From b5b33e63fd421bec6d289dd76ff9349875465eb3 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 21 Mar 2024 19:04:35 +0000 Subject: [PATCH] Auto-Update: 2024-03-21T19:01:45.167107+00:00 --- CVE-2022/CVE-2022-445xx/CVE-2022-44595.json | 56 +++++++++++++ CVE-2023/CVE-2023-498xx/CVE-2023-49837.json | 33 ++++++++ CVE-2024/CVE-2024-25xx/CVE-2024-2578.json | 56 +++++++++++++ CVE-2024/CVE-2024-25xx/CVE-2024-2579.json | 56 +++++++++++++ CVE-2024/CVE-2024-25xx/CVE-2024-2580.json | 56 +++++++++++++ CVE-2024/CVE-2024-271xx/CVE-2024-27190.json | 56 +++++++++++++ CVE-2024/CVE-2024-272xx/CVE-2024-27277.json | 60 ++++++++++++++ CVE-2024/CVE-2024-279xx/CVE-2024-27956.json | 56 +++++++++++++ CVE-2024/CVE-2024-279xx/CVE-2024-27962.json | 56 +++++++++++++ CVE-2024/CVE-2024-279xx/CVE-2024-27963.json | 56 +++++++++++++ CVE-2024/CVE-2024-279xx/CVE-2024-27964.json | 56 +++++++++++++ CVE-2024/CVE-2024-279xx/CVE-2024-27965.json | 56 +++++++++++++ CVE-2024/CVE-2024-279xx/CVE-2024-27968.json | 56 +++++++++++++ CVE-2024/CVE-2024-291xx/CVE-2024-29180.json | 88 +++++++++++++++++++++ CVE-2024/CVE-2024-299xx/CVE-2024-29916.json | 29 +++++++ README.md | 49 +++++------- _state.csv | 63 +++++++++------ 17 files changed, 885 insertions(+), 53 deletions(-) create mode 100644 CVE-2022/CVE-2022-445xx/CVE-2022-44595.json create mode 100644 CVE-2023/CVE-2023-498xx/CVE-2023-49837.json create mode 100644 CVE-2024/CVE-2024-25xx/CVE-2024-2578.json create mode 100644 CVE-2024/CVE-2024-25xx/CVE-2024-2579.json create mode 100644 CVE-2024/CVE-2024-25xx/CVE-2024-2580.json create mode 100644 CVE-2024/CVE-2024-271xx/CVE-2024-27190.json create mode 100644 CVE-2024/CVE-2024-272xx/CVE-2024-27277.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27956.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27962.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27963.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27964.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27965.json create mode 100644 CVE-2024/CVE-2024-279xx/CVE-2024-27968.json create mode 100644 CVE-2024/CVE-2024-291xx/CVE-2024-29180.json create mode 100644 CVE-2024/CVE-2024-299xx/CVE-2024-29916.json diff --git a/CVE-2022/CVE-2022-445xx/CVE-2022-44595.json b/CVE-2022/CVE-2022-445xx/CVE-2022-44595.json new file mode 100644 index 00000000000..a31137befb3 --- /dev/null +++ b/CVE-2022/CVE-2022-445xx/CVE-2022-44595.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2022-44595", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:07.600", + "lastModified": "2024-03-21T17:15:07.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Authentication vulnerability in Melapress WP 2FA allows Authentication Bypass.This issue affects WP 2FA: from n/a through 2.2.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp2fa-plugin-2-2-0-broken-authentication-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49837.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49837.json new file mode 100644 index 00000000000..8182440805e --- /dev/null +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49837.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2023-49837", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:07.917", + "lastModified": "2024-03-21T17:15:07.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Uncontrolled Resource Consumption vulnerability in David Artiss Code Embed.This issue affects Code Embed: from n/a through 2.3.6.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/simple-embed-code/wordpress-embed-code-plugin-2-3-6-denial-of-service-attack-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2578.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2578.json new file mode 100644 index 00000000000..5ce25f4de3d --- /dev/null +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2578.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-2578", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:09.960", + "lastModified": "2024-03-21T17:15:09.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-coder/wordpress-wp-coder-plugin-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2579.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2579.json new file mode 100644 index 00000000000..94d92557e01 --- /dev/null +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2579.