From c4acfa3cbb149fbff3514cfe940bd90dc49fa94c Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 15 Nov 2024 07:03:23 +0000 Subject: [PATCH] Auto-Update: 2024-11-15T07:00:19.832761+00:00 --- CVE-2024/CVE-2024-101xx/CVE-2024-10113.json | 60 +++++++++++++++++ CVE-2024/CVE-2024-102xx/CVE-2024-10260.json | 60 +++++++++++++++++ CVE-2024/CVE-2024-105xx/CVE-2024-10582.json | 60 +++++++++++++++++ CVE-2024/CVE-2024-107xx/CVE-2024-10793.json | 60 +++++++++++++++++ CVE-2024/CVE-2024-108xx/CVE-2024-10897.json | 64 ++++++++++++++++++ CVE-2024/CVE-2024-396xx/CVE-2024-39610.json | 64 ++++++++++++++++++ CVE-2024/CVE-2024-424xx/CVE-2024-42499.json | 64 ++++++++++++++++++ CVE-2024/CVE-2024-93xx/CVE-2024-9356.json | 60 +++++++++++++++++ CVE-2024/CVE-2024-96xx/CVE-2024-9609.json | 72 +++++++++++++++++++++ README.md | 18 ++++-- _state.csv | 11 +++- 11 files changed, 587 insertions(+), 6 deletions(-) create mode 100644 CVE-2024/CVE-2024-101xx/CVE-2024-10113.json create mode 100644 CVE-2024/CVE-2024-102xx/CVE-2024-10260.json create mode 100644 CVE-2024/CVE-2024-105xx/CVE-2024-10582.json create mode 100644 CVE-2024/CVE-2024-107xx/CVE-2024-10793.json create mode 100644 CVE-2024/CVE-2024-108xx/CVE-2024-10897.json create mode 100644 CVE-2024/CVE-2024-396xx/CVE-2024-39610.json create mode 100644 CVE-2024/CVE-2024-424xx/CVE-2024-42499.json create mode 100644 CVE-2024/CVE-2024-93xx/CVE-2024-9356.json create mode 100644 CVE-2024/CVE-2024-96xx/CVE-2024-9609.json diff --git a/CVE-2024/CVE-2024-101xx/CVE-2024-10113.json b/CVE-2024/CVE-2024-101xx/CVE-2024-10113.json new file mode 100644 index 00000000000..37ab5c96a8e --- /dev/null +++ b/CVE-2024/CVE-2024-101xx/CVE-2024-10113.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10113", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-15T06:15:03.340", + "lastModified": "2024-11-15T06:15:03.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP AdCenter \u2013 Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpadcenter_ad shortcode in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wordpress.org/plugins/wpadcenter/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0597a63d-2627-477f-874a-c35b6df7afd5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-102xx/CVE-2024-10260.json b/CVE-2024/CVE-2024-102xx/CVE-2024-10260.json new file mode 100644 index 00000000000..55164c6128e --- /dev/null +++ b/CVE-2024/CVE-2024-102xx/CVE-2024-10260.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10260", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-15T06:15:03.753", + "lastModified": "2024-11-15T06:15:03.753", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 8.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.svn.wordpress.org/tripetto/trunk/lib/attachments.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3718c252-2ca3-4f7d-b43a-3c1b2e6b34c0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10582.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10582.json new file mode 100644 index 00000000000..b69f60175ed --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10582.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10582", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-15T06:15:04.077", + "lastModified": "2024-11-15T06:15:04.