From b82bb4baaf94ef0cc0c12fdc9a526430513094c7 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 21 May 2024 12:03:44 +0000 Subject: [PATCH] Auto-Update: 2024-05-21T12:00:52.817100+00:00 --- CVE-2023/CVE-2023-39xx/CVE-2023-3938.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-39xx/CVE-2023-3939.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-39xx/CVE-2023-3940.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-39xx/CVE-2023-3941.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-475xx/CVE-2023-47537.json | 6 +- CVE-2024/CVE-2024-43xx/CVE-2024-4361.json | 51 +++++++++++++++ CVE-2024/CVE-2024-44xx/CVE-2024-4435.json | 63 ++++++++++++++++++ CVE-2024/CVE-2024-45xx/CVE-2024-4553.json | 51 +++++++++++++++ CVE-2024/CVE-2024-46xx/CVE-2024-4619.json | 51 +++++++++++++++ CVE-2024/CVE-2024-46xx/CVE-2024-4695.json | 71 +++++++++++++++++++++ CVE-2024/CVE-2024-47xx/CVE-2024-4700.json | 55 ++++++++++++++++ CVE-2024/CVE-2024-48xx/CVE-2024-4876.json | 51 +++++++++++++++ CVE-2024/CVE-2024-49xx/CVE-2024-4988.json | 24 +++++++ README.md | 26 +++++--- _state.csv | 20 ++++-- 15 files changed, 674 insertions(+), 15 deletions(-) create mode 100644 CVE-2023/CVE-2023-39xx/CVE-2023-3938.json create mode 100644 CVE-2023/CVE-2023-39xx/CVE-2023-3939.json create mode 100644 CVE-2023/CVE-2023-39xx/CVE-2023-3940.json create mode 100644 CVE-2023/CVE-2023-39xx/CVE-2023-3941.json create mode 100644 CVE-2024/CVE-2024-43xx/CVE-2024-4361.json create mode 100644 CVE-2024/CVE-2024-44xx/CVE-2024-4435.json create mode 100644 CVE-2024/CVE-2024-45xx/CVE-2024-4553.json create mode 100644 CVE-2024/CVE-2024-46xx/CVE-2024-4619.json create mode 100644 CVE-2024/CVE-2024-46xx/CVE-2024-4695.json create mode 100644 CVE-2024/CVE-2024-47xx/CVE-2024-4700.json create mode 100644 CVE-2024/CVE-2024-48xx/CVE-2024-4876.json create mode 100644 CVE-2024/CVE-2024-49xx/CVE-2024-4988.json diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3938.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3938.json new file mode 100644 index 00000000000..47b634226b9 --- /dev/null +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3938.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3938", + "sourceIdentifier": "vulnerability@kaspersky.com", + "published": "2024-05-21T10:15:08.730", + "lastModified": "2024-05-21T11:15:08.590", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL\n Injection') vulnerability in ZkTeco-based OEM devices allows an \nattacker \n to authenticate under any user from the device database.\n\nThis issue affects\u00a0\n\n\nZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec \nST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 \nand possibly others." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/klsecservices/Advisories/blob/master/K-ZkTeco-2023-001.md", + "source": "vulnerability@kaspersky.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3939.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3939.json new file mode 100644 index 00000000000..0f7d5cdf833 --- /dev/null +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3939.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3939", + "sourceIdentifier": "vulnerability@kaspersky.com", + "published": "2024-05-21T10:15:09.683", + "lastModified": "2024-05-21T11:15:08.690", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an OS Command ('OS \nCommand Injection') vulnerability in ZkTeco-based OEM devices allows OS \nCommand Injection. \nSince all the found command implementations are executed from the \nsuperuser, their impact is the maximum possible.\nThis issue affects \nZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec \nST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 \nand possibly other." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/klsecservices/Advisories/blob/master/K-ZkTeco-2023-002.md", + "source": "vulnerability@kaspersky.