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-2579", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:10.150", + "lastModified": "2024-03-21T17:15:10.150", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/tracking-code-manager/wordpress-tracking-code-manager-plugin-2-0-16-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2580.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2580.json new file mode 100644 index 00000000000..8a348888fd8 --- /dev/null +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2580.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-2580", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:10.357", + "lastModified": "2024-03-21T17:15:10.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through 2.8.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-marketing-automations/wordpress-recover-woocommerce-cart-abandonment-newsletter-email-marketing-marketing-automation-by-funnelkit-plugin-2-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27190.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27190.json new file mode 100644 index 00000000000..d25626b2e89 --- /dev/null +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27190.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27190", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:08.010", + "lastModified": "2024-03-21T17:15:08.010", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Jean-David Daviet Download Media.This issue affects Download Media: from n/a through 1.4.2.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/download-media/wordpress-download-media-plugin-1-4-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27277.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27277.json new file mode 100644 index 00000000000..a6532de97e9 --- /dev/null +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27277.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-27277", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-03-21T17:15:08.230", + "lastModified": "2024-03-21T17:15:08.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security of the certificate. IBM X-Force ID: 285205." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/285205", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7144861", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27956.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27956.json new file mode 100644 index 00000000000..8617accaedc --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27956.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27956", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:08.437", + "lastModified": "2024-03-21T17:15:08.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-automatic/wordpress-automatic-plugin-3-92-0-unauthenticated-arbitrary-sql-execution-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27962.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27962.json new file mode 100644 index 00000000000..c0bbb4ce6a7 --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27962.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27962", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:08.637", + "lastModified": "2024-03-21T17:15:08.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-mpdf/wordpress-wp-mpdf-plugin-3-7-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27963.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27963.json new file mode 100644 index 00000000000..287bbba9653 --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27963.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27963", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:08.850", + "lastModified": "2024-03-21T17:15:08.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crisp allows Stored XSS.This issue affects Crisp: from n/a through 0.44.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/crisp/wordpress-crisp-live-chat-and-chatbot-plugin-0-44-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27964.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27964.json new file mode 100644 index 00000000000..474d633879b --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27964.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27964", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:09.060", + "lastModified": "2024-03-21T17:15:09.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.9.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/zippy/wordpress-zippy-plugin-1-6-9-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27965.