From c4f92a312513e527dcd98cf509461681677a006e Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 6 Nov 2024 11:03:20 +0000 Subject: [PATCH] Auto-Update: 2024-11-06T11:00:19.585537+00:00 --- CVE-2023/CVE-2023-407xx/CVE-2023-40735.json | 4 +- CVE-2024/CVE-2024-520xx/CVE-2024-52043.json | 12 +++- CVE-2024/CVE-2024-70xx/CVE-2024-7006.json | 6 +- CVE-2024/CVE-2024-70xx/CVE-2024-7012.json | 6 +- CVE-2024/CVE-2024-85xx/CVE-2024-8553.json | 10 +++- CVE-2024/CVE-2024-86xx/CVE-2024-8614.json | 64 +++++++++++++++++++++ CVE-2024/CVE-2024-86xx/CVE-2024-8615.json | 64 +++++++++++++++++++++ CVE-2024/CVE-2024-96xx/CVE-2024-9675.json | 6 +- CVE-2024/CVE-2024-96xx/CVE-2024-9676.json | 6 +- CVE-2024/CVE-2024-96xx/CVE-2024-9681.json | 4 ++ CVE-2024/CVE-2024-99xx/CVE-2024-9902.json | 60 +++++++++++++++++++ README.md | 29 +++++----- _state.csv | 31 +++++----- 13 files changed, 266 insertions(+), 36 deletions(-) create mode 100644 CVE-2024/CVE-2024-86xx/CVE-2024-8614.json create mode 100644 CVE-2024/CVE-2024-86xx/CVE-2024-8615.json create mode 100644 CVE-2024/CVE-2024-99xx/CVE-2024-9902.json diff --git a/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json b/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json index 5e438f25b73..026c4f353c6 100644 --- a/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json +++ b/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40735", "sourceIdentifier": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "published": "2023-08-21T12:15:09.410", - "lastModified": "2024-10-07T19:36:37.970", + "lastModified": "2024-11-06T09:15:03.710", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.\nThis issue affects BUTTERFLY BUTTON: As of 2023-08-21.\n" + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.\nThis issue affects BUTTERFLY BUTTON: As of 2023-08-21." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-520xx/CVE-2024-52043.json b/CVE-2024/CVE-2024-520xx/CVE-2024-52043.json index a5918cbd38e..748548016e9 100644 --- a/CVE-2024/CVE-2024-520xx/CVE-2024-52043.json +++ b/CVE-2024/CVE-2024-520xx/CVE-2024-52043.json @@ -2,13 +2,17 @@ "id": "CVE-2024-52043", "sourceIdentifier": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe", "published": "2024-11-06T08:15:03.420", - "lastModified": "2024-11-06T08:15:03.420", + "lastModified": "2024-11-06T10:15:03.833", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Observable Response Discrepancy vulnerability in HumHub GmbH & Co. KG - HumHub on Linux allows: Excavation (user enumeration).This issue affects all released HumHub versions: through 1.16.2." + }, + { + "lang": "es", + "value": "Vulnerabilidad de discrepancia de respuesta observable en HumHub GmbH & Co. KG - HumHub en Linux permite: Excavaci\u00f3n (enumeraci\u00f3n de usuarios). Este problema afecta a todas las versiones publicadas de HumHub: hasta la 1.16.2." } ], "metrics": { @@ -71,7 +75,11 @@ ], "references": [ { - "url": "https://github.com/humhub/humhub/security", + "url": "https://github.com/advisories/GHSA-3q4w-rf2j-fx5x", + "source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe" + }, + { + "url": "https://https://github.com/humhub/humhub", "source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe" }, { diff --git a/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json b/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json index 3551eb4fdc9..f2831f61857 100644 --- a/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json +++ b/CVE-2024/CVE-2024-70xx/CVE-2024-7006.json @@ -2,7 +2,7 @@ "id": "CVE-2024-7006", "sourceIdentifier": "secalert@redhat.com", "published": "2024-08-12T13:38:40.577", - "lastModified": "2024-11-05T08:15:03.973", + "lastModified": "2024-11-06T10:15:04.373", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -147,6 +147,10 @@ "url": "https://access.redhat.com/errata/RHSA-2024:8833", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8914", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-7006", "source": "secalert@redhat.com", diff --git a/CVE-2024/CVE-2024-70xx/CVE-2024-7012.json b/CVE-2024/CVE-2024-70xx/CVE-2024-7012.json index c411209d42e..ace5d0b4102 100644 --- a/CVE-2024/CVE-2024-70xx/CVE-2024-7012.json +++ b/CVE-2024/CVE-2024-70xx/CVE-2024-7012.json @@ -2,7 +2,7 @@ "id": "CVE-2024-7012", "sourceIdentifier": "secalert@redhat.com", "published": "2024-09-04T14:15:14.570", - "lastModified": "2024-09-19T06:15:03.777", + "lastModified": "2024-11-06T09:15:04.187", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -120,6 +120,10 @@ "Vendor Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8906", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-7012", "source": "secalert@redhat.com", diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json index 3d960576545..706e099721f 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8553.json @@ -2,13 +2,17 @@ "id": "CVE-2024-8553", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-31T15:15:17.243", - "lastModified": "2024-11-01T12:57:03.417", + "lastModified": "2024-11-06T09:15:04.370", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en las macros de carga de Foreman introducidas con las plantillas de informes. Estas macros pueden permitir que un usuario autenticado con permisos para ver y crear plantillas lea cualquier campo de la base de datos de Foreman. Al usar cadenas espec\u00edficas en las macros de carga, los usuarios pueden omitir los permisos y acceder a informaci\u00f3n confidencial." } ], "metrics": { @@ -60,6 +64,10 @@ "url": "https://access.redhat.com/errata/RHSA-2024:8719", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8906", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-8553", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8614.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8614.json new file mode 100644 index 00000000000..6349bf82eb6 --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8614.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8614", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-06T09:15:04.520", + "lastModified": "2024-11-06T09:15:04.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_wp_handle_upload() function in all versions up to, and including, 2.6.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento JobSearch WP Job Board para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n jobsearch_wp_handle_upload() en todas las versiones hasta la 2.6.7 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor o superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7832f8fe-2b41-4cfb-a734-db4ec88d91a3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8615.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8615.json new file mode 100644 index 00000000000..9d74bd551c3 --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8615.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8615", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-06T09:15:04.773", + "lastModified": "2024-11-06T09:15:04.773", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_location_load_excel_file_callback() function in all versions up to, and including, 2.6.