx/CVE-2022-48750.json) (`2024-06-24T16:15:10.050`) -- [CVE-2023-4727](CVE-2023/CVE-2023-47xx/CVE-2023-4727.json) (`2024-06-24T17:15:10.030`) +- [CVE-2024-4477](CVE-2024/CVE-2024-44xx/CVE-2024-4477.json) (`2024-06-24T19:34:12.440`) +- [CVE-2024-4616](CVE-2024/CVE-2024-46xx/CVE-2024-4616.json) (`2024-06-24T19:34:00.263`) +- [CVE-2024-4748](CVE-2024/CVE-2024-47xx/CVE-2024-4748.json) (`2024-06-24T19:26:35.967`) +- [CVE-2024-4755](CVE-2024/CVE-2024-47xx/CVE-2024-4755.json) (`2024-06-24T19:31:03.263`) +- [CVE-2024-4839](CVE-2024/CVE-2024-48xx/CVE-2024-4839.json) (`2024-06-24T19:26:47.037`) +- [CVE-2024-4874](CVE-2024/CVE-2024-48xx/CVE-2024-4874.json) (`2024-06-24T19:41:12.293`) +- [CVE-2024-4969](CVE-2024/CVE-2024-49xx/CVE-2024-4969.json) (`2024-06-24T19:30:53.110`) +- [CVE-2024-4970](CVE-2024/CVE-2024-49xx/CVE-2024-4970.json) (`2024-06-24T19:30:39.397`) +- [CVE-2024-5058](CVE-2024/CVE-2024-50xx/CVE-2024-5058.json) (`2024-06-24T19:18:35.517`) +- [CVE-2024-5059](CVE-2024/CVE-2024-50xx/CVE-2024-5059.json) (`2024-06-24T18:49:29.467`) +- [CVE-2024-5191](CVE-2024/CVE-2024-51xx/CVE-2024-5191.json) (`2024-06-24T19:25:23.943`) +- [CVE-2024-5447](CVE-2024/CVE-2024-54xx/CVE-2024-5447.json) (`2024-06-24T19:27:17.300`) +- [CVE-2024-5448](CVE-2024/CVE-2024-54xx/CVE-2024-5448.json) (`2024-06-24T19:26:43.517`) +- [CVE-2024-5639](CVE-2024/CVE-2024-56xx/CVE-2024-5639.json) (`2024-06-24T19:24:23.883`) +- [CVE-2024-5859](CVE-2024/CVE-2024-58xx/CVE-2024-5859.json) (`2024-06-24T19:21:07.943`) +- [CVE-2024-5862](CVE-2024/CVE-2024-58xx/CVE-2024-5862.json) (`2024-06-24T19:26:47.037`) +- [CVE-2024-5945](CVE-2024/CVE-2024-59xx/CVE-2024-5945.json) (`2024-06-24T19:24:00.433`) +- [CVE-2024-6027](CVE-2024/CVE-2024-60xx/CVE-2024-6027.json) (`2024-06-24T19:17:50.240`) +- [CVE-2024-6104](CVE-2024/CVE-2024-61xx/CVE-2024-6104.json) (`2024-06-24T19:26:35.967`) +- [CVE-2024-6225](CVE-2024/CVE-2024-62xx/CVE-2024-6225.json) (`2024-06-24T19:21:28.450`) +- [CVE-2024-6239](CVE-2024/CVE-2024-62xx/CVE-2024-6239.json) (`2024-06-24T19:06:27.537`) +- [CVE-2024-6240](CVE-2024/CVE-2024-62xx/CVE-2024-6240.json) (`2024-06-24T19:10:38.983`) +- [CVE-2024-6241](CVE-2024/CVE-2024-62xx/CVE-2024-6241.json) (`2024-06-24T19:42:44.280`) +- [CVE-2024-6285](CVE-2024/CVE-2024-62xx/CVE-2024-6285.json) (`2024-06-24T19:26:35.967`) +- [CVE-2024-6287](CVE-2024/CVE-2024-62xx/CVE-2024-6287.json) (`2024-06-24T19:26:35.967`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 5d3da90dea5..aa4876c7d1f 100644 --- a/_state.csv +++ b/_state.csv @@ -44424,7 +44424,7 @@ CVE-2010-2735,0,0,a9b04bf7a8c7140236436b89d595e8227d6c61e58c3a18e76490076f6fa700 CVE-2010-2736,0,0,f4cec31a7a1d6ebf8a1b22c7b84ee7934bd41ab9e25b2bf024bca6912bcc641d,2023-11-07T02:05:42.530000 CVE-2010-2737,0,0,638ba48da85d0f1cac3b9fc7250adb4d03abaae375316c2238b7815470c3b444,2023-11-07T02:05:42.750000 CVE-2010-2738,0,0,4d7f7c71b209502aee7279f510ebbdcde77e9893fadc84017964e08526f4e025,2023-12-07T18:38:56.693000 -CVE-2010-2739,0,1,2be6295533381c23f2813cb14bd77b1413d24c5b8e071cff7ffe381a1ce210cf,2024-06-24T17:15:09.680000 +CVE-2010-2739,0,0,2be6295533381c23f2813cb14bd77b1413d24c5b8e071cff7ffe381a1ce210cf,2024-06-24T17:15:09.680000 CVE-2010-2740,0,0,c9d222f8b0e126a48c06965ab3a5edd5c7d74cf82abb3a4107fd93799dc6a72b,2019-02-26T14:04:00.993000 CVE-2010-2741,0,0,3d53f67fa9151e0e74cc3462382efd0b2c2d89575d5a40ee22ce5a1db3dda8a3,2019-02-26T14:04:00.993000 CVE-2010-2742,0,0,09b6eddf1ac290cf4257a5806268dc15364fcec7f4bc71d61d7f04025b940e04,2019-02-26T14:04:00.993000 @@ -123843,7 +123843,7 @@ CVE-2018-5385,0,0,7b46a13c73aa22e881a44fde73e37ba8e3a685ee7db091396b8a5814835b09 CVE-2018-5386,0,0,41494889f882ef798e0bdcee7465add6295c8a91d44522e1884e1060fd6368d4,2023-11-07T02:58:42.220000 CVE-2018-5387,0,0,f95114391705c93d9a02f8fbb6ced10ebf6a2b71ed36761f6213eab4f0949b77,2022-06-01T20:24:12.053000 CVE-2018-5388,0,0,717ac08473bd0cc580f05bc33fffbf8f00ac244458b674df208242809098dba0,2023-11-07T02:58:42.300000 -CVE-2018-5389,0,0,9eef3cc5295476e59a4d2dc087eb5a5ce9f003ebe0289ce1b5af3859c62a4f07,2019-10-09T23:41:16.953000 +CVE-2018-5389,0,1,999d78fd8c7a14085bd599fffa2edc22eec70998b2edfc9568674907d127a3dc,2024-06-24T19:15:11.480000 CVE-2018-5390,0,0,9abf291ab223a79d5d9537cdd0bbea327696bfbbcace2aa2531b5b7f571e6b70,2023-11-07T02:58:42.387000 CVE-2018-5391,0,0,8e6cf3fb83744ca30a4a7315649f566b1499ae55fde75340f456ccab063b3d1e,2023-11-07T02:58:42.587000 CVE-2018-5392,0,0,41c9e81203834fde69c4d3edb8a288fff8a30950b1f4a62f635623c5ebc1900a,2019-10-09T23:41:17.313000 @@ -185969,6 +185969,7 @@ CVE-2021-45780,0,0,c2acc4e8ea62851f02f413f686106c08db88cc5e74d12bbcfb54ecec84421 CVE-2021-45781,0,0,71fc3abd11a86d35826ebd5425e72352a00780701dbe1bdafd5e49f93809c748,2023-11-07T03:39:55.377000 CVE-2021-45782,0,0,5767e61d831de627e0208b575115f6cc8e1083b2a6d45ca28b912ed2c19daf5c,2023-11-07T03:39:55.407000 CVE-2021-45783,0,0,1f04495fd021672f1e434e8f202fca396c95781d91a0ef836832d5708c2f7e39,2022-05-13T15:28:41.320000 +CVE-2021-45785,1,1,5bf9c72ba17597bbbe69fbfeab685ca793a274450ae93e1830dfcf9283922c3c,2024-06-24T19:26:35.967000 CVE-2021-45786,0,0,507c3725d8722cb8b1acbbebd8f8ed42cc62fb5aeded56d3509c1990522e5514,2022-03-22T17:13:51.327000 CVE-2021-45787,0,0,eb6a4144390b6a06bbb5accdca97c8bd9dbe9b8c3cf218c6a8e23ec5c725008b,2022-03-22T17:11:54.300000 CVE-2021-45788,0,0,725b65b79eece406eae184685956d92a26ade5e0d647ecf1c40d4d5dc9028aaa,2022-09-30T16:52:12.237000 @@ -204404,7 +204405,7 @@ CVE-2022-38050,0,0,746f4ebe9aacbe72da0e39c033543bf4a17b15b39c89838740b6e5a6527c2 CVE-2022-38051,0,0,39391a949e16f7e8ff7d6e4583226fb836711fd2e148c8c19f3022ffe8244c08,2023-12-20T20:15:17.527000 CVE-2022-38053,0,0,61166011bde9f7667ddb3391d32da1cf0ed70e74bb672a8e26c8223c4c0d8fe4,2023-12-20T20:15:17.617000 CVE-2022-38054,0,0,9b3cf5672cd9e3ce3bdf89c0267c7050c9ccba5e432f9cd59ba0d77c438e1889,2022-09-09T13:46:53.483000 -CVE-2022-38055,0,0,99566ab02252fd61dbcdc65df6d006433f68107b9510977ea81871dff50fad29,2024-06-21T19:15:20.857000 +CVE-2022-38055,0,1,c5a39140ee7e9b712e2f01b73a160ba09cf03dac017d9fcd7dac25202b2d15c9,2024-06-24T19:12:16.797000 CVE-2022-38056,0,0,1875a6f54eaf2a1b9e27030f68fb8e642d8b9dd6f15bd28c9ec1cfdeaf54c477,2023-03-06T18:40:40.143000 CVE-2022-38057,0,0,40997c8dbf932df091985ea9051b6f6b2db5dcfa18bf99d19a26f16c6ea1e5c0,2024-03-25T13:47:14.087000 CVE-2022-38058,0,0,b0bbf17c47c54f0617a52fb4d535c3b9ee1345bd07c6b6d67bd1edce6ce32b32,2023-07-21T19:51:54.410000 @@ -205983,7 +205984,7 @@ CVE-2022-40220,0,0,aefda2ad93fea5ab1d1535bfff5d1f23f6fd7af321bf1bee60f4c9e3c1e95 CVE-2022-40222,0,0,5ab224ae53d2b4f8180f691cbea2f22b6d330386a6dae7483221a7be6a09008d,2023-02-02T17:20:17.927000 CVE-2022-40223,0,0,cc0b4541544eebf640bad6fa884fd3efb62b7f9e566ca8618f623b9d4df4105a,2022-11-09T13:56:53.960000 CVE-2022-40224,0,0,091d730508c9310c1498c98fb8cd46b581ad4f666bc2b29ec73e5422af938607,2023-02-15T18:31:40.247000 -CVE-2022-40225,0,0,492e6f31f72bcaa158ce397bdc5f0d98b71dabeec419c4672aca19dd38561325,2024-06-13T18:36:45.417000 +CVE-2022-40225,0,1,214b8b04019f5f0404ba0631e2d5eb00d3685c9a28cf9abfc93c385994548695,2024-06-24T19:39:38.440000 CVE-2022-40226,0,0,4d6bdfc2e9674da3208324a1b5aef055677630fe458708c1d79a0740a7470963,2023-06-13T09:15:14.680000 CVE-2022-40227,0,0,567ded49e93a8d6b02e9454a80fead1de8dc5d0aa69d182b6888af619f780d6b,2022-10-14T17:07:23.703000 CVE-2022-40228,0,0,2eb10163e713ae5211bb284b907430dd8f57ef6073ca911b27cf392a78818ce1,2023-11-07T03:52:13.373000 @@ -208532,7 +208533,7 @@ CVE-2022-4345,0,0,68baf92448a710c8199a9108b2e7615681d0c0110c504b9fdc7cfe74dfc497 CVE-2022-43450,0,0,8a19769befe28016c8c2b2a0ef2ed0cdcc53de5c3d9dc96080b623ebcbcdec12,2023-12-29T06:03:16.383000 CVE-2022-43451,0,0,fdac3a7a23f1af092526de0ff58bb337b68909dd89600f3592998d0316f99920,2022-11-07T02:16:24.973000 CVE-2022-43452,0,0,6c4be5517d7952d2ae5d1ca9d449927e088c8071d87ef97b849a7142c78f35a6,2023-10-27T20:31:36.537000 -CVE-2022-43453,0,0,0bf560c7360adff8536792b9ced0eef971e7257dae2d3845010b958537f49648,2024-06-21T15:58:38.553000 +CVE-2022-43453,0,1,e4d704cf352948eda3fe38b0da6dbce3ff7147d2fa82ccff107a20f33a6ddca6,2024-06-24T18:50:15.333000 CVE-2022-43455,0,0,022e5b0fae8d5edc3805b2e1bfe7ca516a93649ba53775b2e6190b6012f65ebf,2023-11-07T03:53:47.927000 CVE-2022-43456,0,0,880e4eb4e4759044ef42bfb694139abbcff459272f5fb680389503963cff5516,2023-11-07T03:53:48.013000 CVE-2022-43457,0,0,b03bf01aec1cf705a2d5eae32e14df90d4154be6dc23cd1d5cf2b2ce94dc4a25,2023-12-22T19:02:23.043000 @@ -209347,13 +209348,13 @@ CVE-2022-44583,0,0,e555f075479ca5a62b94d3aa4bd160738efc8b6bb01b13a56b711079ff601 CVE-2022-44584,0,0,25f840b15d069f1d26d8862f17cfe4ddf850b2f8983888182cdbf18396ad9dac,2023-08-08T14:22:24.967000 CVE-2022-44585,0,0,f35e2c7d89252df1e7527606f58750608904a01e65c67d1ac2f1f722ecadef5d,2023-11-07T03:54:20.313000 CVE-2022-44586,0,0,30d8d571eb467d506f9189eb1e1a2a4c9baa73b9d34f4db871b5a5f77768bee4,2022-11-04T01:55:52.627000 -CVE-2022-44587,0,0,a557b9ce77635f292a701f2b50fb2a2e99ce17db390d00ca940704b5634d3f36,2024-06-21T19:15:20.857000 +CVE-2022-44587,0,1,3885e3718972f34f6fc3e8d7e859e32e4b014e83b47c959adf2a97afdf336dc0,2024-06-24T19:12:42.033000 