diff --git a/CVE-2024/CVE-2024-103xx/CVE-2024-10315.json b/CVE-2024/CVE-2024-103xx/CVE-2024-10315.json new file mode 100644 index 00000000000..15368544e00 --- /dev/null +++ b/CVE-2024/CVE-2024-103xx/CVE-2024-10315.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-10315", + "sourceIdentifier": "security@puppet.com", + "published": "2024-11-11T20:15:17.223", + "lastModified": "2024-11-11T20:15:17.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@puppet.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@puppet.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-942" + } + ] + } + ], + "references": [ + { + "url": "https://portal.perforce.com/s/detail/a91PA000001SZVJYA4", + "source": "security@puppet.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11077.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11077.json new file mode 100644 index 00000000000..5ce6ac45bd3 --- /dev/null +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11077.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-11077", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-11T19:15:03.660", + "lastModified": "2024-11-11T19:15:03.660", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in code-projects Job Recruitment 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/UnrealdDei/cve/blob/main/sql3.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.283872", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.283872", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.441184", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11078.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11078.json new file mode 100644 index 00000000000..a7587117afe --- /dev/null +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11078.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2024-11078", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-11-11T20:15:17.400", + "lastModified": "2024-11-11T20:15:17.400", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument e leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/UnrealdDei/cve/blob/main/xss.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.283873", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.283873", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.441187", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-360xx/CVE-2024-36061.json b/CVE-2024/CVE-2024-360xx/CVE-2024-36061.json new file mode 100644 index 00000000000..0c66f3d4517 --- /dev/null +++ b/CVE-2024/CVE-2024-360xx/CVE-2024-36061.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-36061", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:17.673", + "lastModified": "2024-11-11T20:15:17.673", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/actuator/cve/blob/main/Engenius/CVE-2024-36061", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46965.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46965.json new file mode 100644 index 00000000000..8ea6620cb10 --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46965.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-46965", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:17.740", + "lastModified": "2024-11-11T20:15:17.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6-RC1 for Android allows an attacker to execute arbitrary JavaScript code via the allvideo.downloader.browser.DefaultBrowserActivity component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/actuator/allvideo.downloader.browser/blob/main/CVE-2024-46965", + "source": "cve@mitre.org" + }, + { + "url": "https://play.google.com/store/apps/details?id=allvideo.downloader.browser", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-483xx/CVE-2024-48322.json b/CVE-2024/CVE-2024-483xx/CVE-2024-48322.json new file mode 100644 index 00000000000..f84da7f4d99 --- /dev/null +++ b/CVE-2024/CVE-2024-483xx/CVE-2024-48322.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-48322", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:17.807", + "lastModified": "2024-11-11T20:15:17.807", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/runcodes-icmc/server", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/runcodes-icmc/server/issues/12", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/runcodes-icmc/server/releases/tag/v1.5.3", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/trqt/CVE-2024-48322", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50667.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50667.json new file mode 100644 index 00000000000..8c99e4b7dda --- /dev/null +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50667.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-50667", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T19:15:03.960", + "lastModified": "2024-11-11T19:15:03.960", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cve@mitre.org", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ixout/iotVuls/blob/main/Trendnet/TEW_820/report.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/support/support-detail.asp?prod=100_TEW-820AP", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51135.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51135.json new file mode 100644 index 00000000000..bc83091402f --- /dev/null +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51135.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-51135", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T19:15:04.047", + "lastModified": "2024-11-11T19:15:04.047", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An XML External Entity (XXE) vulnerability in the component DocumentBuilderFactory of powertac-server v1.9.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://www.powertac.org/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/powertac/powertac-server", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/powertac/powertac-server/issues/1166", + "source": "cve@mitre.org" + }, + { + "url": "https://mvnrepository.com/artifact/org.powertac/server-interface", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51186.