admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-12-24T07:00:19.963364+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-12-24 07:03:43 +00:00
parent fef55bc56a
commit cfeaf2e6d7
22 changed files with 1330 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-118xx/CVE-2024-11885.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11885",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T06:15:32.093",
"lastModified": "2024-12-24T06:15:32.093",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'njtele_button shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3209678%40ninjateam-telegram&new=3209678%40ninjateam-telegram",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/338d9348-da24-44b9-ac97-a7a8a7376815?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-120xx/CVE-2024-12034.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12034",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T06:15:32.553",
"lastModified": "2024-12-24T06:15:32.553",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to IP unblocking in all versions up to, and including, 1.25. This is due to the plugin not utilizing a strong unique key when generating an unblock request. This makes it possible for unauthenticated attackers to unblock their IP after being locked out due to too many bad password attempts"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-340"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3208704%40advanced-google-recaptcha&new=3208704%40advanced-google-recaptcha&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0fa7e6f6-92b2-494b-8c7a-76ba8213b610?source=cve",
"source": "security@wordfence.com"
}
]
}

21
CVE-2024/CVE-2024-120xx/CVE-2024-12096.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-12096",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-12-24T06:15:32.720",
"lastModified": "2024-12-24T06:15:32.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Exhibit to WP Gallery WordPress plugin through 0.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/aff431fa-d984-40de-8a15-21f18db97859/",
"source": "contact@wpscan.com"
}
]
}

64
CVE-2024/CVE-2024-121xx/CVE-2024-12100.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12100",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T06:15:32.830",
"lastModified": "2024-12-24T06:15:32.830",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Bitcoin Lightning Publisher for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.4.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bitcoin-lightning-publisher/tags/1.4.1/includes/db/transactions.php#L212",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3211584%40bitcoin-lightning-publisher&new=3211584%40bitcoin-lightning-publisher&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d204ed58-efb2-4383-aa0f-cbad0bae4d02?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-122xx/CVE-2024-12210.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12210",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T06:15:32.973",
"lastModified": "2024-12-24T06:15:32.973",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcdn_remove_shoplogo' AJAX action in all versions up to, and including, 5.4.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to remove the shop's logo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3209682%40woocommerce-delivery-notes&new=3209682%40woocommerce-delivery-notes&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8883d4fe-3ca6-4591-9972-219b114126d3?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2024/CVE-2024-122xx/CVE-2024-12266.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2024-12266",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T05:15:06.433",
"lastModified": "2024-12-24T05:15:06.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elex_dp_export_rules() and elex_dp_import_rules() functions in all versions up to, and including, 2.1.7. This makes it possible for unauthenticated attackers to import and export product rules along with obtaining phpinfo() data"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/elex-woocommerce-dynamic-pricing-and-discounts/tags/2.1.7/admin/elex-exporter.php#L9",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/elex-woocommerce-dynamic-pricing-and-discounts/tags/2.1.7/admin/elex-importer.php#L8",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3211131%40elex-woocommerce-dynamic-pricing-and-discounts&new=3211131%40elex-woocommerce-dynamic-pricing-and-discounts&sfp_email=&sfph_mail=#file7",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3211131%40elex-woocommerce-dynamic-pricing-and-discounts&new=3211131%40elex-woocommerce-dynamic-pricing-and-discounts&sfp_email=&sfph_mail=#file8",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/063d452b-2a35-40aa-a002-ea55da778222?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-124xx/CVE-2024-12405.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12405",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T06:15:33.123",
"lastModified": "2024-12-24T06:15:33.123",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Export Customers Data plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 't' parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3210666%40export-customers-data&new=3210666%40export-customers-data&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed61c037-a73c-477e-a5b5-3b4781cec130?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-125xx/CVE-2024-12507.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-12507",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T05:15:06.627",
"lastModified": "2024-12-24T05:15:06.627",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Optio Dentistry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'optio-lightbox' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/optio-dentistry/tags/2.1/optio-dentistry.php#L18",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/optio-dentistry/tags/2.1/optio-dentistry.php#L92",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3208800%40optio-dentistry&new=3208800%40optio-dentistry&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4241118f-9bcb-4dec-abd2-7172db2cf445?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12518.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12518",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T05:15:06.827",
"lastModified": "2024-12-24T05:15:06.827",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shmMap' shortcode in all versions up to, and including, 1.4.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3211065/shmapper-by-teplitsa/trunk/shortcode/shmMap.shortcode.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18e2a443-381c-46cd-85c7-20716f4e59c1?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12594.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12594",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T06:15:33.297",
"lastModified": "2024-12-24T06:15:33.297",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Custom Login Page Styler \u2013 Login Protected Private Site , Change wp-admin login url , WordPress login logo , Temporary admin login access , Rename login , Login customizer, Hide wp-login \u2013 Limit Login Attempts \u2013 Locked Site plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'lps_generate_temp_access_url' AJAX action in all versions up to, and including, 7.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to login as other users such as subscribers."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3208192%40login-page-styler&new=3208192%40login-page-styler&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e50c519-7d79-4270-92e8-75e54bb08cff?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-126xx/CVE-2024-12617.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12617",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T05:15:07.013",
"lastModified": "2024-12-24T05:15:07.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WC Price History for Omnibus plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX actions in all versions up to, and including, 2.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view and modify history data."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3209687%40wc-price-history&new=3209687%40wc-price-history&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b380b053-9847-48a8-ba12-d07db9df2baf?source=cve",
"source": "security@wordfence.com"
}
]
}

