mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2024-10-20T10:00:17.078428+00:00
This commit is contained in:
parent
9cc42c2407
commit
cf16e2f8c2
137
CVE-2024/CVE-2024-101xx/CVE-2024-10193.json
Normal file
137
CVE-2024/CVE-2024-101xx/CVE-2024-10193.json
Normal file
@ -0,0 +1,137 @@
|
||||
{
|
||||
"id": "CVE-2024-10193",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-10-20T08:15:02.300",
|
||||
"lastModified": "2024-10-20T08:15:02.300",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified as critical. This issue affects the function ping_ddns of the file internet.cgi. The manipulation of the argument DDNS leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV40": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "4.0",
|
||||
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"attackRequirements": "NONE",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "NONE",
|
||||
"vulnerableSystemConfidentiality": "LOW",
|
||||
"vulnerableSystemIntegrity": "LOW",
|
||||
"vulnerableSystemAvailability": "LOW",
|
||||
"subsequentSystemConfidentiality": "NONE",
|
||||
"subsequentSystemIntegrity": "NONE",
|
||||
"subsequentSystemAvailability": "NONE",
|
||||
"exploitMaturity": "NOT_DEFINED",
|
||||
"confidentialityRequirements": "NOT_DEFINED",
|
||||
"integrityRequirements": "NOT_DEFINED",
|
||||
"availabilityRequirements": "NOT_DEFINED",
|
||||
"modifiedAttackVector": "NOT_DEFINED",
|
||||
"modifiedAttackComplexity": "NOT_DEFINED",
|
||||
"modifiedAttackRequirements": "NOT_DEFINED",
|
||||
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
||||
"modifiedUserInteraction": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
||||
"safety": "NOT_DEFINED",
|
||||
"automatable": "NOT_DEFINED",
|
||||
"recovery": "NOT_DEFINED",
|
||||
"valueDensity": "NOT_DEFINED",
|
||||
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
||||
"providerUrgency": "NOT_DEFINED",
|
||||
"baseScore": 5.1,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
}
|
||||
],
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 4.7,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.2,
|
||||
"impactScore": 3.4
|
||||
}
|
||||
],
|
||||
"cvssMetricV2": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "2.0",
|
||||
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
|
||||
"accessVector": "NETWORK",
|
||||
"accessComplexity": "LOW",
|
||||
"authentication": "MULTIPLE",
|
||||
"confidentialityImpact": "PARTIAL",
|
||||
"integrityImpact": "PARTIAL",
|
||||
"availabilityImpact": "PARTIAL",
|
||||
"baseScore": 5.8
|
||||
},
|
||||
"baseSeverity": "MEDIUM",
|
||||
"exploitabilityScore": 6.4,
|
||||
"impactScore": 6.4,
|
||||
"acInsufInfo": false,
|
||||
"obtainAllPrivilege": false,
|
||||
"obtainUserPrivilege": false,
|
||||
"obtainOtherPrivilege": false,
|
||||
"userInteractionRequired": false
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-77"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://docs.google.com/document/d/13XWnFITW31u5J8HeQj8Zm-7oLt-M1DtQ/",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.280967",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?id.280967",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?submit.422811",
|
||||
"source": "cna@vuldb.com"
|
||||
}
|
||||
]
|
||||
}
|
137
CVE-2024/CVE-2024-101xx/CVE-2024-10194.json
Normal file
137
CVE-2024/CVE-2024-101xx/CVE-2024-10194.json
Normal file
@ -0,0 +1,137 @@
|
||||
{
|
||||
"id": "CVE-2024-10194",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-10-20T08:15:02.710",
|
||||
"lastModified": "2024-10-20T08:15:02.710",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Goto_chidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV40": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "4.0",
|
||||
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
||||
"attackVector": "ADJACENT",
|
||||
"attackComplexity": "LOW",
|
||||
"attackRequirements": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"vulnerableSystemConfidentiality": "HIGH",
|
||||
"vulnerableSystemIntegrity": "HIGH",
|
||||
"vulnerableSystemAvailability": "HIGH",
|
||||
"subsequentSystemConfidentiality": "NONE",
|
||||
"subsequentSystemIntegrity": "NONE",
|
||||
"subsequentSystemAvailability": "NONE",
|
||||
"exploitMaturity": "NOT_DEFINED",
|
||||
"confidentialityRequirements": "NOT_DEFINED",
|
||||
"integrityRequirements": "NOT_DEFINED",
|
||||
"availabilityRequirements": "NOT_DEFINED",
|
||||
"modifiedAttackVector": "NOT_DEFINED",
|
||||
"modifiedAttackComplexity": "NOT_DEFINED",