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3940.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3940.json new file mode 100644 index 00000000000..47e7fd6f766 --- /dev/null +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3940.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3940", + "sourceIdentifier": "vulnerability@kaspersky.com", + "published": "2024-05-21T11:15:08.780", + "lastModified": "2024-05-21T11:15:08.780", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker \nto access any file on the system.\n\n\nThis issue affects \nZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec \nST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 \nand possibly others." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-23" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/klsecservices/Advisories/blob/master/K-ZkTeco-2023-003.md", + "source": "vulnerability@kaspersky.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3941.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3941.json new file mode 100644 index 00000000000..6965d63e2a0 --- /dev/null +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3941.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3941", + "sourceIdentifier": "vulnerability@kaspersky.com", + "published": "2024-05-21T11:15:09.000", + "lastModified": "2024-05-21T11:15:09.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker \n\nto write any file on the system with root privileges.\n\n\nThis issue affects \nZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec \nST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 \nand possibly others." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "vulnerability@kaspersky.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-23" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/klsecservices/Advisories/blob/master/K-ZkTeco-2023-003.md", + "source": "vulnerability@kaspersky.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47537.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47537.json index d3beee739e3..08ca713ab8b 100644 --- a/CVE-2023/CVE-2023-475xx/CVE-2023-47537.json +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47537.json @@ -2,12 +2,12 @@ "id": "CVE-2023-47537", "sourceIdentifier": "psirt@fortinet.com", "published": "2024-02-15T14:15:45.240", - "lastModified": "2024-02-22T15:26:01.937", - "vulnStatus": "Analyzed", + "lastModified": "2024-05-21T10:15:09.910", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6 and 7.4.0 - 7.4.1 allows a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the FortiLink communication channel between the FortiOS device and FortiSwitch." + "value": "An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, 7.4.0 - 7.4.1 and 6.4 all versions allows a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the FortiLink communication channel between the FortiOS device and FortiSwitch." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-43xx/CVE-2024-4361.json b/CVE-2024/CVE-2024-43xx/CVE-2024-4361.json new file mode 100644 index 00000000000..6b2deb68354 --- /dev/null +++ b/CVE-2024/CVE-2024-43xx/CVE-2024-4361.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-4361", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T11:15:09.210", + "lastModified": "2024-05-21T11:15:09.210", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siteorigin_widget' shortcode in all versions up to, and including, 2.29.15 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/siteorigin-panels/trunk/inc/widget-shortcode.php#L40", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3086025/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a97f72f6-86f7-45dc-908a-292ba735071d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4435.