76
CVE-2024/CVE-2024-126xx/CVE-2024-12622.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2024-12622",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T06:15:33.433",
"lastModified": "2024-12-24T06:15:33.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' and 'wp_cart_display_product' shortcodes in all versions up to, and including, 5.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.0.7/includes/wpsc-shortcodes-related.php#L3",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.0.7/wp_shopping_cart_shortcodes.php#L11",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.0.7/wp_shopping_cart_shortcodes.php#L49",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wordpress-simple-paypal-shopping-cart/tags/5.0.7/wp_shopping_cart_shortcodes.php#L5",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3210506/wordpress-simple-paypal-shopping-cart/trunk/includes/wpsc-shortcodes-related.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/adfba556-6a96-4836-af0f-39c214099481?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-127xx/CVE-2024-12710.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12710",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-24T05:15:07.193",
"lastModified": "2024-12-24T05:15:07.193",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP-Appbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/wp-appbox/tags/4.5.3&new_path=/wp-appbox/tags/4.5.4&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/101451de-1ed4-4717-86c5-a41feafd4c7e?source=cve",
"source": "security@wordfence.com"
}
]
}

25
CVE-2024/CVE-2024-252xx/CVE-2024-25255.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-25255",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T23:15:05.523",
"lastModified": "2024-11-19T17:35:13.503",
"lastModified": "2024-12-24T06:15:33.590",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build System module."
"value": "Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build System module. NOTE: multiple third parties report that this is intended behavior."
},
{
"lang": "es",
@ -55,6 +62,18 @@
{
"url": "https://exploitart.ist/exploit/2023/09/17/sublime-text-os-command-injection.html",
"source": "cve@mitre.org"
},
{
"url": "https://forum.sublimetext.com/t/cve-2024-25255-critical/74906/3",
"source": "cve@mitre.org"
},
{
"url": "https://www.sublimetext.com/docs/build_systems.html#exec-target-options",
"source": "cve@mitre.org"
},
{
"url": "https://www.sublimetext.com/docs/build_systems.html#shell_cmd.",
"source": "cve@mitre.org"
}
]
}

78
CVE-2024/CVE-2024-418xx/CVE-2024-41882.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-41882",
"sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"published": "2024-12-24T06:15:33.810",
"lastModified": "2024-12-24T06:15:33.810",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.\u00a0An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot.\u00a0The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf",
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"
}
]
}

78
CVE-2024/CVE-2024-418xx/CVE-2024-41883.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-41883",
"sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"published": "2024-12-24T06:15:33.943",
"lastModified": "2024-12-24T06:15:33.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the \n\nNVR\n\n.\u00a0An attacker enters a special value for a specific URL parameter, resulting in a NULL pointer reference and a reboot of the NVR.\u00a0The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf",
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"
}
]
}