|
||||
"modifiedAttackRequirements": "NOT_DEFINED",
|
||||
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
||||
"modifiedUserInteraction": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
||||
"safety": "NOT_DEFINED",
|
||||
"automatable": "NOT_DEFINED",
|
||||
"recovery": "NOT_DEFINED",
|
||||
"valueDensity": "NOT_DEFINED",
|
||||
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
||||
"providerUrgency": "NOT_DEFINED",
|
||||
"baseScore": 8.7,
|
||||
"baseSeverity": "HIGH"
|
||||
}
|
||||
}
|
||||
],
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "ADJACENT_NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
],
|
||||
"cvssMetricV2": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "2.0",
|
||||
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
|
||||
"accessVector": "ADJACENT_NETWORK",
|
||||
"accessComplexity": "LOW",
|
||||
"authentication": "NONE",
|
||||
"confidentialityImpact": "COMPLETE",
|
||||
"integrityImpact": "COMPLETE",
|
||||
"availabilityImpact": "COMPLETE",
|
||||
"baseScore": 8.3
|
||||
},
|
||||
"baseSeverity": "HIGH",
|
||||
"exploitabilityScore": 6.5,
|
||||
"impactScore": 10.0,
|
||||
"acInsufInfo": false,
|
||||
"obtainAllPrivilege": false,
|
||||
"obtainUserPrivilege": false,
|
||||
"obtainOtherPrivilege": false,
|
||||
"userInteractionRequired": false
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-121"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://docs.google.com/document/d/1PodIMRe1f0Ql83jUXV5VIoc-Xsf9VC1K",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.280968",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?id.280968",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?submit.422834",
|
||||
"source": "cna@vuldb.com"
|
||||
}
|
||||
]
|
||||
}
|
137
CVE-2024/CVE-2024-101xx/CVE-2024-10195.json
Normal file
137
CVE-2024/CVE-2024-101xx/CVE-2024-10195.json
Normal file
@ -0,0 +1,137 @@
|
||||
{
|
||||
"id": "CVE-2024-10195",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-10-20T09:15:02.393",
|
||||
"lastModified": "2024-10-20T09:15:02.393",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/goform_get_cmd_process of the component SMS Check. The manipulation of the argument order_by leads to sql injection. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV40": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "4.0",
|
||||
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"attackRequirements": "NONE",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "NONE",
|
||||
"vulnerableSystemConfidentiality": "LOW",
|
||||
"vulnerableSystemIntegrity": "LOW",
|
||||
"vulnerableSystemAvailability": "LOW",
|
||||
"subsequentSystemConfidentiality": "NONE",
|
||||
"subsequentSystemIntegrity": "NONE",
|
||||
"subsequentSystemAvailability": "NONE",
|
||||
"exploitMaturity": "NOT_DEFINED",
|
||||
"confidentialityRequirements": "NOT_DEFINED",
|
||||
"integrityRequirements": "NOT_DEFINED",
|
||||
"availabilityRequirements": "NOT_DEFINED",
|
||||
"modifiedAttackVector": "NOT_DEFINED",
|
||||
"modifiedAttackComplexity": "NOT_DEFINED",
|
||||
"modifiedAttackRequirements": "NOT_DEFINED",
|
||||
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
||||
"modifiedUserInteraction": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
||||
"safety": "NOT_DEFINED",
|
||||
"automatable": "NOT_DEFINED",
|
||||
"recovery": "NOT_DEFINED",
|
||||
"valueDensity": "NOT_DEFINED",
|
||||
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
||||
"providerUrgency": "NOT_DEFINED",
|
||||
"baseScore": 5.1,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
}
|
||||
],
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 4.7,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.2,
|
||||
"impactScore": 3.4
|
||||
}
|
||||
],
|
||||
"cvssMetricV2": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "2.0",
|
||||
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
|
||||
"accessVector": "NETWORK",
|
||||
"accessComplexity": "LOW",
|
||||
"authentication": "MULTIPLE",
|
||||
"confidentialityImpact": "PARTIAL",
|
||||
"integrityImpact": "PARTIAL",
|
||||
"availabilityImpact": "PARTIAL",
|
||||
"baseScore": 5.8
|
||||
},
|
||||
"baseSeverity": "MEDIUM",
|
||||
"exploitabilityScore": 6.4,
|
||||
"impactScore": 6.4,
|
||||
"acInsufInfo": false,
|
||||
"obtainAllPrivilege": false,
|
||||
"obtainUserPrivilege": false,
|
||||
"obtainOtherPrivilege": false,
|
||||
"userInteractionRequired": false