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27965.json new file mode 100644 index 00000000000..e72049b3826 --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27965.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27965", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:09.277", + "lastModified": "2024-03-21T17:15:09.277", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels Team WPFunnels allows Stored XSS.This issue affects WPFunnels: from n/a through 3.0.6.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wpfunnels/wordpress-wpfunnels-plugin-3-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-279xx/CVE-2024-27968.json b/CVE-2024/CVE-2024-279xx/CVE-2024-27968.json new file mode 100644 index 00000000000..411a2c26d94 --- /dev/null +++ b/CVE-2024/CVE-2024-279xx/CVE-2024-27968.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-27968", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-03-21T17:15:09.487", + "lastModified": "2024-03-21T17:15:09.487", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-cloudflare-page-cache/wordpress-super-page-cache-for-cloudflare-plugin-4-7-5-cross-site-request-forgery-csrf-to-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-291xx/CVE-2024-29180.json b/CVE-2024/CVE-2024-291xx/CVE-2024-29180.json new file mode 100644 index 00000000000..55576977bc6 --- /dev/null +++ b/CVE-2024/CVE-2024-291xx/CVE-2024-29180.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-29180", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-03-21T17:15:09.690", + "lastModified": "2024-03-21T17:15:09.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the physical filesystem when reading the files or it can use a virtualized in-memory `memfs` filesystem. If `writeToDisk` configuration option is set to `true`, the physical filesystem is used. The `getFilenameFromUrl` method is used to parse URL and build the local file path. The public path prefix is stripped from the URL, and the `unsecaped` path suffix is appended to the `outputPath`. As the URL is not unescaped and normalized automatically before calling the midlleware, it is possible to use `%2e` and `%2f` sequences to perform path traversal attack.\n\nDevelopers using `webpack-dev-server` or `webpack-dev-middleware` are affected by the issue. When the project is started, an attacker might access any file on the developer's machine and exfiltrate the content. If the development server is listening on a public IP address (or `0.0.0.0`), an attacker on the local network can access the local files without any interaction from the victim (direct connection to the port). If the server allows access from third-party domains, an attacker can send a malicious link to the victim. When visited, the client side script can connect to the local server and exfiltrate the local files. Starting with fixed versions 7.1.0, 6.1.2, and 5.3.4, the URL is unescaped and normalized before any further processing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/getFilenameFromUrl.js#L82", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/blob/7ed24e0b9f53ad1562343f9f517f0f0ad2a70377/src/utils/setupOutputFileSystem.js#L21", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v5.3.4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v6.1.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/releases/tag/v7.1.0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-299xx/CVE-2024-29916.json b/CVE-2024/CVE-2024-299xx/CVE-2024-29916.json new file mode 100644 index 00000000000..5aac9d585f7 --- /dev/null +++ b/CVE-2024/CVE-2024-299xx/CVE-2024-29916.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-29916", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-21T17:15:09.897", + "lastModified": "2024-03-21T17:15:09.897", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The dormakaba Saflok system before the November 2023 software update allows an attacker to unlock arbitrary doors at a property via forged keycards, if the attacker has obtained one active or expired keycard for the specific property, aka the \"Unsaflok\" issue. This occurs, in part, because the key derivation function relies only on a UID. This affects, for example, Saflok MT, and the Confidant, Quantum, RT, and Saffire series." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://news.ycombinator.com/item?id=39779291", + "source": "cve@mitre.org" + }, + { + "url": "https://unsaflok.com", + "source": "cve@mitre.org" + }, + { + "url": "https://www.wired.com/story/saflok-hotel-lock-unsaflok-hack-technique/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index a3211303d42..a6626dee785 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-21T17:01:03.199130+00:00 +2024-03-21T19:01:45.167107+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-21T15:24:35.093000+00:00 +2024-03-21T17:15:10.357000+00:00 ``` ### Last Data Feed Release @@ -29,43 +29,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -242347 +242362 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `15` -* [CVE-2023-47715](CVE-2023/CVE-2023-477xx/CVE-2023-47715.json) (`2024-03-21T15:15:07.593`) -* [CVE-2024-2463](CVE-2024/CVE-2024-24xx/CVE-2024-2463.json) (`2024-03-21T15:16:54.417`) -* [CVE-2024-2464](CVE-2024/CVE-2024-24xx/CVE-2024-2464.json) (`2024-03-21T15:16:54.490`) -* [CVE-2024-2465](CVE-2024/CVE-2024-24xx/CVE-2024-2465.json) (`2024-03-21T15:16:54.553`) -* [CVE-2024-27993](CVE-2024/CVE-2024-279xx/CVE-2024-27993.json) (`2024-03-21T15:16:53.697`) -* [CVE-2024-27994](CVE-2024/CVE-2024-279xx/CVE-2024-27994.json) (`2024-03-21T15:16:53.950`) -* [CVE-2024-27995](CVE-2024/CVE-2024-279xx/CVE-2024-27995.json) (`2024-03-21T15:16:54.133`) -* [CVE-2024-29243](CVE-2024/CVE-2024-292xx/CVE-2024-29243.json) (`2024-03-21T15:16:54.320`) -* [CVE-2024-29244](CVE-2024/CVE-2024-292xx/CVE-2024-29244.json) (`2024-03-21T15:16:54.377`) +* [CVE-2022-44595](CVE-2022/CVE-2022-445xx/CVE-2022-44595.json) (`2024-03-21T17:15:07.600`) +* [CVE-2023-49837](CVE-2023/CVE-2023-498xx/CVE-2023-49837.json) (`2024-03-21T17:15:07.917`) +* [CVE-2024-2578](CVE-2024/CVE-2024-25xx/CVE-2024-2578.json) (`2024-03-21T17:15:09.960`) +* [CVE-2024-2579](CVE-2024/CVE-2024-25xx/CVE-2024-2579.json) (`2024-03-21T17:15:10.150`) +* [CVE-2024-2580](CVE-2024/CVE-2024-25xx/CVE-2024-2580.json) (`2024-03-21T17:15:10.357`) +* [CVE-2024-27190](CVE-2024/CVE-2024-271xx/CVE-2024-27190.json) (`2024-03-21T17:15:08.010`) +* [CVE-2024-27277](CVE-2024/CVE-2024-272xx/CVE-2024-27277.json) (`2024-03-21T17:15:08.230`) +* [CVE-2024-27956](CVE-2024/CVE-2024-279xx/CVE-2024-27956.json) (`2024-03-21T17:15:08.437`) +* [CVE-2024-27962](CVE-2024/CVE-2024-279xx/CVE-2024-27962.json) (`2024-03-21T17:15:08.637`) +* [CVE-2024-27963](CVE-2024/CVE-2024-279xx/CVE-2024-27963.json) (`2024-03-21T17:15:08.850`) +* [CVE-2024-27964](CVE-2024/CVE-2024-279xx/CVE-2024-27964.json) (`2024-03-21T17:15:09.060`) +* [CVE-2024-27965](CVE-2024/CVE-2024-279xx/CVE-2024-27965.json) (`2024-03-21T17:15:09.277`) +* [CVE-2024-27968](CVE-2024/CVE-2024-279xx/CVE-2024-27968.json) (`2024-03-21T17:15:09.487`) +* [CVE-2024-29180](CVE-2024/CVE-2024-291xx/CVE-2024-29180.json) (`2024-03-21T17:15:09.690`) +* [CVE-2024-29916](CVE-2024/CVE-2024-299xx/CVE-2024-29916.json) (`2024-03-21T17:15:09.897`) ### CVEs modified in the last Commit -Recently modified CVEs: `15` +Recently modified CVEs: `0` -* [CVE-2024-1394](CVE-2024/CVE-2024-13xx/CVE-2024-1394.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-2494](CVE-2024/CVE-2024-24xx/CVE-2024-2494.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-28834](CVE-2024/CVE-2024-288xx/CVE-2024-28834.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29866](CVE-2024/CVE-2024-298xx/CVE-2024-29866.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29870](CVE-2024/CVE-2024-298xx/CVE-2024-29870.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29871](CVE-2024/CVE-2024-298xx/CVE-2024-29871.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29872](CVE-2024/CVE-2024-298xx/CVE-2024-29872.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29873](CVE-2024/CVE-2024-298xx/CVE-2024-29873.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29874](CVE-2024/CVE-2024-298xx/CVE-2024-29874.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29875](CVE-2024/CVE-2024-298xx/CVE-2024-29875.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29876](CVE-2024/CVE-2024-298xx/CVE-2024-29876.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29877](CVE-2024/CVE-2024-298xx/CVE-2024-29877.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29878](CVE-2024/CVE-2024-298xx/CVE-2024-29878.