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento JobSearch WP Job Board para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n jobsearch_location_load_excel_file_callback() en todas las versiones hasta la 2.6.7 incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd718d44-4921-4deb-af5a-43e5f3926914?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9675.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9675.json index 85fb9c75190..690d09b89cb 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9675.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9675.json @@ -2,7 +2,7 @@ "id": "CVE-2024-9675", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-09T15:15:17.837", - "lastModified": "2024-11-05T08:15:04.833", + "lastModified": "2024-11-06T10:15:05.010", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -64,6 +64,10 @@ "url": "https://access.redhat.com/errata/RHSA-2024:8679", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8686", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2024:8703", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9676.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9676.json index 539145ea585..177942ef4bd 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9676.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9676.json @@ -2,7 +2,7 @@ "id": "CVE-2024-9676", "sourceIdentifier": "secalert@redhat.com", "published": "2024-10-15T16:15:06.933", - "lastModified": "2024-10-31T05:15:05.860", + "lastModified": "2024-11-06T10:15:05.683", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -64,6 +64,10 @@ "url": "https://access.redhat.com/errata/RHSA-2024:8437", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:8686", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-9676", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9681.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9681.json index b6a28bf45af..af0f5f96137 100644 --- a/CVE-2024/CVE-2024-96xx/CVE-2024-9681.json +++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9681.json @@ -9,6 +9,10 @@ { "lang": "en", "value": "When curl is asked to use HSTS, the expiry time for a subdomain might\noverwrite a parent domain's cache entry, making it end sooner or later than\notherwise intended.\n\nThis affects curl using applications that enable HSTS and use URLs with the\ninsecure `HTTP://` scheme and perform transfers with hosts like\n`x.example.com` as well as `example.com` where the first host is a subdomain\nof the second host.\n\n(The HSTS cache either needs to have been populated manually or there needs to\nhave been previous HTTPS accesses done as the cache needs to have entries for\nthe domains involved to trigger this problem.)\n\nWhen `x.example.com` responds with `Strict-Transport-Security:` headers, this\nbug can make the subdomain's expiry timeout *bleed over* and get set for the\nparent domain `example.com` in curl's HSTS cache.\n\nThe result of a triggered bug is that HTTP accesses to `example.com` get\nconverted to HTTPS for a different period of time than what was asked for by\nthe origin server. If `example.com` for example stops supporting HTTPS at its\nexpiry time, curl might then fail to access `http://example.com` until the\n(wrongly set) timeout expires. This bug can also expire the parent's entry\n*earlier*, thus making curl inadvertently switch back to insecure HTTP earlier\nthan otherwise intended." + }, + { + "lang": "es", + "value": "Cuando se le pide a curl que use HSTS, el tiempo de expiraci\u00f3n de un subdominio puede sobrescribir la entrada de cach\u00e9 de un dominio principal, lo que