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Music Player for Elementor \u2013 Audio Player & Podcast Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_mpfe_template() function in all versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import templates." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3186359%40music-player-for-elementor%2Ftrunk&old=3174807%40music-player-for-elementor%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f66cdcf-cbe5-43e0-ad18-c2b9c4491ed4?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10793.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10793.json new file mode 100644 index 00000000000..f917d540d11 --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10793.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-10793", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-15T06:15:04.370", + "lastModified": "2024-11-15T06:15:04.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever an administrative user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wp-security-audit-log/tags/5.2.1/classes/WPSensors/class-wp-system-sensor.php#L679", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/44f3b2e4-c537-4369-b2d6-39fbc6cb8e08?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-108xx/CVE-2024-10897.json b/CVE-2024/CVE-2024-108xx/CVE-2024-10897.json new file mode 100644 index 00000000000..c9a6eb86b78 --- /dev/null +++ b/CVE-2024/CVE-2024-108xx/CVE-2024-10897.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-10897", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-15T05:15:05.177", + "lastModified": "2024-11-15T05:15:05.177", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Tutor LMS Elementor Addons plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the install_etlms_dependency_plugin() function in all versions up to, and including, 2.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install Elementor or Tutor LMS. Please note the impact of this issue is incredibly limited due to the fact that these two plugins will likely already be installed as a dependency of the plugin." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/tutor-lms-elementor-addons/trunk/classes/Installer.php#L152", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3186320/tutor-lms-elementor-addons/trunk/classes/Installer.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99edd858-5e2c-4cc5-adda-d8e70ddc86f6?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-396xx/CVE-2024-39610.json b/CVE-2024/CVE-2024-396xx/CVE-2024-39610.json new file mode 100644 index 00000000000..aa4ed44d651 --- /dev/null +++ b/CVE-2024/CVE-2024-396xx/CVE-2024-39610.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-39610", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-11-15T06:15:04.667", + "lastModified": "2024-11-15T06:15:04.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://fitnesse.org/FitNesseDownload", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://github.com/unclebob/fitnesse/releases/tag/20241026", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://jvn.jp/en/jp/JVN36791327/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42499.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42499.json new file mode 100644 index 00000000000..80584beb854 --- /dev/null +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42499.