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29879](CVE-2024/CVE-2024-298xx/CVE-2024-29879.json) (`2024-03-21T15:24:35.093`) -* [CVE-2024-29880](CVE-2024/CVE-2024-298xx/CVE-2024-29880.json) (`2024-03-21T15:24:35.093`) ## Download and Usage diff --git a/_state.csv b/_state.csv index d6f6e2284a1..2655539ed3e 100644 --- a/_state.csv +++ b/_state.csv @@ -208693,6 +208693,7 @@ CVE-2022-4459,0,0,841d23cd2517ff134527c70acbac864bd1798efca5741cdb40fc1b914c6b61 CVE-2022-44590,0,0,34e1f96684be246af4d115d74d6ad86d1677f25db158e219a386c9a7b2c1f0fd,2022-11-10T19:23:14.800000 CVE-2022-44591,0,0,8de73acec656de193157bdf7e48ae245affcf919e7ad24e4c08dfb89e483fd5f,2022-11-18T19:28:56.420000 CVE-2022-44594,0,0,b7dc479f0e8562d2f1e10e9b8c859c387aa51f72d918e1c729d08c2404508fbd,2023-04-28T03:44:57.940000 +CVE-2022-44595,1,1,09b5f369e30c5041fd5979f684fca6aa6537f237f831fa4aa47a58da72638ba4,2024-03-21T17:15:07.600000 CVE-2022-4460,0,0,549234db110e5b693f52fad78d6358b8e08ccb9d9c9d7ca9e6118d72a7d6c30e,2023-11-07T03:57:52.710000 CVE-2022-44606,0,0,dd9357b8301dbd8c44e690a2844baf8bea2bcc5c8cc5dc8addb6ac09082694a0,2022-12-09T21:18:22.850000 CVE-2022-44608,0,0,f6323b139a76646c7c7a6763944abd4b79185adca516d6c4f40e939231a6cbf5,2022-12-09T00:49:39.090000 @@ -233215,7 +233216,7 @@ CVE-2023-47705,0,0,e3d4b068cec26511f3145778a695a8a2080173336ca900c2cb1d02fe4260e CVE-2023-47706,0,0,0cfaecc187d4236dd38d13dc0e25752f35e7adc63caac950330b0f64c0b0d36d,2023-12-22T10:11:40.633000 CVE-2023-47707,0,0,c0b40bcf5eaa712d14fa41e4477281db7d00ecb46e35f8e08b13ff46eeb7db79,2023-12-22T10:00:51.667000 CVE-2023-4771,0,0,d0a9b68633cdbf963bbdd2b3878793c4ef1f150510595f6b4aa4f9d063a414b2,2023-11-28T19:09:05.517000 -CVE-2023-47715,1,1,0c6694596606d941ea5afe5ea7b27770e5a0d9728d61ef06d70df0e6fcec99f2,2024-03-21T15:24:35.093000 +CVE-2023-47715,0,0,0c6694596606d941ea5afe5ea7b27770e5a0d9728d61ef06d70df0e6fcec99f2,2024-03-21T15:24:35.093000 CVE-2023-47716,0,0,62bb7b17d2839b029f6ac267e0b09b92e0e697ce278d1faccc537c28ae26ec06,2024-03-01T14:04:26.010000 CVE-2023-47718,0,0,c741441681738efc3979d67da4409868f353d29cc92314f5037f92d0809304bd,2024-01-24T21:23:15.540000 CVE-2023-4772,0,0,cfd718e5f5f861c90ad1b1b61b69dbfa920c9351e02c2667625b5fa349288ce0,2023-11-07T04:22:57.827000 @@ -234616,6 +234617,7 @@ CVE-2023-49830,0,0,95c8e8a920bc6a550dd8fced96adfc49615ef3b8f6aec68dfdcf2d26ab1f8 CVE-2023-49833,0,0,75834fff665b59f3c4fb0b4b03558d32fc91b3efab25cbdeefafb0192b012059,2023-12-18T19:14:15.050000 CVE-2023-49834,0,0,f01e2730dc0b95d1b7f32c812dba24237147f33301308210a31bf1cc47cc7d0b,2023-12-20T04:26:25.007000 CVE-2023-49836,0,0,d1eaaf088ac1e6696c52a64c2e3dbfdfe00102afdcfa4bf3951b57aa3483333c,2023-12-18T18:19:51.903000 +CVE-2023-49837,1,1,62913893571245a46489800f1ba9f47dd069a099b1d9789daeaf013eabdd5c7c,2024-03-21T17:15:07.917000 CVE-2023-4984,0,0,b568e92dbfdfa933d741a561994c5a187fe494f7ce09795a2b3a70d20f02c757,2024-03-21T02:49:56.543000 CVE-2023-49840,0,0,3007b22f6bc63fefba1a05b48a48deee17ae057500c4d492f77e27d9c865a34d,2023-12-20T04:28:39.197000 CVE-2023-49841,0,0,ad3a17229bd01d0c2bf491b86a58b899c006843c79bea01aae5bd3ff930dd743,2023-12-18T19:03:16.533000 @@ -238775,7 +238777,7 @@ CVE-2024-1390,0,0,760bcdaac2db269a3249aaa20e58e1659b2977bdb995748ef5e46a1ecb8544 CVE-2024-1391,0,0,d263861df201411e95604a0f8dea4a32aa5aa465f14e9d3ee26c7cf1dddcea30,2024-03-13T18:15:58.530000 CVE-2024-1392,0,0,854e6aa0a85eb7f6e01984f9f2b39f09c3e464c67a90f670cafc735773e56736,2024-03-13T18:15:58.530000 CVE-2024-1393,0,0,139d32a27df25f29abc2bcda3159db69b338e05c68d7680abed80afd815e8ff5,2024-03-13T18:15:58.530000 -CVE-2024-1394,0,1,294b053d2ffc51433a2d64e8d98c3ac8a415fb04eaae593428f7a34b72b8edc5,2024-03-21T15:24:35.093000 +CVE-2024-1394,0,0,294b053d2ffc51433a2d64e8d98c3ac8a415fb04eaae593428f7a34b72b8edc5,2024-03-21T15:24:35.093000 CVE-2024-1397,0,0,e6d8c9c2beca75d3fdc5f918cb423cf21913a9c807f46126d5b49c29c7bd60f0,2024-03-13T12:33:51.697000 CVE-2024-1398,0,0,7a7783e481aa897afa83bd125da0d53c431d5a5a9d43f1ade8b1e715449f59a0,2024-03-04T13:58:23.447000 CVE-2024-1400,0,0,295a10f36c3e13d694d09cafc6872c0c48f9e2b4c87da0889327ecdac7abe4ac,2024-03-12T12:40:13.500000 @@ -240883,9 +240885,9 @@ CVE-2024-24593,0,0,155720893bd9aa302467d506c561d7f3174f3ae580a95d8dad9c1ee6fc9e6 CVE-2024-24594,0,0,2d1d6ef3edb6eea27d760a77187cf0f21d8b0e3aa5e2b1e9eb45515b37617cb4,2024-02-15T16:47:17.213000 CVE-2024-24595,0,0,53aa45116d4573f7c0b646b17e4787137c5ab03b6e722457f3ddd917489c99e4,2024-02-13T14:08:55.650000 CVE-2024-2460,0,0,ae8df8f819284d0f0ea1a2589261357f393234fec195be42118065d37d02123d,2024-03-20T13:00:16.367000 -CVE-2024-2463,1,1,d32eed22bf8a5fcf19609631d56de6b5b6d90eae3a6bf9f710f87e5bdc1555f5,2024-03-21T15:24:35.093000 -CVE-2024-2464,1,1,56f44447e0d256990841443a68df981cd7582a3850793a83bd5ba95f65e47e1c,2024-03-21T15:24:35.093000 -CVE-2024-2465,1,1,2a77d33e3025e3f4f2328d9cfb33df2ea3c6a07d249ae9c526b18aebbde46668,2024-03-21T15:24:35.093000 +CVE-2024-2463,0,0,d32eed22bf8a5fcf19609631d56de6b5b6d90eae3a6bf9f710f87e5bdc1555f5,2024-03-21T15:24:35.093000 +CVE-2024-2464,0,0,56f44447e0d256990841443a68df981cd7582a3850793a83bd5ba95f65e47e1c,2024-03-21T15:24:35.093000 +CVE-2024-2465,0,0,2a77d33e3025e3f4f2328d9cfb33df2ea3c6a07d249ae9c526b18aebbde46668,2024-03-21T15:24:35.093000 CVE-2024-24680,0,0,00c6b06cbd399fac9a1cb69a45fdeee991ea9572aae73c195704c3555b436eb7,2024-02-15T18:46:48.693000 CVE-2024-24681,0,0,705110c1a0575ef95794934b23101ccc4a6f384f7c61c4db9f4dbf9a8c528dd4,2024-02-26T13:42:22.567000 CVE-2024-24683,0,0,5dcfcb131b936f6ead6cae5418b28b2fe1bb1011c1c921fe73c5d9bd261bf34a,2024-03-19T13:26:46 @@ -241061,7 +241063,7 @@ CVE-2024-24936,0,0,b40cba45486310464826445db58797cda9708090ef629993d6b65c1322a94 CVE-2024-24937,0,0,c158a1376665515fcdd077ebbbc61196266e17dfca3642cdd3f2b284922e7576,2024-02-09T01:05:30.783000 CVE-2024-24938,0,0,919f0844348072e68674027ea0a3644c0c8fc392a786b352b8f3abde920f1f60,2024-02-09T01:05:13.527000 CVE-2024-24939,0,0,b2b5d03f9e7db36f290b4e039454a0e87440b3b4044776d74739544bb234180a,2024-02-09T01:04:16.577000 -CVE-2024-2494,0,1,84ede45321bf48443a2c564f3d4c5fb0def59051719248e3d2f74255b0f14448,2024-03-21T15:24:35.093000 +CVE-2024-2494,0,0,84ede45321bf48443a2c564f3d4c5fb0def59051719248e3d2f74255b0f14448,2024-03-21T15:24:35.093000 CVE-2024-24940,0,0,3b807f9711835fcb1381b61d94808660dccf6fdaaa44b568b18928314f306783,2024-02-07T23:45:31.493000 CVE-2024-24941,0,0,3ce7539cc2c00ca21eaf8843bb8dfa494f8daac6c677d25fe85a072b680aec63,2024-02-09T01:05:05.250000 CVE-2024-24942,0,0,98967e5f253d2f0e2d6c9adde01d5feb324664bac3fce3b7b875de585c5550eb,2024-02-09T01:03:13.453000 @@ -241404,6 +241406,9 @@ CVE-2024-25767,0,0,5e5d85efb5a949e2d407dc5470a1026f931741e6d3d19a638a7a6f425b54d CVE-2024-25768,0,0,80ced9e42f994d6a00a0057cb00581829176f61a4dfa1e97abbae3afb8561c8a,2024-02-26T22:10:40.463000 CVE-2024-2577,0,0,c843620e43b4656c06ef8ee9254a21713fc5cfa1bda4a16ceabcb16830382f60,2024-03-21T02:52:39.510000 CVE-2024-25770,0,0,d105bd95abb6afbf92cef5c1765f81d4416c38d2a6067fe6216eb1ee17388748,2024-02-26T22:10:40.463000 +CVE-2024-2578,1,1,5fb7a6ff438d59dec3fa95e3e0691e9b82eb399464e626c191faeebf2e14002b,2024-03-21T17:15:09.960000 +CVE-2024-2579,1,1,34db16e32c53928e8f66e886a8a5a35582a050b7263fd19c5439041e8f97e239,2024-03-21T17:15:10.150000 +CVE-2024-2580,1,1,9619a5906517ac4b75a00fb98804d3bf72ad790c19614edcb13cd58567dc2cf9,2024-03-21T17:15:10.357000 CVE-2024-25801,0,0,86d0a2f88d637a38d728e68507deae5ad1ee66b74383784e4b403b33b5149a86,2024-02-22T19:07:27.197000 CVE-2024-25802,0,0,cb029cdbf03ee0051152f36415381bb55ee304fcb50819490e22f017c52403c6,2024-02-22T19:07:27.197000 CVE-2024-2581,0,0,6eca5564f5891085eb56e7f4cce8a941d50b5c5d945724a4654e0a645ab887e7,2024-03-21T02:52:39.600000 @@ -241866,6 +241871,7 @@ CVE-2024-2717,0,0,60956d204776e8fc2f79250d188a534a8f231639d58b0eebc608181972adc9 CVE-2024-2718,0,0,69219abfd430b6a0a0008d330dbe89494263528e572419109c92a9fc419b6f63,2024-03-21T12:58:51.093000 CVE-2024-27189,0,0,515e61fa1831b3fd92525b0004dfafde618646c72fb29e4527e0a2fb9466806f,2024-03-15T16:26:49.320000 CVE-2024-2719,0,0,a4ab17264d9d4de02148162ae470cd2b2fdd972306f561edebd77c0e41dd9d7a,2024-03-21T12:58:51.093000 +CVE-2024-27190,1,1,c0ec98950a3c95237b99d183acabce2dcd6ae1cadac3030b7377fcab423a5787,2024-03-21T17:15:08.010000 CVE-2024-27192,0,0,0ff7a489a9c185cda73564233ae30b76c3279bb0d352bc83dbf6b8e10c6212e5,2024-03-15T16:26:49.320000 CVE-2024-27193,0,0,1a2f1126258ed9b0f5281770f95fad5056f0f1e4993150f3d871f6ef458a3533,2024-03-15T16:26:49.320000 CVE-2024-27194,0,0,b8200fea2f0a79d9b8f1fbf40aca3e6d111a7a732357978a250e1964deaa7251,2024-03-17T22:38:29.433000 @@ -241908,6 +241914,7 @@ CVE-2024-27237,0,0,952387726c7567ea2371af0e500cab297b027867a108431eaa82a39745a31 CVE-2024-27255,0,0,07d4523d50b3b6ceec1ed85c31e8859376bfd63a9732f2f4d2cf6e5b4c34b76b,2024-03-04T13:58:23.447000 CVE-2024-27265,0,0,caf2cbef481f9d0206d06f75a38ca052c5291ba0582e91875cea8f52e6d86a34,2024-03-19T16:52:02.767000 CVE-2024-27266,0,0,f3ab0f27c5fbbc81843b4329fa53134d5b91174cad9bacbbc5dbf01cfacc3864,2024-03-19T16:52:35.400000 +CVE-2024-27277,1,1,2893029a36e14e5ab3184a9454057ceb5ab630c8cf9f2be73af6f80c2c96beb9,2024-03-21T17:15:08.230000 