hace que finalice antes o despu\u00e9s de lo previsto. Esto afecta a curl que usa aplicaciones que habilitan HSTS y usan URL con el esquema inseguro `HTTP://` y realizan transferencias con hosts como `x.example.com` as\u00ed como `example.com` donde el primer host es un subdominio del segundo host. (El cach\u00e9 HSTS debe haberse llenado manualmente o debe haber habido accesos HTTPS previos ya que el cach\u00e9 debe tener entradas para los dominios involucrados para activar este problema). Cuando `x.example.com` responde con encabezados `Strict-Transport-Security:`, este error puede hacer que el tiempo de expiraci\u00f3n del subdominio *se extienda* y se configure para el dominio principal `example.com` en el cach\u00e9 HSTS de curl. El resultado de un error activado es que los accesos HTTP a `example.com` se convierten a HTTPS durante un per\u00edodo de tiempo diferente al solicitado por el servidor de origen. Si `example.com`, por ejemplo, deja de admitir HTTPS en su momento de vencimiento, curl podr\u00eda entonces no poder acceder a `http://example.com` hasta que expire el tiempo de espera (configurado incorrectamente). Este error tambi\u00e9n puede hacer que la entrada principal expire *antes*, lo que hace que curl vuelva inadvertidamente a HTTP inseguro antes de lo previsto." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-99xx/CVE-2024-9902.json b/CVE-2024/CVE-2024-99xx/CVE-2024-9902.json new file mode 100644 index 00000000000..91052470a68 --- /dev/null +++ b/CVE-2024/CVE-2024-99xx/CVE-2024-9902.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-9902", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-11-06T10:15:06.200", + "lastModified": "2024-11-06T10:15:06.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-9902", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318271", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 3ded9442113..b4134d7816c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-06T09:00:20.047054+00:00 +2024-11-06T11:00:19.585537+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-06T08:15:03.740000+00:00 +2024-11-06T10:15:06.200000+00:00 ``` ### Last Data Feed Release @@ -33,27 +33,30 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -268428 +268431 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `3` -- [CVE-2024-10020](CVE-2024/CVE-2024-100xx/CVE-2024-10020.json) (`2024-11-06T07:15:03.377`) -- [CVE-2024-10535](CVE-2024/CVE-2024-105xx/CVE-2024-10535.json) (`2024-11-06T07:15:03.880`) -- [CVE-2024-10543](CVE-2024/CVE-2024-105xx/CVE-2024-10543.json) (`2024-11-06T07:15:04.160`) -- [CVE-2024-52043](CVE-2024/CVE-2024-520xx/CVE-2024-52043.json) (`2024-11-06T08:15:03.420`) -- [CVE-2024-6626](CVE-2024/CVE-2024-66xx/CVE-2024-6626.json) (`2024-11-06T07:15:04.460`) -- [CVE-2024-9307](CVE-2024/CVE-2024-93xx/CVE-2024-9307.json) (`2024-11-06T07:15:04.717`) -- [CVE-2024-9681](CVE-2024/CVE-2024-96xx/CVE-2024-9681.json) (`2024-11-06T08:15:03.740`) -- [CVE-2024-9946](CVE-2024/CVE-2024-99xx/CVE-2024-9946.json) (`2024-11-06T07:15:04.977`) +- [CVE-2024-8614](CVE-2024/CVE-2024-86xx/CVE-2024-8614.json) (`2024-11-06T09:15:04.520`) +- [CVE-2024-8615](CVE-2024/CVE-2024-86xx/CVE-2024-8615.json) (`2024-11-06T09:15:04.773`) +- [CVE-2024-9902](CVE-2024/CVE-2024-99xx/CVE-2024-9902.json) (`2024-11-06T10:15:06.200`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `8` +- [CVE-2023-40735](CVE-2023/CVE-2023-407xx/CVE-2023-40735.json) (`2024-11-06T09:15:03.710`) +- [CVE-2024-52043](CVE-2024/CVE-2024-520xx/CVE-2024-52043.json) (`2024-11-06T10:15:03.833`) +- [CVE-2024-7006](