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-42499", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-11-15T06:15:04.933", + "lastModified": "2024-11-15T06:15:04.933", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an attacker may be able to know whether a file exists at a specific path, and/or obtain some part of the file contents under specific conditions." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://fitnesse.org/FitNesseDownload", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://github.com/unclebob/fitnesse/releases/tag/20241026", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://jvn.jp/en/jp/JVN36791327/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9356.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9356.json new file mode 100644 index 00000000000..9f8d9dd42b2 --- /dev/null +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9356.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9356", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-15T06:15:05.233", + "lastModified": "2024-11-15T06:15:05.233", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Yotpo: Product & Photo Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'yotpo_user_email' and 'yotpo_user_name' parameters in all versions up to, and including, 1.7.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/yotpo-social-reviews-for-woocommerce/trunk/lib/utils/wc-yotpo-settings-functions.php#L100", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2f7ddb34-cb5b-4089-bd3e-07056f0b6bd5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9609.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9609.json new file mode 100644 index 00000000000..d11f0a61bbf --- /dev/null +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9609.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-9609", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-15T05:15:06.373", + "lastModified": "2024-11-15T05:15:06.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The LearnPress Export Import \u2013 WordPress extension for LearnPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'learnpress_import_form_server' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/trunk/inc/admin/providers/learnpress/class-lp-import-learnpress.php#L90", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/trunk/inc/admin/views/import.php#L23", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3186901/learnpress-import-export/trunk/inc/admin/providers/learnpress/class-lp-import-learnpress.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3186901/learnpress-import-export/trunk/inc/admin/views/import.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7429367-f9f4-4859-9537-0f543e32870a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 4ffab0eaba6..ab817ad4657 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-15T05:00:20.073480+00:00 +2024-11-15T07:00:19.832761+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-15T04:15:03.613000+00:00 +2024-11-15T06:15:05.233000+00:00 ``` ### Last Data Feed Release @@ -33,14 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -269790 +269799 