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4435.json new file mode 100644 index 00000000000..eff1f3c60fa --- /dev/null +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4435.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-4435", + "sourceIdentifier": "6b35d637-e00f-4228-858c-b20ad6e1d07b", + "published": "2024-05-21T10:15:10.393", + "lastModified": "2024-05-21T10:15:10.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "When storing unbounded types in a BTreeMap, a node is represented as a linked list of \"memory chunks\". It was discovered recently that when we deallocate a node, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain (incorrectly) allocated, causing a memory leak. In the worst case, depending on how a canister uses the BTreeMap, an adversary could interact with the canister through its API and trigger interactions with the map that keep consuming memory due to the memory leak. This could potentially lead to using an excessive amount of memory, or even running out of memory.\n\nThis issue has been fixed in #212 https://github.com/dfinity/stable-structures/pull/212 \u00a0by changing the logic for deallocating nodes to ensure that all of a node's memory chunks are deallocated and users are asked to upgrade to version 0.6.4.. Tests have been added to prevent regressions of this nature moving forward. Note:\u00a0Users of stable-structure < 0.6.0 are not affected.\n\nUsers who are not storing unbounded types in BTreeMap\u00a0are not affected and do not need to upgrade. Otherwise, an upgrade to version 0.6.4\u00a0is necessary." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "references": [ + { + "url": "https://docs.rs/ic-stable-structures/0.6.4/ic_stable_structures/", + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b" + }, + { + "url": "https://github.com/dfinity/stable-structures/pull/212", + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b" + }, + { + "url": "https://internetcomputer.org/docs/current/developer-docs/smart-contracts/maintain/storage#stable-memory", + "source": "6b35d637-e00f-4228-858c-b20ad6e1d07b" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-45xx/CVE-2024-4553.json b/CVE-2024/CVE-2024-45xx/CVE-2024-4553.json new file mode 100644 index 00000000000..dd6b519ce3a --- /dev/null +++ b/CVE-2024/CVE-2024-45xx/CVE-2024-4553.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-4553", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T10:15:10.623", + "lastModified": "2024-05-21T10:15:10.623", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_members' shortcode in all versions up to, and including, 7.1.5 due to insufficient input sanitization and output escaping on user supplied 'color' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.1.4/includes/shortcodes/members.php#L83", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3084162/#file524", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d8db8ed5-ebeb-4102-928f-fe417e429ad2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-46xx/CVE-2024-4619.json b/CVE-2024/CVE-2024-46xx/CVE-2024-4619.json new file mode 100644 index 00000000000..13d3818fbeb --- /dev/null +++ b/CVE-2024/CVE-2024-46xx/CVE-2024-4619.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-4619", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T11:15:09.397", + "lastModified": "2024-05-21T11:15:09.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Website Builder \u2013 More than Just a Page Builder plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the \u2018hover_animation\u2019 parameter in versions up to, and including, 3.21.