CVE-2022-44588,0,0,1bfbc6bf2f469a2f527fb3f191d7dcd66c3252f6ef100a1d81cbb6d92d8d70bd,2023-11-07T03:54:20.483000 CVE-2022-44589,0,0,c4ec5a2c6c8e1d8e75e09b000d38b9b85d50eed733841ebde1d0b7f777e806ec,2024-01-05T16:11:40.993000 CVE-2022-4459,0,0,841d23cd2517ff134527c70acbac864bd1798efca5741cdb40fc1b914c6b615a,2023-11-07T03:57:52.483000 CVE-2022-44590,0,0,03793bcc9e7f6df7f23d6474448bbd87d17f6da486d0ab0736bd101228daa8cd,2022-11-10T19:23:14.800000 CVE-2022-44591,0,0,9964a93e88a971ee00f867e6583a5c80a01b37f2a25b018eda22423b4508c4be,2022-11-18T19:28:56.420000 -CVE-2022-44593,0,0,1df06a11105a0c77c5c8c05c4353f11652cf6e9f40461467c0640e6ac6ba0adc,2024-06-21T19:15:20.857000 +CVE-2022-44593,0,1,59085e4f77134fbaee0fb2ce3d3ebb263c96edb1d963024ca61e0b1518c8511a,2024-06-24T19:13:16.607000 CVE-2022-44594,0,0,b7dc479f0e8562d2f1e10e9b8c859c387aa51f72d918e1c729d08c2404508fbd,2023-04-28T03:44:57.940000 CVE-2022-44595,0,0,3029f29a09d7800ccee15f268785ed2c054427902a411f4ea1b9b3c6b7bb64e2,2024-03-21T19:47:03.943000 CVE-2022-4460,0,0,ca87371c95475274c5b34813a99c460ba8ac8b933848a5984cce48085927dfed,2023-11-07T03:57:52.710000 @@ -210132,7 +210133,7 @@ CVE-2022-45798,0,0,a1ac432b388dc7ca7a343e34054e9fae3fd23361aa31105de004692696940 CVE-2022-4580,0,0,7c31c97937fe2156254d741e023f80549a45f7749f5cf19fd7a1cfab53323b87,2023-11-07T03:58:13.380000 CVE-2022-45801,0,0,492c714a370af126834b5c79f8fb1b44d976f952376fcdb97f9ee33b7c3c21c0,2023-05-09T18:09:27.697000 CVE-2022-45802,0,0,38697b322388149480b03587335004d010abc517ca774953b1d6d1cb293dc583,2023-06-26T11:15:09.653000 -CVE-2022-45803,0,0,a3783fa921fc7d739330fec169f72db341fc361ef5d9f09063024fb991ce15f2,2024-06-21T15:58:38.553000 +CVE-2022-45803,0,1,07d4ce52ac0243263047f84c3b0c77acefbb4205f0b6450b4479d057d26618e6,2024-06-24T18:51:29.867000 CVE-2022-45804,0,0,979db613930cf06e438fabeb885c925d4656a9f5d87c62222436561b5103f525,2023-11-07T03:54:50.113000 CVE-2022-45805,0,0,0b2730264b885a98b983822bf85868e8037590f768ed633e9e40580baa19389e,2023-11-09T19:17:27.470000 CVE-2022-45807,0,0,d8de726e86b15600f43084d083402fcfdbe882beba75ad177a32b5c6ed9d3e57,2023-11-07T03:54:50.343000 @@ -212161,7 +212162,7 @@ CVE-2022-48747,0,0,282a49a9c34b5f4731795689579b98650d519d40e42eaedb4f8f848134106 CVE-2022-48748,0,0,4532e8ccdca0ff0b39a222470540fed238d7867797e2fccef2fbc88ef0cf7465,2024-06-20T12:43:25.663000 CVE-2022-48749,0,0,761352292034513a5608df0f864268c681cfef00532bb0c89c6c6daca4c3cf0a,2024-06-20T12:43:25.663000 CVE-2022-4875,0,0,17c44f8ed61133d49317ef236aeaa7add57a954975b984861ea8fa8f275ad9d2,2024-05-17T02:17:00.353000 -CVE-2022-48750,0,1,2954a30ebd42f3feefa9c31697eee77cf8030c891f25783907b2257b92befd2c,2024-06-24T16:15:10.050000 +CVE-2022-48750,0,0,2954a30ebd42f3feefa9c31697eee77cf8030c891f25783907b2257b92befd2c,2024-06-24T16:15:10.050000 CVE-2022-48751,0,0,ccbe45a6f46ea478f6d2103d0c462b7b927be5c05a337aad0597f6ed69e6258f,2024-06-20T12:43:25.663000 CVE-2022-48752,0,0,9d9a185802f3eb156cd507d10d389a1da8eb659638fb3fdf21cc2b4309cd38b5,2024-06-20T12:43:25.663000 CVE-2022-48753,0,0,a394b42b6cf3cc352557e3c8140aa4d7c71463c650867404c296d9fb853db470,2024-06-20T12:43:25.663000 @@ -228512,7 +228513,7 @@ CVE-2023-38384,0,0,54f2c7b3d2818effaffa8b8e84e243e8a49ddce49dfea166f8b7f7dfa5cc2 CVE-2023-38386,0,0,aaae6685ce584abebd33b1f049d0c1581b4aef9e84b8c60a1d7578f2dd26a7ee,2024-06-20T12:44:01.637000 CVE-2023-38387,0,0,18b9581624e43501a4cb80726cbad939a2ac6adef341936b040bdb0338ce921d,2023-09-08T14:39:10.543000 CVE-2023-38388,0,0,a65eaf4e5dca56ffeb23eee28b5715af13e19c46768ad084c3f42d56caf3d77f,2024-03-27T12:29:30.307000 -CVE-2023-38389,0,0,26f0d9d932ff1084b5139355fc3b3a3f49b017a6216f41c9ad930689a502777d,2024-06-21T19:15:20.857000 +CVE-2023-38389,0,1,f80cbe7e798834b62b9852c1b0a185a3907e6c272506214c24a1ca482000bcfe,2024-06-24T19:13:48.847000 CVE-2023-3839,0,0,5ff9aa1532a46eccdb92ce1ebbb2619dbcddface6d60c3cddbbbed157e6b500e,2024-05-17T02:27:52.343000 CVE-2023-38390,0,0,a8ddb08e6640474b7c20c14af215057166b935398c10611e08cf7ad2b1521ce6,2023-10-04T19:58:33.723000 CVE-2023-38391,0,0,344147f660134030bcbbaa890dae6516b557e6ede35f44154d334296e9591473,2023-11-09T20:07:33.613000 @@ -233367,7 +233368,7 @@ CVE-2023-45191,0,0,0471d71b4e832eeadfce865b6a4a3f21dfa7a9078549997d149920fc7d734 CVE-2023-45192,0,0,9b3331ad67e9e1a89b019f9431a09b60b39c9c9dc236135dc341290555b6f6d8,2024-06-07T14:56:05.647000 CVE-2023-45193,0,0,74568a9a8ac5466cce17b97fc2aa48957015444a92e43d7710c1164db296930b,2024-03-07T17:15:09.880000 CVE-2023-45194,0,0,d5c89e53cbf9029912da4482ada08495c9f99ebbbb14329dd33526185af3bf8f,2023-10-31T18:08:52.140000 -CVE-2023-45197,0,0,5e35e6c90104c4672571c966d05bbf3817cdf016a67b4e5975a0f326e8819070,2024-06-21T15:58:38.553000 +CVE-2023-45197,0,1,8a90792322c877608389ee68d880223d40a1412d9f861950113d62e11c0c813d,2024-06-24T19:11:50.963000 CVE-2023-45198,0,0,e83575150f55c9693ecaa3d3d8ecc28b28389ef4c4551e169f843e36cfbc4ca1,2023-10-11T17:15:31.923000 CVE-2023-45199,0,0,ffec34f4347277cf1a81398e2045556919c611109a0a71706ab507c8e66ad4f5,2023-10-12T18:19:39.860000 CVE-2023-4520,0,0,eb8b9d46036d07e44e7e6211618f5b8c849531353eace901c8af027cb12b19a6,2023-11-07T04:22:40.960000 @@ -234893,7 +234894,7 @@ CVE-2023-47263,0,0,677ab9fce589c1d1a7e84495fba44efba88975d28c1c0b358eaa4e3b2e310 CVE-2023-47264,0,0,9faf020667cc25f07dfb8382df553caabe75eac9b1668d9c999deccefa85a8b6,2023-12-01T18:32:28.423000 CVE-2023-47265,0,0,e5dd3e8f07e2cde29a7b164b7d2f2d8fb5d2648b52cb927855305ced52fdae4d,2023-12-28T14:00:15.887000 CVE-2023-47267,0,0,7af787055fd484ddb13b770f63a574a7140e8e765ce3a9c07340594a128f888a,2023-12-29T03:11:24.070000 -CVE-2023-4727,0,1,0566dfdad012a042a7f5ecd4590b8938de43a9d21847db2be21d41e7b3759053,2024-06-24T17:15:10.030000 +CVE-2023-4727,0,0,0566dfdad012a042a7f5ecd4590b8938de43a9d21847db2be21d41e7b3759053,2024-06-24T17:15:10.030000 CVE-2023-47271,0,0,9cc05b4e0b65c52657ed8cdc25e16f6a7fc3036ff1196f68571bcac4e63323c6,2023-12-20T01:15:07.297000 CVE-2023-47272,0,0,6e28ab19abbf3b1b70b10399ba447a3637cdf3f4443fc6db792243e0885fe9db,2023-12-28T17:24:36.373000 CVE-2023-47279,0,0,77443ef453c9d718722250faa2452d8d4368ad781c70a56bce601eb3ebab7163,2023-12-06T18:38:55.820000 @@ -236650,6 +236651,7 @@ CVE-2023-4979,0,0,fe90b996aad7fd9d207a821adb7cc1500febb7c75bbb7bd67d555f9c48875a CVE-2023-49790,0,0,5afc146c8b3b6ecfcb6a55fe84e0378072f870f2dcfb19de84b9c7d952b4cb6c,2023-12-29T18:31:50.337000 CVE-2023-49791,0,0,44bb8be61b681598df4be72a64a069d11ebec991b5f3c09e01a15af32dd57261,2024-01-03T14:35:15.607000 CVE-2023-49792,0,0,118f367b2c98f18f67532ca5bc4990724cac529a3fa6da8f74f63184c44dd841,2024-01-03T14:29:18.610000 +CVE-2023-49793,1,1,c8e609e23e0edef6ac3d9178a10f8ebe9c8fe54fb2582c70331208fe4571d6a3,2024-06-24T19:26:35.967000 CVE-2023-49794,0,0,6cc7d6d6685ac8ef61f4d7cfcc6b29949e6fa745a1935320175cd6bffb0fe5c8,2024-01-08T19:37:53.727000 CVE-2023-49795,0,0,fdfc9dcaac028773fe21cc986e448a847fd83e04a359cfe71bdfcb6425a806a1,2023-12-14T16:46:43.917000 CVE-2023-49796,0,0,d0477f56fe0294a5fa0466b53c30abffc4674416eb940066153cd28efb4bebf7,2023-12-14T15:59:56.653000 @@ -237506,7 +237508,7 @@ CVE-2023-51371,0,0,3aedbdd2ebcefdee1d4ecc7e34ad4946769243f5b6156bf507da0f1e10c7a CVE-2023-51372,0,0,faf10f39d38879b1877c2b4b79fccfffa8ba55d0f2c230b96325f105b3943945,2024-01-05T04:53:29.053000 CVE-2023-51373,0,0,ec933750877dd764c811f2f21965ce53a21d0bcaec72c86a5800d7678bae3291,2024-01-05T04:53:36.090000 CVE-2023-51374,0,0,5cfd079eb630f7378776bd71d950f89ec6bc9672899c475804bfa5be25959bf1,2024-01-05T04:53:45.327000 -CVE-2023-51375,0,0,457640b00a6081d44a216c3952b0aa75a3a9b641d844592796181ff1b431f8b8,2024-06-21T15:58:38.553000 +CVE-2023-51375,0,1,990211e5e3a5e9897f8c8c3c073e3081e879783e617bb00386cf97086efdd9b8,2024-06-24T18:52:00.293000 CVE-2023-51376,0,0,c7a5eaa5717eb011ebab9f8999171d1926d813006589d2fc5e8c3c5d7b2819aa,2024-06-17T12:42:04.623000 CVE-2023-51377,0,0,7f89e41d1e4357bf037b6bc00220a3ba978acdf4435143862ec67f994bb005e2,2024-06-17T12:42:04.623000 CVE-2023-51378,0,0,cfb34f8c0413f5c8c80707e698b878e1dfc35501d7b8ccfdcfa56ee80ec9005e,2024-01-05T16:20:35.933000 @@ -243224,12 +243226,12 @@ CVE-2024-21509,0,0,b1840eaff4c2213087c96721aaf87fdc6158bea90de6f63bdc95977af5681 CVE-2024-2151,0,0,43d1a22352e1e830bef22f2b8bd5a33b83725db15329384a70a3ee26b8a5da55,2024-05-17T02:38:04.663000 CVE-2024-21511,0,0,d034a9f6c4dcc55a5c4fdcdd7e3a31e0606abc8a26dae5773e22f734aa49e036,2024-04-23T12:52:09.397000 CVE-2024-21512,0,0,aa76b050e4c93f61d8197b2abb831a8245fb81d83da1143493979b801398852e,2024-06-06T13:15:31.390000 -CVE-2024-21514,0,0,223140fdefdf1ae534b5e1437aa6ce2b522342315fe6284f6a3d8c4144b5ff9b,2024-06-24T12:57:36.513000 -CVE-2024-21515,0,0,0bcfd0c25b18449f1eb210a2daee0e9d596026bdd7dec79357dcd22c4875cafe,2024-06-24T12:57:36.513000 -CVE-2024-21516,0,0,bbb51d1b185da32b8a7cbecc866f9128522a5dcd1e8598ad02f5da6f24cc0a98,2024-06-24T12:57:36.513000 -CVE-2024-21517,0,0,337be68f70d59a13bae92d112cc5635d1e5e3117107ee89a1ff44c58dc693318,2024-06-24T12:57:36.513000 -CVE-2024-21518,0,0,ae1c7fa9851915da1c2487d92fd221fc7d27d0a27054804bafcc806adda2234b,2024-06-24T12:57:36.513000 -CVE-2024-21519,0,0,17ba06e0d881f765b8c5e52e432c0bed322f013a3d41ea668ad189f7ad45584c,2024-06-24T12:57:36.513000 +CVE-2024-21514,0,1,e46d2510c7d7d4af2532b103543d4d4cc9a1ce528ea64400d0426ee8dac1b60c,2024-06-24T19:59:16.767000 +CVE-2024-21515,0,1,0328aa4c891cdd4af83806c0833511fbd9428103cda9e00c6fd9a5ee4d968daf,2024-06-24T19:58:28.987000 +CVE-2024-21516,0,1,e92a521ad5aff100399165764c49274a0077f590f2572735a3a35e0256794ca8,2024-06-24T19:57:38.197000 +CVE-2024-21517,0,1,186f90d2088e8e33683da894eb00f6f13b8f4ae5479bdad5267ce001807a583a,2024-06-24T19:56:45.167000 +CVE-2024-21518,0,1,83a4ac5f480325e602a67a8a1958abd8c4414c62288c5217c40c0680b80ab4b9,2024-06-24T19:56:14.723000 +CVE-2024-21519,0,1,99cb820000050c4a8347abec593294f82b25bdfbd4e4a3b0cc4286db32ec2098,2024-06-24T19:55:07.760000 CVE-2024-2152,0,0,3cc97618eb3606d7138054800fe4c9dd1b810706cf75a720e72d22a25acc79fd,2024-05-17T02:38:04.770000 CVE-2024-2153,0,0,32d949763a8c44673b751742c2df9fc58704fdbb602a296b8827b8bcaaa1ed2f,2024-05-17T02:38:04.867000 CVE-2024-2154,0,0,ad1f5443da5008cd83aa665fb0ec59294e0b766fedda6af927118b7949d4ad34,2024-05-17T02:38:04.970000 @@ -250397,7 +250399,7 @@ CVE-2024-32636,0,0,b839e4487b1638854c5d5ed3e87a4fdbdb3bc06aadde0672da5bb7c4c2664 CVE-2024-32637,0,0,97158ed5566d3250b3fb8d995175abcc4416b94fccd5758c6cd34951fc968110,2024-05-14T19:17:55.627000 CVE-2024-32638,0,0,59375073558f82dda1dfd378010829dbc4b43397a23c1692acbbc241abef4929,2024-05-02T14:15:09.830000 CVE-2024-32639,0,0,f99f2a7c37840cbb9e81b91cedc42f4b5433fcd481ea7dcba5df3b2b90ac9ebd,2024-05-14T19:17:55.627000 -CVE-2024-3264,0,0,a807c4bc2c30dd7f0a58e7010c78e23a60c343a32a50d9fdc9ac32546c12e4a7,2024-06-24T13:15:11.627000 +CVE-2024-3264,0,1,e72e043177a1a04c7a4f16b77aec7fa5bf6f759e5ddd7b4a37761d45eae1d7e0,2024-06-24T19:26:47.037000 CVE-2024-32644,0,0,e88c5eb3a89ae127bbaa68ee6900bb69776588719de1a17fdbc979f8b62412c9,2024-04-19T16:19:49.043000 CVE-2024-32645,0,0,b793223b9f315c955102349a0fffec6d395200342592d911bfc2d42be0594699,2024-04-26T12:58:17.720000 CVE-2024-32646,0,0,9f830707470a3978892edc29be298706f63ea6896e8eab377ae270338a7fdb45,2024-04-26T12:58:17.720000 @@ -250650,7 +250652,7 @@ CVE-2024-32926,0,0,4d59d95e67f06dae310ae8a2d40220ef0668f77838338af7211426ab3456f CVE-2024-32929,0,0,fca85852b4f9b4be325600280f8ac834cdec05282edbd84dc56f53976dad74ad,2024-06-17T12:43:31.090000 CVE-2024-3293,0,0,3552485a27a6b6c8b2cadd17fbdb3e630238722099a3e2d8d97b0f239cd2dc1a,2024-04-23T12:52:26.253000 CVE-2024-32930,0,0,227270845521cff2d941eab53c1796fbaed28c3c5549cca0d58682d82af5d494,2024-06-17T12:43:31.090000 -CVE-2024-32936,0,0,0479154fdc850ca9ed81e99a01177bb032f5df3f14f7b3f591821127c99f1718,2024-06-24T14:15:11.600000 +CVE-2024-32936,0,1,a98023d22d8fe34ca67d2e41b0f1a0096283ac909ae52ca8a63dcd8b920ad836,2024-06-24T19:26:47.037000 CVE-2024-32943,0,0,681ae4b7d296514b2b529abffaf20ed5b5c5e8eb8fff0f6f2bae62e656ffc6eb,2024-06-21T11:22:01.687000 CVE-2024-32944,0,0,357727703d6a86b0d608eb9af0488af030fe8a85e9a27818f7be4cd525bf7172,2024-05-28T12:39:28.377000 CVE-2024-32947,0,0,35287e8f28304ee9599f9712f94ac6e419772e1d66820555100faf85f8aeebf3,2024-04-24T17:16:50.397000 @@ -250791,7 +250793,7 @@ CVE-2024-33273,0,0,585d07525cd63ab54e2649da09bd7189be4bbd92fb20c631d01ed4b6f3a33 CVE-2024-33274,0,0,52b15509dffdfc3176647bce12df8b0c1eced4688c94457202dc37e296aad7ac,2024-04-30T17:52:35.057000 CVE-2024-33275,0,0,1eda93c4e69f49e029fa8a68b75765614462353e3fa7514a52b5a4933dd5cd8a,2024-04-30T17:52:35.057000 CVE-2024-33276,0,0,28ed6a9c7414da5d9ea790353557b1f0dcffdd008d1db835bce13592b7065315,2024-04-30T13:11:16.690000 -CVE-2024-33278,0,0,c582ff5dc26c9d896b321b92c418ab7cf5aef734bcc5486edc1cf568a7f00b70,2024-06-24T14:15:11.687000 +CVE-2024-33278,0,1,cd7614810fcd4d8ccced2a34db6b02a1f7d56e1be8bbb904a77223cb1e1edfb6,2024-06-24T19:26:47.037000 CVE-2024-33292,0,0,c910276e47a35c4068de5fc63cb178d8e90cd026be04b7f1341194869e93ffe9,2024-05-01T19:50:25.633000 CVE-2024-33294,0,0,651017db1c522f877e9d465fe559bbedb3d80764dd343a625f15cc6fbb311c22,2024-05-06T16:00:59.253000 CVE-2024-33300,0,0,b5580633aaa4d49e85a0455e8d12132260b285a311f5fd5f3bc6154bc8326258,2024-05-01T19:50:25.633000 @@ -251039,7 +251041,7 @@ CVE-2024-33682,0,0,2077d9f86dbcd7afb58135718cb00b93d9684082b8213c0215eee7a02c222 CVE-2024-33683,0,0,d7c4bf8bbdd8bd3ca6f26bbf7a4bf0688b7570f813369db65ed2d59e99a11ae9,2024-04-26T12:58:17.720000 CVE-2024-33684,0,0,3ce237329d3df5f9007e5d67d61db628bec85573b5f0051e8c96a94f412e3b03,2024-04-29T12:42:03.667000 CVE-2024-33686,0,0,d546d633b6bb40520e2094ecc8b1f7b58366091819ee6008dac168dc7995c4dd,2024-04-29T12:42:03.667000 -CVE-2024-33687,0,0,cc0715a05a76c979418553e4343d730b9d9fcb2eb61eb446b8788d1007c3de39,2024-06-24T15:15:11.590000 +CVE-2024-33687,0,1,26ad6ecfa720fb30ee2731041d988b73e9bce80efef96f48c2f4e0767364f376,2024-06-24T19:26:35.967000 CVE-2024-33688,0,0,15c623ea6d0e85e99afd20753787faa07eb45674316852700f3732b9713c4938,2024-04-26T15:32:22.523000 CVE-2024-33689,0,0,9a3d372175f3eea45d33e57473572a2b8c9a57d63f47cd918b323f42ce5db301,2024-04-26T15:32:22.523000 CVE-2024-3369,0,0,3da89dbd38c2618a563bf80b7d483ce67f079fb76e6ddfdcb4546d83e4810c02,2024-05-17T02:39:53.217000 @@ -251109,7 +251111,7 @@ CVE-2024-33835,0,0,b7a1ddab44d53e7f09c5ad58cb148033d556cb74ed3d7a19809aa297e0382 CVE-2024-33836,0,0,56a0960aeb8039f6a242dc79de612ac8aaa2ca95d4d1f5ad6698e412435b641e,2024-06-20T12:43:25.663000 CVE-2024-3384,0,0,f1db02aa38b819888be52a421a922174001b5f3c9e0abe3ab9082a168503f129,2024-04-10T19:49:51.183000 CVE-2024-33844,0,0,921cf446ac356d2881e6613aac60d162eae136862d065184d9b1201e02e62333,2024-06-10T18:45:09.903000 -CVE-2024-33847,0,0,8bfb420f5dfae68bf12c67e59595bc32435ec9414a9f302c9985297b66f521c8,2024-06-24T14:15:11.803000 +CVE-2024-33847,0,1,cec3102738820622f0167b7b117ab7c4d637fe3cf90cd38fd5f1921621ade8bc,2024-06-24T19:26:47.037000 CVE-2024-33849,0,0,3b4368a52b5ddf8a3c305c2346a67c77b86eca45d334812e664f6d20b43a32e6,2024-05-28T17:11:47.007000 CVE-2024-3385,0,0,dafd55987e5738b5d6ec37d523526a7e0269d60d96cd780933abafbc800645a8,2024-04-10T19:49:51.183000 CVE-2024-33850,0,0,158a3abac262aacbd4fb1eef86465f2f064c398c7b73e2e07333e2e0ee53ab9d,2024-06-11T13:54:12.057000 @@ -251133,10 +251135,10 @@ CVE-2024-33875,0,0,d56411f6b08dc38a7f7767c8da240cc0d8e5f0e9cd402439404e4aab3eaa8 CVE-2024-33876,0,0,855e6f1a6953572bf2abcb9512e6b09150bd51d2ecf5c5bf346f500d7866eb87,2024-05-14T16:12:23.490000 CVE-2024-33877,0,0,ef39c06f10245406350935c5cfc4e4509dcfa0fbf9f61f794331f96ec66f10de,2024-05-14T16:12:23.490000 CVE-2024-33878,0,0,c933698b6a2548cf9b48c8259d80584290a037a34e4e04a28347b701e99d20c0,2024-05-14T15:38:10.657000 -CVE-2024-33879,1,1,1945c87ea598fa2c860f09a9418a1784854478a75b86b7728dae5d4e3b7a5a51,2024-06-24T17:15:10.257000 +CVE-2024-33879,0,1,b4a65676743185aefeffa69ebfc0af5a3991916fc2ca01dd5d7aaa79f1b2a410,2024-06-24T19:26:35.967000 CVE-2024-3388,0,0,9a13547aa29d2171bfe252870fb3dde44261a463a11a31d9062dc130e0f3c4f3,2024-04-10T19:49:51.183000 -CVE-2024-33880,1,1,45eb988a3760dd6cc2e18626234c530d103bcc886e6232ce390ec570ec2dfdd3,2024-06-24T17:15:10.353000 -CVE-2024-33881,1,1,c35ffe1f334195c62b911b8127058639777fa6911c98d7d4c8c5766fca6a3c61,2024-06-24T17:15:10.447000 +CVE-2024-33880,0,1,6e36b0fb5fe2b32e2817592006df5d8a4056f26237538fac1581301ce44f312a,2024-06-24T19:26:35.967000 +CVE-2024-33881,0,1,fe245f6a598cf69e9a799928f3ddd050be59db62f7dc0626f6b1e68c6a66b11a,2024-06-24T19:26:35.967000 CVE-2024-33883,0,0,c3d4ca3457f68fb83203c8f7576ab4f6d2af7e59b5901cd64501370e80dea4a9,2024-06-10T17:16:28.217000 CVE-2024-33891,0,0,dbfd0a46c344c55dc0dc7b94e4bd09b3968a700bb28b10a9c34051909c1cf008,2024-04-29T12:42:03.667000 CVE-2024-33899,0,0,a7d045f337995c763b9659e78955fd4f45f7736540a0f2de3af7e2f3a386fc9f,2024-05-21T17:15:08.907000 @@ -251214,10 +251216,10 @@ CVE-2024-3402,0,0,e994f4abb2ec0efc27de74bd789f4b69dd0341c920e8e4136eb625b5fd69d8 CVE-2024-34020,0,0,9d9b11f4db84c3770acd92b1150bad9b802c58de4fce781bba37a89c232e029f,2024-04-30T13:11:16.690000 CVE-2024-34024,0,0,10e33d292073b520b667747f9d1f0728699da6905036151d86e343d924c712be,2024-06-20T12:44:01.637000 CVE-2024-34025,0,0,7910ed3f49f27cc3d6e29efd0456c14b8fa97ed1ac57b4183c41d497d3215ba0,2024-05-16T13:03:05.353000 -CVE-2024-34027,0,0,240f50f312768d6b7ec99f9656e60f2269e07aa2df83e158faaf4b172d5ba726,2024-06-24T14:15:11.887000 +CVE-2024-34027,0,1,e397fca17c7df014adc9f3ce444d12c38313597f0e3ff23bd3fd7d4b1959c585,2024-06-24T19:26:47.037000 CVE-2024-34029,0,0,4169ae74794d01d0e86a2d5b95da9173d7cd134e14e2c2e7fdcc6668ef8aab4e,2024-05-28T12:39:28.377000 CVE-2024-3403,0,0,351b7361a62b75fa01065ca2b4d00dead5236a2356f9f11be8885ee6cd82884b,2024-05-16T13:03:05.353000 -CVE-2024-34030,0,0,722a834e049232c6c5c9cf454db59e3f51e13cb1a5145a5163ebaa98906e6682,2024-06-24T14:15:11.977000 +CVE-2024-34030,0,1,c6c8960988ea9bbfc6c463011e5e483cd257a63d923218a3c9c255cfeb9969db,2024-06-24T19:26:47.037000 CVE-2024-34031,0,0,32832cbb1e8c12d82b1b4f0b17dd8da5298483e844da3b9dfde76f943f816f64,2024-05-03T12:50:34.250000 CVE-2024-34032,0,0,5a4c84545c086e02a753cbdc2a69955417aff416961e34fcc07fc6e9fddc4770,2024-05-03T12:50:34.250000 