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `9` -- [CVE-2024-10924](CVE-2024/CVE-2024-109xx/CVE-2024-10924.json) (`2024-11-15T04:15:03.613`) +- [CVE-2024-10113](CVE-2024/CVE-2024-101xx/CVE-2024-10113.json) (`2024-11-15T06:15:03.340`) +- [CVE-2024-10260](CVE-2024/CVE-2024-102xx/CVE-2024-10260.json) (`2024-11-15T06:15:03.753`) +- [CVE-2024-10582](CVE-2024/CVE-2024-105xx/CVE-2024-10582.json) (`2024-11-15T06:15:04.077`) +- [CVE-2024-10793](CVE-2024/CVE-2024-107xx/CVE-2024-10793.json) (`2024-11-15T06:15:04.370`) +- [CVE-2024-10897](CVE-2024/CVE-2024-108xx/CVE-2024-10897.json) (`2024-11-15T05:15:05.177`) +- [CVE-2024-39610](CVE-2024/CVE-2024-396xx/CVE-2024-39610.json) (`2024-11-15T06:15:04.667`) +- [CVE-2024-42499](CVE-2024/CVE-2024-424xx/CVE-2024-42499.json) (`2024-11-15T06:15:04.933`) +- [CVE-2024-9356](CVE-2024/CVE-2024-93xx/CVE-2024-9356.json) (`2024-11-15T06:15:05.233`) +- [CVE-2024-9609](CVE-2024/CVE-2024-96xx/CVE-2024-9609.json) (`2024-11-15T05:15:06.373`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 8f8c68cf61d..ee966ac75c9 100644 --- a/_state.csv +++ b/_state.csv @@ -242486,6 +242486,7 @@ CVE-2024-10101,0,0,e3896c5d7db68c5b786b00b58edff142c65dff97c0f85c49d64d1701e59c4 CVE-2024-10108,0,0,f3f4ad009417795f18debc95373d890db3250e635fff4006fa4ef1bc9580626c,2024-11-01T12:57:03.417000 CVE-2024-1011,0,0,a83b664837c33e7f0f4cec42868f7bdd93765cacc9e6b97b43804e8b07af65f2,2024-05-17T02:35:09.987000 CVE-2024-10112,0,0,3a01d2baa33f19e143abe5aabe181ccab32faac99effca8d7325142fe7220a64,2024-10-25T12:56:07.750000 +CVE-2024-10113,1,1,f52d3353e7ab10b452d04f2fa10a24dc9a7b747fe8bafbbd7a0c7754ab1903d4,2024-11-15T06:15:03.340000 CVE-2024-10114,0,0,16b8947ff2e570aff6db4fc1326409cd8691db8a310b773c04315751bc454909,2024-11-07T17:04:09.203000 CVE-2024-10115,0,0,2f48f8fc2fb64e7eea0f8a197e6ea039f4addb791184326175f5bf3196ca43c6,2024-10-18T19:15:13.600000 CVE-2024-10117,0,0,7266808fb250241ee6ed4b7bcd7ffe295a81bef2421c05c5f9197e6a33b75e8d,2024-10-28T13:58:09.230000 @@ -242586,6 +242587,7 @@ CVE-2024-10241,0,0,ae512d639185a0ae3de570db96ee11e8b4269e6da724c94a52e42eddaeb0b CVE-2024-10245,0,0,a0531404f8e42b22ebf8edf706088f8f3bbff70573c99f5feaf6c300487731f6,2024-11-12T13:55:21.227000 CVE-2024-10250,0,0,8accb693817c35c7e4f9fa710076ead819720d8653e5052fbeeec31b3a5b47d2,2024-10-25T16:37:32.777000 CVE-2024-1026,0,0,e127bb5d00442b36eed0e6ff6513a3a42c45706876a3a5f2167365447fb898e7,2024-05-17T02:35:11.320000 +CVE-2024-10260,1,1,24a115b49882fd434583811f09a72f33468724f2639e8fb47c90cc1f32a9eee1,2024-11-15T06:15:03.753000 CVE-2024-10261,0,0,c0bacd51f8c13c6f93273b74702fb7ce7659bc324c7b90c6cfb500b131b8dd02,2024-11-12T13:56:24.513000 CVE-2024-10263,0,0,d8274159492686a2b3c754959bfc4509f9c9201a502006a3dee5515647626798,2024-11-08T15:59:41.633000 CVE-2024-10265,0,0,f3110d4f544093035d0a9b2f7bbeb2aefd9a822ae90a8974b8e692b012c9f1eb,2024-11-14T15:17:47.947000 @@ -242797,6 +242799,7 @@ CVE-2024-10573,0,0,9063cc223ea5dcb15427b5dfc605e5a082c0cb2c41a32875a4278d827b140 CVE-2024-10575,0,0,d60bf0a0bfff7c064a609e35a84fef721491108a3e1293beb652d4120d21f4e8,2024-11-13T17:01:16.850000 CVE-2024-10577,0,0,a22bb88e9d80100e8493f63e77c4cd5ab2a37147944c69ab526442c593c29d99,2024-11-13T17:01:16.850000 CVE-2024-1058,0,0,6b5e9e2c8572168cf164dc3fe2cb55f99ab49ff2791e71ab226d135ab3271443,2024-02-29T13:49:29.390000 +CVE-2024-10582,1,1,91fe64f21f22607f8d2da01a1eb37d03b1cc1dcaaaba3974dce261cded184457,2024-11-15T06:15:04.077000 