CVE-2024/CVE-2024-70xx/CVE-2024-7006.json) (`2024-11-06T10:15:04.373`) +- [CVE-2024-7012](CVE-2024/CVE-2024-70xx/CVE-2024-7012.json) (`2024-11-06T09:15:04.187`) +- [CVE-2024-8553](CVE-2024/CVE-2024-85xx/CVE-2024-8553.json) (`2024-11-06T09:15:04.370`) +- [CVE-2024-9675](CVE-2024/CVE-2024-96xx/CVE-2024-9675.json) (`2024-11-06T10:15:05.010`) +- [CVE-2024-9676](CVE-2024/CVE-2024-96xx/CVE-2024-9676.json) (`2024-11-06T10:15:05.683`) +- [CVE-2024-9681](CVE-2024/CVE-2024-96xx/CVE-2024-9681.json) (`2024-11-06T08:15:03.740`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 81235fdf9b7..a238da26004 100644 --- a/_state.csv +++ b/_state.csv @@ -231063,7 +231063,7 @@ CVE-2023-4073,0,0,f38da659b6673c490161e8d4cab88eac5a3d08db3aa00ddc31bba9a3c441f4 CVE-2023-40730,0,0,e53bc04f867a544c5c2142f4a7a7d3e2044be62442a64262e5df3e630faa7cc3,2023-09-14T17:00:29.273000 CVE-2023-40731,0,0,0d3b4e375c466ae10676028b39f9bcec599de7e021f7941e33591b60d27b8d5d,2023-09-14T16:59:57.110000 CVE-2023-40732,0,0,0de335b97cb2d8ea28ba2daf4a9181c7d5927ddd29e5111dad0cca9b99f8a9b1,2023-09-14T16:49:50.890000 -CVE-2023-40735,0,0,88c7968a1813d324cfa3275805e62fc3d04669b94998c1d0b66912593c998640,2024-10-07T19:36:37.970000 +CVE-2023-40735,0,1,d6e2fc791259bc0173a4da335047e8ba22c4dedae1b658e4548877262dff66e3,2024-11-06T09:15:03.710000 CVE-2023-4074,0,0,51839cd8c1d88842439840ca3e3c8c020fefa804c32fe4e5a053d3a124748d9b,2024-01-31T17:15:14.080000 CVE-2023-40743,0,0,0f73d9585b00b12c90cacbe8597e86a593f7f0029cedf8511d7b2ade05b82d99,2024-08-02T19:15:56.317000 CVE-2023-40744,0,0,bd2ca97004f8ab866b5a6f1be3d1e9b3c291466120a8c648383110306df29689,2023-11-07T04:20:21.733000 @@ -242382,7 +242382,7 @@ CVE-2024-10014,0,0,e8d1f2b2bcba8c55790a5ab025cb991579911523f1b20331581610c1fd5c2 CVE-2024-10016,0,0,21d0091eaff7fe7567d1651c36c431401391330eaae7a5e6c3e21a28cc10ea9f,2024-10-25T12:56:07.750000 CVE-2024-10018,0,0,2aa14605c63d984e9b2fdfd4b3872cd3e6ce36a0ab239799435cd07454bf385f,2024-10-16T18:35:03.460000 CVE-2024-1002,0,0,da9ff0a1d838ebe2cbec1ae9defbaf7310d6b3493363163f0389be14aee69800,2024-05-17T02:35:09.013000 -CVE-2024-10020,1,1,22ded59140a74827de04eeaa66f4518c20f7bbc8276f818a4046b996cf6f7ca8,2024-11-06T07:15:03.377000 +CVE-2024-10020,0,0,22ded59140a74827de04eeaa66f4518c20f7bbc8276f818a4046b996cf6f7ca8,2024-11-06T07:15:03.377000 CVE-2024-10021,0,0,6df5b82bec28e371ca7d7ba7f52fc071f45722354fdfe7b2e6f4842f1f48ebe4,2024-10-21T13:13:25.677000 CVE-2024-10022,0,0,92e93478773b21ba9b2d43e5c324e5c622d589913a6faa7f64ee1349beb7c2dd,2024-10-21T13:14:02.203000 CVE-2024-10023,0,0,fb7a2d87c1d01f1c0f753ee2a4448f391382353000e2526f44469dfe5432a49f,2024-10-21T13:14:37.300000 @@ -242686,10 +242686,10 @@ CVE-2024-1052,0,0,2826dc83bebd9032f48348a63ffd25025c2a6126abd483892ed79004a77aef CVE-2024-10523,0,0,0a9da5f6f5fef7b13b15150d455643207cf8fb33d80d9527338aeff92e2045d0,2024-11-04T18:50:05.607000 CVE-2024-10525,0,0,cfad79154f466fe96736eabfa65cac8f6409e21deb7f07d79c02c68ee3f19eb2,2024-11-01T12:57:03.417000 CVE-2024-1053,0,0,3d9e5b8218feb39348551f4e96f20fbacd04f2b39830165bb00a553a3d3c5ccf,2024-02-22T19:07:27.197000 -CVE-2024-10535,1,1,4d5fc084eeddeb807ff84423276774a18b0bf1537bf468f9720de78b576b01d7,2024-11-06T07:15:03.880000 +CVE-2024-10535,0,0,4d5fc084eeddeb807ff84423276774a18b0bf1537bf468f9720de78b576b01d7,2024-11-06T07:15:03.880000 CVE-2024-1054,0,0,f8e7e53b5707aaecdfe1ea6fba53413ba04bed5cdf673762252b510775f984b1,2024-02-29T13:49:29.390000 CVE-2024-10540,0,0,1885d17d6b705045d75944e7bfd00755cc43fa534a9308c6cf91207b99518e74,2024-11-04T13:18:27.017000 -CVE-2024-10543,1,1,f508723595c06793bcf49434f20a997d5412d024edb1fdd5e1d5812ac0eab163,2024-11-06T07:15:04.160000 +CVE-2024-10543,0,0,f508723595c06793bcf49434f20a997d5412d024edb1fdd5e1d5812ac0eab163,2024-11-06T07:15:04.160000 CVE-2024-10544,0,0,d84fa7aeaabdc2cfe5861efef74c5b30022ed51487865228c56366868169c4d7,2024-11-01T12:57:03.417000 CVE-2024-10546,0,0,fe7c4bb80388357d2012de9abcf9bdb2510a4d8644b958f5e63299c9a417e4c8,2024-11-01T12:57:03.417000 CVE-2024-1055,0,0,ccc78f7d4bd63bcc448b5e62f7789de0e1a26ab036272b89eca521cba41a35e3,2024-02-14T18:59:33.780000 @@ -264770,7 +264770,7 @@ CVE-2024-52029,0,0,6604d73dfa925d8021d81d835bc825971fe44d6336112cf5acceb9e667d92 CVE-2024-5203,0,0,e867d44b31fa735ecaef1844aba382841138e742c9b7e957e6089969316cab00,2024-09-13T11:15:10.197000 CVE-2024-52030,0,0,f299083111a88bfbb33be7c61ad60009afd7ae12eaace08cfe4a696ed0f18397,2024-11-05T16:35:58.320000 CVE-2024-5204,0,0,87eb5b753d379a1bd1ef79b260f2b73c84b7ff9a4b79082cf351323e04c98a6d,2024-05-29T13:02:09.280000 -CVE-2024-52043,1,1,221019ad69c996cf10205a2fcb9e03620b6f2d62282c68eabfae23ff0cc3573b,2024-11-06T08:15:03.420000 +CVE-2024-52043,0,1,2158eb735ba746b881d77dfdc8f52a734d15499d83c47467ce2ed5698e3bddb0,2024-11-06T10:15:03.833000 CVE-2024-5205,0,0,4921ed356d4f56252ffbf3c608cb3301846a77ee8cc9c08ec7f0a543467e385d,2024-05-24T13:03:11.993000 CVE-2024-5206,0,0,b3f524211e1d68f8da056248f629dbe7f435bd9f6a2b4ba4133bd7fb2ec50998,2024-10-24T19:48:31.637000 CVE-2024-5207,0,0,181dd5a561a1ca6cee33a4a5369908472f122edb94b0d0fa7d6cd5b5e2958e5a,2024-05-30T13:15:41.297000 @@ -266027,7 +266027,7 @@ CVE-2024-6620,0,0,64e06f08829405566592b044b4a90e5d81b7212d27ff82e69e11d8e82efebd CVE-2024-6621,0,0,71019530e7c55904f5b2394b1c9d479065b5c59dd563b9ca2f648901520dca49,2024-08-07T22:17:37.553000 CVE-2024-6624,0,0,d641d0598d5f0d62f69b2f0bb30153f1263b9aa17a64dd7567b42517a1bc6027,2024-07-12T16:51:31.487000 CVE-2024-6625,0,0,b913737eefce9f28c47dc537f0edd398b1eeb297cd2eb30c69b59c3401317130,2024-07-12T12:49:07.030000 -CVE-2024-6626,1,1,9bc5629ba2658e002809168c70b22a775c928df854a0d9c0557a6d7b940b37b2,2024-11-06T07:15:04.460000 +CVE-2024-6626,0,0,9bc5629ba2658e002809168c70b22a775c928df854a0d9c0557a6d7b940b37b2,2024-11-06T07:15:04.460000 CVE-2024-6627,0,0,c1ab91b855386d03fb23ec47d7ea95469618609ded94a66bedffee95371608e8,2024-07-29T14:12:08.783000 CVE-2024-6629,0,0,e7fb6a99ed3ad0ead40ca75ee8e19034c6248a18a082e5cb8e8eaa0368a38b0a,2024-08-14T19:26:41.113000 CVE-2024-6630,0,0,7742b604143993a9d769b9ab9c3e5aab85337a51e6772bb186961af80d29fee2,2024-07-10T18:15:05.407000 @@ -266339,13 +266339,13 @@ CVE-2024-7001,0,0,c36cc44ed743aca43eac7951b6662bd893691f9a45d57142d09098c4fe318e CVE-2024-7003,0,0,c2f51c1b71164a15818ef9209a48a467e859077ffdde417023c4b7a222f91993,2024-08-07T19:52:18.500000 CVE-2024-7004,0,0,fba76c8e8c7223314c6c608975d171b8f62916ad77641194d26a60c67a45fe60,2024-10-29T20:35:41.127000 CVE-2024-7005,0,0,50047c6e5a9aa1663d251a4f8d2f7feee05d4f308668b613173701adaf5c68b3,2024-08-07T19:56:48.777000 -CVE-2024-7006,0,0,ec195a021ad8497db3882e5df461e4b21cca5bab8f8b8dfc6307a1361d205efd,2024-11-05T08:15:03.973000 +CVE-2024-7006,0,1,e9b22d94c1d987f14202223e075626537518a066054d4c98d0331f98649e6929,2024-11-06T10:15:04.373000 CVE-2024-7007,0,0,6c2603aae32d52f56620cb62e82bb337e026d3d4a4716b72dab9674c5cf4b216,2024-08-26T16:40:44.500000 CVE-2024-7008,0,0,e9008eac80639f6b75fc8244a6b0baab3d6a7fa095b7e9aa58d7626a117a490a,2024-08-19T17:19:25.390000 CVE-2024-7009,0,0,63b067a161bbf9c0630f63b1d51ac801565652e58cd58fdd4516392106a400e2,2024-08-19T17:18:50.290000 CVE-2024-7010,0,0,e8197466fb2c1bac0f4d4a1323b7c9da17e9a3898507a8699fc4886432b9e8aa,2024-10-29T14:34:04.427000 