CVE-2024-34033,0,0,719a8ff9b4eb14602d2888920177741310f8b0330069ca799cf076b91625a4df,2024-05-03T12:50:34.250000 @@ -251866,7 +251868,7 @@ CVE-2024-35240,0,0,acfeed6c530b591057353f6a14e986e7e3beca50f19145cd1d7655529729b CVE-2024-35241,0,0,4a6b31c14cd4bc5f7501900c1f56590acd344b1e5ce5ecc61874cf3d14d82318,2024-06-20T09:15:11.993000 CVE-2024-35242,0,0,2e207f0b714427aca575cae65f49ba50d1e8e36b82c7f71cef6b3cbfa7cbc65d,2024-06-20T09:15:12.140000 CVE-2024-35246,0,0,59617e31a77bd658be7e313937eafe43651eb259d73666e87752171030c4c414,2024-06-21T11:22:01.687000 -CVE-2024-35247,0,0,b364f237bd32ec8f0e8791ddc4a1557086eb7587aecbe45f4e63d70dff00288b,2024-06-24T14:15:12.050000 +CVE-2024-35247,0,1,33df3a6d2c9933452b5b3294be46906fff82b71a1d8c3d67e93411b1f41981b2,2024-06-24T19:26:47.037000 CVE-2024-35248,0,0,f7c53bc850d23eb0500967bc3fdae9c98dc6938d20a4c4a2eae9a2af005467eb,2024-06-20T16:38:22.977000 CVE-2024-35249,0,0,1a1dd41a82635c8ddd298674d6ef7ab50751606bf1ad25c08d730ac7cfcbceba,2024-06-20T16:39:19.630000 CVE-2024-3525,0,0,d160b9aacf64da3afa7deea3824b335adab6f10a287b9b570340cfda8c91ffed,2024-05-17T02:39:58.983000 @@ -251981,7 +251983,7 @@ CVE-2024-35511,0,0,88c11e90f79a9ed0aca8c4301cc3b328c70f04cb419aacefe9fa82a87fbd2 CVE-2024-35512,0,0,c9d23c736120f04931cbbc7470489190e83340be8d46b2f2d0f2c886a0a46a7d,2024-05-29T19:50:25.303000 CVE-2024-3552,0,0,fa4171774caf4f107f7bd7bc705072afb6b03f384e26f4e538ab01a75ca7b0ff,2024-06-13T18:36:09.010000 CVE-2024-3553,0,0,35fab26edb78f51246dfea40a1da2d2c641df3766aad72a071763d4720020731,2024-05-02T18:00:37.360000 -CVE-2024-35537,0,0,bf7e89242539966050492acf27f1c55b2c7651fe28c2e8bcb59e7ec83881506d,2024-06-21T19:15:20.857000 +CVE-2024-35537,0,1,40b24ff825bd5479d6cda748f4b6fa0164be52128bb4d8df6dce48131ef1f731,2024-06-24T19:40:04.190000 CVE-2024-3554,0,0,b4c32859301bcc314e2dd2301d5e454826bca59cac4e6957d0f808d223349460,2024-05-02T18:00:37.360000 CVE-2024-35548,0,0,d8ef06df5ce64125bab3cdde256f258e1c87cbfe4cc6bfbb1a4d7595969f62d9,2024-05-29T13:02:09.280000 CVE-2024-3555,0,0,7b5ade071f86d2f47a475842356f8c63a7b0fec9dcaebb74484d06286ab10108,2024-06-04T16:57:41.053000 @@ -252157,29 +252159,29 @@ CVE-2024-35753,0,0,4b00013eb5c5163d10b023d8805e46e754e3b1b1734dbee7457d6ef520f4e CVE-2024-35754,0,0,aa65be108fb30993f3885ae8163c97598c773dba7e2b2fc6fa84875158e744b3,2024-06-12T18:19:06.043000 CVE-2024-35755,0,0,172ec26a252feca7396ffdbe59736e2cc07ceb58de6059045747b33d7fb06a33,2024-06-10T02:52:08.267000 CVE-2024-35756,0,0,26709156d92c0e268ef7cbecfe5b4508148e493e88bdf919829cd3fadab67b01,2024-06-10T02:52:08.267000 -CVE-2024-35757,0,0,6f0088487e9ade240b4855b09a70907cfe5796964800c306a26a5e6cac560aca,2024-06-21T15:58:51.410000 -CVE-2024-35758,0,0,f9312468b3c3a08107f7d2bcfa29706c6a045df0f8522dff94d24a730bb2f730,2024-06-21T15:58:51.410000 -CVE-2024-35759,0,0,2708447571021767c92de5056ca20719137de63fc3ff61c27fe17642e95820a6,2024-06-21T15:58:51.410000 +CVE-2024-35757,0,1,a595aebf97f02a4ca645c60fa187f4b64b758d43019b068595a13e7f57a839e1,2024-06-24T19:19:01.097000 +CVE-2024-35758,0,1,0e49ee64256c122d32b0429c0a75a03cf710db75610b20e710105011104ebf43,2024-06-24T19:19:51.957000 +CVE-2024-35759,0,1,c21dbefdae9828142b6cd26ef5efd29aa045d11eaced3da8e775734b41de44b2,2024-06-24T19:20:39.243000 CVE-2024-3576,0,0,da3479f65547a923ac9b6fc5d4e01aab352d357f2ab0f89f14bd434e8562f642,2024-05-07T09:15:38.747000 -CVE-2024-35760,0,0,9bc4daed8c3cf020a5897d484b7e4651b295369908f93094eee3872fb9fac888,2024-06-21T15:58:51.410000 -CVE-2024-35761,0,0,e1590c99754f2c20938f084ee133cc95108a51642b76b6f20f7d99c344a2ee6e,2024-06-21T15:58:51.410000 -CVE-2024-35762,0,0,661646769b65a697b0dbc93834b24892d88f88dee4fa82d96c6b85baf6eca6d0,2024-06-21T15:58:51.410000 -CVE-2024-35763,0,0,48c62e50b8c5ee0ca56f8efe08758b657ad1f30b5a31c48514688ef803698037,2024-06-21T15:58:38.553000 -CVE-2024-35764,0,0,46322bd4d921b52dee9e5b25b662c08f5eec7f5258412723cfb6c9b8395c8824,2024-06-21T15:58:38.553000 +CVE-2024-35760,0,1,e7112046add280126a5d86ed42ad8b9e0cb4714c2335de2339e2c1edc9ab6630,2024-06-24T19:21:04.613000 +CVE-2024-35761,0,1,4676de22e870b5fd6ec2cdc119cc05e19ba4ec2983928278ea678e42184305b7,2024-06-24T19:21:26.413000 +CVE-2024-35762,0,1,59212d07fbda83405d54387a2854bdea04471b90c3e57fb3b83c0fa673582054,2024-06-24T19:21:47.457000 +CVE-2024-35763,0,1,80f36bad5defe2a86072ebe35b35908ab12cd23544d2e29a5906bec005f5191d,2024-06-24T19:22:44.850000 +CVE-2024-35764,0,1,a880cc47d01c8f85440e362fc6c8d1c8a7160890623c7a41cb7cc9ef4e48c647,2024-06-24T19:23:24.417000 CVE-2024-35765,0,0,2b4b05960266dffe197f924005c89655c3d35c1a3b09e1011c3ba498aa784944,2024-06-20T12:44:01.637000 -CVE-2024-35766,0,0,7e1882a6c2ea5e943bcd56facc446f4dcf4139491cda15c627159a5fa91d0bcc,2024-06-21T15:58:38.553000 -CVE-2024-35767,0,0,cbe98c9e9b2441cab27a982fee35eeb7023375ea7c208e3e4f2569d4c1242948,2024-06-21T19:15:20.857000 -CVE-2024-35768,0,0,6ae8a24bad86e5c45fe7623eeac40dcf28cd35766d66a2f3460fb4b4a7543137,2024-06-21T15:58:38.553000 -CVE-2024-35769,0,0,fb03c8e7c2155743f3790f1e575c02664d360a4980af50225ec88a98d03609b7,2024-06-21T15:58:51.410000 -CVE-2024-35770,0,0,0e7d23af68dff6a6098138fdb574c5b4641c077cf9cb239f5c4c01c48d594e62,2024-06-21T15:58:38.553000 -CVE-2024-35771,0,0,b2511d2a296118e15d3696bd21e5c5c681f37a2874ac8d13b1b94566139780da,2024-06-21T15:58:38.553000 -CVE-2024-35772,0,0,efb306b7c697d9a64a61df869ea3bf97a71767231d992a371f85169b4a16951e,2024-06-21T15:58:38.553000 -CVE-2024-35774,0,0,99d44871838d057a41ff7f9df412db701527f3d019a2524fa4de05d1c319e804,2024-06-21T15:58:51.410000 -CVE-2024-35776,0,0,89049e35f75f1d84419446ee8246e43f1eca6e2e1c2dd185c21f9746684ad308,2024-06-21T15:58:38.553000 -CVE-2024-35778,0,0,f78e2029193d1c95456f7eb1c29b13a28acd642ca738b78e8244da85fa0ad77a,2024-06-21T19:15:20.857000 -CVE-2024-35779,0,0,39da1f6df6efe6e5c476267e41c4c6fdec39c5e5e710e5d4799b0fe2737ec070,2024-06-21T15:58:51.410000 +CVE-2024-35766,0,1,778ca98e664a22aed805f195787994cd88401c8416578ae01f847bb357c674e4,2024-06-24T19:24:15.167000 +CVE-2024-35767,0,1,0a5602195f58639461b28f7b1cd0c911ba8553086b475c99ee4c4f9f3e720a3e,2024-06-24T19:14:34.210000 +CVE-2024-35768,0,1,46cbd90cd130eeb42c7e1a1e54bcbad9d87494c90c7d0b5b7fbbe719b93c3a47,2024-06-24T19:24:52.483000 +CVE-2024-35769,0,1,b840b07385ae432507ae45cb438b4a0cd2aaa5bf7ff52d81e4150e6dc2a388d3,2024-06-24T18:45:09.447000 +CVE-2024-35770,0,1,09521b64c1f9557fd8a7d05a96098640c8e563f4348469cb1598a3e17b6eb673,2024-06-24T19:25:21.117000 +CVE-2024-35771,0,1,528377e8b245533dbff20e4b0dd7328468397780793d88ed8bf6cc52e2f75614,2024-06-24T19:25:46.967000 +CVE-2024-35772,0,1,2d0d9c98f803d200fae5d0e084d548bff2c25e4891c370629239ed163d3750c6,2024-06-24T19:26:14.460000 +CVE-2024-35774,0,1,b04163e5e3aed962a8bb022fff4f15fd9953a3840984351341e879118df53ab8,2024-06-24T18:43:57.633000 +CVE-2024-35776,0,1,843520135517b374d77f0b73e5d208e8aee82b3db16cc26ae6b37a47d0e96e08,2024-06-24T18:49:09.500000 +CVE-2024-35778,0,1,5682b632dfc51cfacdddf5bb47d14c3256bcf6bd9ead6064f4b1ae3ebc67c8b1,2024-06-24T19:15:07.360000 +CVE-2024-35779,0,1,08d2aa367351b69a649cc12f9302f4c59f9bed6fe925bf37e513bed83cbc3764,2024-06-24T18:40:26.157000 CVE-2024-35780,0,0,0cb83863c03783254bdbb259245f43349fceaa55402150e68b96501fc1a18c7e,2024-06-20T12:44:01.637000 -CVE-2024-35781,0,0,1611304f29e64200ff86c78ef3f3acd9d7ccc4277a860032c1fb59f8ae468e2d,2024-06-21T19:15:20.857000 +CVE-2024-35781,0,1,8ad2da87cca362f8f311ac7da3875897822d38c021b6c490689c42a05fe866f5,2024-06-24T19:15:58.517000 CVE-2024-35782,0,0,1a0373b5f1f7deeeedd7f390a32d36b4e5b6a7fa2bc73f703a0a9b8d71fdc6f1,2024-06-05T19:50:20.463000 CVE-2024-35784,0,0,777c9d07d4e578c087e7dca5451415bcc43ec9a1a18957eb76a5068c9b97dba4,2024-05-17T18:35:35.070000 CVE-2024-35785,0,0,2d190f92b1b0e8f457adf5fad73410cb0f4e785e27759c42f1852e8078e97e76,2024-05-17T18:35:35.070000 @@ -252631,7 +252633,7 @@ CVE-2024-3628,0,0,ad2a38a3d431944b5239dd67ace3bcd2603e3057c8d0a04d847db45516b0c9 CVE-2024-36281,0,0,479133ce06ac02edc62536071e8e7fed1efaa94d8e73a60aac6af353af480add,2024-06-21T11:22:01.687000 CVE-2024-36286,0,0,ab9453fc7dccdd4845963ee510cadff6584d6dce7dd9a1751ca466f92e53e4a8,2024-06-21T11:22:01.687000 CVE-2024-36287,0,0,e3d04d973f90b2170d68fde9a36c28c9c5e8a06631e57b0e5a27e5d94e0933ef,2024-06-17T12:42:04.623000 -CVE-2024-36288,0,0,63c244ae64f7082dab37c08f77feecf6201cc12acabffd5a4c8f2a4ed87d6612,2024-06-21T15:58:51.410000 +CVE-2024-36288,0,1,828df8246a0f9031609a370a7b114a7c310a990762d597880430fc88ecc8fb92,2024-06-24T18:39:00.683000 CVE-2024-36289,0,0,dc1cbda549dffc5af4283892adb2dec0a95ed6a19c3c066db9d79fac2619eca1,2024-06-17T12:42:04.623000 CVE-2024-3629,0,0,ed67d1a2dc82a6f7d8e47e5534a14b4493dd33c5e11e4c564b2ef763c111a4ba,2024-05-15T16:40:19.330000 CVE-2024-3630,0,0,1b4d82e848787accdc20ad3d430430e1a1fa399ad678a3e5fbc87f1ba9867411,2024-05-15T16:40:19.330000 @@ -252711,12 +252713,12 @@ CVE-2024-36470,0,0,eca9d8a200b88d17a126a01f7740a10369dc45c4d4bdc3d30973fc6663ec4 CVE-2024-36471,0,0,7bfc01a91f1334cb206068a1dfaffdf29e68b3bf2783355d50e083ff5a6a3868,2024-06-11T13:54:12.057000 CVE-2024-36472,0,0,9bfd7afc4b2e800059c7e7a1cc84b36bb079950920b1605d92cfb4dcf501fc09,2024-05-28T17:11:47.007000 