CVE-2024-10586,0,0,f1f769b86eb6d000daef591c5f367193d87a3d50622221457cbf9ad14bf94bab,2024-11-12T13:56:54.483000 CVE-2024-10588,0,0,c2bcaed6fe7b435f43e9c22f77453914df70e3466f4c66fa7dbe7829c2fb6e04,2024-11-12T13:56:24.513000 CVE-2024-10589,0,0,a6d8f39b47e9cb3150ad138c8d50791b37f1119d54a24371f819b9a1d868ac19,2024-11-12T13:56:24.513000 @@ -242930,6 +242933,7 @@ CVE-2024-1078,0,0,88568fa2f20f5ea8de25fda48576808429bbc616448df571a879f056db5656 CVE-2024-1079,0,0,0a964f4e43e1a2d85a40a4753c5354fe293facf65d0ebcc06031e68ccad95a0f,2024-02-14T19:33:09.977000 CVE-2024-10790,0,0,c5195852541315ac22dd1b614848e72547c3a099e7858697bb9ee4c86225d43f,2024-11-12T13:55:21.227000 CVE-2024-10791,0,0,a1ab37f8c195110cb663fc7e474028527dca661a169201c0160b30306fac4c75,2024-11-06T15:05:38.240000 +CVE-2024-10793,1,1,f137695f4beb8622e71fec8b8a2729c52d34d425fc811fecf87748e7f897f7d1,2024-11-15T06:15:04.370000 CVE-2024-10794,0,0,990e73a12d2666bd3fad2efb1281964d2189bbaa2e95112b72149dc1a8399a47,2024-11-13T17:01:16.850000 CVE-2024-1080,0,0,9acdbacec5fb31283e62a6d3f1b1bde4de3af0ce021840a5a12a8cd06719b667,2024-03-13T18:16:18.563000 CVE-2024-10800,0,0,fb8e6ea9cb7f5838daa314a39d21e1e54fbb9eab7af4f73cc8a245f78af7556e,2024-11-13T17:01:16.850000 @@ -242974,6 +242978,7 @@ CVE-2024-1088,0,0,7487e11aa2518f6cc93d89dd95a39f5c8d6e4a1b2567cf073eed09f7df7825 CVE-2024-10882,0,0,d50cca8abf620c67a958717eb4d933afb7abd51207b4b48e13771e9f1de70410,2024-11-13T17:01:16.850000 CVE-2024-10887,0,0,6f1c620112f0531885feb58bf605da1bdf3e2be3ee69e7f92d5d01d446076f44,2024-11-13T17:01:16.850000 CVE-2024-1089,0,0,9442709e929187c1b992d082c3eaeec9226480f80fc28198e3a73f4a684640d5,2024-02-29T13:49:29.390000 +CVE-2024-10897,1,1,fffb1c2e69b9be300e7ab43a95519234179e8ae190ec7c981ec28d965f85e802,2024-11-15T05:15:05.177000 CVE-2024-1090,0,0,2d0b80c82d6d153c4e0b5412c3fcf892da86ac73a72da4cbf84bfbb064bdcb0c,2024-02-29T13:49:29.390000 CVE-2024-1091,0,0,54ee7e9ca708166212a73aaa10e4715176fe17b55fbce1ee0ea8f95d289d46a5,2024-02-29T13:49:29.390000 CVE-2024-10914,0,0,a19349a4797c04ddb77f70975a0145b559e2c17ff8d6db53557df6669e0449a1,2024-11-08T19:53:04.793000 @@ -242986,7 +242991,7 @@ CVE-2024-10920,0,0,2cf9a2b6fa319444c301d4d5e50d2260546d202b9ce9ceed0622f32574438 CVE-2024-10921,0,0,df49167eb143ff2e23f3731e4ab5404d7de812e4b3599b4fe801797e2459e70e,2024-11-14T16:15:18.030000 CVE-2024-10922,0,0,2e8ad1bbe2c22b2f860e82caba9eca723e865a4e9bffae87682e3cfa53e59e0d,2024-11-08T19:01:25.633000 CVE-2024-10923,0,0,a52ee7279b45f6cbb4af1bcb280dc131fb026565d6c8cec2e60c88cc2adb08c1,2024-11-13T21:35:04.867000 -CVE-2024-10924,1,1,1bc7e84d5ffeb886c00d205d3444fdaee12f3cadcb01a2551220ee89af166a67,2024-11-15T04:15:03.613000 +CVE-2024-10924,0,0,1bc7e84d5ffeb886c00d205d3444fdaee12f3cadcb01a2551220ee89af166a67,2024-11-15T04:15:03.613000 CVE-2024-10926,0,0,d4b8448490b176d20ac7d5dd5d9abfb0445d0f8f33211ac22e460a561e976123,2024-11-08T19:01:25.633000 CVE-2024-10927,0,0,89d2896b297590d0b070dc2d6fc3af12d21eeade74b7d5af5a8c30243a174669,2024-11-08T19:01:25.633000 CVE-2024-10928,0,0,d7b9ae13d8f86fa638d0e1d42acef5c90ca0f7e31aac0a4c1ed2473457ce5298,2024-11-08T19:01:25.633000 @@ -258605,6 +258610,7 @@ CVE-2024-39605,0,0,a5d8e60b596ac98c4205247c388074418dc90b00520b572619e1306394829 CVE-2024-39607,0,0,82ab1f90403a4f0d3b9e21e2a488cd41b34ece370e96146e9e8729444d740066,2024-08-01T15:35:17.240000 