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-89"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://asciinema.org/a/2mwkmDqRZfeAYTu5hHre1r4QB",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.280969",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?id.280969",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?submit.422994",
|
||||
"source": "cna@vuldb.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-480xx/CVE-2024-48049.json
Normal file
56
CVE-2024/CVE-2024-480xx/CVE-2024-48049.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-48049",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:03.000",
|
||||
"lastModified": "2024-10-20T08:15:03.000",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mighty Plugins Mighty Builder allows Stored XSS.This issue affects Mighty Builder: from n/a through 1.0.2."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.3,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/mighty-builder/wordpress-mighty-builder-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-492xx/CVE-2024-49286.json
Normal file
56
CVE-2024/CVE-2024-492xx/CVE-2024-49286.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49286",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:03.233",
|
||||
"lastModified": "2024-10-20T08:15:03.233",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2.7."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.6,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/ssv-events/wordpress-ssv-events-plugin-3-2-7-local-file-inclusion-to-rce-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49323.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49323.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49323",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:03.460",
|
||||
"lastModified": "2024-10-20T08:15:03.460",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sourav All in One Slider allows Reflected XSS.This issue affects All in One Slider: from n/a through 1.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.1,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/all-in-one-slider/wordpress-all-in-one-slider-plugin-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49324.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49324.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49324",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:03.227",
|
||||
"lastModified": "2024-10-20T09:15:03.227",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case Management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through 1.0.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/sovratec-case-management/wordpress-sovratec-case-management-plugin-1-0-0-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49326.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49326.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49326",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:03.750",
|
||||
"lastModified": "2024-10-20T09:15:03.750",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/affiliator-lite/wordpress-affiliator-plugin-2-1-3-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49327.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49327.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49327",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:04.440",
|
||||
"lastModified": "2024-10-20T09:15:04.440",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Asep Bagja Priandana Woostagram Connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through 1.0.2."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/woostagram-connect/wordpress-woostagram-connect-plugin-1-0-2-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49328.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49328.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49328",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:03.667",
|
||||
"lastModified": "2024-10-20T08:15:03.667",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-288"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/rest-api-fns/wordpress-wp-rest-api-fns-plugin-plugin-1-0-0-account-takeover-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49329.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49329.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49329",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:04.860",
|
||||