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51186.json new file mode 100644 index 00000000000..120bbeace46 --- /dev/null +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51186.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2024-51186", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:17.877", + "lastModified": "2024-11-11T20:15:17.877", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cve@mitre.org", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/4hsien/CVE-vulns/blob/main/D-Link/DIR-820L/CI_ping_addr/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://legacy.us.dlink.com/pages/product.aspx?id=00c2150966b046b58ba95d8ae3a8f73d", + "source": "cve@mitre.org" + }, + { + "url": "https://www.dlink.com/en", + "source": "cve@mitre.org" + }, + { + "url": "https://www.dlink.com/en/security-bulletin/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51187.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51187.json new file mode 100644 index 00000000000..4cc676ea314 --- /dev/null +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51187.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-51187", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:17.943", + "lastModified": "2024-11-11T20:15:17.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the firewallRule_Name_1.1.1.0.0 parameter on the /firewall_setting.htm page." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/4hsien/CVE-vulns/blob/main/TRENDnet/TEW-652BRP/XSS_Firewall_Rule/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-651BR", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-652BRP", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=245_TEW-652BRU", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51188.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51188.json new file mode 100644 index 00000000000..bfdaf610d2e --- /dev/null +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51188.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-51188", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:18.000", + "lastModified": "2024-11-11T20:15:18.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/4hsien/CVE-vulns/blob/main/TRENDnet/TEW-652BRP/XSS_Virtual_Server/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-651BR", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-652BRP", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=245_TEW-652BRU", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51189.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51189.json new file mode 100644 index 00000000000..e4ba6d1d7a9 --- /dev/null +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51189.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-51189", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:18.060", + "lastModified": "2024-11-11T20:15:18.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the macList_Name_1.1.1.0.0 parameter on the /filters.htm page." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/4hsien/CVE-vulns/blob/main/TRENDnet/TEW-652BRP/XSS_Filter/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-651BR", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-652BRP", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=245_TEW-652BRU", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-511xx/CVE-2024-51190.json b/CVE-2024/CVE-2024-511xx/CVE-2024-51190.json new file mode 100644 index 00000000000..7c7cb100e0e --- /dev/null +++ b/CVE-2024/CVE-2024-511xx/CVE-2024-51190.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-51190", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:18.117", + "lastModified": "2024-11-11T20:15:18.117", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the ptRule_ApplicationName_1.1.6.0.0 parameter on the /special_ap.htm page." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/4hsien/CVE-vulns/blob/main/TRENDnet/TEW-652BRP/XSS_Special_AP/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-651BR", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=235_TEW-652BRP", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trendnet.com/products/product-detail?prod=245_TEW-652BRU", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51484.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51484.json new file mode 100644 index 00000000000..ba9568cc3fe --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51484.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-51484", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:18.170", + "lastModified": "2024-11-11T20:15:18.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating controllers. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change website features that should only be managed by administrators through malicious requests. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ampache/ampache/security/advisories/GHSA-h6vj-6rvc-3x29", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51485.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51485.json new file mode 100644 index 00000000000..5129ea24827 --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51485.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-51485", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:18.313", + "lastModified": "2024-11-11T20:15:18.313", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating plugins. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change website features that should only be managed by administrators through malicious requests. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ampache/ampache/security/advisories/GHSA-xvfj-w962-hqcx", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51486.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51486.json new file mode 100644 index 00000000000..9d8be7cfaf2 --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51486.