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/elementor/trunk/includes/widgets/image-box.php#L696", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3089420", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7e1028e-e04b-46c4-b574-889d9fc1069d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-46xx/CVE-2024-4695.json b/CVE-2024/CVE-2024-46xx/CVE-2024-4695.json new file mode 100644 index 00000000000..dd4b983d019 --- /dev/null +++ b/CVE-2024/CVE-2024-46xx/CVE-2024-4695.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2024-4695", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T10:15:10.820", + "lastModified": "2024-05-21T10:15:10.820", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/move-addons/trunk/includes/widgets/data-table/widget.php#L836", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/move-addons/trunk/includes/widgets/event-calendar/widget.php#L932", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/move-addons/trunk/includes/widgets/mailchimp/widget.php#L728", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/move-addons/trunk/includes/widgets/shop-product-grid/widget.php#L1203", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/move-addons/trunk/includes/widgets/team-member/widget.php#L1464", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/move-addons/trunk/includes/widgets/user-login/widget.php#L1146", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3088859/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/72662a59-f41c-4df7-aa04-7243ff43c48d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-47xx/CVE-2024-4700.json b/CVE-2024/CVE-2024-47xx/CVE-2024-4700.json new file mode 100644 index 00000000000..4f931f6c073 --- /dev/null +++ b/CVE-2024/CVE-2024-47xx/CVE-2024-4700.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-4700", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T10:15:11.023", + "lastModified": "2024-05-21T10:15:11.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Table Builder \u2013 WordPress Table Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button element in all versions up to, and including, 1.4.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure WP Table Builder can be extended to contributors." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wp-table-builder/trunk/inc/admin/element-classes/elements/button-element.php#L343", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3088612/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/wp-table-builder/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd08ac-826f-40dd-804a-546b0c334b66?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-48xx/CVE-2024-4876.json b/CVE-2024/CVE-2024-48xx/CVE-2024-4876.json new file mode 100644 index 00000000000..99fbb5a45fb --- /dev/null +++ b/CVE-2024/CVE-2024-48xx/CVE-2024-4876.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-4876", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-05-21T11:15:09.587", + "lastModified": "2024-05-21T11:15:09.587", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018popover_header_text\u2019 parameter in versions up to, and including, 2.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/tags/2.5.0/includes/widgets/htmega_popover.php#L891", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3088899/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39e104fa-591a-41e8-af7e-f8b32a199170?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-49xx/CVE-2024-4988.json b/CVE-2024/CVE-2024-49xx/CVE-2024-4988.json new file mode 100644 index 00000000000..74bcd1b41bb --- /dev/null +++ b/CVE-2024/CVE-2024-49xx/CVE-2024-4988.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-4988", + "sourceIdentifier": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea", + "published": "2024-05-21T10:15:11.240", + "lastModified": "2024-05-21T10:15:11.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The mobile application (com.transsion.videocallenhancer) interface has improper permission control, which can lead to the risk of private file leakage." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.tecno.com/SRC/blogdetail/250?lang=en_US", + "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea" + }, + { + "url": "https://security.tecno.com/SRC/securityUpdates", + "source": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 3237941aa5e..abf66d26b39 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-05-21T10:01:14.137926+00:00 +2024-05-21T12:00:52.817100+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-05-21T09:15:09.103000+00:00 +2024-05-21T11:15:09.587000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -250894 +250906 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `12` -- [CVE-2024-3345](CVE-2024/CVE-2024-33xx/CVE-2024-3345.json) (`2024-05-21T09:15:08.533`) -- [CVE-2024-4566](CVE-2024/CVE-2024-45xx/CVE-2024-4566.json) (`2024-05-21T09:15:08.890`) -- [CVE-2024-4875](CVE-2024/CVE-2024-48xx/CVE-2024-4875.json) (`2024-05-21T09:15:09.103`) +- [CVE-2023-3938](CVE-2023/CVE-2023-39xx/CVE-2023-3938.json) (`2024-05-21T10:15:08.730`) +- [CVE-2023-3939](CVE-2023/CVE-2023-39xx/CVE-2023-3939.json) (`2024-05-21T10:15:09.683`) +- [CVE-2023-3940](CVE-2023/CVE-2023-39xx/CVE-2023-3940.json) (`2024-05-21T11:15:08.780`) +- [CVE-2023-3941](CVE-2023/CVE-2023-39xx/CVE-2023-3941.json) (`2024-05-21T11:15:09.000`) +- [CVE-2024-4361](CVE-2024/CVE-2024-43xx/CVE-2024-4361.json) (`2024-05-21T11:15:09.210`) +- [CVE-2024-4435](CVE-2024/CVE-2024-44xx/CVE-2024-4435.json) (`2024-05-21T10:15:10.393`) +- [CVE-2024-4553](CVE-2024/CVE-2024-45xx/CVE-2024-4553.json) (`2024-05-21T10:15:10.623`) +- [CVE-2024-4619](CVE-2024/CVE-2024-46xx/CVE-2024-4619.json) (`2024-05-21T11:15:09.397`) +- [CVE-2024-4695](CVE-2024/CVE-2024-46xx/CVE-2024-4695.json) (`2024-05-21T10:15:10.820`) +- [CVE-2024-4700](CVE-2024/CVE-2024-47xx/CVE-2024-4700.json) (`2024-05-21T10:15:11.023`) +- [CVE-2024-4876](CVE-2024/CVE-2024-48xx/CVE-2024-4876.json) (`2024-05-21T11:15:09.587`) +- [CVE-2024-4988](CVE-2024/CVE-2024-49xx/CVE-2024-4988.json) (`2024-05-21T10:15:11.240`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +- [CVE-2023-47537](CVE-2023/CVE-2023-475xx/CVE-2023-47537.json) (`2024-05-21T10:15:09.910`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 00a2836645f..c52548c3c4e 100644 --- a/_state.csv +++ b/_state.csv @@ -228695,6 +228695,7 @@ CVE-2023-39376,0,0,ee823f8dc633e9a1b97d77602109717c597add3d319192ef4dd31a5eafa74 CVE-2023-39377,0,0,6b25600f12a40400a98f27d3cb0284275c966146648efaecbe5112bf188d7ff8,2023-09-27T18:43:05.857000 CVE-2023-39378,0,0,4e295f7076fea93091455b8992c3f5b4b3522f78d66a4f77b235228035ecbf4b,2023-09-27T18:42:38.813000 CVE-2023-39379,0,0,41a4f399e0e77cbdbc8d9e6a086018a80952fe53c20f02ba4c641d55e3ad2a19,2023-08-09T12:25:04.040000 +CVE-2023-3938,1,1,6736bf15a434ff4f29b076bff0803eaf178ddf81dae1e81d5d05d7fc356b50a3,2024-05-21T11:15:08.590000 CVE-2023-39380,0,0,2d25d067ef91bc213791f20f6246e394c6b593c1e4ade8ffd62b96c5c772fc11,2023-08-17T02:18:37.127000 CVE-2023-39381,0,0,005753247f1dbfa4f8136a80513c5e3b04bb065f11d1339fe682b43a62cf96a9,2023-08-17T02:12:38.623000 CVE-2023-39382,0,0,4a0252fbc5f629d37f35045a920fb550594e60f80422a99a05fcd297d04bf3a5,2023-08-17T02:13:28.870000 @@ -228705,6 +228706,7 @@ CVE-2023-39386,0,0,19ecf909309d6d29161e9976a9c4ed0ab2ecc554c8b312417dca6a3dbe575 CVE-2023-39387,0,0,5740591546b0aedc6aef9900e5e350b8bb673c8f46ba62ca5759c211e714bb27,2023-08-17T19:18:15.017000 CVE-2023-39388,0,0,8a8950878f7a39c6ec31a9bd334508d24dc46c82362e1268136bb503423fb7db,2023-08-17T14:17:35.187000 CVE-2023-39389,0,0,b781d55d2979d21ba2bb14b766c0c7b7e864a7bbbc3ca7c5365e73dcace3dec5,2023-08-17T14:16:10.203000 +CVE-2023-3939,1,1,b13199cf67c2bfac494aaff7ee598096499537f2cafe954bba0ccab6d5ac9219,2024-05-21T11:15:08.690000 CVE-2023-39390,0,0,aafe0511a72deae51f401e8c0bbc2476628e6bd48f591800554e95b5a867767c,2023-08-17T18:06:24.980000 