CVE-2024-39609,0,0,e07dfcf2cb41b5de548d153b8e1dd42d9f77af2d418236acc36673302dc6f98e,2024-11-13T21:15:27.197000 CVE-2024-3961,0,0,7859b6a2f8e5a01656e72fd209a53f5adaf23f278f08a55d207894f918e1fda9,2024-07-17T13:32:37.647000 +CVE-2024-39610,1,1,fc22ba77abbd619f02087a0e55c6574099838875f51f467f7e94ba44e81b892b,2024-11-15T06:15:04.667000 CVE-2024-39612,0,0,029b5e043f8fa9387c1e935fd25a69e218f8fd7196fe19845233dbfcda84d17e,2024-09-04T16:38:56.383000 CVE-2024-39613,0,0,a01eb288198c1ee98f509a48683a6028690d03e91539f0fa22857619bc4ca335,2024-09-20T13:59:01.117000 CVE-2024-39614,0,0,80fda44b15f74076f020f7bfc25c89db880e93067c83790f059fc3bf750e00f8,2024-08-01T13:55:55.837000 @@ -260461,6 +260467,7 @@ CVE-2024-42493,0,0,62acde285327354a8bf885be4a4449e2ac155d363ca62a755a0d6560a4377 CVE-2024-42495,0,0,9abc7330eac6d6df1f12abde56401fb389a89e85bdfac6db206d32a19ef64c3e,2024-10-04T14:37:36.703000 CVE-2024-42496,0,0,82629bcd722b8cb6d341bed3916823c994361fb6b4946b9099c29ac012cbc5a4,2024-09-30T12:45:57.823000 CVE-2024-42497,0,0,6c95277a74b4240375f9e65f5c21a104fec038817af68c50a8b421844638164c,2024-10-16T20:05:09.183000 +CVE-2024-42499,1,1,de3ac831b8e18fdc40ee07a81a4164b14fa19c310f8891b9be165c3d1774b713,2024-11-15T06:15:04.933000 CVE-2024-4250,0,0,29d8096febeb47af7a705b5c5f44b0e0121b5483d3074c39ff1bff1155e9a3a5,2024-06-04T19:20:34.200000 CVE-2024-42500,0,0,f0bcaea9090b49f77db24a21554ec397886059105966434018e3d2adca5c9151,2024-09-10T12:09:50.377000 CVE-2024-42501,0,0,2d6a46c355be0708ff7db2c58107fc669881111adf034802ab42261dde0a7bbe,2024-09-20T12:30:51.220000 @@ -269393,6 +269400,7 @@ CVE-2024-9351,0,0,33d034faa3e6b0aeb71bafa0ae8b2ea418555ae0b07eef9d890e7c43507fa4 CVE-2024-9352,0,0,788f5bf16f633f8f02e340b198528b062bcda6aeec70a897601eaf656cd6ab6a,2024-10-18T12:52:33.507000 CVE-2024-9353,0,0,64ddffc3239a0d67e3b79e48af9889b2f8d89027aa9c53de3cc5595dbd6f2fd7,2024-10-08T18:50:51.357000 CVE-2024-9355,0,0,302621984b6116aa148a6d267ab2864d150a3fcf399bab5a42fa5db73f8156da,2024-11-05T08:15:04.413000 +CVE-2024-9356,1,1,882c233d2df3c09108f62454da36885e4cecfc456fe54bf5ee7bda0e8d1739dc,2024-11-15T06:15:05.233000 CVE-2024-9357,0,0,ecac5cca1d13ae41e27c64ccd21707ad2b9f6cb13725a3072faecffbc49d78e9,2024-11-12T13:55:21.227000 CVE-2024-9358,0,0,ad1311c8435fb7ce092ff9c8b7c1abe83209465bc92e72b7b733a8ea9fa4bf3c,2024-10-04T13:51:25.567000 CVE-2024-9359,0,0,c3e20cb7feaf9e2d5c48c39f4d484e16226f28d5df197104e70b6a5f0b84dc00,2024-10-04T18:54:12.417000 @@ -269566,6 +269574,7 @@ CVE-2024-9598,0,0,dd6abd1d8094ef836910b53aefec035745da73e794770d7e620055613b3335 CVE-2024-9602,0,0,296483daa0f02222bb5f79446d51c7890118dbb294ec1c3853abb9b3dfc7ffb2,2024-10-10T12:51:56.987000 CVE-2024-9603,0,0,f06afeee14d2c3a95b2fa9bd06bec0b0c1ce9ce3a2d2cc5d2614c0b7bfd8287c,2024-10-10T12:51:56.987000 CVE-2024-9607,0,0,6559a4c9ecc679c1a526ad316820d8ef58b184c710c286477d0fc3422e598c6b,2024-11-05T17:40:57.777000 +CVE-2024-9609,1,1,782f63dd9ec94f0cfd9e496a7d9a070ef4b2456f453d64da74341e1a947df847,2024-11-15T05:15:06.373000 CVE-2024-9610,0,0,c2ae8ad13a32a2ecc4cf7a3cb852077ce2d6eff8b7bb2625c3e46911eeeead24,2024-10-15T12:58:51.050000 CVE-2024-9611,0,0,f16a109b2beda9ef97e16997885b40d38db6eba42b8291e32288f7a269b19f0c,2024-10-15T12:58:51.050000 CVE-2024-9613,0,0,03f12b76d11ccd814de04879dc193f94fb86a0d3aade1fad8084c29f467aedb8,2024-10-28T13:58:09.230000