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51486", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:18.430", + "lastModified": "2024-11-11T20:15:18.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ampache is a web based audio/video streaming application and file manager. The vulnerability exists in the interface section of the Ampache menu, where users can change the \"Custom URL\u200a-\u200aFavicon\". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ampache/ampache/security/advisories/GHSA-4xw5-f7xm-vpw5", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51487.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51487.json new file mode 100644 index 00000000000..29cb1f4f79d --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51487.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-51487", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:18.640", + "lastModified": "2024-11-11T20:15:18.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change website features that should only be managed by administrators through malicious requests. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ampache/ampache/security/advisories/GHSA-5rmx-fjmc-mg6x", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51488.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51488.json new file mode 100644 index 00000000000..e72677ad9f5 --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51488.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-51488", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:18.757", + "lastModified": "2024-11-11T20:15:18.757", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users delete messages. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to delete messages to any user, including administrators, if they interact with a malicious request. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ampache/ampache/security/advisories/GHSA-46m4-5pxj-66f2", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51489.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51489.json new file mode 100644 index 00000000000..1e618170e9a --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51489.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-51489", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:18.877", + "lastModified": "2024-11-11T20:15:18.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to send messages to any user, including administrators, if they interact with a malicious request. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ampache/ampache/security/advisories/GHSA-4q69-983r-mwwr", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-514xx/CVE-2024-51490.json b/CVE-2024/CVE-2024-514xx/CVE-2024-51490.json new file mode 100644 index 00000000000..9534d7dfff6 --- /dev/null +++ b/CVE-2024/CVE-2024-514xx/CVE-2024-51490.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51490", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:18.987", + "lastModified": "2024-11-11T20:15:18.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change \"Custom URL - Logo\". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ampache/ampache/security/advisories/GHSA-x979-f6px-7j2w", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51747.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51747.json new file mode 100644 index 00000000000..1f018cbe4b9 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51747.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-51747", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:19.197", + "lastModified": "2024-11-11T20:15:19.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can read and delete arbitrary files from the server. File attachments, that are viewable or downloadable in Kanboard are resolved through its `path` entry in the `project_has_files` SQLite db. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, can set arbitrary file links, by abusing path traversals. Once the modified db is uploaded and the project page is accessed, a file download can be triggered and all files, readable in the context of the Kanboard application permissions, can be downloaded. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + }, + { + "lang": "en", + "value": "CWE-27" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-78pf-vg56-5p8v", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51748.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51748.json new file mode 100644 index 00000000000..595164f6cf8 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51748.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51748", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:19.420", + "lastModified": "2024-11-11T20:15:19.420", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can run arbitrary php code on the server in combination with a file write possibility. The user interface language is determined and loaded by the setting `application_language` in the `settings` table. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, has control over the filepath, which is loaded. Exploiting this vulnerability has one constraint: the attacker must be able to place a file (called translations.php) on the system. However, this is not impossible, think of anonymous FTP server or another application that allows uploading files. Once the attacker has placed its file with the actual php code as the payload, the attacker can craft a sqlite db settings, which uses path traversal to point to the directory, where the `translations.php` file is stored. Then gaining code execution after importing the crafted sqlite.db. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-jvff-x577-j95p", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-519xx/CVE-2024-51992.json b/CVE-2024/CVE-2024-519xx/CVE-2024-51992.json new file mode 100644 index 00000000000..e53c5037fba --- /dev/null +++ b/CVE-2024/CVE-2024-519xx/CVE-2024-51992.