"lastModified": "2024-10-20T09:15:04.860",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Vivek Tamrakar WP REST API FNS allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through 1.0.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/rest-api-fns/wordpress-wp-rest-api-fns-plugin-1-0-0-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49330.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49330.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49330",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:05.133",
|
||||
"lastModified": "2024-10-20T09:15:05.133",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/nicebackgrounds/wordpress-nice-backgrounds-plugin-1-0-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49331.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49331.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49331",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:05.377",
|
||||
"lastModified": "2024-10-20T09:15:05.377",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through 4.2.38."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.9,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.1,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/plms/wordpress-property-lot-management-system-plugin-4-2-38-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49332.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49332.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49332",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:05.560",
|
||||
"lastModified": "2024-10-20T09:15:05.560",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-502"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/giveaway-boost/wordpress-giveaway-boost-plugin-2-1-4-php-object-injection-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-493xx/CVE-2024-49334.json
Normal file
56
CVE-2024/CVE-2024-493xx/CVE-2024-49334.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49334",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:03.907",
|
||||
"lastModified": "2024-10-20T08:15:03.907",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Unizoe Web Solutions jLayer Parallax Slider allows Reflected XSS.This issue affects jLayer Parallax Slider: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.1,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/jlayer-parallax-slider-wp/wordpress-jlayer-parallax-slider-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49604.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49604.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49604",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:04.117",
|
||||
"lastModified": "2024-10-20T08:15:04.117",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through 5.5."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-288"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/wp-registration/wordpress-simple-user-registration-plugin-5-5-account-takeover-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49606.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49606.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49606",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:04.323",
|
||||
"lastModified": "2024-10-20T08:15:04.323",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dotsquares Google Map Locations allows Reflected XSS.This issue affects Google Map Locations: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.1,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/google-map-locations/wordpress-google-map-locations-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49607.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49607.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49607",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:05.763",
|
||||
"lastModified": "2024-10-20T09:15:05.763",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/wp-dropbox-dropins/wordpress-wp-dropbox-dropins-plugin-1-0-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49608.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49608.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49608",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:05.973",
|
||||
"lastModified": "2024-10-20T09:15:05.973",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": ": Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows Privilege Escalation.This issue affects GERRYWORKS Post by Mail: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-266"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/gerryworks-post-by-mail/wordpress-gerryworks-post-by-mail-plugin-1-0-privilege-escalation-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49610.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49610.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49610",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:06.190",