CVE-2023-39391,0,0,5a1540385f8086b25576131132bcaa99d391636ece6b2463cbbd4b5c641feca9,2023-08-17T14:01:09.233000 CVE-2023-39392,0,0,13a0755731c3d817018e61777599125498296300368331652aa73935ee8fba43,2023-08-17T13:49:52.153000 @@ -228715,6 +228717,7 @@ CVE-2023-39396,0,0,b07907bacd6a469142b6b8f028ed29f35fb46b969ec38c8cf137c18c0f4b0 CVE-2023-39397,0,0,bf0269932c216bbea841eeeb9de1719b0db6829cedfcd85e20a2329912907924,2023-08-17T13:52:56.890000 CVE-2023-39398,0,0,d4fd27585764a5184261ee9722e033ffabc78b14b8f92cbfa1945a4ca1e58dd5,2023-08-17T13:51:41.563000 CVE-2023-39399,0,0,540c333579b5d6c77ca8c0d897876ef999bd042e259a65f1dbf5f4e31dff304b,2023-08-17T13:43:51.593000 +CVE-2023-3940,1,1,c126e646c39610b489c8f80e9c9f2b740368837e9bea9ec7815029b45e592fae,2024-05-21T11:15:08.780000 CVE-2023-39400,0,0,8b8b9913c876067de139fc42533308f388961dc7811272f95cf53f27477a6ed0,2023-08-17T13:46:56.360000 CVE-2023-39401,0,0,6e5026488a6e0bb79d5737fb09f81169e4e41e9b7a8b59a5b0de41c9ed0262a6,2023-08-17T13:53:27.350000 CVE-2023-39402,0,0,0320ac06b3e05686415a7fd0d66837efc094de8e996a1d9e677cf1c05e619f82,2023-08-17T13:40:58.583000 @@ -228725,6 +228728,7 @@ CVE-2023-39406,0,0,ab7c6c0eb3b2ee5e2954ec40c91e1547b55bafcb0a3bd40f01300e3cafb15 CVE-2023-39407,0,0,0d7d4d6b11c7dcf0994795bdcb0b097f6a460f4bd6e9ce11fe29b4fc2a356942,2023-09-25T17:15:48.117000 CVE-2023-39408,0,0,bcf01c6b1b49fa1574a097fa5cfbc15cddfa1feba3b6c0f2ac6820ba5f62516b,2023-09-25T17:16:53.103000 CVE-2023-39409,0,0,39b604dd7b784d069c15129e187a171176ff308a6fbc69d9791e6281d5de3006,2023-09-25T17:25:23.520000 +CVE-2023-3941,1,1,dc1c17d2feef1cbe9c63b5794760b4fba8b80328d50ad7e25349e055f97b5736,2024-05-21T11:15:09 CVE-2023-39410,0,0,eb1e9172ae786dbf1f7282e3a438a1f1c26bc2104bf7c8f0ba881373b4d112c2,2023-10-06T17:58:36.833000 CVE-2023-39411,0,0,fb6ae7a559546e024fd76428323867d933b51de15f2773efd312eebcb4eb10d7,2023-11-17T04:12:22.167000 CVE-2023-39412,0,0,f6bc83ca532b3e82db71fca70c11693cd73c5c777ee6c79ba0c280e196dab861,2023-11-17T04:05:48.100000 @@ -234346,7 +234350,7 @@ CVE-2023-47532,0,0,f7cf6572ed9153c9e9a7f5cd23eeb0b6657c93bc6ce2c46ab6944d32c1834 CVE-2023-47533,0,0,b8ab7ae598b0c06166f769defe5b3fe49524ff650f62dcd2d445a0c629c3eea1,2023-11-17T15:53:53.267000 CVE-2023-47534,0,0,81a5c657381b573d19aa39a0b2a9c5cefb1552d1a7cd2bbc725130b38cdd6d55,2024-03-15T15:10:36.233000 CVE-2023-47536,0,0,c92809299ce994fe002984e3ea770aaca21d26ac58ae60aa42bd9b1f93a95802,2023-12-18T17:19:51.397000 -CVE-2023-47537,0,0,e819c54cb454cf4f0620df9dd3d6930b398a1b42288f9e331fa69cbd987badb2,2024-02-22T15:26:01.937000 +CVE-2023-47537,0,1,0385a23473fe753ce8892f1abada4f036632f24d8d80f275bf904696fff5e7ac,2024-05-21T10:15:09.910000 CVE-2023-4754,0,0,d1a60aeff3e1b2426ae95f9ba5659b82b6b06e64889df384bdf47a9b7ba058b6,2023-09-06T22:23:47.563000 CVE-2023-47540,0,0,26164122b5debc25c175f537f3ccb6470f834500489c8942faece9d5ce5fc4b5,2024-04-10T13:24:22.187000 CVE-2023-47541,0,0,073baaa595808fdc2a7f0d5dfc8e0ba7658e35c8265907a6d9c69193e6ccf2f3,2024-04-10T13:24:22.187000 @@ -248987,7 +248991,7 @@ CVE-2024-33443,0,0,7f62cc637ddbcb31d4d27451ebd5ff31e1289fc0b12403902ee9379da64c7 CVE-2024-33444,0,0,dd8f738307cf7a98c771473a6747e7b5352188764c18ccbccd77e23af1117ede,2024-04-30T13:11:16.690000 CVE-2024-33445,0,0,2adc5b1320c62f7d749fc302bf856c4946bcb2b6ed78c5da9933008a1fbfc075,2024-04-30T13:11:16.690000 CVE-2024-33449,0,0,82c0fe8439f268eedf63ed1da3eb3fb2ad29e68126122a5274369bbec0c38b68,2024-04-30T13:11:16.690000 -CVE-2024-3345,1,1,8e6db83f3ba149228a22c93b704121b0bd8780f96b60adf565d8c294045ae6e7,2024-05-21T09:15:08.533000 +CVE-2024-3345,0,0,8e6db83f3ba149228a22c93b704121b0bd8780f96b60adf565d8c294045ae6e7,2024-05-21T09:15:08.533000 CVE-2024-33454,0,0,af2458e2a92892beb63c1bf2d95ff7e9398d77f429fab02bbeabef831c2c6674,2024-05-14T16:12:23.490000 CVE-2024-3346,0,0,312355f19bae8f6fad300133bd9d49713b734c255da277af0376b1f0fb7936a0,2024-05-17T02:39:51.207000 