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51992", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:19.647", + "lastModified": "2024-11-11T20:15:19.647", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue (CWE-749: Exposed Dangerous Method or Function) in the Orchid Platform\u2019s asynchronous modal functionality, affecting users of Orchid Platform version 8 through 14.42.x. Attackers could exploit this vulnerability to call arbitrary methods within the `Screen` class, leading to potential brute force of database tables, validation checks against user credentials, and disclosure of the server\u2019s real IP address. The issue has been patched in the latest release, version 14.43.0, released on November 6, 2024. Users should upgrade to version 14.43.0 or later to address this vulnerability. If upgrading to version 14.43.0 is not immediately possible, users can mitigate the vulnerability by implementing middleware to intercept and validate requests to asynchronous modal endpoints, allowing only approved methods and parameters." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-749" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/orchidsoftware/platform/security/advisories/GHSA-cm46-gqf4-mv4f", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-522xx/CVE-2024-52286.json b/CVE-2024/CVE-2024-522xx/CVE-2024-52286.json new file mode 100644 index 00000000000..e3d37548e7f --- /dev/null +++ b/CVE-2024/CVE-2024-522xx/CVE-2024-52286.json @@ -0,0 +1,86 @@ +{ + "id": "CVE-2024-52286", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:19.867", + "lastModified": "2024-11-11T20:15:19.867", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In affected versions the Merge functionality takes untrusted user input (file name) and uses it directly in the creation of HTML pages allowing any unauthenticated to execute JavaScript code in the context of the user. The issue stems to the code starting at `Line 24` in `src/main/resources/static/js/merge.js`. The file name is directly being input into InnerHTML with no sanitization on the file name, allowing a malicious user to be able to upload files with names containing HTML tags. As HTML tags can include JavaScript code, this can be used to execute JavaScript code in the context of the user. This is a self-injection style attack and relies on a user uploading the malicious file themselves and it impact only them, not other users. A user might be social engineered into running this to launch a phishing attack. Nevertheless, this breaks the expected security restrictions in place by the application. This issue has been addressed in version 0.32.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 2.0, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Stirling-Tools/Stirling-PDF/commit/404e31468ec98413f1906cc7ee3d49091638c693", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-9j55-gvf2-cqwv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-522xx/CVE-2024-52288.json b/CVE-2024/CVE-2024-522xx/CVE-2024-52288.json new file mode 100644 index 00000000000..7ab839af468 --- /dev/null +++ b/CVE-2024/CVE-2024-522xx/CVE-2024-52288.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-52288", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-11-11T20:15:20.013", + "lastModified": "2024-11-11T20:15:20.013", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. In affected versions an unexpected `REPLY_CCRYPT` or `REPLY_RMAC_I` may be introduced into an active stream when they should not be. Once RMAC_I message can be sent during a session, attacker with MITM access to the communication may intercept the original RMAC_I reply and save it. While the session continues, the attacker will record all of the replies and save them, till capturing the message to be replied (can be detected by ID, length or time based on inspection of visual activity next to the reader) Once attacker captures a session with the message to be replayed, he stops resetting the connection and waits for signal to perform the replay to of the PD to CP message (ex: by signaling remotely to the MIMT device or setting a specific timing). In order to replay, the attacker will craft a specific RMAC_I message in the proper seq of the execution, which will result in reverting the RMAC to the beginning of the session. At that phase - attacker can replay all the messages from the beginning of the session. This issue has been addressed in commit `298576d9` which is included in release version 3.0.0. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.4, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-924" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/goToMain/libosdp/commit/298576d9214b48214092eebdd892ec77be085e5a", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/goToMain/libosdp/security/advisories/GHSA-xhjw-7vh5-qxqm", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52530.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52530.json new file mode 100644 index 00000000000..930f8d13310 --- /dev/null +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52530.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-52530", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:20.247", + "lastModified": "2024-11-11T20:15:20.247", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\\0' characters at the end of header names are ignored, i.e., a \"Transfer-Encoding\\0: chunked\" header is treated the same as a \"Transfer-Encoding: chunked\" header." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/377", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/402", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52531.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52531.json new file mode 100644 index 00000000000..7c54b5c71d6 --- /dev/null +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52531.