CVE-2024-27278,0,0,2ef9546b6eb3a76ad70be700186038d995dd630654759ed72b9b3d10968f6d39,2024-03-06T15:18:08.093000 CVE-2024-27279,0,0,a0a465925dfcee0f633443a4d3db070f2bf023c10d4135b020d1a0fbe76c5a4b,2024-03-12T12:40:13.500000 CVE-2024-27283,0,0,d0d6cc69e38ce7977029c4d3a011dff4f743808fa73bec6f0327124024522ffa,2024-02-22T19:07:27.197000 @@ -242049,17 +242056,23 @@ CVE-2024-27949,0,0,12ee9b935394b527d1677a59b517c94d0df067a0b32bfff31d7cb2be5b4b5 CVE-2024-27950,0,0,56d632dad56c45d949d3327de16e5b70b08683cea8ce7876ca8c59cc37ee8062,2024-03-01T14:04:04.827000 CVE-2024-27952,0,0,184c933cd3d4f7d9f291de87daadba6c6d2dcb57a0cab449b4798a27658d2d98,2024-03-13T18:15:58.530000 CVE-2024-27953,0,0,9606a5ea342585cc8ea605f674c63e8d870327e37e1ba285dba38be6126632a2,2024-03-13T18:15:58.530000 +CVE-2024-27956,1,1,66736e6e1f13442348a9d13aa6cfaa4a2498e3146af1c03a16111d845446d69b,2024-03-21T17:15:08.437000 CVE-2024-27957,0,0,5098f1a90cb829431de95b5de6e60aa2ea5ee4aedd8c9f7d7d4297d6dc37ff37,2024-03-17T22:38:29.433000 CVE-2024-27958,0,0,2ee086fb447798c561fd1c831c754d734514f619f6ebb04cf96679cb78dfef40,2024-03-17T22:38:29.433000 CVE-2024-27959,0,0,e2d4c3e5066dc506643038067fab6e9f26070ced2f7f327a18ffcd82b243c593,2024-03-17T22:38:29.433000 CVE-2024-27960,0,0,6ff911c5617586aebae672070284633e223cb5b14cbbc3b1801f17c292900f46,2024-03-17T22:38:29.433000 CVE-2024-27961,0,0,3162bfbc67900a83a9b4114dba265e7189f0bad8c0ddf2d85f6724674d13510a,2024-03-17T22:38:29.433000 +CVE-2024-27962,1,1,7a8e9f7f1bf2c5e021e039a30a7f35c08db002c7dd09f57dc2677205586d1178,2024-03-21T17:15:08.637000 +CVE-2024-27963,1,1,48168dc4b5b237659851f8dbd76235a3409a0946b5c51543657605f6aa2c6940,2024-03-21T17:15:08.850000 +CVE-2024-27964,1,1,035a89dc336730735b9b0b4b76282144341f56bb37d97a7914c6d26fa2472aa0,2024-03-21T17:15:09.060000 +CVE-2024-27965,1,1,8ec84e693e8c40e9a1f30f2f6bcba3ae6ddff6f90f1b3547c641f3f44eb39aac,2024-03-21T17:15:09.277000 +CVE-2024-27968,1,1,6a5aa5d883cb61fd2a08f978d66dacf333b85ba305e93e277b14fb83383a38c4,2024-03-21T17:15:09.487000 CVE-2024-27974,0,0,c5d12161a6a294fb4d33a068888d07d2dec693f9073d8d47f06182bf4fe2779a,2024-03-18T12:38:25.490000 CVE-2024-27986,0,0,221ac31a72264e8303bc0dc716d0bcad27f92aa2e3b64824247f9d02601983b8,2024-03-14T12:52:09.877000 CVE-2024-27987,0,0,ce6fd0b1730cd837f285c0aaaa1258cf6aa8505469e7f313401adb363ee7f395,2024-03-15T12:53:06.423000 -CVE-2024-27993,1,1,b4c5383b47399ec74c3480cf4f572eb4d9bdde4b0737cbc8bf7ed8cbe49e4ed8,2024-03-21T15:24:35.093000 -CVE-2024-27994,1,1,e85e7bc4f691478aca76ee076ff4f9f23d2d33165eac31a30e8922db5bb9bf99,2024-03-21T15:24:35.093000 -CVE-2024-27995,1,1,31db9c3046ef3b6826fd04aab15586376d26e0b529bdf84ce7eba17bac569f0a,2024-03-21T15:24:35.093000 +CVE-2024-27993,0,0,b4c5383b47399ec74c3480cf4f572eb4d9bdde4b0737cbc8bf7ed8cbe49e4ed8,2024-03-21T15:24:35.093000 +CVE-2024-27994,0,0,e85e7bc4f691478aca76ee076ff4f9f23d2d33165eac31a30e8922db5bb9bf99,2024-03-21T15:24:35.093000 +CVE-2024-27995,0,0,31db9c3046ef3b6826fd04aab15586376d26e0b529bdf84ce7eba17bac569f0a,2024-03-21T15:24:35.093000 CVE-2024-27996,0,0,79cff30308b011c07df476cb18acc5ff1830e7bf17b14d1ca5a0d9446fa716b8,2024-03-20T13:00:16.367000 CVE-2024-27997,0,0,b42c7cf4751e4a11a6e5eeb90c0df264fce89958ee556b8b06894cd2e68b11ce,2024-03-20T13:00:16.367000 CVE-2024-27998,0,0,325b1a8419d02931fcb08c1286afe5c33e53c5bf8527e201a365155e360914cf,2024-03-20T13:00:16.367000 @@ -242246,7 +242259,7 @@ CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3 CVE-2024-28757,0,0,83cb6aefc1d6f4ccc5441198cdfc19ec27b4e109d2bc2864c936baa137f8e197,2024-03-19T03:15:06.893000 CVE-2024-28816,0,0,4b9f923b99f4095b32672af0003c81bae1f3b3136774827600fae7accfedcfe3,2024-03-11T12:47:42.653000 CVE-2024-28823,0,0,d5aa89b5cdac6c3847ac374cba2a65b191e57c43dc618aabb1da571ab5b5e9dc,2024-03-11T12:47:42.653000 -CVE-2024-28834,0,1,841718fd8fddff124f231102263dad7d394e02b19e9697b20d411d85f567df2c,2024-03-21T15:24:35.093000 +CVE-2024-28834,0,0,841718fd8fddff124f231102263dad7d394e02b19e9697b20d411d85f567df2c,2024-03-21T15:24:35.093000 CVE-2024-28835,0,0,807354fa6b4609be92d801df299988ca81259642594a0e94cba8cafe4de90346,2024-03-21T12:58:51.093000 CVE-2024-28847,0,0,77ca7298b6799783b77992e414cebfaaf69a1bd2c05124cbdf6b914d3e0bb310,2024-03-17T22:38:29.433000 CVE-2024-28848,0,0,f738fe56a5bc4cdb728fabdb4b9cb52618afbf9827db3dbc12ec3f1fb91169bf,2024-03-21T02:52:25.197000 @@ -242320,8 +242333,9 @@ CVE-2024-29143,0,0,a3f92e2c9ae6aaf4168f841be16c13a544cace199faa049656661980aa53e