CVE-2024-36473,0,0,fdab9cfd1652fb2a67390d3a8e49efbc4911425ddf31224888be2ea2f102443c,2024-06-11T13:54:12.057000 -CVE-2024-36477,0,0,9440e2a12358803bf63539bc6e29c9ed50826720c749e4a1cd57c4001ade78c9,2024-06-21T15:58:51.410000 +CVE-2024-36477,0,1,b59e5d5af1c6acdc24e1a63eef92e4f9122e2b4bb56c6b73955e396539bd4c7b,2024-06-24T18:38:40.737000 CVE-2024-36478,0,0,2727e6159cf1a121bf0a692eed94de0b5f8e69eb517dd0e9488e03876f0c2db5,2024-06-21T11:22:01.687000 -CVE-2024-36479,0,0,4c2d90d679b746fbdfcc03829e088b793af95a892dd0bbce4dd51a7f0cdefad5,2024-06-24T14:15:12.157000 +CVE-2024-36479,0,1,76f76c531cae89bfeaa3ae3d3d2ff824d7a9abe865a4b4c788fbd41413bd9a32,2024-06-24T19:26:47.037000 CVE-2024-3648,0,0,347cd63bf86e6b194279224a49f79f49cff1705e1f9b364650443227c716e8b1,2024-05-24T01:15:30.977000 CVE-2024-36480,0,0,e44d83876d2dae748412d2e7075759ad0769387e9cfa4e370e78d4e4f59fcc0e,2024-06-20T12:44:01.637000 -CVE-2024-36481,0,0,289e7e75bda9b051d0f16493c3f7ea721a35d329796879f3ae868bd0ce7afcdf,2024-06-21T15:58:51.410000 +CVE-2024-36481,0,1,6ec2572e4978fa540ba8e430693df93c6d8e466561b6c8823bd56108e65c4d44,2024-06-24T18:35:33.157000 CVE-2024-36484,0,0,d8980b6175f97dcbe3120732bdd3f5c4554f0bf6402d98cdd4a7efe1e2dc7659,2024-06-21T11:22:01.687000 CVE-2024-36489,0,0,706602251538409bdd6d4f26c7d5b5f5da3d2d56202958896118ef2720f4e680,2024-06-21T11:22:01.687000 CVE-2024-3649,0,0,969867829e20da4acc88ade671a27808c021dddbe3e27e051d2004e683670e61,2024-05-02T18:00:37.360000 @@ -252961,9 +252963,9 @@ CVE-2024-37014,0,0,c47c2b09802b94267a83a7981860e8f6f71032b8440b3dd55d1a2f768ec71 CVE-2024-37017,0,0,fd4284c5a2195342d9622b5d20527d4d58db85192e227730c5a741287dc835e4,2024-05-31T13:01:46.727000 CVE-2024-37018,0,0,92b8b0fbc5eb3b3ff9e996cdb38184b7cd381c3e78fdf37e960ede7860319106,2024-05-31T13:01:46.727000 CVE-2024-37019,0,0,c7b7779ae7837bd324c73dde7cb1a43454b31469d3554588beff0fd2aed9bc3d,2024-06-03T19:23:17.807000 -CVE-2024-37021,0,0,2038d14e1fc5adeb08a83b54e8adbaaa9620a3bfebb37bed31b3d8e7d024c1ee,2024-06-24T14:15:12.237000 +CVE-2024-37021,0,1,6cd5193268887117aa0cfa91ce5bb24e5123c87b1685ec41bfaa6b8c35d1e2fb,2024-06-24T19:26:47.037000 CVE-2024-37022,0,0,2e2eefd3e0454318fd9ea45982b5aef37a4139c6c043004fbe53dd71e5f37e26,2024-06-13T18:35:19.777000 -CVE-2024-37026,0,0,664e1126b47a7caad543a95343cf51caac8dbf5d3208106b4bbc3174813eae8e,2024-06-24T14:15:12.307000 +CVE-2024-37026,0,1,d7cbfb6603c7d2d6e0f58c3d85c47d158b70aead88a80ecee6e5f9c900ea1461,2024-06-24T19:26:47.037000 CVE-2024-37029,0,0,534392cbe0894215b76b20e3854d46e7cdecbd3521fcbf5857ca9ed3ca750eae,2024-06-13T18:35:19.777000 CVE-2024-3703,0,0,46d289814974ee20b6160fe56cc828277066d832a1c60ccf5d9c1a62d06c47e2,2024-05-03T12:48:41.067000 CVE-2024-37031,0,0,967b2a62510a1f35de5969f18efe9a7e1918d9bc4c74d0011148e6a904de3800,2024-06-03T14:46:24.250000 @@ -252998,12 +253000,12 @@ CVE-2024-37080,0,0,c953e426661198e9665c742ef09fb44af751efb40a1f491b02b9f5389b1d3 CVE-2024-37081,0,0,462e18659ef5f7f4965b221966912e397932217f36959496e3a505bf8400d835,2024-06-20T12:44:01.637000 CVE-2024-37089,0,0,546734d08a472f24d21b11f96a62ff07ba2d9777252aa2840029efb67a03052d,2024-06-24T12:57:36.513000 CVE-2024-37091,0,0,70ef4cb5aa59df22f5d9bec3c45f39a3b926dd43e7416671f8860a54328745e5,2024-06-24T12:57:36.513000 -CVE-2024-37092,0,0,971a03f9af7b1d4b19cf531fe5b564d86176fa4578858214186f85168c2756ec,2024-06-24T13:15:10.010000 -CVE-2024-37107,0,0,a06218ce885c7a31503b0bac4faf9933303574516d8c93220100d059c34cdda3,2024-06-24T13:15:10.247000 -CVE-2024-37109,0,0,1f82bf035d42d194ad9fed242ac79a3a117b8af6edb9002a90c11d231651c6a4,2024-06-24T13:15:10.483000 +CVE-2024-37092,0,1,ddf8bb50ed996f71f2c9e3e9b63faabe2c52ea8cb34e6f0fcdb53b1c55be2132,2024-06-24T19:26:54.367000 +CVE-2024-37107,0,1,eaa9cf5a94a28aaa8385b24580f4e0847a5f8e8f7ba8d50d5e3cfa9d3405c236,2024-06-24T19:26:54.367000 +CVE-2024-37109,0,1,f2a7bf283e738683324f72b6b020147166c767610404b259a82d4d2ec2c96435,2024-06-24T19:26:47.037000 CVE-2024-3711,0,0,00ee502ae0ae8bdc802cd38eb1ec1e1356c10e1c18d766a4effd20297a066f55,2024-05-24T01:15:30.977000 -CVE-2024-37111,0,0,41d72840ce8d15bfa799af2a2f06fa84fe7fe1e9bb4118f440490b5bc69eb18e,2024-06-24T13:15:10.720000 -CVE-2024-37118,0,0,324096007c08912dfaef7c3d0cc3ac615d8bd1b4cfe586711e107346e35c781e,2024-06-21T15:58:38.553000 +CVE-2024-37111,0,1,bcae7bf97d7f3827f938ee358d22e79506670e1281470a8c2aaf6ae323a22357,2024-06-24T19:26:47.037000 +CVE-2024-37118,0,1,0ad56c9c4204404fc625d311f20c0b9c243a12023f3ae9f31f4a46be59aef39f,2024-06-24T18:55:07.707000 CVE-2024-37124,0,0,bdb1c2622a72a7efb103c3f5603bc06acb88520168a2b939ad78f62d410bde2b,2024-06-20T12:44:01.637000 CVE-2024-37130,0,0,e0f79c9f14be5102570781fc06be35c79666eecf04eb579171e468c9a760aecc,2024-06-11T13:54:12.057000 CVE-2024-37131,0,0,9d8793df78437fefb0a970a364558bdad589a0c15e132432497cef4b2151f46f,2024-06-13T18:35:19.777000 @@ -253033,18 +253035,18 @@ CVE-2024-3718,0,0,a740a1633905d284711162c33f52150d8f35c5a9e41e141a82d07851d64c55 CVE-2024-37182,0,0,549cc5da2b56e1ffc4f85fe12d4fc3bdb7526f84c41d2237f570cc5dd0365265,2024-06-17T12:42:04.623000 CVE-2024-37183,0,0,797ee6627defafae369247d5bda2be326b262d85b9c4ea85f3eb35804b563c70,2024-06-21T11:22:01.687000 CVE-2024-3719,0,0,d2320674d04cefde56a0b36b463f74328d6f18494803030bdfe9b0b1b4374afd,2024-06-04T19:20:23.553000 -CVE-2024-37198,0,0,131ed4554eb71228d727241b3dfdaa7384bcaf0b482096912cda194dc42caf57,2024-06-21T15:58:38.553000 +CVE-2024-37198,0,1,8919c8b8db43ac2a9639793fec092e2666b55422ab58e48ee04c39b0bd19361a,2024-06-24T18:55:25.417000 CVE-2024-3720,0,0,f4e69514093cc630aeda39d0a41fe705e0d9916a1077cef429b7dcf05a404308,2024-06-04T19:20:23.660000 CVE-2024-3721,0,0,ec8dc4b0ad5d1d9ba11acb18015142f7d1715fd653f7ca2987e266e9c9e8ef01,2024-05-17T02:40:05.290000 -CVE-2024-37212,0,0,ae4a36aa63ece820d606153b80eacb3f7e497935120df4142b03200847559800,2024-06-21T15:58:38.553000 +CVE-2024-37212,0,1,cb0e3003beb0d778b1e3e4d8f1145799c285874f36dc8f863bd0c5bf6222df34,2024-06-24T18:55:34.983000 CVE-2024-3722,0,0,7c1b4fae7e86bf4c1bc76a0d39819ffc592a7b598c7675ac0628daa278671c4c,2024-05-14T16:11:39.510000 CVE-2024-37222,0,0,65c65c234c553e022a88bb4c0528d9ed3832ed1be7f7805c03100111f1d159f6,2024-06-20T16:07:50.417000 -CVE-2024-37227,0,0,5f91d8a6e7671152348b8531b9b1b326309073799bc135ebcc76c7074c644de2,2024-06-21T15:58:38.553000 -CVE-2024-37228,0,0,390ee13309def507aec97c3c88775dd8a41e300274a0b08802f9399ab1f09971,2024-06-24T13:15:10.947000 +CVE-2024-37227,0,1,4e2633b3f003b3979b327314d700d0ddc7371858460ad4db762a20ac00ff8e0c,2024-06-24T18:55:44.513000 +CVE-2024-37228,0,1,e4e620c745f89628605987c2a38b0d3153deb314f842f4689d8988049cfbb358,2024-06-24T19:26:47.037000 CVE-2024-3723,0,0,21c397ab5e875f2652ba15d9001cdd8ef5c5941ff996881e18084aebeaee892e,2024-06-11T13:54:12.057000 -CVE-2024-37230,0,0,ff886f458710fd75389417297f1ffe0ec70d41e161a7ba04217925f513d3c2c9,2024-06-21T15:58:38.553000 -CVE-2024-37231,0,0,295ba080f6c07f6aa4148ad30310af64835d3fa5043ac5171b7a6a32ee323523,2024-06-24T13:15:11.177000 -CVE-2024-37233,0,0,9763774c3aa953fe9befe743f392137d30984a777e620234e6d0572e5cdc561e,2024-06-24T13:15:11.400000 +CVE-2024-37230,0,1,c056784fe1461835022ae4387a349a1e9e9676537a6bd83c972fd23b962299aa,2024-06-24T18:55:55.037000 +CVE-2024-37231,0,1,2975c060fd817766775d3e3ec5265250dfcb406eb3856b3f2d8635478d7fc4db,2024-06-24T19:26:47.037000 +CVE-2024-37233,0,1,dcdb23af544a8046a4ecb68f34b48a3a15207d5a73bdc6182df1b28a0bb5e19c,2024-06-24T19:26:47.037000 CVE-2024-3724,0,0,a2f08bb0a2e36a5c374b862fb3e4beff315b3d6672953c5eeabe10290b435e2c,2024-05-02T18:00:37.360000 CVE-2024-3725,0,0,dd194c190207038aca40dcc17eaac7bd7c6f9f34e04d00c016e0de6cd9837da0,2024-05-02T18:00:37.360000 CVE-2024-3726,0,0,5d13f10d5b73efb7ab7c6448eee56ee5b7f1a739226807fb6eef2a4ab850d2f7,2024-05-30T13:15:41.297000 @@ -253168,19 +253170,23 @@ CVE-2024-37663,0,0,461ef2b627ebaf037724a15235d82a1820114435949dedc6f8dbf4f5fc8f7 CVE-2024-37664,0,0,d12e16fb3db0b4b5d59f6bea6df277ad2fce6c983f4f02a9c54b534ba9c1963c,2024-06-20T12:44:22.977000 CVE-2024-37665,0,0,65120387c81349907f7a4a053373f743b497b218da3e8528d2288dae639dbb17,2024-06-13T18:36:09.010000 CVE-2024-3767,0,0,8ba3fcd8961d67ee2d120eabc736772a73aa38bca02250a44c8bb4877d64b7d4,2024-06-05T20:15:13.643000 -CVE-2024-37671,0,0,5ded73136963536b3598dd67c6f8b134cfcf3b82ccd8d1a89ff4f654dc8d9008,2024-06-21T19:15:20.857000 -CVE-2024-37672,0,0,4e9cf841745910786e4a9916140eedaa6f898f8c5d6650c54210918052b29c27,2024-06-21T19:15:20.857000 -CVE-2024-37673,0,0,3866b511cfd301076ddc0b94cfd88e0deabca0be8504979ff196525acab67ce1,2024-06-21T19:15:20.857000 +CVE-2024-37671,0,1,a9e75e6ef0a31daa7176dccd007f455e09652d7ab94e0dfedfe5fc284a860633,2024-06-24T19:40:48.993000 +CVE-2024-37672,0,1,31f27ce138b47703f4a1732a58dec82931f5b6c091d0ab042ac7d88eadae1f91,2024-06-24T19:41:06.183000 +CVE-2024-37673,0,1,f51362f0ce4136423a5ee471b8652d54a0dfebce8e08a4e6002feb970ebfa69e,2024-06-24T19:41:19.880000 CVE-2024-37674,0,0,10f19cbc643eab387106fb4d2dc47ca0de793db105c70cb22aa76c9f07603c89,2024-06-21T11:22:01.687000 -CVE-2024-37675,0,0,2d85884f52ce751c1f86857c3080dbca34070b59adfb64d2a979b44418ef3d37,2024-06-21T19:15:20.857000 +CVE-2024-37675,0,1,b8b2966e003a7477c4ef0b8bf3338112186a7b55754a1c2931ac546b40adcb30,2024-06-24T19:41:31.713000 CVE-2024-37676,0,0,9b6174275e973fa26ace8eeff114e47be3264bfcc9cbe3eb6174581137c23815,2024-06-21T11:22:01.687000 +CVE-2024-37677,1,1,fcf625d4177bbf42c416afe6002c6bcc807035f6d7fa24fc8ff69b831313f374,2024-06-24T19:26:35.967000 +CVE-2024-37679,1,1,426d8e45d131c302bedd50b3df6196916816da276505a0fe1b9a39bc4aa082cc,2024-06-24T19:26:35.967000 CVE-2024-3768,0,0,778d3eea8bf87c1f80239f04628ed71cfd577dabb0ce88459344c4cd4d61bb16,2024-05-17T02:40:07.203000 +CVE-2024-37680,1,1,672397ddab7e53f7332f79063ee0b2552f6259ce26078e5361ab7163777a894f,2024-06-24T19:26:35.967000 CVE-2024-3769,0,0,a35a1a6580261497cd040b87c6b68395a49a236a06454712c9a126123641e120,2024-05-17T02:40:07.297000 CVE-2024-37694,0,0,5368167ec99eb6ece190aa9225c5926bf9e44c57bc2336a35816fa241ead9559,2024-06-24T12:57:36.513000 CVE-2024-37699,0,0,e6aa9aad96c5cb91a6fa4201b1b47001ba232f78e3136af80ddfa6d4248f51dc,2024-06-21T11:22:01.687000 CVE-2024-3770,0,0,8954a3ad0db5fc9b48d9243a1de01e444d03084d0f8b5d5da9ebc562e8f0e6a6,2024-05-17T02:40:07.387000 CVE-2024-3771,0,0,1bf22922ed0657906343b6368a2362d22a78a1ff9d5272db064e582b3b0855d4,2024-05-17T02:40:07.477000 CVE-2024-3772,0,0,184d29c2faf230c27e7c42ad45c478e7862cbffdde795ec4220824e36861b510,2024-04-26T02:15:06.983000 +CVE-2024-37732,1,1,6a86ff5d31f2b347e744ff4e9df1b84cb4205a66e561799f1161776dd71f288a,2024-06-24T19:26:35.967000 CVE-2024-3774,0,0,430454733381ff5a96eb00158d8d932d4c087496720223836bce2968611b5152,2024-04-15T13:15:31.997000 CVE-2024-3775,0,0,a79253f4f0c7633f40fa5e33903553d0137ff03b4a2d8425a028bb5ddf1c6b0a,2024-04-15T13:15:31.997000 CVE-2024-3776,0,0,55056178a3d988ca6f5c349416a81e65818f1f748e962aa89ca62657bc61cdbb,2024-04-15T13:15:31.997000 @@ -253200,7 +253206,7 @@ CVE-2024-3781,0,0,bf710215509c2fb5fefd67fb85930537c2ce3a67160738297841ece3c75d6f CVE-2024-37818,0,0,9dde5fb80aa69772170f1a2e1414de157ca4025771910bb93ffd749e3cb749f4,2024-06-21T11:22:01.687000 CVE-2024-3782,0,0,c95ea596dccb3636dd3691321b5a7a48aa3ee2b08cd07f6f17f6b9ebb6c70325,2024-04-15T19:12:25.887000 CVE-2024-37821,0,0,69c8b0f219772ac85c00d152695d2a6db130f2920e14ec06f202587157691baf,2024-06-20T12:44:01.637000 -CVE-2024-37825,0,0,cb3ff4b646c07ccfc44bf749c3a8647e9cddf4a39b81ff5cdfda1d0a15ba847e,2024-06-24T14:15:12.430000 +CVE-2024-37825,0,1,3470a82078ea88284f350b719f730ddf231924996161e05df687c780330da112,2024-06-24T19:26:47.037000 CVE-2024-37828,0,0,1aec682223533f9f2174345c4486cdc5644002780b6ea2a3830079cc11688c3e,2024-06-20T12:44:22.977000 CVE-2024-3783,0,0,f916980cd1e532a7d588efc898e3b89c6684234f9d5fc7d911dee2ee73ce3295,2024-04-15T19:12:25.887000 CVE-2024-37831,0,0,5e7eb1d81cbc03e5a6cb7a0c776550184a7e580655a65f67804199e93112edb2,2024-06-17T12:42:04.623000 @@ -253302,13 +253308,13 @@ CVE-2024-38357,0,0,db932e7bd44b2292bed66681b7d77a847d541a79cdeb9df0d08a424975405 CVE-2024-38358,0,0,d7fa4473d29cbfc514ec5a6118f6b700b95e48744d7580b8a99541a6dd9bac5b,2024-06-20T12:43:25.663000 CVE-2024-38359,0,0,3c4a78257f1dc283c0e90aef4e0803c297f82552e9ac95d2cc406a3431781604,2024-06-21T11:22:01.687000 CVE-2024-38361,0,0,a76df29cb5f27115adee4ca4e20976361dfcfc6eae95b97031ba2314a1f45bae,2024-06-21T11:22:01.687000 -CVE-2024-38369,1,1,f5b94f3eb3552d71409c06d76078534d36a1910460eff1ba2f4c873e749656e1,2024-06-24T17:15:10.593000 +CVE-2024-38369,0,1,e5224b159d7a692db6492ffb5b88e69bbb6fbeca83c40da9d8cb17f66e90849e,2024-06-24T19:26:35.967000 CVE-2024-3837,0,0,5046b04f6fff161407832d91f839d6c01f3dcf30bcf75f620bfd7221b5de1c27,2024-05-03T03:16:29.010000 -CVE-2024-38373,1,1,9b597fb2f454264b333b6fbfe35d8e562312085bd39caddfbbd562b62d02ed20,2024-06-24T17:15:10.830000 +CVE-2024-38373,0,1,952ca8d4b23b60efe2e71a3a686b8a383ac5ed143363159c119120ce9ab78a09,2024-06-24T19:26:35.967000 CVE-2024-38379,0,0,d0af2d7e81a6285c1c7099c958a4a50ce3d2f639bd068091599f2b1327853e0b,2024-06-24T12:57:36.513000 CVE-2024-3838,0,0,bd55ca068ebe4472845bce1f3d037932d27279da54b129864c942318cbf6c399,2024-04-23T18:15:15.410000 CVE-2024-38381,0,0,57bad93cce191bbc955387dd0e3d9e6db94203bba2cb2542c0250ea811d81445,2024-06-21T11:22:01.687000 -CVE-2024-38384,0,0,52a24165561be13c2ee30c42fa0c995333ef81a5d4135768949043824f734b3c,2024-06-24T14:15:12.547000 +CVE-2024-38384,0,1,706997b8bd74b4e945fb4ea92c7b860b5f40f54233d054279ff0854095c4eca9,2024-06-24T19:26:47.037000 CVE-2024-38388,0,0,7c0bb01f9b9fb79d83dbd6e2c27fd6e239bc8d3e90d248b1b279840e35bf7176,2024-06-21T11:22:01.687000 CVE-2024-3839,0,0,5078cfd1c7c68c41b30fd8b0c9c6a095120ec81bc8166ccecb75ba3c8be530b5,2024-05-03T04:15:09.127000 CVE-2024-38390,0,0,d3cec8cf37055d7984956bdcdf2d47c2af6b037bed7779bdf5635c68af266a42,2024-06-21T11:22:01.687000 @@ -253467,10 +253473,10 @@ CVE-2024-38637,0,0,b24638a5f79654eb503a0ab5361d905066f0c21bc6fbaef24d4384d6188e4 CVE-2024-3864,0,0,19d7836c62228b8f626d6423c9bc9a43211c93bf4b17c3a151f2e9e764cbca42,2024-04-24T10:15:07.597000 CVE-2024-3865,0,0,8b230c3d643bf4def0090616d3b729148802c45f8b0915e5522b00babc710a03,2024-04-17T12:48:31.863000 CVE-2024-38659,0,0,f28961b0676a5448bd17e73bb1a6deb01287f9c08ed62cfca5dcb9aaeb49ab7b,2024-06-21T11:22:01.687000 -CVE-2024-38662,0,0,1347cf576da3107fe12e2d8153cb7eff8374defa8e37befb5e6043f3045a0223,2024-06-21T15:58:51.410000 -CVE-2024-38663,0,0,bf58feb28eb4ccb3e2bb703d0fda04a437255083160864e9442b808895f64663,2024-06-24T14:15:12.630000 -CVE-2024-38664,0,0,70fc529990742149eebcbc5dbabab0d35c8ed64e0d673e3fe01ca6ab5b262748,2024-06-24T14:15:12.707000 -CVE-2024-38667,0,0,83ab8ad1ebd2d38e8c9da5cc5b7d89336c865f85459d22c3fafa40e9341240e9,2024-06-24T14:15:12.790000 +CVE-2024-38662,0,1,df490b2d1680f03df6de3bc588b5285cb29614d4f952810a45c332f43aef3cdd,2024-06-24T18:34:17.547000 +CVE-2024-38663,0,1,3ea2d49b13b5a6417be2e2e46e01198d7a523f2e1f725a81c5446a7828b4f9eb,2024-06-24T19:26:47.037000 +CVE-2024-38664,0,1,a8395bd0a97034fb9d591ca23c72f10e556094be356a10c281591bb618a39a41,2024-06-24T19:26:35.967000 +CVE-2024-38667,0,1,0c4bc4fcbf0bc057a4769bc51bca36ed64a157fd0902f5fc5afc329b9d7f449d,2024-06-24T19:26:35.967000 CVE-2024-3867,0,0,1b62d18c2024e05920e3c0687ff0e24e4f942ae67e75e66374d57866a8214187,2024-04-16T17:15:11.113000 CVE-2024-3868,0,0,fa696e39218c1556f1f2ca1f996b19eb0035252ea0508a442b035effd05169ef,2024-05-06T12:44:56.377000 CVE-2024-3869,0,0,5fe681dc14d2de5e9dd5b2f66bac58fa145bb31944427d754a663b3ce277c72c,2024-04-16T13:24:07.103000 @@ -253483,7 +253489,7 @@ CVE-2024-3875,0,0,d86045281a0b2a48da23b56cded5d23c73cf1b0cfc400db0bc7b27c6cb2197 CVE-2024-3876,0,0,776837fb0cf9eeaf7d3ba120d8dcf4cad0f43e38d62b6ec13c079af103a4cf3c,2024-06-17T19:15:58.763000 CVE-2024-3877,0,0,f24faee79076d9955b33c716cc38fff1084b5ee3b430064cdc16beb5bbd9e5c2,2024-06-04T19:20:25.903000 CVE-2024-3878,0,0,fb95502da03faec460d17c9b1242297f4e8658270dcfc3f37876da58c73c1ed8,2024-05-17T02:40:10.087000 -CVE-2024-38780,0,0,6875d9d4e6a49a5d55dd26ece02b481a2f8a375d01c61fea3ce4797a6a8b27d2,2024-06-21T15:58:51.410000 +CVE-2024-38780,0,1,530b48daa9fb45d87f7575c99389d6040a1625a22b7e121268d7db04c8eaf72a,2024-06-24T19:17:28.313000 CVE-2024-3879,0,0,92774dc7ea0cffc72f06608ad0c5ab32112431972595f4ffa950315fc44f5141,2024-05-17T02:40:10.177000 CVE-2024-3880,0,0,61b243b8dab5be381c75f9d8b4a7598794aea603615d7bb3e86dc2bfd47b1c10,2024-06-04T19:20:26 CVE-2024-3881,0,0,75d6ff7939f1eb42f8c8e14b9aa2dfb06f2eebee5e37b0b47750b4ccbacea0e8,2024-05-17T02:40:10.360000 @@ -253525,11 +253531,11 @@ CVE-2024-3924,0,0,396cfe762c72fbd5a1960b1ddaed612b95d18abd602e0e4dd151e2967ca06c CVE-2024-3925,0,0,fcd3c5c763e8e19f599e796d0209af93ac6baa71961ded5ca72feb787efdbcae,2024-06-13T18:36:09.010000 CVE-2024-3926,0,0,95647e23a8e9831b3425be75c3a5409a951b8ebef070821e4342ccb8d8ffe085,2024-05-22T18:59:20.240000 CVE-2024-3927,0,0,b62a8fbb5cbf577eaf3c7a81b1c47c6d426f2a5dda5ebe7d2d0cc2ac17b12044,2024-05-22T12:46:53.887000 -CVE-2024-39277,0,0,ad8cfc4461074fda82fb2ed79bca8862b68a790e5eaaa0cd98a2e6f90aa4764d,2024-06-21T15:58:51.410000 +CVE-2024-39277,0,1,6e7801911264b763408b9f899358179fb95a98312e78f4ee1fc3e7073d7a1c52,2024-06-24T19:17:48.380000 CVE-2024-3928,0,0,43ee632eccbea17dded882a6bd84de69427d4224bfef339281c0d3b1909e8b06,2024-06-06T20:15:13.813000 CVE-2024-3929,0,0,31d0a734bfd88727a2a61deb7a29595ac9c8ac4a930ee35c31639990489d025d,2024-04-25T13:18:13.537000 -CVE-2024-39291,0,0,4e01e3ba54865372195f8ac1b6aea061c3a3d6b6631c29b01af437088453d3ca,2024-06-24T14:15:12.863000 -CVE-2024-39292,0,0,c6ee3342ff2b0bd7e9de7e084ba894e1a2ccdf61bcd4ca101c47b6216ffdf0c7,2024-06-24T14:15:12.943000 +CVE-2024-39291,0,1,5390e4dbd75c6e4ce181627716144a7cb6eedbe64b09f6a7a7f71d9048b32398,2024-06-24T19:26:35.967000 +CVE-2024-39292,0,1,8d48547d663a6a633698f73122eab71c0fa02ba65e6be79df62c1c1783187995,2024-06-24T19:26:35.967000 CVE-2024-3931,0,0,ff26b5a8728d6a7f3e1f8095f9d431d98f0c624577950ceaf4dc1cf9ad688034,2024-06-06T20:15:13.933000 CVE-2024-3932,0,0,371291a71f9c99e371f96e7d7b61e3e11967567047c07fae80310c4772d1c0c7,2024-06-06T20:15:14.030000 CVE-2024-3933,0,0,1d08d4e317596700be65ef5300f76b449794bb2d8b1542a98c34b9cd74fea015,2024-05-28T12:39:28.377000 @@ -253950,7 +253956,7 @@ CVE-2024-4471,0,0,9792233119a62c3ea240ba8e0af602c011f72a48705fdc1ef6f6e423f04dac CVE-2024-4473,0,0,be8deb42c9d1905b301c3bfbae608b1551ce9395ac2fbbb337038c3a7eb347fa,2024-05-14T19:17:55.627000 CVE-2024-4474,0,0,4a135a77c7eb2b3d831738e86d1e7fb5a068508f5eeb3b3afaae7858d373715e,2024-06-21T11:22:01.687000 CVE-2024-4475,0,0,1e5b294ff9958535d0d18ecbd68629c115a7436024cd30f0866ee02490e37834,2024-06-21T11:22:01.687000 -CVE-2024-4477,0,0,e324138470a7924a3a1a19a6f09f094286fd658ebada5abd141bb3861a52af50,2024-06-21T11:22:01.687000 +CVE-2024-4477,0,1,374a0fe6b88a0620aa793c3ab9078f330660eb66e830c666c3306dffb30301fe,2024-06-24T19:34:12.440000 CVE-2024-4478,0,0,31a4a4c48861c0c170c939e3aa0b10661ec97e9653465707919926dbd3595183,2024-05-16T13:03:05.353000 CVE-2024-4479,0,0,5ea4f16cbb65b856fd1892d7f18a0653a4e499cdb8b18f25028aa3d91283004d,2024-06-17T12:42:04.623000 CVE-2024-4480,0,0,585ced159bf2873044aaa034a55a2124aa433419daa101a5837cc3efb9afe316,2024-06-17T12:42:04.623000 @@ -254070,7 +254076,7 @@ CVE-2024-4610,0,0,81ff3ae6e48750d7db743becd24b39c747725961f69d5bed9a772eadd337b2 CVE-2024-4611,0,0,0152495de6f2454e6b1280dd3d20184c586b399950947591d94dfb5475ea0272,2024-05-29T13:02:09.280000 CVE-2024-4614,0,0,beb5630ff5db8a415fa4bf6f109dad49279ea5965bb91a1d7f892cd406978f05,2024-05-14T15:44:12.883000 CVE-2024-4615,0,0,196274a638d9e111205e1bfac5722889b3ec405e102eeca73b59246e8c5482a1,2024-06-13T18:35:19.777000 -CVE-2024-4616,0,0,b3bfa70983409285029a3c22d44b5c9f62d8c0049270ad7f3e3bc88b82791f9f,2024-06-21T11:22:01.687000 +CVE-2024-4616,0,1,13d57af2453b5014cfa715f0a52b43c9fc2eef49b20057ac9a17cde3c8ed0294,2024-06-24T19:34:00.263000 CVE-2024-4617,0,0,a9ac6f97f78093fda60c756da599c06372e99e21d7b1347de185ba0119cb6cca,2024-05-16T13:03:05.353000 CVE-2024-4618,0,0,60eca777456ce5379ff16ab59d0e8db1fff28f58a76fe14d606e7a27666b586b,2024-05-15T16:40:19.330000 CVE-2024-4619,0,0,e5a9884a731cd527eccadb69d8fea8c7f9c7a04a1fc119314f14a8f7a5fe1b15,2024-05-21T12:37:59.687000 @@ -254174,12 +254180,12 @@ CVE-2024-4744,0,0,00389d0f632a53abd6687abe1695ed0d94106b42a5446a5e1de91a20dcdffa CVE-2024-4745,0,0,52090afb58a281a3371ee6c6ad54ec80b0aac7a7ded5dbbe0e95b57b1a9dc746,2024-06-12T16:23:34.197000 CVE-2024-4746,0,0,f4f2ac85907c7b5b329cbda786b397a3fc954bb6f671df10eda8148346b3a114,2024-06-12T16:17:42.223000 CVE-2024-4747,0,0,99152f6494a1192f3bae59b436abcc51d11f811ed1e0a72c2e65c8381fda6054,2024-05-14T16:11:39.510000 -CVE-2024-4748,0,0,8fcaa8ea3b01817335593f384a37c46bdcf89929a25bcb8ffd949a8a0ffdc92d,2024-06-24T14:15:13.030000 +CVE-2024-4748,0,1,af12d798f823a64b14c18eb97dbea8a07263f8fe5e37f49853b2c5ebea8a5022,2024-06-24T19:26:35.967000 CVE-2024-4749,0,0,676e331864bc41907c4c80c44886e7dac480ef6dea2c29bc22838d992753d4da,2024-06-04T16:57:41.053000 CVE-2024-4750,0,0,423585a3e250903ac62d761ecb0e0e6dc6b4649ccd4411b90275a4e6d2f87495,2024-06-04T16:57:41.053000 CVE-2024-4751,0,0,980cee331660133759599aaa98eeae384de48fe7bcc98af4a2333b20d054b0b6,2024-06-17T12:42:04.623000 CVE-2024-4754,0,0,65f7d30a77e8c92b9ac1114b7ed7f43c32a5bfb34fe46cea0e558e1fff1e464e,2024-06-24T12:57:36.513000 -CVE-2024-4755,0,0,60cecdfed0bd43adc43dc2d247a1ee989fd3070ddc34fbd20a182a68e206cadc,2024-06-21T11:22:01.687000 +CVE-2024-4755,0,1,8a7a71d94c74cb52dec815eae51a85f655e8bbdb14fb2727ec4857b0eeba2dfa,2024-06-24T19:31:03.263000 CVE-2024-4756,0,0,b303493fc627eee25a3b39c986ea25472e7aab1866612b83c9a7c14522d2c360,2024-06-07T14:56:05.647000 CVE-2024-4760,0,0,8b9593f0d88cbd24a061db082c8cd5c20f19b8a61431542d1ce576639ef3bdc0,2024-05-16T15:44:44.683000 CVE-2024-4761,0,0,1a5c101148c08794fbcc9293bdcf48ea45ef131413b853bd53bee7bfdc7d1522,2024-06-10T18:15:36.997000 @@ -254242,7 +254248,7 @@ CVE-2024-4826,0,0,af3613d04b75e94cea034c72d0262809043a8c645db91b90f9ab3d043b9e85 CVE-2024-4835,0,0,b9626bd6b7354ef649f3d482141bd2eedfd065e81dc3c11d391c7f577be02861,2024-05-24T01:15:30.977000 CVE-2024-4837,0,0,67f132196b6c5804deb56deda048fcbd80dd9bcaa597012fb36064245b7ca6b6,2024-05-15T18:35:11.453000 CVE-2024-4838,0,0,213892fd4e00ded7d0e7161081f565f4e4fb5fc98a2507596b17757660a932b0,2024-05-16T13:03:05.353000 -CVE-2024-4839,0,0,eab67651709fb63542b0ba4ae9b81e1bdd72090a4bb4da35a2aba173a9de39fa,2024-06-24T13:15:11.900000 +CVE-2024-4839,0,1,3c3916e0334c166bdcee1348ca91ccfd36f6d6acfe79b1e13a0863625a6e0a42,2024-06-24T19:26:47.037000 CVE-2024-4840,0,0,0433203d32cea74c83d368a573acbff4a265569f0c59cff4b7c2310b61ae299a,2024-05-14T16:11:39.510000 CVE-2024-4841,0,0,a28905a7e1206b85fd97eb79cf72481b65736373dcb78baccea43db452bc24b5,2024-06-24T12:57:36.513000 CVE-2024-4842,0,0,42725480e618d2e75cdf5b0a1412ffa80e3600e0a1a1d76c6fd07755cc858e7e,2024-05-30T20:15:09.703000 @@ -254265,7 +254271,7 @@ CVE-2024-4865,0,0,034a7c12f3d6f4bd5ac54ee1f34abd70a559c5b9a18ae852351f79db6d61b9 CVE-2024-4870,0,0,789ccad79b53f3162faaa4d0c14e00ab550e7e413c46a4332529e5d35d1d0423,2024-06-04T16:57:41.053000 CVE-2024-4871,0,0,089a89f3309c27433f20e3be4ef9a00379f9f19601c1c8029649846113aed43a,2024-05-14T19:17:55.627000 CVE-2024-4873,0,0,6d8194e640b182e2a2eb107c362a6b36fc019fdb0666ba51ea48c7f29b4462a1,2024-06-20T12:44:01.637000 -CVE-2024-4874,0,0,e78bb742111e727a1a7f2f3131f7d231a71650be72b27c7dea3ee4c223f6a2f2,2024-06-24T12:57:36.513000 +CVE-2024-4874,0,1,e489f4227689f3d8a28a1c171b72c6312c838f037435967f317d135bb1153eae,2024-06-24T19:41:12.293000 CVE-2024-4875,0,0,aa35cb89fee530b58aa987ffc67ea97738c0ba567903bf01429a1a1259923db8,2024-05-21T12:37:59.687000 CVE-2024-4876,0,0,02aac8d1be489833aa2e07f8be8ce083249ac7dc2fcc33fd144386b8d365fef2,2024-05-21T12:37:59.687000 CVE-2024-4881,0,0,4f17be95dbf63ebb1e221e9270b941e4838c9b4d4b1f7c998cfbd25da7153e04,2024-06-07T14:56:05.647000 @@ -254338,8 +254344,8 @@ CVE-2024-4965,0,0,3d00a08740d2244556f47445c99bbeb000f5d6192227040c620e87d8d9dddc CVE-2024-4966,0,0,52e1e815e9fa405512275de8e9159c8daf1cfe44ce8f64f68ab6b5bbba30d77b,2024-05-17T02:40:44.507000 CVE-2024-4967,0,0,0c5c8069dd02e21380835b9a4ddf6713b7dae3a58f2cc13195bcbd7481a27599,2024-06-04T19:20:55.777000 CVE-2024-4968,0,0,a8b3a46895471e6381e218aab215b363e497d1d9d3834af2bbdade07964fb159,2024-06-04T19:20:55.910000 -CVE-2024-4969,0,0,1fe704d6e832286d623c14df4c8482d9664c8c02b19bedb21b7fd08f9ba66d3f,2024-06-21T11:22:01.687000 -CVE-2024-4970,0,0,0a73c3dc1fec6241fd7e52af7cf72597de68f0e66fd3e7e43c4f7e90c345668a,2024-06-21T11:22:01.687000 +CVE-2024-4969,0,1,69268049b5288947fc9b837758c4bc5bb5ae8c54cc002a6d1da68f47f610c034,2024-06-24T19:30:53.110000 +CVE-2024-4970,0,1,633e4fcad7be794223ce0ce219c6d7f108940763ca88fdbbaf2e78bd01f37c77,2024-06-24T19:30:39.397000 CVE-2024-4971,0,0,3230e5c2f3ddc54e361e4816b50a6ff202c537d8025c5f5a0c94a60c36731178,2024-05-22T12:46:53.887000 CVE-2024-4972,0,0,c7657747111247fd4d4ee2ae195245187344baf573f3e1b0b50d5604f52c9658,2024-06-04T19:20:56.040000 CVE-2024-4973,0,0,9c5c282fbcc1cde26707e056c2d2e456f79201a7acdb54ffa8aecd59988530aa,2024-06-04T19:20:56.140000 @@ -254386,8 +254392,8 @@ CVE-2024-5051,0,0,855e179f8d5d972f4c780e5edcd96a25997ca80aa89d3b8e968267a941644e CVE-2024-5052,0,0,d323d2a4bb15ece82e9a9a1afaa91f189a404bedd1b5e5c8e90b9eb8f8d21e3b,2024-05-17T18:35:35.070000 CVE-2024-5055,0,0,7193ca06872cfe086119b9ff41445901a5950b09d0632b8e5bae28091adfac06,2024-05-17T18:35:35.070000 CVE-2024-5056,0,0,5222bc315bf81dabb7f1134f85e7a3f8505dd3db79a8b19065f69d6579b775e8,2024-06-13T18:36:09.010000 -CVE-2024-5058,0,0,01275ed33cf98f15426d633bddf64d9f7cfd46dcfbeee045df6c9cf0154bb494,2024-06-21T15:58:51.410000 -CVE-2024-5059,0,0,2f51206a88ea691898ee24611c7bb1f1fd7a4af658847909e0426749395b53f5,2024-06-21T15:58:38.553000 +CVE-2024-5058,0,1,637bd6f1f70bb3cfae7399c322e9c60e1da8c71180964fd405021291b54a0ed9,2024-06-24T19:18:35.517000 +CVE-2024-5059,0,1,76adb31a0d874845cc73a32032185732178d0aa5e8e38a32237d0afd9c50a472,2024-06-24T18:49:29.467000 CVE-2024-5060,0,0,908e82bd4ef2431179c104b39273fb8e5e968812815f848a9881f7577e0ff35b,2024-05-24T13:03:05.093000 CVE-2024-5063,0,0,4f3b2bf7eda673978295341e9126ac2adcd5414f29702cc0cdbc012db466ad60,2024-06-04T19:20:57.760000 CVE-2024-5064,0,0,8095cec9a36e031c818592c3e6e560630244970853fe1a2d62ef41815d0461b5,2024-06-04T19:20:57.870000 @@ -254486,7 +254492,7 @@ CVE-2024-5187,0,0,1fe873e60b2e6adcd0abe3ac4869c60f90268e921debc1e658e1b84cf932fa CVE-2024-5188,0,0,f341cd733a67fef7a36812a8f7aa63c3db307a7b91bf1e7665add6435f19830a,2024-06-11T17:41:17.087000 CVE-2024-5189,0,0,cd3bb13050c91870eb5838446a9e82835db405d95874bd44f6318a59b19e235d,2024-06-13T18:36:45.417000 CVE-2024-5190,0,0,e11755e15485ad7d65ed59ac9abe5cac7f4b4c3e2591d1a6c69b4386ed9dea65,2024-05-22T03:15:08.273000 -CVE-2024-5191,0,0,656104a2caf82e3149ceccec7a5b74ae2f6956fb670bdd7571b97dd888bd84e6,2024-06-21T11:22:01.687000 +CVE-2024-5191,0,1,db26f7ce160c714e95bc5c218e0073766ff2ed099b5e6969334cbfc827ce4bc3,2024-06-24T19:25:23.943000 CVE-2024-5193,0,0,4619a3332fd1de828c7e949279cabe4a2b063d71a4e227126d8bf6d303fb6eb4,2024-06-04T19:21:01.867000 CVE-2024-5194,0,0,2277a7390d0159b3dc2e5dfd100175220ffc5f5725f8c88a7a9344e62a79d516,2024-06-04T19:21:01.977000 CVE-2024-5195,0,0,f6d192ea152622e2514b6c95ac0c9e8770ec516eb328b6bc7a2579d1133e54f5,2024-06-04T19:21:02.077000 @@ -254672,8 +254678,8 @@ CVE-2024-5437,0,0,551b020f0044e3ab584c14f08f0984900b4bc26534c92382eb6ac2bb660708 CVE-2024-5438,0,0,b27637930797cbba2af64a5218ab07d5b0a2d8c36c1ae10d453afe4fa1e1f2e0,2024-06-11T18:26:45.147000 CVE-2024-5439,0,0,d933d33f15def11b210f94c43e434fbcbcedf874aa4bf1c51db16a3b591b2644,2024-06-11T17:35:43.313000 CVE-2024-5443,0,0,925856e128685c50d1cb7d9e876369e7979bded1a2c53610b230353ba1bb3f2d,2024-06-24T12:57:36.513000 -CVE-2024-5447,0,0,c5738c3e4fe71709cd71685bcb4608b123c1b3a1d401bd25524bec95ebdb2570,2024-06-21T11:22:01.687000 -CVE-2024-5448,0,0,19199364ebaf7981038236888485159312f902e6980013982256549a5affdb36,2024-06-21T11:22:01.687000 +CVE-2024-5447,0,1,3e4699962d14ab3efd1df3e7ced79104a7a31cb3cb23dd36b2e05295f49fdfa3,2024-06-24T19:27:17.300000 +CVE-2024-5448,0,1,24e00b17d44c355a66337f1b8192b4308b013ec9be7e4e68644f82dd25cbb76e,2024-06-24T19:26:43.517000 CVE-2024-5449,0,0,98f03fd41a859602711a787e6c6738ac5b4c6552335bab31c9f953ba2b79cc72,2024-06-06T14:17:35.017000 CVE-2024-5452,0,0,27a87c5d81b8c2c688ae4d039463a5b6ff5c5d7de26437cd334595b44d7597a4,2024-06-07T14:56:05.647000 CVE-2024-5453,0,0,f53a0f7c14e91f56fc73f4b75f7a3c7cc751f83b7f0078edb3a1d42587e45496,2024-06-11T17:34:52.263000 @@ -254764,7 +254770,7 @@ CVE-2024-5635,0,0,2463dd00def60296c968660a2ba7a3c25845ea097c4cd305a7e3f2bd556589 CVE-2024-5636,0,0,82666e4630526d7fc8211dab0f89e7e17d4e982c91e038f44b209ae67bb471f3,2024-06-11T17:23:29.670000 CVE-2024-5637,0,0,96c491286509bbcdcc2ade7ab7cd058d8e2fb8f26719ef46502e504a5a75b3dd,2024-06-11T18:31:54.787000 CVE-2024-5638,0,0,ecd29107ace2c39372f8ad7d26b6d92a031cf986dc4e07d96162e8140ebd097d,2024-06-10T02:52:08.267000 -CVE-2024-5639,0,0,6fd59bf50a9928d1f826fc3a8f5517ba59bc31e7eba03a3c51a47dec9703cad1,2024-06-21T11:22:01.687000 +CVE-2024-5639,0,1,2322b8156dee01dfdab7b2069be6e0698e3a8613a841329b71822c874a14aeb7,2024-06-24T19:24:23.883000 CVE-2024-5640,0,0,86163b3d741cee0a4e50ef8553f0c82f1f0c15bd48d022d2d250ef0f55c23f10,2024-06-07T14:56:05.647000 CVE-2024-5645,0,0,1faba0fd6e05694e3fff7011c206b3ecee3c45fddb7e6c575993af231224a181,2024-06-11T17:57:47.197000 CVE-2024-5646,0,0,23240aeec5f40e46e6951e19eff4b72273567c29932f06ca0851d3144bb5ebaa,2024-06-13T18:36:09.013000 @@ -254866,9 +254872,9 @@ CVE-2024-5847,0,0,a9c5c4d55b667879ca2540ce0f100ade6913bb045068cf41dbc79395358628 CVE-2024-5851,0,0,1ff86bf427427298fe5dc39bbfedb897b9870fd2315cf065507e70165fb41d41,2024-06-13T18:36:09.013000 CVE-2024-5853,0,0,4db307c3757855b51e51fa12e1eb9aa67e540512d9bb40f822c5370c3893dc4f,2024-06-20T12:44:01.637000 CVE-2024-5858,0,0,30241924d409355226bb80c4fb982c4833f84483f4f89b94e986f70fe7751e71,2024-06-17T12:42:04.623000 -CVE-2024-5859,0,0,4ada1cd42a97e2e02bd6e82518de5b55743f946eb846e36a0c12b6c6f5a48dab,2024-06-21T11:22:01.687000 +CVE-2024-5859,0,1,5b284a4381086ad6bad860c96074f61ed02c9601ee45c79362fb0f8a492df8fd,2024-06-24T19:21:07.943000 CVE-2024-5860,0,0,f855eee13286327286a851090329abd51f0ce228b863644ab8e1f7f80e1d731d,2024-06-20T12:44:01.637000 -CVE-2024-5862,0,0,5db66e1efb3f6a90205ef128b9aab7bf948c69d81e9fd812cec53d7830dcad48,2024-06-24T13:15:12.120000 +CVE-2024-5862,0,1,8a220661cafbb333e5e6ccd0618a6e1d05daa829a8bf612cc996a5557415f6ab,2024-06-24T19:26:47.037000 CVE-2024-5868,0,0,cddb0a1baa550d897574c2505eb276b5cd69c2fd57d27d79dec0dad91553a572,2024-06-17T12:42:04.623000 CVE-2024-5871,0,0,83e6d3ea3d7363cdcbcb485d9161ada2b3d6bba887290fa58ab89820983d4022,2024-06-17T12:42:04.623000 CVE-2024-5873,0,0,4affe4b1f71505ca05298a33c7e23c3ae147869580237755bed2d180fbea1b8e,2024-06-12T08:15:51.550000 @@ -254890,7 +254896,7 @@ CVE-2024-5909,0,0,135cc10869213a459dd71b8b5da7a5af9b37ed5f304a5a3bf425c78b00034c CVE-2024-5924,0,0,c5c85908e1bc3136c78f0f5690507eea3ba6b330ba27c618aeeb0cde0122c6a0,2024-06-17T12:43:31.090000 CVE-2024-5927,0,0,19c3cc8f6784d442d3026759cebf43551fd4d736175a291c91056bccb3b59092,2024-06-13T11:15:48.917000 CVE-2024-5934,0,0,688a30e1a6237b69634d3ab7eb078a5b0fdbb09f93730eb6244fa568165f0ccc,2024-06-14T16:15:14.647000 -CVE-2024-5945,0,0,536730d55737370967fc3d73f6e73de4cca0e335b8b3926d5a1e285e0e6a5312,2024-06-21T11:22:01.687000 +CVE-2024-5945,0,1,16d17edcf79dde7bc004547e40419569c5bdcb3c9d1fafd4da124c600699d701,2024-06-24T19:24:00.433000 CVE-2024-5947,0,0,7906fe5496c2633ac624599b4fcbe00d50eb988a8b518b82e602f8ca90719dc3,2024-06-17T12:43:31.090000 CVE-2024-5948,0,0,b50c023e3e038877d6c3f637d61b3c39fec4c81c008590663dc7a0096fec685c,2024-06-17T12:43:31.090000 CVE-2024-5949,0,0,d7dee9eee40bd92a70c4f623828d380d2dd593c00c7f59e1204a1a9d39be4822,2024-06-17T12:43:31.090000 @@ -254922,7 +254928,7 @@ CVE-2024-6013,0,0,44159fdbcbcac2a689071de339f13c4fefa84302df10ce908aefe802918d32 CVE-2024-6014,0,0,6f42b027c41cbc2bef7f3eccd4ed3d2b0646bd4a1028da377690698f14644291,2024-06-17T12:42:04.623000 CVE-2024-6015,0,0,b5dd732698ac918c4f9a100a042e5587c72b21ba3272e6fc136fa01311e31fdc,2024-06-17T15:15:52.830000 CVE-2024-6016,0,0,c54c9dea249da6152524c81283c2e2c500a502b8999814b114c6434b99c2c3ed,2024-06-17T14:15:12.487000 -CVE-2024-6027,0,0,818a80b19d43606584169f89ef8b8b5def5cb09962962bae6806b03edd84bfb9,2024-06-21T11:22:01.687000 +CVE-2024-6027,0,1,b2fd57616c7b740fff1978bda2368fdc3959192a2c78f320629b1920784145fa,2024-06-24T19:17:50.240000 CVE-2024-6039,0,0,266923799676f8be01eee28d4a84714045ee9a927bc992eaf897cc5b748105d7,2024-06-17T14:15:12.620000 CVE-2024-6041,0,0,a295768a83c71f46593370532a5a859cd3d130f4e3527299fc42bdf02397e4d4,2024-06-17T14:15:12.733000 CVE-2024-6042,0,0,6d196e9da9a08d79a22225e118daa7f0e4c238306b694dbe66ba5d1dac9a15e7,2024-06-17T12:42:04.623000 @@ -254952,7 +254958,7 @@ CVE-2024-6100,0,0,2b903b3a6c63696aea9a10797071b5fd7d0b6547a8f1416ee7dc4ff992de4f CVE-2024-6101,0,0,3b6bc52ab046ce2a9a29c26d80fa3342c59ba956272c0888c64da753b102c8a5,2024-06-21T13:15:13.187000 CVE-2024-6102,0,0,229621a473a3fa4bd90193f7d8f9e1a06a3142a4c3e1de71a8a1ff5fb584365f,2024-06-21T13:15:13.277000 CVE-2024-6103,0,0,65e0716635327b274a8b58e139da65b2b5a353367277b42b1e6e2562f7582bba,2024-06-21T13:15:13.350000 -CVE-2024-6104,1,1,44ace256db60659e85245b15b3c1973ec2e59dc6b0411a69352b3c7c93fc9063,2024-06-24T17:15:11.087000 +CVE-2024-6104,0,1,428e213fff5a1a2cb057aac92284bb702c10113b767525961d37c68828d238fc,2024-06-24T19:26:35.967000 CVE-2024-6108,0,0,287fb4573b0804d515ce73f8bec36cd5b44a3d911922aa114371918392ae0b1f,2024-06-20T12:44:01.637000 CVE-2024-6109,0,0,702c63a72777bc30119b051d43a51c9500c42d0a474f7fbd46aa104abc3ca24e,2024-06-20T12:44:01.637000 CVE-2024-6110,0,0,77e534960ad85d30edf7076a8f116e04d866b8d511433c762f024f5d4ee0191a,2024-06-20T12:44:01.637000 @@ -255004,10 +255010,10 @@ CVE-2024-6215,0,0,df4b6f715533f7a136a874b234fd49d955e42066651a4d578c9a4d0ee59e3c CVE-2024-6216,0,0,ca749b01bf0131a6c53d691f4ddffdad5b026c3b5e6edf608ff426dfb6f922a6,2024-06-21T11:22:01.687000 CVE-2024-6217,0,0,3711ed31aaa9f7586428ac093ba9118453625e92a316540d8e0c90d5655ba292,2024-06-21T11:22:01.687000 CVE-2024-6218,0,0,080145c08c5ffaf1b0f4fe61601c30772836ccbea26d111bc22bd57681c581e7,2024-06-21T15:15:16.547000 -CVE-2024-6225,0,0,6ed1d43d06f485ccaed4b1752e22d4ce9d1eed2448bbfb08512f066656343c8f,2024-06-21T11:22:01.687000 -CVE-2024-6239,0,0,53cf42770796c3db162cc16fe559218fd3c6ebc6b5e9f53cc44af7105fcfa2b7,2024-06-21T15:58:38.553000 -CVE-2024-6240,0,0,de501234a44fc7c0509792079b6c39795e52e560510de99adad4e9c3dfebe15d,2024-06-21T15:58:38.553000 -CVE-2024-6241,0,0,e484d97715a2702731f3459289e15a93d4ff11956028ea230912e5becf5d7301,2024-06-22T14:15:09.497000 +CVE-2024-6225,0,1,05da1495d7d116987721ea4d8dad783669e833db8afd42c6e9b9d7b36358250e,2024-06-24T19:21:28.450000 +CVE-2024-6239,0,1,4d98a21d53ef2e5917897cadc254a12ee654ff1e3575a82a15151981272f61b5,2024-06-24T19:06:27.537000 +CVE-2024-6240,0,1,3ba60659d5977ed2c81ae70dc02c754f9eebbd14309190bebb86d2a019bd47a8,2024-06-24T19:10:38.983000 +CVE-2024-6241,0,1,f5257b586c4b3b9ae40adf58b8cca16778d904390362dd492fc82e3364e5d70c,2024-06-24T19:42:44.280000 CVE-2024-6251,0,0,76d6a56e1b2f86f9d8f71f51691147da73df155a07e8f8a63cfd8ad441487e4d,2024-06-24T12:57:36.513000 CVE-2024-6252,0,0,d0448f5f90c2324a1a3e496c2987ee10db6f54b2bb5275823c9b2cefee9ba708,2024-06-24T12:57:36.513000 CVE-2024-6253,0,0,d90274240d7f8ac1c199c7a9acffbba8a5612974265448a80b6cf839380923b5,2024-06-24T12:57:36.513000 @@ -255023,5 +255029,5 @@ CVE-2024-6277,0,0,82a7caef84f140d39367b293ce24c3b1ac7d5afca66e1b97bc6dda0940bca5 CVE-2024-6278,0,0,b7497a594f7128876befcfd03ef67851e16926a50d842e021e87a9cd67006c16,2024-06-24T14:15:13.293000 CVE-2024-6279,0,0,b4db90bd3c185f4671769d36fcbbafe037e9aff6dc24be7990311f62fb441a65,2024-06-24T12:57:36.513000 CVE-2024-6280,0,0,4e5bdd720fdc6d68a51312dcfd366ac88ed5daebd5ed348aefe6d5aa74c57712,2024-06-24T12:57:36.513000 -CVE-2024-6285,1,1,ccb517459987b4e617e8947b58fe80a39ab743e734f90e59cbbcdfeb91a6f708,2024-06-24T16:15:10.763000 -CVE-2024-6287,1,1,739fc66b5d3a5be5fe23aafc7e5e21d8e8bf33732656b909063bd82a069a4d0f,2024-06-24T16:15:11.003000 +CVE-2024-6285,0,1,34110f18d2d014a03942c35a79ce17194b0084a2878f4b020f2dba6dca54aee0,2024-06-24T19:26:35.967000 +CVE-2024-6287,0,1,0b0bce9b8d1b199b7c73f866fab5dde80baa7d074079e3f6b0a56aa3ba19b021,2024-06-24T19:26:35.967000