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-52531", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:20.313", + "lastModified": "2024-11-11T20:15:20.313", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52532.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52532.json new file mode 100644 index 00000000000..0f6463d3ba1 --- /dev/null +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52532.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-52532", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-11T20:15:20.370", + "lastModified": "2024-11-11T20:15:20.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/391", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index a265377fa82..cc483adfe39 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-11T19:02:50.076488+00:00 +2024-11-11T21:00:19.857547+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-11T18:15:15.440000+00:00 +2024-11-11T20:15:20.370000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -269032 +269060 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `28` -- [CVE-2024-10917](CVE-2024/CVE-2024-109xx/CVE-2024-10917.json) (`2024-11-11T17:15:04.203`) -- [CVE-2024-11073](CVE-2024/CVE-2024-110xx/CVE-2024-11073.json) (`2024-11-11T17:15:04.520`) -- [CVE-2024-11074](CVE-2024/CVE-2024-110xx/CVE-2024-11074.json) (`2024-11-11T18:15:14.620`) -- [CVE-2024-11076](CVE-2024/CVE-2024-110xx/CVE-2024-11076.json) (`2024-11-11T18:15:14.940`) -- [CVE-2024-45087](CVE-2024/CVE-2024-450xx/CVE-2024-45087.json) (`2024-11-11T17:15:04.957`) +- [CVE-2024-36061](CVE-2024/CVE-2024-360xx/CVE-2024-36061.json) (`2024-11-11T20:15:17.673`) +- [CVE-2024-46965](CVE-2024/CVE-2024-469xx/CVE-2024-46965.json) (`2024-11-11T20:15:17.740`) +- [CVE-2024-48322](CVE-2024/CVE-2024-483xx/CVE-2024-48322.json) (`2024-11-11T20:15:17.807`) +- [CVE-2024-50667](CVE-2024/CVE-2024-506xx/CVE-2024-50667.json) (`2024-11-11T19:15:03.960`) +- [CVE-2024-51135](CVE-2024/CVE-2024-511xx/CVE-2024-51135.json) (`2024-11-11T19:15:04.047`) +- [CVE-2024-51186](CVE-2024/CVE-2024-511xx/CVE-2024-51186.json) (`2024-11-11T20:15:17.877`) +- [CVE-2024-51187](CVE-2024/CVE-2024-511xx/CVE-2024-51187.json) (`2024-11-11T20:15:17.943`) +- [CVE-2024-51188](CVE-2024/CVE-2024-511xx/CVE-2024-51188.json) (`2024-11-11T20:15:18.000`) +- [CVE-2024-51189](CVE-2024/CVE-2024-511xx/CVE-2024-51189.json) (`2024-11-11T20:15:18.060`) +- [CVE-2024-51190](CVE-2024/CVE-2024-511xx/CVE-2024-51190.json) (`2024-11-11T20:15:18.117`) +- [CVE-2024-51484](CVE-2024/CVE-2024-514xx/CVE-2024-51484.json) (`2024-11-11T20:15:18.170`) +- [CVE-2024-51485](CVE-2024/CVE-2024-514xx/CVE-2024-51485.json) (`2024-11-11T20:15:18.313`) +- [CVE-2024-51486](CVE-2024/CVE-2024-514xx/CVE-2024-51486.json) (`2024-11-11T20:15:18.430`) +- [CVE-2024-51487](CVE-2024/CVE-2024-514xx/CVE-2024-51487.json) (`2024-11-11T20:15:18.640`) +- [CVE-2024-51488](CVE-2024/CVE-2024-514xx/CVE-2024-51488.json) (`2024-11-11T20:15:18.757`) +- [CVE-2024-51489](CVE-2024/CVE-2024-514xx/CVE-2024-51489.json) (`2024-11-11T20:15:18.877`) +- [CVE-2024-51490](CVE-2024/CVE-2024-514xx/CVE-2024-51490.json) (`2024-11-11T20:15:18.987`) +- [CVE-2024-51747](CVE-2024/CVE-2024-517xx/CVE-2024-51747.json) (`2024-11-11T20:15:19.197`) +- [CVE-2024-51748](CVE-2024/CVE-2024-517xx/CVE-2024-51748.json) (`2024-11-11T20:15:19.420`) +- [CVE-2024-51992](CVE-2024/CVE-2024-519xx/CVE-2024-51992.json) (`2024-11-11T20:15:19.647`) +- [CVE-2024-52286](CVE-2024/CVE-2024-522xx/CVE-2024-52286.json) (`2024-11-11T20:15:19.867`) +- [CVE-2024-52288](CVE-2024/CVE-2024-522xx/CVE-2024-52288.json) (`2024-11-11T20:15:20.013`) +- [CVE-2024-52530](CVE-2024/CVE-2024-525xx/CVE-2024-52530.json) (`2024-11-11T20:15:20.247`) +- [CVE-2024-52531](CVE-2024/CVE-2024-525xx/CVE-2024-52531.json) (`2024-11-11T20:15:20.313`) +- [CVE-2024-52532](CVE-2024/CVE-2024-525xx/CVE-2024-52532.json) (`2024-11-11T20:15:20.370`) ### CVEs modified in the last Commit -Recently modified CVEs: `4` +Recently modified CVEs: `0` -- [CVE-2024-10963](CVE-2024/CVE-2024-109xx/CVE-2024-10963.json) (`2024-11-11T18:15:14.487`) -- [CVE-2024-9407](CVE-2024/CVE-2024-94xx/CVE-2024-9407.json) (`2024-11-11T17:15:05.457`) -- [CVE-2024-9675](CVE-2024/CVE-2024-96xx/CVE-2024-9675.json) (`2024-11-11T17:15:05.587`) -- [CVE-2024-9676](CVE-2024/CVE-2024-96xx/CVE-2024-9676.json) (`2024-11-11T18:15:15.440`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 264334b6a07..92eb8981342 100644 --- a/_state.csv +++ b/_state.csv @@ -242592,6 +242592,7 @@ CVE-2024-10310,0,0,3b0decb54117e1f6369f0c8a49822eb1c6d4be5cb40b8b5a9079fd842cd0c CVE-2024-10312,0,0,d10f0012149342545ee317e492eeaf284c6b634b254526457f270c7ce4937a16,2024-10-29T14:34:04.427000 CVE-2024-10313,0,0,0a692e743da8a6f5929e9a5e61a16c962249b9fbffffedea4a154098bf7390c0,2024-10-25T12:56:07.750000 CVE-2024-10314,0,0,20b0cb09bc8cc2bf5f9ce62e7caccc420ade2ce546f6fd908a532c2d4632d7d4,2024-11-11T14:15:14.190000 +CVE-2024-10315,1,1,025c4b8541b1053d1918641d8b702b85f2b2c6a7adfb21d7ffa6a8e2e0dfc8bb,2024-11-11T20:15:17.223000 CVE-2024-10318,0,0,c9c0b32165e110789e705dc55263c8f26a928f9dce25281896f08d394c1b97f7,2024-11-08T19:51:49.380000 CVE-2024-10319,0,0,521a2584bb331a8cf29df932b8069e068af4d281b03c20cc06073eb127cb6582,2024-11-08T15:25:16.317000 CVE-2024-1032,0,0,06925fc416f8ceea7fb895efc2e3f765d4f064c5150968a9409448741aa1fb78,2024-05-17T02:35:11.947000 @@ -242908,7 +242909,7 @@ CVE-2024-1091,0,0,54ee7e9ca708166212a73aaa10e4715176fe17b55fbce1ee0ea8f95d289d46 CVE-2024-10914,0,0,a19349a4797c04ddb77f70975a0145b559e2c17ff8d6db53557df6669e0449a1,2024-11-08T19:53:04.793000 CVE-2024-10915,0,0,b06bfc4427bf3f30a98b7ce390941759d780f67755e284354baa2af5087ffe27,2024-11-08T20:11:10.973000 CVE-2024-10916,0,0,bc544f9bd284df1d2cb2c93c5b72a85d457acf8720f73da6b50b8a164264f036,2024-11-08T20:11:37.567000 -CVE-2024-10917,1,1,4a1db47185a13ea9d7c52bcf0259524b0a578a3607c81992abae78302a93edf2,2024-11-11T17:15:04.203000 +CVE-2024-10917,0,0,4a1db47185a13ea9d7c52bcf0259524b0a578a3607c81992abae78302a93edf2,2024-11-11T17:15:04.203000 CVE-2024-10919,0,0,e8fbb923eb829e965254205b876d7ef672d5aac59877ea419609aa8d8f6bb3e9,2024-11-08T21:07:58.383000 CVE-2024-1092,0,0,4e514cbeb8cbdb0016fe4cb374f3dffe448e95b35a82b13ed7cb7be1b7fe61c2,2024-02-13T19:43:06.247000 CVE-2024-10920,0,0,2cf9a2b6fa319444c301d4d5e50d2260546d202b9ce9ceed0622f3257443827f,2024-11-06T18:17:17.287000 @@ -242925,7 +242926,7 @@ CVE-2024-1095,0,0,e70da3b629cae08421ac3ff6db71fb525bf872b735f906aa9168a1a3feae7d CVE-2024-10953,0,0,4cd1b9258875261834531cf76075bd46479dc7cc73ff4dff4728d4228da44f6d,2024-11-09T02:15:17.443000 CVE-2024-10958,0,0,fcf505fa6da08ee90d219e8333a57d378a0c9b002861981bb4bac6c196dbfed9,2024-11-10T13:15:03.940000 CVE-2024-1096,0,0,9e6ec92aa91c226f1dce82b660bd82ecda12366a7db0465d5ab79a9947cb0a51,2024-03-21T02:51:34.720000 -CVE-2024-10963,0,1,eee86a3aedc7174854dc69b5daad7ddd56acd624730edee3419c240e1ae079c9,2024-11-11T18:15:14.487000 +CVE-2024-10963,0,0,eee86a3aedc7174854dc69b5daad7ddd56acd624730edee3419c240e1ae079c9,2024-11-11T18:15:14.487000 CVE-2024-10964,0,0,59c42738567fc9804ec2d61407344d8d58a5472c34e273ef586a2c76a2aefe85,2024-11-08T19:01:03.880000 CVE-2024-10965,0,0,c66f8f41a86b61772baa3fe053f73c721fa7e86ea505631bf695cb762fd01af0,2024-11-08T19:01:03.880000 CVE-2024-10966,0,0,3df47cfeba07424dbca1650d45cf844f6cc1bcda5f1462544d39e404a912cdab,2024-11-08T19:01:03.880000 @@ -242983,9 +242984,11 @@ CVE-2024-11067,0,0,9083bf332bd380cf8afdf0b36996857eb44d20d84bddd464e7741201bbf16 CVE-2024-11068,0,0,2870daa3b3e2ca018fa6082f45bf760fc57f2be6e37445170731581a3ce222a4,2024-11-11T08:15:08.850000 CVE-2024-1107,0,0,7fae6df9cdce298be180c2cb6d3dacceb0e976e847fc87cce19a7d73f37dfe2b,2024-09-16T19:08:27.840000 CVE-2024-11070,0,0,50fce5ba7a18cd693ec68200f3d90b6c420fac4ca63afe9db31f65c38288bd47,2024-11-11T15:15:04.863000 -CVE-2024-11073,1,1,dd0a8d06b8ef1d16d0a0398449783fc22f09117f3cf82bb9261997c39c5da9a9,2024-11-11T17:15:04.520000 -CVE-2024-11074,1,1,3292be654074303b8aa09792e3ecb0850cc4c26bc562e2e86add74b958a092ca,2024-11-11T18:15:14.620000 -CVE-2024-11076,1,1,7df76c2fec7ddbe95ba6a8ae79e5c42ef3c68523dcd6027c51295ba7db67b000,2024-11-11T18:15:14.940000 +CVE-2024-11073,0,0,dd0a8d06b8ef1d16d0a0398449783fc22f09117f3cf82bb9261997c39c5da9a9,2024-11-11T17:15:04.520000 +CVE-2024-11074,0,0,3292be654074303b8aa09792e3ecb0850cc4c26bc562e2e86add74b958a092ca,2024-11-11T18:15:14.620000 +CVE-2024-11076,0,0,7df76c2fec7ddbe95ba6a8ae79e5c42ef3c68523dcd6027c51295ba7db67b000,2024-11-11T18:15:14.940000 +CVE-2024-11077,1,1,181130d814c7f61538497c5e53f441fcc9247f27113c622321e134d349587ec8,2024-11-11T19:15:03.660000 +CVE-2024-11078,1,1,8190043eda67017a5363e09bea355d4c2dfef250f70e1b21db23c961bbf97681,2024-11-11T20:15:17.400000 CVE-2024-1108,0,0,72e8aa7ee320c630f0cd3020b574b902dcf572a1d2888f0afb29692e74e18247,2024-02-22T19:07:37.840000 CVE-2024-1109,0,0,54a246b33f975a42367e7b2f8f64c59b5c20293302ad365ae743bbdf357522c9,2024-02-10T04:13:21.610000 CVE-2024-1110,0,0,2a7a998b7b1ccd0c64d40f28b7bfefdfe0681031ac010f23e86b81b22a7f4df6,2024-02-10T04:13:13.260000 @@ -255728,6 +255731,7 @@ CVE-2024-36056,0,0,1ad654e1db1ea66b26b566d0bde36516eb16d5510c8338c17ed9148cd915f CVE-2024-36059,0,0,1bfcf57b05ec1b5718039a8c5e3ecbe365e021b33c057bee57a114304a3b8db6,2024-07-09T16:22:38.580000 CVE-2024-3606,0,0,d0a3a8d7c3b8995b719f693dd3907a6cc0220e7bd0b5d59f68093556b8c3a6af,2024-05-02T18:00:37.360000 CVE-2024-36060,0,0,0aa7d62145c5618b7f76bb2535f9fc77a196990e59fda038d7a6d0a4665703fe,2024-11-01T12:57:03.417000 +CVE-2024-36061,1,1,ac0cea50366983cc9fe5a6ee092d3ffe1c327fd993430816a07164391ebb0f92,2024-11-11T20:15:17.673000 CVE-2024-36062,0,0,b3531d0a2dc0e87d59ab63f084c9edf17440e45c41fc2b9fc6cd7ee0d3d225ea,2024-11-08T19:01:03.880000 CVE-2024-36063,0,0,137e9651a11a86729a19db077a10e17c476e8bdc06700335b2e00d6c3dad3c82,2024-11-08T19:01:03.880000 CVE-2024-36064,0,0,783529a7ed67c566f9b5978c94a6c15f086f6661d090c8cd3e70b94f4926834f,2024-11-08T19:01:03.880000 @@ -261790,7 +261794,7 @@ CVE-2024-45076,0,0,5fb321e82c08a6c58252337bee6e5fcb4b13786a863fe8ca643f04e713d05 CVE-2024-4508,0,0,26388c420646a8ddc4ee2de628a691e0fa51808e2f848ae0f9b7aad58ccb1298,2024-05-17T02:40:26.220000 CVE-2024-45085,0,0,a565381ecb911dfe05cdd12fd3e31f62bfcf9bb3dc78353a9c71e368d734c50b,2024-11-08T15:13:11.307000 CVE-2024-45086,0,0,4c6cc09258471d9b9c2c13bdbf534b3ba8ab7fabaf8d588e8672331873d00305,2024-11-06T23:04:04.673000 -CVE-2024-45087,1,1,152369d213d5407f1f19a95c9023918c9885f6b7a286e9060e5c257e2daf65ae,2024-11-11T17:15:04.957000 +CVE-2024-45087,0,0,152369d213d5407f1f19a95c9023918c9885f6b7a286e9060e5c257e2daf65ae,2024-11-11T17:15:04.957000 CVE-2024-45088,0,0,28d5423312a30e303de32e5181824717e79d3a2b658a487e2a9032669d6148fa,2024-11-11T16:15:14.950000 CVE-2024-4509,0,0,996942a0a2c59f4d53067a2868fbad35944719504585e3998bbd4d788c545588,2024-06-04T19:20:40.347000 CVE-2024-45096,0,0,d4f642a1e6bb8f30a3a63abc6de33d2a734d4a63841c63adbbf0861fc10b1ff8,2024-09-06T12:34:17.957000 @@ -262818,6 +262822,7 @@ CVE-2024-46959,0,0,49609311db8eb2484a5bda279fc39cc9dccd98f1d151343e94689d8818c06 CVE-2024-4696,0,0,b8ce6d89da084f88972905e9878372f109e48889eae7d9f95b30ecbbc63816ed,2024-06-17T12:43:31.090000 CVE-2024-46960,0,0,34c9db930ef4e9e6f8b9462edd0bebd8143074b581b4cd4eaf2ae451689fb83c,2024-11-08T19:01:03.880000 CVE-2024-46961,0,0,6281dfd23f05aedb5a57016518bf840f9c3236bd7244aca077f0eeaa5baad6cb,2024-11-08T19:01:03.880000 +CVE-2024-46965,1,1,b1fed9b30e2da539a3588ca6bce27b0ada48b333b441ddada52258a3843ded7e,2024-11-11T20:15:17.740000 CVE-2024-4697,0,0,3bc62a9bb9952d026af8ecd13a98f81fa60290945109a2f6023ef384956822fe,2024-06-04T16:57:41.053000 CVE-2024-46970,0,0,6ef16041ee18068670ae3579af5d9c59d6c6488d479945d9220353b5e1ab4205,2024-09-20T13:23:29.700000 CVE-2024-46976,0,0,02f78d527d01c9aa774dc796f1ceed3fea7faea62af60e78d26c9cc8325cba03,2024-09-23T18:27:05.920000 @@ -263658,6 +263663,7 @@ CVE-2024-48291,0,0,3c4533b920a9f2edb3f01b1757898b30516db1528ffb114ee1df5dcc33808 