CVE-2024-7011,0,0,99ce7f2b3659c5d531a27a1468b259c3a2cc0e8369192e731629993addf70828,2024-11-05T20:35:26.370000 -CVE-2024-7012,0,0,7505e34b161e28dbe95eb89541c44fc261402b7bb3b4a766cd0492f45404fdcf,2024-09-19T06:15:03.777000 +CVE-2024-7012,0,1,a44bf28aa4086113e2305dbe5b19c7911be8e5988385565b873f36daf3fb0872,2024-11-06T09:15:04.187000 CVE-2024-7013,0,0,b2d18f592f803beaaf02ae1066b68bd9f1fd65046672577949ac6ff9d71880f4,2024-08-21T12:30:33.697000 CVE-2024-7014,0,0,bf4bcb57365a86d29a45ebd019245eec542daaec8aac5d2bd790565f954bcfee,2024-07-24T12:55:13.223000 CVE-2024-7015,0,0,2f98818b22a577671d31cb1f515142d61fc105f3f7ead87a06bda616310e4f0c,2024-09-23T09:15:03.230000 @@ -267537,7 +267537,7 @@ CVE-2024-8547,0,0,a5c726f624e35e2e38ae2311e7ed395da023cf1c888c1c750584ab5f9e8492 CVE-2024-8548,0,0,79d6b79af13a38bbe8eb976675ec8fe70e73bfe199b20619eaaa02e33fc56380,2024-10-04T13:51:25.567000 CVE-2024-8549,0,0,9d15342b3eb4ac6ebd08188bbf5727cd19e2d1db961fed83db600a8a3150700d,2024-10-02T16:04:41.970000 CVE-2024-8552,0,0,ab7cb4c880b3ec4297f7ff802068bed1b689ce05b544a01cb748e0f63a229aea,2024-10-02T17:00:45.083000 -CVE-2024-8553,0,0,be58c50525a9502948bfd7fc4471f823e1b0474a0abbdee430c4c54ee6da9fd0,2024-11-01T12:57:03.417000 +CVE-2024-8553,0,1,e11220ffbbd880f6fb6c8a1b19a88ca3de988b436c82f20e6ed81304fa95c049,2024-11-06T09:15:04.370000 CVE-2024-8554,0,0,46c32adbe15332664cfc930fe8c32bff96db8190902ab789492b593fa03348f1,2024-09-10T13:52:23.250000 CVE-2024-8555,0,0,0c0685cb1cca90ba97dbbe7724af46b71d0ab057cb41b6cc62e81df56a2985b7,2024-09-10T13:53:11.847000 CVE-2024-8557,0,0,86ab04a42076aa0fe9f792cba1f27d54b98becfc358809b664a63ce528fde776,2024-09-10T14:19:36.280000 @@ -267594,6 +267594,8 @@ CVE-2024-8609,0,0,abc618d0d5885aaa0308adb05d31ead671e5c2779c8ca59665e4b82717c05b CVE-2024-8610,0,0,9284b474db1beea95bd52a2a34ba37d6ccf26129d36f3b91404a653005c49f87,2024-09-17T18:48:12.130000 CVE-2024-8611,0,0,3d63bb09edc11ef6327fe857dfe381551fd3ed233dd119eaa741dce3b9b25e8e,2024-09-18T17:24:34.163000 CVE-2024-8612,0,0,7904070a64ce6b0c617a391de31eeccb03d9f0e9421f89781a9fa23b513c6a78,2024-09-26T13:32:55.343000 +CVE-2024-8614,1,1,36d1a1a6b42d05cf143ff042294b3caf5c79ff490927e6ae08fa5f0482d90b52,2024-11-06T09:15:04.520000 +CVE-2024-8615,1,1,9e20a5031c3889cbee6ecf8ab74840d66fe4ef84481de4b0e133f0ea5f1fba9c,2024-11-06T09:15:04.773000 CVE-2024-8621,0,0,da11617ee187bea39361c3e736358efdd8e000970ca04e836eaac8c5eeb75dea,2024-10-02T16:10:27.313000 CVE-2024-8622,0,0,3dd68829fc11e22f0c21c42ebfb82eece7f179bcaa47d99ccdf324ecdb81f1e2,2024-09-26T14:59:27.770000 CVE-2024-8623,0,0,b38d11e5ea040f7d1c1df76eb8b329847342918d3746a88d315f2eac79041136,2024-09-26T16:46:28.590000 @@ -268026,7 +268028,7 @@ CVE-2024-9302,0,0,9de4e700962fe1bd854a6484dbbc0b4e296d1fb8e2431e70c82506d2214283 CVE-2024-9304,0,0,f4e2b697051bb54ba85260a74446cf2ab04e7ed5a9a99551a585b1547839152d,2024-10-04T13:51:25.567000 CVE-2024-9305,0,0,9356de917540d014bb0920dd5c70c4a746534e64b108e65259378d7cd6bc9209,2024-10-16T16:38:14.557000 CVE-2024-9306,0,0,ac26ad903bb36889edec0c6ea9a2822945801fec7c4fdd4634c75606f4fc1bfd,2024-10-08T16:25:29.877000 -CVE-2024-9307,1,1,22fb7f78e295a5cf9ceda6548400f276f3ea321034a9e77ba2a6b1d7d1e77f01,2024-11-06T07:15:04.717000 +CVE-2024-9307,0,0,22fb7f78e295a5cf9ceda6548400f276f3ea321034a9e77ba2a6b1d7d1e77f01,2024-11-06T07:15:04.717000 CVE-2024-9312,0,0,65fdcc0be3189c3ff0a528696e09ee6d93e5e818e1f4d380b9150324071206f9,2024-10-15T12:58:51.050000 CVE-2024-9313,0,0,8eab8e6a12fcb7dddda62f8c34fd34d547229d6ef4cec2e38f61189642da0e5f,2024-10-04T13:50:43.727000 