|
||||
"lastModified": "2024-10-20T09:15:06.190",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/photokit/wordpress-photokit-plugin-1-0-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49611.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49611.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49611",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:04.523",
|
||||
"lastModified": "2024-10-20T08:15:04.523",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Paxman Product Website Showcase allows Upload a Web Shell to a Web Server.This issue affects Product Website Showcase: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 10.0,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 6.0
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-434"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/product-websites-showcase/wordpress-product-website-showcase-plugin-1-0-arbitrary-file-upload-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49621.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49621.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49621",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:06.390",
|
||||
"lastModified": "2024-10-20T09:15:06.390",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Apa APA Register Newsletter Form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through 1.0.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 8.2,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 4.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/apa-register-newsletter-form/wordpress-apa-register-newsletter-form-plugin-1-0-0-csrf-to-sql-injection-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49622.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49622.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49622",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:06.613",
|
||||
"lastModified": "2024-10-20T09:15:06.613",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Apa Apa Banner Slider allows SQL Injection.This issue affects Apa Banner Slider: from n/a through 1.0.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 8.2,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 4.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/apa-banner-slider/wordpress-apa-banner-slider-plugin-1-0-0-csrf-to-sql-injection-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49623.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49623.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49623",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:06.810",
|
||||
"lastModified": "2024-10-20T09:15:06.810",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hasan Movahed Duplicate Title Validate allows Blind SQL Injection.This issue affects Duplicate Title Validate: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 8.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.1,
|
||||
"impactScore": 4.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-89"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/duplicate-title-validate/wordpress-duplicate-title-validate-plugin-1-0-sql-injection-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49624.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49624.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49624",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:07.013",
|
||||
"lastModified": "2024-10-20T09:15:07.013",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising System: from n/a through 1.3.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-502"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/advanced-advertising-system/wordpress-advanced-advertising-system-plugin-1-3-1-php-object-injection-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49625.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49625.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49625",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T09:15:07.220",
|
||||
"lastModified": "2024-10-20T09:15:07.220",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-502"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/sitebuilder-dynamic-components/wordpress-sitebuilder-dynamic-components-plugin-1-0-php-object-injection-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49626.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49626.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49626",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:04.730",