CVE-2024-33465,0,0,eadb6536921f299769dd28ca056127bee4ec0a5d9a79c4314362582bea14e967,2024-04-30T17:52:35.057000 @@ -250498,6 +250502,7 @@ CVE-2024-4349,0,0,d7cb391ad6a3595c020e400bfefef3bf14b6d8b75d9701c79688eb2693bdea CVE-2024-4351,0,0,84a993fcb461a8c61255d21736701361dc3f453bf42043de26320f65ada00121,2024-05-16T13:03:05.353000 CVE-2024-4352,0,0,ec2049b13794d7b7eea90d377463d8f5c3179de2c6e69d57554c5eced6269751,2024-05-16T13:03:05.353000 CVE-2024-4357,0,0,15f39a23a70c5acc3d08c2f81b16ef69b06f28ee37422807405e1ad546411072,2024-05-15T18:35:11.453000 +CVE-2024-4361,1,1,09cb7ed1d329520af620236ebf078492e4c64e376e0e29f08e06930054c2078c,2024-05-21T11:15:09.210000 CVE-2024-4363,0,0,d30828b887305e475a68737a9c01556f9e261cb37bd7c595ea12b948125a2ae0,2024-05-15T16:40:19.330000 CVE-2024-4367,0,0,10c9ba4e2375d81f02eb3145704f99e298b4c446473517eea4810baa65f2c650,2024-05-14T19:17:55.627000 CVE-2024-4368,0,0,0ee02ebde276d817508f5495294b3429c463a1f4241660388e0c329992e72be6,2024-05-04T02:15:06.853000 @@ -250528,6 +250533,7 @@ CVE-2024-4430,0,0,2977ce5eb55d4b32781acd64cf46e940cc709041a97d7f6a7071a523a104ed CVE-2024-4432,0,0,49cbcbf0ecc1a7e8dd4f4005003d4bbbad6f242752f497dfddb04e7d67e86aa4,2024-05-20T13:00:34.807000 CVE-2024-4433,0,0,a671ce2518271e49fdeb5cf5eaca489e751e352fe28902a9e3a1500395ee9006,2024-05-02T18:00:37.360000 CVE-2024-4434,0,0,cde9fa120977e75c0573204952d5b71ccbd57bef4f0e70a5b7f5a93b9a0c5d06,2024-05-14T16:11:39.510000 +CVE-2024-4435,1,1,24f60e10e350866d90504d5619179b1ac2a64fbe263f00dbb4545a8904c17261,2024-05-21T10:15:10.393000 CVE-2024-4436,0,0,64033ee8163e93734d3356c76b1219aa507b767e43c629d466579eff9eca6a17,2024-05-08T13:15:00.690000 CVE-2024-4437,0,0,a62637ebd732289d5432e95cdaf60c3e47133a5119cabcd67c7d4d14d6736462,2024-05-08T13:15:00.690000 CVE-2024-4438,0,0,93ceea5f04a92ff8a47d298b7349cd99931c0f6ebe6d5712d64fba3d2e18a77c,2024-05-08T13:15:00.690000 @@ -250595,12 +250601,13 @@ CVE-2024-4546,0,0,3d8214b19328ce0698128d2541020c31eac589ba32f1eccefac58acec39f32 CVE-2024-4547,0,0,6b600f363e41b63ee43a4b2365298fb38de96fd61b910d0724ca38ee29a8a8df,2024-05-06T16:00:59.253000 CVE-2024-4548,0,0,255fb62729cbf70b5d240d036752cc7d31677deac2357745733c1172bc76cfe7,2024-05-06T16:00:59.253000 CVE-2024-4549,0,0,6f08cdb7bdf1bc14a6d26c3a39b799558e43e67fec9cb01e1f3b74f80a87ace3,2024-05-06T21:15:48.783000 +CVE-2024-4553,1,1,672bc280715bee7ae95a6023eeba28713efd1e3684343fdeacad9fa7a3254b40,2024-05-21T10:15:10.623000 CVE-2024-4558,0,0,53052249d37fc7466ecbaee9075a2de9dd82580681c41021781e6c264c5e18ad,2024-05-07T20:07:58.737000 CVE-2024-4559,0,0,04253977f1b3aac9c2c8228f67b55a5d97f0f228a3fd1b3fdffeaf9dbbc176fb,2024-05-07T20:07:58.737000 CVE-2024-4560,0,0,01330bc30e6abf90cd0e894076fd4822775b90946ecfbbe71c3855f1f2c00212,2024-05-14T16:11:39.510000 CVE-2024-4561,0,0,419f075cb470fc0bcbe1e02ad47a96fd3735721568a3ea0b27d92242ea08e526,2024-05-15T16:40:19.330000 CVE-2024-4562,0,0,4b41dac3b3dc0160472fa769fd66d4820687adcd6a603b6680aeb5866557430b,2024-05-15T16:40:19.330000 -CVE-2024-4566,1,1,a756d09326ad85d3086ea7fa0189442dde86c5a73f4d221083940825fe4edfd2,2024-05-21T09:15:08.890000 +CVE-2024-4566,0,0,a756d09326ad85d3086ea7fa0189442dde86c5a73f4d221083940825fe4edfd2,2024-05-21T09:15:08.890000 CVE-2024-4567,0,0,bff521ec958712c348010a89da0e0aec519b6a717613a798e9a8fee426de5e74,2024-05-14T16:11:39.510000 CVE-2024-4568,0,0,79c6e65478e2e86d702896e792fead76bbebdb118f8c0f66e6390a241a22321a,2024-05-07T13:39:32.710000 CVE-2024-4571,0,0,b379f15291a8a65b330c223bc6a31fd0a21b183a906c0a4077ca3cf5d38b8ad0,2024-05-14T15:44:05.750000 @@ -250634,6 +250641,7 @@ CVE-2024-4609,0,0,462e88c52aa260b716de738f57f61ca9eb0d27442f231164c83c77fb9df604 CVE-2024-4614,0,0,beb5630ff5db8a415fa4bf6f109dad49279ea5965bb91a1d7f892cd406978f05,2024-05-14T15:44:12.883000 