CVE-2024-9314,0,0,00d364d543c4cb2126acf6cc95de2d0f1b151f0a7217d33f64bbbac89a01f5f5,2024-10-07T17:48:28.117000 @@ -268250,11 +268252,11 @@ CVE-2024-9667,0,0,4c2cf3e987949daa6f6783b329a60c01d9a6ec3570b24191ca01f99d0f544e CVE-2024-9670,0,0,f306c0fbbcbde1e6a65006fd3bdd50d366f02be816ff2a6f00ef3348b3b76328,2024-10-15T12:57:46.880000 CVE-2024-9671,0,0,421f1b0ad6825ff096efd81ac122f33bafcdf7b21693a85f65613389bca55f89,2024-10-10T12:51:56.987000 CVE-2024-9674,0,0,99b8206db3c3741ff50725aa3969c36280edf4a37082b6473da1336e00a39d59,2024-10-22T14:02:50.473000 -CVE-2024-9675,0,0,1ed248c36a7ea050df3e59722d429cff59bfa6a3409b241c83aef75b1cd1c6ec,2024-11-05T08:15:04.833000 -CVE-2024-9676,0,0,24ed9ba905e617fe373fd7817b3453536089b8c2e8edbf0e6624a0d55077f74d,2024-10-31T05:15:05.860000 +CVE-2024-9675,0,1,37422127447344bf3ed37f2b97cceac689d57dfe308b187cd608d9922ee098b1,2024-11-06T10:15:05.010000 +CVE-2024-9676,0,1,5106efc260335d5b89c81a279b45ed1786fc4f7066f6e2ce2194ea92536797d7,2024-11-06T10:15:05.683000 CVE-2024-9677,0,0,944e049c847e061867c66e6b586a0cd99260b04bc2e2059d736567bf47cae00c,2024-10-23T15:12:34.673000 CVE-2024-9680,0,0,db0e4e19e09673238ffe3dfbb8e95974e9346a75b4fd6d9319c03e5970bb644e,2024-10-16T15:07:36.123000 -CVE-2024-9681,1,1,0f4ce78103f18330432e4fa3a86ae652f2aca1a694d3d9c8577ed2fefd78f9cb,2024-11-06T08:15:03.740000 +CVE-2024-9681,0,1,49632cbd9cae711bd8beda2a509c30d59e3f243f8fc7985b3a523f3199c17a7c,2024-11-06T08:15:03.740000 CVE-2024-9683,0,0,a648737766df3deb74ddc86e7dcd00883598b7b3c943d9054e11451b5f185407,2024-10-18T12:52:33.507000 CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000 CVE-2024-9686,0,0,04f98af9d8ec4af01a3d35842aedc3b86f9dda8a517693baa9ea958d5317966d,2024-10-25T12:56:07.750000 @@ -268350,6 +268352,7 @@ CVE-2024-9896,0,0,09339b3269859e496224a4ee93cb949746eeb659cdbf7ff07d2c92a00e93ed CVE-2024-9897,0,0,c000f038202bbdf161648c8f1d74fa0a88aad69aa13c730474d96a3fd2473014,2024-11-01T15:27:56.797000 CVE-2024-9898,0,0,34647a8f54872789fb9d153b7e32e611f940664cb6907ab09e4df7e32cdaa8ba,2024-10-18T12:52:33.507000 CVE-2024-9899,0,0,6c76ba1fcc7597d7958a7e74c7de009221352c8fe34414d847a1d4d85ee09e27,2024-10-23T21:15:15.050000 +CVE-2024-9902,1,1,7b1b9e06adc7e03882eae99ab4498fcaa7dc2330b24a66f60eb7ab4877ede92a,2024-11-06T10:15:06.200000 CVE-2024-9903,0,0,244e0ad624c75743e190bc7da6a1b45fe195aaf738d59f8decfde97c8722448f,2024-10-15T12:57:46.880000 CVE-2024-9904,0,0,b8f5bdf1fde920247f061f9c3939c42469f53e3148abd589ac11ba36d4728079,2024-10-15T12:57:46.880000 CVE-2024-9905,0,0,09e20420cf063b331c2f2444287faaf461bdb42e483d150bc77bc6c327c543d3,2024-10-16T22:12:18.153000 @@ -268382,7 +268385,7 @@ CVE-2024-9937,0,0,4e7ae54d6a9c5099857ac0a66ba44c96220fc2ab3e1844c918c371d4dbb6d3 CVE-2024-9940,0,0,0591f213f2bec6924fef18017d23419024c9c5bdc4c598c1e0fd80a492ebb13b,2024-10-18T12:53:04.627000 CVE-2024-9943,0,0,2b1bd0bf17ad8265b1c648445115c5e7c1a49eb398158e5a8ef4b45ea9c6d38b,2024-10-25T12:56:07.750000 CVE-2024-9944,0,0,0b8e9f26d6b78f71e8a64eb7650f72f57e1c6a31a17ce0fafe5b6b8377b71371,2024-10-17T20:47:35.817000 -CVE-2024-9946,1,1,dd31e55b0781c8a141d6e7b93b89d44847765b242fff084b09fb097b0e5cdb45,2024-11-06T07:15:04.977000 +CVE-2024-9946,0,0,dd31e55b0781c8a141d6e7b93b89d44847765b242fff084b09fb097b0e5cdb45,2024-11-06T07:15:04.977000 CVE-2024-9947,0,0,88ec45aa6bd99a52db1c3f2ce1757c1650b55146fad6304733cc20a8df4a46b2,2024-10-25T16:53:12.867000 CVE-2024-9949,0,0,7baff7b9a9118e82abe3afe4a5ae476b8e56ff4f2cbd456d4ba563053750f9b6,2024-10-25T12:56:07.750000 CVE-2024-9951,0,0,5d941c75af8c4072e469beaa1d6ae2855b0ca23ecdce87314ecd326f6a54014a,2024-10-18T12:52:33.507000