|
||||
"lastModified": "2024-10-20T08:15:04.730",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through 1.2."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-502"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/shipyaari-shipping-managment/wordpress-shipyaari-shipping-management-plugin-1-2-php-object-injection-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49630.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49630.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49630",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:04.933",
|
||||
"lastModified": "2024-10-20T08:15:04.933",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HT Plugins WP Education allows Stored XSS.This issue affects WP Education: from n/a through 1.2.8."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.3,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/wp-education/wordpress-wp-education-for-elementor-plugin-1-2-8-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
56
CVE-2024/CVE-2024-496xx/CVE-2024-49631.json
Normal file
56
CVE-2024/CVE-2024-496xx/CVE-2024-49631.json
Normal file
@ -0,0 +1,56 @@
|
||||
{
|
||||
"id": "CVE-2024-49631",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-10-20T08:15:05.130",
|
||||
"lastModified": "2024-10-20T08:15:05.130",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Md Abdul Kader Easy Addons for Elementor allows Stored XSS.This issue affects Easy Addons for Elementor: from n/a through 1.3.0."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.3,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/easy-addons-for-elementor/wordpress-easy-addons-for-elementor-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
35
README.md
35
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-10-20T08:00:17.292542+00:00
|
||||
2024-10-20T10:00:17.078428+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-10-20T07:15:02.103000+00:00
|
||||
2024-10-20T09:15:07.220000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,15 +33,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
266184
|
||||
266213
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `2`
|
||||
Recently added CVEs: `29`
|
||||
|
||||
- [CVE-2024-10191](CVE-2024/CVE-2024-101xx/CVE-2024-10191.json) (`2024-10-20T06:15:02.413`)
|
||||
- [CVE-2024-10192](CVE-2024/CVE-2024-101xx/CVE-2024-10192.json) (`2024-10-20T07:15:02.103`)
|
||||
- [CVE-2024-49286](CVE-2024/CVE-2024-492xx/CVE-2024-49286.json) (`2024-10-20T08:15:03.233`)
|
||||
- [CVE-2024-49323](CVE-2024/CVE-2024-493xx/CVE-2024-49323.json) (`2024-10-20T08:15:03.460`)
|
||||
- [CVE-2024-49324](CVE-2024/CVE-2024-493xx/CVE-2024-49324.json) (`2024-10-20T09:15:03.227`)
|
||||
- [CVE-2024-49326](CVE-2024/CVE-2024-493xx/CVE-2024-49326.json) (`2024-10-20T09:15:03.750`)
|
||||
- [CVE-2024-49327](CVE-2024/CVE-2024-493xx/CVE-2024-49327.json) (`2024-10-20T09:15:04.440`)
|
||||
- [CVE-2024-49328](CVE-2024/CVE-2024-493xx/CVE-2024-49328.json) (`2024-10-20T08:15:03.667`)
|
||||
- [CVE-2024-49329](CVE-2024/CVE-2024-493xx/CVE-2024-49329.json) (`2024-10-20T09:15:04.860`)
|
||||
- [CVE-2024-49330](CVE-2024/CVE-2024-493xx/CVE-2024-49330.json) (`2024-10-20T09:15:05.133`)
|
||||
- [CVE-2024-49331](CVE-2024/CVE-2024-493xx/CVE-2024-49331.json) (`2024-10-20T09:15:05.377`)
|
||||
- [CVE-2024-49332](CVE-2024/CVE-2024-493xx/CVE-2024-49332.json) (`2024-10-20T09:15:05.560`)
|
||||
- [CVE-2024-49334](CVE-2024/CVE-2024-493xx/CVE-2024-49334.json) (`2024-10-20T08:15:03.907`)
|
||||
- [CVE-2024-49604](CVE-2024/CVE-2024-496xx/CVE-2024-49604.json) (`2024-10-20T08:15:04.117`)
|
||||
- [CVE-2024-49606](CVE-2024/CVE-2024-496xx/CVE-2024-49606.json) (`2024-10-20T08:15:04.323`)
|
||||
- [CVE-2024-49607](CVE-2024/CVE-2024-496xx/CVE-2024-49607.json) (`2024-10-20T09:15:05.763`)
|
||||
- [CVE-2024-49608](CVE-2024/CVE-2024-496xx/CVE-2024-49608.json) (`2024-10-20T09:15:05.973`)
|
||||
- [CVE-2024-49610](CVE-2024/CVE-2024-496xx/CVE-2024-49610.json) (`2024-10-20T09:15:06.190`)
|
||||
- [CVE-2024-49611](CVE-2024/CVE-2024-496xx/CVE-2024-49611.json) (`2024-10-20T08:15:04.523`)
|
||||
- [CVE-2024-49621](CVE-2024/CVE-2024-496xx/CVE-2024-49621.json) (`2024-10-20T09:15:06.390`)
|
||||
- [CVE-2024-49622](CVE-2024/CVE-2024-496xx/CVE-2024-49622.json) (`2024-10-20T09:15:06.613`)
|
||||
- [CVE-2024-49623](CVE-2024/CVE-2024-496xx/CVE-2024-49623.json) (`2024-10-20T09:15:06.810`)
|
||||