CVE-2024-48307,0,0,935ee3e0328307bbb03111416c4595c4eff3ac408a08578a24f622dddb9d0c64,2024-11-01T12:57:03.417000 CVE-2024-48311,0,0,354d288e073d9064d21602cf2204c79fdbedf6cf54999e8a50b7d788e057c63f,2024-11-01T12:57:03.417000 CVE-2024-48312,0,0,ed565171c6e4291e871155bd5278a308c07670573cfb5e604423e67b93f19726,2024-11-06T18:17:17.287000 +CVE-2024-48322,1,1,a0ea9e677fe06281214afef4609306c63be7c1594ce0154636ee6f6738f018b3,2024-11-11T20:15:17.807000 CVE-2024-48325,0,0,e332aafd0b1c5c187131f74a886273143993554010ab80fd42869ff8b361baa6,2024-11-08T19:01:25.633000 CVE-2024-48336,0,0,fc603531e511f454d9e88137c47d1879fc0b1949207c95b33f03f4156054a935,2024-11-04T20:35:10.193000 CVE-2024-48342,0,0,cab27a7526b8debabab042631051135b3c12f9f8dc84e657f2f251a3750f9436,2024-11-04T07:15:11.437000 @@ -264876,6 +264882,7 @@ CVE-2024-50637,0,0,7cb3fd4c2566fc1d1593156e77d24b90af6dfd042618185e839399543b673 CVE-2024-5064,0,0,d857d2e0ee5316e135c4045ce3a7ab1579933a9b029d66480995681ffcc21c71,2024-06-04T19:20:57.870000 CVE-2024-5065,0,0,0430cc7c42876b1507fe619bbbc6ece1ba2c878f57a5564022a1efa295cd852d,2024-06-04T19:20:57.977000 CVE-2024-5066,0,0,afaa043e18b083dd4b11b301517b086f80728c1a74393b687f88875df4970445,2024-05-20T13:00:34.807000 +CVE-2024-50667,1,1,f16bce4b99de2012361be95597333f0df22914c2f4ea8499b3a1ae67b63cdaf3,2024-11-11T19:15:03.960000 CVE-2024-5067,0,0,7a5f09523c1a14d6651905f1f8853395c32eebb526caa99a81fddc9a443e16ea,2024-09-05T17:29:32.287000 CVE-2024-5069,0,0,9472ccb93cc67e368452ccbd7690fcdac2e9c6bf3a0a4c1febdda7b23dc05b96,2024-06-04T19:20:58.080000 CVE-2024-5071,0,0,1e84a840bf7fe6d05a333c61daff03721e2399762594abd260e8b415b74d49eb,2024-10-28T21:35:22.430000 @@ -264977,6 +264984,7 @@ CVE-2024-5112,0,0,689c76c95598a2f86ee6cadbc1c25854cf35ada5e2d2725de4638c44d7f737 CVE-2024-51127,0,0,5cbf021500110127b38f6de54e9823061ea68366b333afb20ed57e2e95d1d646,2024-11-06T19:25:14.607000 CVE-2024-5113,0,0,d52da1935c57c4016d19b1f0658aa6603ac8563b2af10cf87d5ce42568a3ed96,2024-06-04T19:21:00.113000 CVE-2024-51132,0,0,741849111477a3dea70a3f4f159f318bcb11e986e2637afecf8a608cf70fdf87,2024-11-06T20:35:34.173000 +CVE-2024-51135,1,1,7cb22672e5dbd89b4e6af08151da9b08631652ec3fbbfbd46f9e6f7bea4925d7,2024-11-11T19:15:04.047000 CVE-2024-51136,0,0,b7028b746c76b0b8db7064a5c94d8b9b8b4865b267652b712081099f88f87998,2024-11-06T19:31:15.230000 CVE-2024-5114,0,0,51655375bf74d88d0b44bf3106775b49d83b04b179d3446b4a92ffe727b17b66,2024-06-04T19:21:00.217000 CVE-2024-5115,0,0,566281473e2daa2487dd251e202869dc3059aeec07f7c63daa38b65c3bae3de7,2024-06-04T19:21:00.323000 @@ -264987,7 +264995,12 @@ CVE-2024-5117,0,0,8f71e5dda3348556d6b06143dcd47b79229dad0468d30aa7c38f8c5c1ecb85 CVE-2024-5118,0,0,ede24973ef1505b96fcd3c614d177bf90baaafde820cda4461fa6280b3c2b455,2024-05-20T13:00:04.957000 CVE-2024-51180,0,0,291417569b0494624857cced13999289421aea811a146f5e21654eb2df5dd0c1,2024-11-04T13:37:15.737000 CVE-2024-51181,0,0,113da0b9d3296c95d5bef97b0c59442bc79ba9bb3dbb2c1b2baabdd141b84fe6,2024-11-04T13:39:48.413000 +CVE-2024-51186,1,1,22a75f61af82d678a63881ed8d10c9a178a3d1960679c0862a84efb7646799de,2024-11-11T20:15:17.877000 +CVE-2024-51187,1,1,f1129b385c89b52a43cab9bb59be384777b8659b01b29622b36f7776c7477e84,2024-11-11T20:15:17.943000 +CVE-2024-51188,1,1,469df4f9784cc32e72a51dbacc4b4835d7dca17e1bc1e2f9c0c6771d0c761de8,2024-11-11T20:15:18 +CVE-2024-51189,1,1,dde2d77ccb5bf5e6593e8944d3fc08a7a4fab970a653caa9351a36ebecc33f8f,2024-11-11T20:15:18.060000 CVE-2024-5119,0,0,6bb53ca9f8946448e1a7958af9df5b73fe1f36069f7b2aedbfc033eb827d83be,2024-06-04T19:21:00.657000 +CVE-2024-51190,1,1,98f0a187727d181cd04296c95bf7f523a0e5d0f2ebffd8b3dc00762fc2ed5afe,2024-11-11T20:15:18.117000 CVE-2024-5120,0,0,512e5b032e12a79292f06756f99bf223a47a4b934de5206e20b5529b01ef61b6,2024-06-04T19:21:00.760000 CVE-2024-5121,0,0,98477bc3a7c67683bd43da705ad15db6f590ce85a12aaf89110d94461e6c3bdb,2024-06-04T19:21:00.860000 CVE-2024-51211,0,0,9f7216f2f8d2a000da238cb20861cfda4ea040b75cc4ecdd6f811f2bee27be17,2024-11-08T19:15:06.347000 @@ -265070,7 +265083,14 @@ CVE-2024-5148,0,0,bd5836562cd7c4456364427f29f33cc1c67447ccbfc1a9320a1023f854c7eb CVE-2024-51481,0,0,79865ece5695e59d21a71c5242cb6b84c6582b835d3ed06315b12ef5cbe5ff4e,2024-11-01T12:57:03.417000 CVE-2024-51482,0,0,bfd63cd113518065a1bebad51613f86054f6e228acaf54013add2bd0a434c523,2024-11-05T14:15:14.840000 CVE-2024-51483,0,0,f70c42f235544d305181618bf39f85a2958b60e254bcd1640771f1e1cba85c88,2024-11-01T20:24:53.730000 +CVE-2024-51484,1,1,71873d7db7e01fb6cb9a7a25cc44b547c589d8cb9f28feeab78ff62ab4c0896a,2024-11-11T20:15:18.170000 +CVE-2024-51485,1,1,4b9038b15ec3c3fd6502ebb682d85a8d893bad1298a1b2c6b5f0f51fb12a87af,2024-11-11T20:15:18.313000 +CVE-2024-51486,1,1,e1999d3ec467fe4c829cd9ff311bf0a143b46492bf637e8605cc0dc541f598f0,2024-11-11T20:15:18.430000 +CVE-2024-51487,1,1,052f30a78b3bf9bb2df867938ee72cca464f6d9e5fd37c3d3e60c5e578f7b37e,2024-11-11T20:15:18.640000 +CVE-2024-51488,1,1,1f2b3c34b5a8d76d4b3e8cf994ba8ef608056367d7a462d46bc8f63321cdb0d9,2024-11-11T20:15:18.757000 +CVE-2024-51489,1,1,a30995f3170dd1474efbb6b6381f530c77abae5e352dce48f6c6a75ff98de5cb,2024-11-11T20:15:18.877000 CVE-2024-5149,0,0,35aba13432990695b4ab26ada33d31578be519ff456b8edf807a15027d0b18f5,2024-06-06T14:15:01.960000 +CVE-2024-51490,1,1,a24e57d3b6c5ced93a3ed78a648d89b5e6bf7f69faff3e7b8785b3e5525b5c12,2024-11-11T20:15:18.987000 CVE-2024-51492,0,0,0a58c7013d2cd1abea36461b62b0843b3a8fe747b96ce2f6ac388e3c542b0b6c,2024-11-01T21:15:15.080000 CVE-2024-51493,0,0,905ca061a7e2249944cb0aec37c9054b75e237343bc05a733cf47492ea8f9f1d,2024-11-06T18:17:17.287000 CVE-2024-51498,0,0,a215c64a461c357224f24d4e16a3f3f3214ac081278e197bc9556945ad303f5e,2024-11-05T16:04:26.053000 @@ -265248,6 +265268,8 @@ CVE-2024-51740,0,0,74dcd62c794431349724c21a2a10e6fc9dfce3314bc46b9aad9df5d89f4c0 CVE-2024-51744,0,0,df641a1b86566e97bb7074f2d337c50f51346569211bd554409b057e4c4da639,2024-11-05T16:04:26.053000 