CVE-2024-4617,0,0,a9ac6f97f78093fda60c756da599c06372e99e21d7b1347de185ba0119cb6cca,2024-05-16T13:03:05.353000 CVE-2024-4618,0,0,60eca777456ce5379ff16ab59d0e8db1fff28f58a76fe14d606e7a27666b586b,2024-05-15T16:40:19.330000 +CVE-2024-4619,1,1,c5794f8aa1019609af1d077c57e5a6fd522f46633db50da15e0824aa4e846290,2024-05-21T11:15:09.397000 CVE-2024-4622,0,0,4b1992fe33b227c66e64bdd4cf1c71e31b73a98abda6bdd8e7687e0db4e86196,2024-05-15T18:35:11.453000 CVE-2024-4624,0,0,2a601b2b9934f4e4184c90fc3ba9cbddeec712a59701e0372ed6d18cfcc3b7c7,2024-05-14T19:17:55.627000 CVE-2024-4630,0,0,f5808b44be131bdae6b6920228d425b0dd235ef4afe8685cc2ea30d538a619f5,2024-05-14T16:11:39.510000 @@ -250674,8 +250682,10 @@ CVE-2024-4687,0,0,5959def1b7bdf7125a357f3c153983f3d5ac8d6eae818fc6bf7591d3c2beaf CVE-2024-4688,0,0,5209c8e598df4232c95422a32cff4b63e70cf2beafa2b8b363e44607e8b05dd2,2024-05-17T02:40:33.500000 CVE-2024-4689,0,0,919eb1a71c5b4e5442293f605f96c1f22f0a9c83e181a6bfcbc236f37312a073,2024-05-14T16:11:39.510000 CVE-2024-4693,0,0,ae34b03d329f3bae3c71df865f5758cc1e5a9a82168c01009bca2e974c902cf9,2024-05-14T16:11:39.510000 +CVE-2024-4695,1,1,d63b49655672f53000fddd7f6678d99eb2b872cd33968155f7345af563a5ee24,2024-05-21T10:15:10.820000 CVE-2024-4698,0,0,4c0345da636c07f65b8d5f03536e37a4b051fc029c770a25e89c99a04b193fb0,2024-05-20T13:00:34.807000 CVE-2024-4699,0,0,21634a770b960d22aa24dc1f0ea343763012f9507287610a68f5378061204954,2024-05-17T02:40:33.683000 +CVE-2024-4700,1,1,fcc24667ca9730028f38db0a1e0580d18ad1adb9c81aae4c3e1a160ff9d8a9d1,2024-05-21T10:15:11.023000 CVE-2024-4701,0,0,31c0f40927cc6a1a9aece611ec4491a5435df4e5c3a9daffc9dfb7710658ca96,2024-05-14T16:11:39.510000 CVE-2024-4702,0,0,391d02c5718dd442c026ca8f3973c4fe10894f8eeb54175158dc44cd7ef50d4a,2024-05-15T16:40:19.330000 CVE-2024-4709,0,0,383dbf3a5b128343c77c07c63d6b9081028427dd357dd94a114eb158c69d030d,2024-05-20T13:00:34.807000 @@ -250774,7 +250784,8 @@ CVE-2024-4859,0,0,3de5434b35db9344c6a8c9ff1c0891dd93d801d8510e1a23be87da56d66078 CVE-2024-4860,0,0,078ece1acb5f59d15050f08de42942705925d025d9ef9dfb969c99e0b62152d4,2024-05-14T19:17:55.627000 CVE-2024-4865,0,0,329a52916bfd6dfb743076cafa1076f06a8ce9ff30efb7c2cd8c895178c7ad64,2024-05-20T13:00:34.807000 CVE-2024-4871,0,0,089a89f3309c27433f20e3be4ef9a00379f9f19601c1c8029649846113aed43a,2024-05-14T19:17:55.627000 -CVE-2024-4875,1,1,196d997c6e8c967fc738be0f9232c06bbee9b2632adf2326052dc6b01f415553,2024-05-21T09:15:09.103000 +CVE-2024-4875,0,0,196d997c6e8c967fc738be0f9232c06bbee9b2632adf2326052dc6b01f415553,2024-05-21T09:15:09.103000 +CVE-2024-4876,1,1,a211915ef652961c4e7387c3bae552fa61c7b2c965457b4fa567ad369db4e2b1,2024-05-21T11:15:09.587000 CVE-2024-4891,0,0,e74bd5bb85af020930d6b90474dcbd5a7bb8df3f51cfa57310da23b320714b43,2024-05-20T13:00:34.807000 CVE-2024-4893,0,0,d5ebc2dfcb13b74b4f1951a124d2e638a95f79aa05d19e6fadfe65b7ad1c4f46,2024-05-15T16:40:19.330000 CVE-2024-4894,0,0,d68130303d356c053d0f6768d0ee08506e206d16216142c952b9b56af8835d24,2024-05-15T16:40:19.330000 @@ -250832,6 +250843,7 @@ CVE-2024-4975,0,0,09924b0fbe93d87fd37542372e09ae669637640cc2222ca882fa05e7d37dfb CVE-2024-4976,0,0,cec1c528b9c81bb2353d630af7aeaeed80f8c396bb33272f9e3c075fa645e3ec,2024-05-16T13:03:05.353000 CVE-2024-4984,0,0,c181b2792419ab292757f17fa7ed54efe54e64b1f0d7a8e32f201040654607f4,2024-05-16T13:03:05.353000 CVE-2024-4985,0,0,bc448e1bde699518577a6998209a5a0146da6fb11a5b9b2f9d4aabb1f818fd6f,2024-05-20T22:15:08.727000 +CVE-2024-4988,1,1,14e96763c8df817c1246cd37dd16bab5249da2d66833f4a23692f81963505d01,2024-05-21T10:15:11.240000 CVE-2024-4991,0,0,180b9ed28c0cce46df550147eebf5773d3a2c46d3490c6ab8f019084050e5a01,2024-05-16T13:03:05.353000 CVE-2024-4992,0,0,504a91a45451c38d9b5beed8f2c88cac747dfe187af29754ed23c5e483929557,2024-05-16T13:03:05.353000 CVE-2024-4993,0,0,54558f9e3463a1500143cda3bf9ee67127625c6afa1872d34f1d786cf2569f73,2024-05-16T13:03:05.353000