- [CVE-2024-49624](CVE-2024/CVE-2024-496xx/CVE-2024-49624.json) (`2024-10-20T09:15:07.013`)
|
||||
- [CVE-2024-49625](CVE-2024/CVE-2024-496xx/CVE-2024-49625.json) (`2024-10-20T09:15:07.220`)
|
||||
- [CVE-2024-49626](CVE-2024/CVE-2024-496xx/CVE-2024-49626.json) (`2024-10-20T08:15:04.730`)
|
||||
- [CVE-2024-49630](CVE-2024/CVE-2024-496xx/CVE-2024-49630.json) (`2024-10-20T08:15:04.933`)
|
||||
- [CVE-2024-49631](CVE-2024/CVE-2024-496xx/CVE-2024-49631.json) (`2024-10-20T08:15:05.130`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
33
_state.csv
33
_state.csv
@ -242308,8 +242308,11 @@ CVE-2024-10171,0,0,60d7017912088a83451045313890efea0a3c4a8f38779b7c5b7680aa67b3f
|
||||
CVE-2024-10173,0,0,694065e426755de8442b8b1e2a83d2200f1796f2f77c0caced3c41944e1a6b83,2024-10-20T05:15:02.830000
|
||||
CVE-2024-1018,0,0,6a41753bbb9bddfdeb27e8da1aa301f604399583ccfe73ec2b7c0e024f66f45f,2024-05-17T02:35:10.733000
|
||||
CVE-2024-1019,0,0,9d34fb91efb6a448073ac765944da7eab7ec7fd07c6fef378639c859599f6841,2024-02-20T02:15:49.973000
|
||||
CVE-2024-10191,1,1,0d543e8a82bc8c79a47d9712105c05a38228b23d0440b597d65516663ce860f2,2024-10-20T06:15:02.413000
|
||||
CVE-2024-10192,1,1,9f3a26656d3a0aa5ee219d066ee638d49fb09c17860b4f18ed9a6f860568e3c9,2024-10-20T07:15:02.103000
|
||||
CVE-2024-10191,0,0,0d543e8a82bc8c79a47d9712105c05a38228b23d0440b597d65516663ce860f2,2024-10-20T06:15:02.413000
|
||||
CVE-2024-10192,0,0,9f3a26656d3a0aa5ee219d066ee638d49fb09c17860b4f18ed9a6f860568e3c9,2024-10-20T07:15:02.103000
|
||||
CVE-2024-10193,1,1,b93daf4f357fcb75b4b37e60362b781cc35ddbaaea37fe390b0a2133c2aa00aa,2024-10-20T08:15:02.300000
|
||||
CVE-2024-10194,1,1,01d2cafbf34c62e6f1147d9592057704a8ba426a02b5123a102e0bc34f4d9f79,2024-10-20T08:15:02.710000
|
||||
CVE-2024-10195,1,1,ed593f10b27233229e70d7006e552e63b4bf846b117fb3ae7173871eb91ce5c3,2024-10-20T09:15:02.393000
|
||||
CVE-2024-1020,0,0,d848db5207b830f092dac5463c394c0f65f6423556f55d15e70d177c797c2de1,2024-05-17T02:35:10.867000
|
||||
CVE-2024-1021,0,0,89180a6ed9705fc79d8d8a15633a1cfe9e27adac2a4a623501249d49427826d0,2024-05-17T02:35:10.970000
|
||||
CVE-2024-1022,0,0,f42eaa1b302319f7e3148377e0522c31bf6c16d407215c446c1d3f1b55b4debd,2024-05-17T02:35:11.070000
|
||||
@ -262165,6 +262168,7 @@ CVE-2024-48043,0,0,d7022e96ce1ce67c4f59e004a095bf6b87f052300567a30fb9f9fb2d5938d
|
||||
CVE-2024-48046,0,0,423091e4b5e8d6a105e8bdc778f5cf951b1df2d4a2635710b325a5130f1d15ea,2024-10-18T12:52:33.507000
|
||||
CVE-2024-48047,0,0,3283398b8a8a75e7e31eaa0ac97fe84164a0704ec4cafc99d8da73b654c081f8,2024-10-18T12:52:33.507000
|
||||
CVE-2024-48048,0,0,eca0ce0d3598806c22101f7f6a854102f0b0e3e7ffa812170ec79d143adac13e,2024-10-18T12:52:33.507000
|
||||
CVE-2024-48049,1,1,c6cef7042c3715849b7db8cf2901ac7f2456fb67bd07d6a07453176e6135ff84,2024-10-20T08:15:03
|
||||
CVE-2024-4805,0,0,a2ff69b1db9dd7c01e8bcdbe532fffb4f68853ea688982e077b1b01529f57c85,2024-06-04T19:20:50.553000
|
||||
CVE-2024-4806,0,0,f8a0e203429c4f99450a15aa6a4b26ee8c7effa68e79948138bc0eccf2af8e7f,2024-06-04T19:20:50.670000
|
||||
CVE-2024-4807,0,0,e5ccc41d46958232939be978f4766518ab72a806619364a653b00c23b63fbc68,2024-06-04T19:20:50.770000
|
||||
@ -262431,6 +262435,7 @@ CVE-2024-49282,0,0,3a6f5cd82ec68a1bfbe1f4f156ef6268706ea2c2772c6f37ca60ccaad2879
|
||||
CVE-2024-49283,0,0,261a1f8cfe011441b757e2549150d49caf0cbd82863bcb1702fead1f8711ada8,2024-10-18T12:52:33.507000
|
||||
CVE-2024-49284,0,0,bec1f0da1bcb0850e4841345e95550bca16d99530b59e5207d183ff1f4e1c3e0,2024-10-18T12:52:33.507000
|
||||
CVE-2024-49285,0,0,6f46c329c3d1526d526943e0333d6d72992c68afd2913a4ef362b73e606f2e17,2024-10-18T12:52:33.507000
|
||||
CVE-2024-49286,1,1,afd3215a4f6eb26b8efcaa632ef4959bc1f464dea27447d4b8933cf82ca9222b,2024-10-20T08:15:03.233000
|
||||
CVE-2024-49287,0,0,0066d2fce1ed85532c90a9906dc911278ca46d873038b8dcfb2d0c4b3b95c685,2024-10-18T12:52:33.507000
|
||||
CVE-2024-49288,0,0,9794858fdab905561c3b5d43269f1d3f1bacba7fba1bb0436d9d456534b0053f,2024-10-18T12:52:33.507000
|
||||
CVE-2024-49289,0,0,1007ec713acd15fdb5c2262f73a22207aad725968297cd9b79b0f4fcd3d741cb,2024-10-18T12:52:33.507000
|
||||
@ -262464,7 +262469,17 @@ CVE-2024-49319,0,0,42677cde087b60b4589de437a49f5349c2181024ba44b1ead05df0b607435
|
||||
CVE-2024-4932,0,0,c4279e0e81804cf3f06e3c52edfd706c295877ccc3771ef54ad83261fb500b37,2024-05-17T02:40:43.357000
|
||||
CVE-2024-49320,0,0,f646a0aed9b94f9c2a4b6085270ae6d0667dce332670da7784078783e12bfcb6,2024-10-18T12:52:33.507000
|
||||
CVE-2024-49322,0,0,541e4efebd0d76588052862000e37b2e98e8b9ac15619c2b0422f26ed3288fd3,2024-10-18T12:52:33.507000
|
||||