CVE-2024-29151,0,0,ef852a662e1eaee7e15d971ee7451f2c3e954b3d808a30cb9a36bbe68bb24c8f,2024-03-18T12:38:25.490000 CVE-2024-29154,0,0,dab131c9ff393e828252009730d8617a5e1a4fb5cfb7f2db054056bc6f27c2ba,2024-03-18T12:38:25.490000 CVE-2024-29156,0,0,98cbc37d07cb77607ab83580cc50ba5a01141613b7a3bb770966a3d6831e2326,2024-03-18T12:38:25.490000 -CVE-2024-29243,1,1,80b3eab65af2d9fbeb7b6048e074697688a19de63e1138c377d0b826523dd7db,2024-03-21T15:24:35.093000 -CVE-2024-29244,1,1,ab4dadc4ff7b45a2c285edb922de956bae0828f007627c62339f15145e95a7b7,2024-03-21T15:24:35.093000 +CVE-2024-29180,1,1,9b826c84b71b0bb4e6d83bccac4cac9e366568fb0ec59defe9778c2d6dfb3214,2024-03-21T17:15:09.690000 +CVE-2024-29243,0,0,80b3eab65af2d9fbeb7b6048e074697688a19de63e1138c377d0b826523dd7db,2024-03-21T15:24:35.093000 +CVE-2024-29244,0,0,ab4dadc4ff7b45a2c285edb922de956bae0828f007627c62339f15145e95a7b7,2024-03-21T15:24:35.093000 CVE-2024-29419,0,0,1f113c646466febbefbd1317ecc5036f9bdf6e219db156971cfdda70e05f32f0,2024-03-20T17:18:21.343000 CVE-2024-29469,0,0,acf93e04574e9669a29498319a75720c9b5a03ff4de2c06070b1f52ac9f365b7,2024-03-21T12:58:51.093000 CVE-2024-29470,0,0,ec8cc83a60b9ef7edaa49e0605acc097203825f31a2e1ca35494b606ac2473df,2024-03-21T12:58:51.093000 @@ -242334,15 +242348,16 @@ CVE-2024-29858,0,0,585719d860c91771e96e52d882eed744121f21e899f727afe6b381f4ffbb3 CVE-2024-29859,0,0,6ebff5730a73f542ffebf0a56f74146bb69314ac3f95118519ec4b678666f245,2024-03-21T12:58:51.093000 CVE-2024-29862,0,0,78f62d6320f790cb50cb5767943bbca91d7f9763b83315a1495201af3fd41026,2024-03-21T12:58:51.093000 CVE-2024-29864,0,0,3c9560ffae0fa16acac4cf8327bf4ae3182996a8c684b25430908ed832b73c71,2024-03-21T12:58:51.093000 -CVE-2024-29866,0,1,d3474a4cb7339082dcfbd889d056a2a906f051d7c933d6576013f44ee70632b2,2024-03-21T15:24:35.093000 -CVE-2024-29870,0,1,04eec461d26d3928388aa1ebeda7f3889d70d7fb805b862b11fc37cdb9c73805,2024-03-21T15:24:35.093000 -CVE-2024-29871,0,1,e7b820291fe87f3c68126b9e66a3cb2071635a1781039b23d1340b3ec50d7104,2024-03-21T15:24:35.093000 -CVE-2024-29872,0,1,2ed0e31c2aeb7a79b11a328bd37ec6ac592cb7ae8ad49b21b1fd6587d921da01,2024-03-21T15:24:35.093000 -CVE-2024-29873,0,1,4c88c2b5d7ca113616f149d7c91b297271846cd8b9ee3b6472184ffa855db09d,2024-03-21T15:24:35.093000 -CVE-2024-29874,0,1,5f5afb1bffc520634cc09fd8c228b7ee62224828af0f713d405da9c49edc2676,2024-03-21T15:24:35.093000 -CVE-2024-29875,0,1,36d66cc7949cb01f56ec16bc1f171847efe7ceac006d82066a5f62664aaf8bbb,2024-03-21T15:24:35.093000 -CVE-2024-29876,0,1,81e9b92db68fe1869c86668a1e00f2a9ff624f59839df1fbe18d8e987774c206,2024-03-21T15:24:35.093000 -CVE-2024-29877,0,1,5b6a7271e346dceec62c9141f9ae12b0e5342a31cc26366c653fe20c26c8bc21,2024-03-21T15:24:35.093000 -CVE-2024-29878,0,1,59bd69937e12e8238cdc5eae96014d85a453bedc37861446ca2ffcb7373dda8d,2024-03-21T15:24:35.093000 -CVE-2024-29879,0,1,f281e5565c18f62981e30c243c39ad05583d9bbab1631a620c93b3c78846e1db,2024-03-21T15:24:35.093000 -CVE-2024-29880,0,1,e4ba47a3336aba44b26bc2b767c682c9997cfe6f0e16a9457e7fe50a3abeaa1c,2024-03-21T15:24:35.093000 +CVE-2024-29866,0,0,d3474a4cb7339082dcfbd889d056a2a906f051d7c933d6576013f44ee70632b2,2024-03-21T15:24:35.093000 +CVE-2024-29870,0,0,04eec461d26d3928388aa1ebeda7f3889d70d7fb805b862b11fc37cdb9c73805,2024-03-21T15:24:35.093000 +CVE-2024-29871,0,0,e7b820291fe87f3c68126b9e66a3cb2071635a1781039b23d1340b3ec50d7104,2024-03-21T15:24:35.093000 +CVE-2024-29872,0,0,2ed0e31c2aeb7a79b11a328bd37ec6ac592cb7ae8ad49b21b1fd6587d921da01,2024-03-21T15:24:35.093000 +CVE-2024-29873,0,0,4c88c2b5d7ca113616f149d7c91b297271846cd8b9ee3b6472184ffa855db09d,2024-03-21T15:24:35.093000 +CVE-2024-29874,0,0,5f5afb1bffc520634cc09fd8c228b7ee62224828af0f713d405da9c49edc2676,2024-03-21T15:24:35.093000 +CVE-2024-29875,0,0,36d66cc7949cb01f56ec16bc1f171847efe7ceac006d82066a5f62664aaf8bbb,2024-03-21T15:24:35.093000 +CVE-2024-29876,0,0,81e9b92db68fe1869c86668a1e00f2a9ff624f59839df1fbe18d8e987774c206,2024-03-21T15:24:35.093000 +CVE-2024-29877,0,0,5b6a7271e346dceec62c9141f9ae12b0e5342a31cc26366c653fe20c26c8bc21,2024-03-21T15:24:35.093000 +CVE-2024-29878,0,0,59bd69937e12e8238cdc5eae96014d85a453bedc37861446ca2ffcb7373dda8d,2024-03-21T15:24:35.093000 +CVE-2024-29879,0,0,f281e5565c18f62981e30c243c39ad05583d9bbab1631a620c93b3c78846e1db,2024-03-21T15:24:35.093000 +CVE-2024-29880,0,0,e4ba47a3336aba44b26bc2b767c682c9997cfe6f0e16a9457e7fe50a3abeaa1c,2024-03-21T15:24:35.093000 +CVE-2024-29916,1,1,c593638d593f32d48054769da500835bee87049ab2a9e191e4f3cba11e171290,2024-03-21T17:15:09.897000