CVE-2024-51745,0,0,37db28606ad10f651e6f62f94e51def5fb50b1cfae8314bc96328b8b65ad324b,2024-11-06T18:17:17.287000 CVE-2024-51746,0,0,3cd98a267aedbbeeb4ad193a68e5bacd0a1a46a62f6ccca5880e9520a47fbe14,2024-11-06T18:17:17.287000 +CVE-2024-51747,1,1,246559e734502f9806fde4ea12a15a6e7d8fd9d4645d3c1271c41a4bf9221ee8,2024-11-11T20:15:19.197000 +CVE-2024-51748,1,1,2b320563afce5194bd563878475673dc5db5794c93861560d1285bc31bef4f9b,2024-11-11T20:15:19.420000 CVE-2024-51751,0,0,5e82f37cf3dfc23b4c489447a3752cbf986237e64e94f63b0a07a70b000b7b12,2024-11-08T19:01:25.633000 CVE-2024-51752,0,0,e4bd7dfff09e294fe713d9b76aba7fd50689256bee0d75d076093e0fe4805888,2024-11-06T18:17:17.287000 CVE-2024-51753,0,0,bf33e866ff4adcdc8169c4272817d8f4f57258218421ea7cafddbf38a1c6e30a,2024-11-06T18:17:17.287000 @@ -265309,6 +265331,7 @@ CVE-2024-51988,0,0,9398d8a80c5a41180002e2b13788d4e0785beca5d303a4ad1646b56530ae4 CVE-2024-51989,0,0,a66d3df688b16ca6972a5503652a5945de21b13a7ef47f9e2408cd742c91aa40,2024-11-08T19:01:03.880000 CVE-2024-5199,0,0,8fdec235790e80ab25bf344b6e4e20c94c0a12c0bede9440d8c94965619f66eb,2024-10-28T21:35:23.237000 CVE-2024-51990,0,0,5a0b7a0ddc0e56bea6e775544df250647bd9e6d489e037eeef6da34742509908,2024-11-08T19:01:25.633000 +CVE-2024-51992,1,1,7f8147b31098292c03603fe9ee6fa658a1972acf24fddbd174295697bceece28,2024-11-11T20:15:19.647000 CVE-2024-51993,0,0,0b180a03099571fff8a13158fe72d7871f053352d43d872590f8f53c841ecca8,2024-11-08T19:01:03.880000 CVE-2024-51994,0,0,9ecdd0862ec4cb4e8cbc599710fe336df5bb3c681162050e709512d4ec211c97,2024-11-08T19:01:03.880000 CVE-2024-51995,0,0,7484e6b15af945f697a88a8c3b9d2c315fe6e0004cde6e533470a014d3f9ae3d,2024-11-08T19:01:03.880000 @@ -265367,6 +265390,8 @@ CVE-2024-5225,0,0,908db7200208aad82f301f521b9dc90a90551560079e967278f95345fdc583 CVE-2024-5226,0,0,343bea1ef6104d1a60d532c3087e707033a7d2cea2eb006f3e8cf7d609df1199,2024-08-08T13:04:18.753000 CVE-2024-5227,0,0,782d407fd59442ae1cd49577c63d7b8236dddc237a48b5fa6a3df2e3ceec540d,2024-05-24T01:15:30.977000 CVE-2024-5228,0,0,d7fb18ef663e7fbb963ee04e575f2bc258b900955c0912600676521519fad837,2024-05-24T01:15:30.977000 +CVE-2024-52286,1,1,2a5f546e948d1ccba1723cfcc1b1a2d25e6fdcd5642820394e49b58f57d94595,2024-11-11T20:15:19.867000 +CVE-2024-52288,1,1,b8d6870050b16638fccab9cead56058b5a34cf6591df4dcaff6448417279ab8c,2024-11-11T20:15:20.013000 CVE-2024-5229,0,0,787c92e076dbd9dca682f832ee22f0e31b439c91ed2d6b58a8c544f86d4189c3,2024-07-03T02:08:42.827000 CVE-2024-5230,0,0,f45c8274ba28e0dc58bed98870ed092580a9c18662584e7c3debbd7f7cd359f4,2024-06-04T19:21:02.540000 CVE-2024-5231,0,0,255bed42ab2a064a39e6f8c88880296d2f7a7d154f3db6dc7f4df2fa244d299f,2024-06-04T19:21:02.640000 @@ -265405,6 +265430,9 @@ CVE-2024-5250,0,0,b4b370273f1fe30d94b715ad219dda570a7dcb84192abd50c3cb746299bdbb CVE-2024-5251,0,0,7d84d2df7bf6674f7d634954defb2f38b0363c19ae19f78012df0aa633abf27a,2024-07-19T15:25:30.980000 CVE-2024-5252,0,0,1b28d536afc88eae5088fe06ff49428bbad5ffcb2aa7139fe40c4c06d2601422,2024-07-19T15:29:35.447000 CVE-2024-5253,0,0,73f9562f224a9a11b8b8279a7bf00d920003fa046cb7c88a3a55caf281adabe4,2024-07-19T15:30:34.717000 +CVE-2024-52530,1,1,3eaa32ccf56907047fdf4b4deac8010886f5cea3e0799d98db773dc18889ead4,2024-11-11T20:15:20.247000 +CVE-2024-52531,1,1,e1da16d13ad377fa18c4d7acff83ec981e6fd45e16e236f3d3149c47740c9f9c,2024-11-11T20:15:20.313000 +CVE-2024-52532,1,1,92541ad4eaa4a5badb32130e01157e806e2d95ba7daec0d82fbf422a69aebf7a,2024-11-11T20:15:20.370000 CVE-2024-5254,0,0,78882d871be0a19bc95888168cf12372f503de77ac359f287536c8f062c38532,2024-07-19T15:32:05.560000 CVE-2024-5255,0,0,a9d47c22e8985fc8d8b40f4bef3272595484bdbc8485e44830cb58ee997ab90f,2024-07-19T15:32:18.850000 CVE-2024-5256,0,0,c0c79be075ef53b66bd4c726b840e366d70c6f0c56013178c0440e2e2bf91c1e,2024-09-24T18:41:40.007000 @@ -268693,7 +268721,7 @@ CVE-2024-9401,0,0,9842edf4bc941b30860cfd929934eb8ba10b8d9f58d891f69f78bdfbf96f46 CVE-2024-9402,0,0,04bb4c5739f014caa4b772ec804b7222edbe186c7bb2fe331673658400879b23,2024-10-04T13:51:25.567000 CVE-2024-9403,0,0,c1afe1062aca6f3e2bbfc345cdb3697cf0c5243163e1e418a6944c658c5bb841,2024-10-04T13:51:25.567000 CVE-2024-9405,0,0,5a1aaacdf03c4deeb5787d411c40d8ad3aed60be9320ac0ab9cd4983368bffee,2024-10-04T13:51:25.567000 -CVE-2024-9407,0,1,5db42493e37378926c61ab42630e7509400310b16c31f46908f72e92834afb94,2024-11-11T17:15:05.457000 +CVE-2024-9407,0,0,5db42493e37378926c61ab42630e7509400310b16c31f46908f72e92834afb94,2024-11-11T17:15:05.457000 CVE-2024-9410,0,0,f1caeb057101bc11b923104c4939c2a18b358804c54a293851a2bbe945ca8cb5,2024-10-07T17:48:28.117000 CVE-2024-9411,0,0,09446adc9a52ba88acfc951352e9088b24cfd1cdb8a001643ee070875c43ffef,2024-10-04T13:51:25.567000 CVE-2024-9412,0,0,aa9a3d3cdb3659b02012ef158f2f0c675ff0de511272afae470c48f556502feb,2024-10-10T12:51:56.987000 @@ -268849,8 +268877,8 @@ CVE-2024-9667,0,0,db0574de12822738c38c8016441ce46841c68ee532fe6a4e072cebc9412ff1 CVE-2024-9670,0,0,f306c0fbbcbde1e6a65006fd3bdd50d366f02be816ff2a6f00ef3348b3b76328,2024-10-15T12:57:46.880000 CVE-2024-9671,0,0,421f1b0ad6825ff096efd81ac122f33bafcdf7b21693a85f65613389bca55f89,2024-10-10T12:51:56.987000 CVE-2024-9674,0,0,99b8206db3c3741ff50725aa3969c36280edf4a37082b6473da1336e00a39d59,2024-10-22T14:02:50.473000 -CVE-2024-9675,0,1,5884a5995b9fb9a040efcf36aa7bf19a912e63a985e4dd6502e1f25a1f8a6b69,2024-11-11T17:15:05.587000 -CVE-2024-9676,0,1,ca2916674bf5233a81cea91b0af20401df950e41a61145a4ac3b490b2925e185,2024-11-11T18:15:15.440000 +CVE-2024-9675,0,0,5884a5995b9fb9a040efcf36aa7bf19a912e63a985e4dd6502e1f25a1f8a6b69,2024-11-11T17:15:05.587000 +CVE-2024-9676,0,0,ca2916674bf5233a81cea91b0af20401df950e41a61145a4ac3b490b2925e185,2024-11-11T18:15:15.440000 CVE-2024-9677,0,0,944e049c847e061867c66e6b586a0cd99260b04bc2e2059d736567bf47cae00c,2024-10-23T15:12:34.673000 CVE-2024-9680,0,0,db0e4e19e09673238ffe3dfbb8e95974e9346a75b4fd6d9319c03e5970bb644e,2024-10-16T15:07:36.123000 CVE-2024-9681,0,0,5184b45d0c5be56c6e66f5f4d21584d3fd220046fb9bac6604ac868b54d81bd8,2024-11-06T18:17:17.287000