CVE-2024-49323,1,1,a0c9fe1ee25043a5c6ce05b64b3da5b674bffb891728ab885f2c49640cf68957,2024-10-20T08:15:03.460000
|
||||
CVE-2024-49324,1,1,cc2f963c5f422ee0027ce69cf8bf6eafe929476dcf60ea9a2e07206d47bfbab4,2024-10-20T09:15:03.227000
|
||||
CVE-2024-49326,1,1,d7908215e9d2214195d5bc633c5438a600bd9c43bad62020f15072425e6fcc81,2024-10-20T09:15:03.750000
|
||||
CVE-2024-49327,1,1,e41bb1c667eb48938a61682c1c37a793df0b5de0b414fa2a241672410499ff91,2024-10-20T09:15:04.440000
|
||||
CVE-2024-49328,1,1,0d6ecb7d5c6fcb51275a237ec2f39deaca4172d76585df39c61a1b0c61d9109a,2024-10-20T08:15:03.667000
|
||||
CVE-2024-49329,1,1,59670216a09b4738ba946011f66a4c6a99a3913bbd36d8936b66a62208466f47,2024-10-20T09:15:04.860000
|
||||
CVE-2024-4933,0,0,4d4c0ec531cab6a4561c767f5a9082d29f26ceefaadcc74bb08507bf05ca5d17,2024-06-04T19:20:54.643000
|
||||
CVE-2024-49330,1,1,4a14d60e6487eed0a0e509e68520c01a154c90f737f6d3f17ca17d212bc1005a,2024-10-20T09:15:05.133000
|
||||
CVE-2024-49331,1,1,8315190692b66bdd9dc06750b13ee16e7d7ed6ee7975da2ee77eecdc1b9ec128,2024-10-20T09:15:05.377000
|
||||
CVE-2024-49332,1,1,b946a62d8dd58f6ed9eeec4e464b268cf9dc10e8958bc966734228931575c636,2024-10-20T09:15:05.560000
|
||||
CVE-2024-49334,1,1,593a46afaef51690e8b3758fb4bd27c91fe210e50d585ffc4f5027ebabcfb2a7,2024-10-20T08:15:03.907000
|
||||
CVE-2024-4934,0,0,fd5d4b9709dde517f56a9aae7369c165c45ceba9bcf88bee680213c2fc56b62f,2024-08-01T13:59:37.220000
|
||||
CVE-2024-49340,0,0,37285f025630fd9eb79c4269f84ef859e190bfac2e34728b5f3d3dbad2273eb0,2024-10-16T16:38:14.557000
|
||||
CVE-2024-4936,0,0,51b2c41822c3ce01e84bd55c02328ac3499013d52d632d2af56d406c35d5a658,2024-08-06T18:29:27.013000
|
||||
@ -262504,9 +262519,23 @@ CVE-2024-49580,0,0,2a4b2f9ee960712197ef0f3776cc1a15f015ed4f9adbe3a24755a9ff67152
|
||||
CVE-2024-4959,0,0,862ee7700763d202e5d5dada80050e48cca3b83d56a63673f2017bcf5adb7503,2024-07-03T02:08:22.750000
|
||||
CVE-2024-49593,0,0,28b8568333d09b89b040a623f287dcf302e51d7008368ee150b7fde946577e54,2024-10-18T12:53:04.627000
|
||||
CVE-2024-4960,0,0,1e2962fabc78c9680506fb58bfd339ee733c096965130a77b4df6d334c6fc642,2024-08-01T21:15:53.753000
|
||||
CVE-2024-49604,1,1,b40933b0080b8f014da1d2708b99a9bd5694c1bc5fb401c2b9cc2bcd9eb9aabe,2024-10-20T08:15:04.117000
|
||||
CVE-2024-49606,1,1,970c4f813628b1c92dfe10abaccfba5e5bb9dcacf698b41a73eab726e1985769,2024-10-20T08:15:04.323000
|
||||
CVE-2024-49607,1,1,394d1823ee45ac19dcec09bf4d66a301e3354aa44e2c061cc1cf9d5564aabd0c,2024-10-20T09:15:05.763000
|
||||
CVE-2024-49608,1,1,5703481f68249d421fa1894222a1c8fdcb1148e41f290d4834fe8cacc7c5c9f2,2024-10-20T09:15:05.973000
|
||||
CVE-2024-4961,0,0,fcb73b246c680abaae254870453939d7dbf5d8c46c3dbb2f7ab747d994c3a111,2024-08-01T21:15:53.893000
|
||||
CVE-2024-49610,1,1,b101be7ee593fa54887871bddc9d836a4ce7e6f96fc62bf46db38e2c2511cac7,2024-10-20T09:15:06.190000
|
||||
CVE-2024-49611,1,1,c4b41ef91e7d543f2fac2d2d92091ee29cb741f381295d71e0c877c5c7190fbe,2024-10-20T08:15:04.523000
|
||||
CVE-2024-4962,0,0,b9e851b58a3c7e382510249caa4fcb1d6185432495cf3586b8784f0d9e4becfd,2024-08-01T21:15:54
|
||||
CVE-2024-49621,1,1,31c5fc383c2bcd92c8016fc1e37275b190c35f48a40db581601ab773f1a0cc51,2024-10-20T09:15:06.390000
|
||||
CVE-2024-49622,1,1,bc572e3dd5a73f77b49c87edadcb0ac0fb6fabc75afd5e88d295cad9a4c6127f,2024-10-20T09:15:06.613000
|
||||
CVE-2024-49623,1,1,f6c67fa2af542014e989cfcfe48235a26dcefd0e335430c5b37d90bf937998d5,2024-10-20T09:15:06.810000
|
||||
CVE-2024-49624,1,1,8847baeee1605f47537944445db3a53a137bb62a458b2490652be0df62649a76,2024-10-20T09:15:07.013000
|
||||
CVE-2024-49625,1,1,b834beffa72f84e4ed52feffb817767630e94087ee1dc7bde031b748f614fba0,2024-10-20T09:15:07.220000
|
||||
CVE-2024-49626,1,1,8eec36db163acf17703deb452e38c37d7800102b1591ba9946f04fb09303b66d,2024-10-20T08:15:04.730000
|
||||
CVE-2024-4963,0,0,ef1fba35c0790604656a5e5622c9c7f4af0f1d1414e5784cd7a21207910d8397,2024-08-01T21:15:54.113000
|
||||
CVE-2024-49630,1,1,c6691254deb15688d63a82ac964df1c02ee7fab215e1972b2aba0fd7a14bf009,2024-10-20T08:15:04.933000
|
||||
CVE-2024-49631,1,1,8a93e4c32c1333afdbac1599269c1679d369ac64b691a32e25df596e3de86d58,2024-10-20T08:15:05.130000
|
||||
CVE-2024-4964,0,0,786ceb95d48675f478c0edd25187f0304d39eb81096edb79d2e9ae0401f68be3,2024-08-01T21:15:54.223000
|
||||
CVE-2024-4965,0,0,5bd9bf33c1ad1b27237ab2761363d4d9817c8f50155c84d844f98b12772718a0,2024-08-08T15:15:18.730000
|
||||
CVE-2024-4966,0,0,ca96dc16e6a41cb4de3af3c10d7787996b0688fd8eb0522e09efb3ad5052b418,2024-05-17T02:40:44.507000
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user