78
CVE-2024/CVE-2024-418xx/CVE-2024-41884.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-41884",
"sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"published": "2024-12-24T06:15:34.060",
"lastModified": "2024-12-24T06:15:34.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.\u00a0If an attacker does not enter any value for a specific URL parameter, NULL pointer references will occur and the NVR will reboot.\u00a0The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf",
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"
}
]
}

78
CVE-2024/CVE-2024-418xx/CVE-2024-41885.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-41885",
"sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"published": "2024-12-24T06:15:34.190",
"lastModified": "2024-12-24T06:15:34.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.\u00a0The seed string for the encrypt key was hardcoding.\u00a0The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-547"
}
]
}
],
"references": [
{
"url": "https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf",
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"
}
]
}

78
CVE-2024/CVE-2024-418xx/CVE-2024-41886.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-41886",
"sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"published": "2024-12-24T06:15:34.360",
"lastModified": "2024-12-24T06:15:34.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.\u00a0An attacker could inject malformed data into url input parameters to reboot the NVR.\u00a0The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf",
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"
}
]
}

82
CVE-2024/CVE-2024-418xx/CVE-2024-41887.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2024-41887",
"sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"published": "2024-12-24T06:15:34.473",
"lastModified": "2024-12-24T06:15:34.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.\u00a0An attacker can create an NVR log file in a directory one level higher on the system, which can be used to corrupt files in the directory.\u00a0The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf",
"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"
}
]
}

40
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-24T05:00:20.145440+00:00
2024-12-24T07:00:19.963364+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-24T04:15:07.360000+00:00
2024-12-24T06:15:34.473000+00:00
```
### Last Data Feed Release
@ -33,29 +33,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
274588
274607
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `19`
- [CVE-2024-12582](CVE-2024/CVE-2024-125xx/CVE-2024-12582.json) (`2024-12-24T04:15:05.137`)
- [CVE-2024-47515](CVE-2024/CVE-2024-475xx/CVE-2024-47515.json) (`2024-12-24T04:15:05.750`)
- [CVE-2024-9427](CVE-2024/CVE-2024-94xx/CVE-2024-9427.json) (`2024-12-24T04:15:07.360`)
- [CVE-2024-11885](CVE-2024/CVE-2024-118xx/CVE-2024-11885.json) (`2024-12-24T06:15:32.093`)
- [CVE-2024-12034](CVE-2024/CVE-2024-120xx/CVE-2024-12034.json) (`2024-12-24T06:15:32.553`)
- [CVE-2024-12096](CVE-2024/CVE-2024-120xx/CVE-2024-12096.json) (`2024-12-24T06:15:32.720`)
- [CVE-2024-12100](CVE-2024/CVE-2024-121xx/CVE-2024-12100.json) (`2024-12-24T06:15:32.830`)
- [CVE-2024-12210](CVE-2024/CVE-2024-122xx/CVE-2024-12210.json) (`2024-12-24T06:15:32.973`)
- [CVE-2024-12266](CVE-2024/CVE-2024-122xx/CVE-2024-12266.json) (`2024-12-24T05:15:06.433`)
- [CVE-2024-12405](CVE-2024/CVE-2024-124xx/CVE-2024-12405.json) (`2024-12-24T06:15:33.123`)
- [CVE-2024-12507](CVE-2024/CVE-2024-125xx/CVE-2024-12507.json) (`2024-12-24T05:15:06.627`)
- [CVE-2024-12518](CVE-2024/CVE-2024-125xx/CVE-2024-12518.json) (`2024-12-24T05:15:06.827`)
- [CVE-2024-12594](CVE-2024/CVE-2024-125xx/CVE-2024-12594.json) (`2024-12-24T06:15:33.297`)
- [CVE-2024-12617](CVE-2024/CVE-2024-126xx/CVE-2024-12617.json) (`2024-12-24T05:15:07.013`)
- [CVE-2024-12622](CVE-2024/CVE-2024-126xx/CVE-2024-12622.json) (`2024-12-24T06:15:33.433`)
- [CVE-2024-12710](CVE-2024/CVE-2024-127xx/CVE-2024-12710.json) (`2024-12-24T05:15:07.193`)
- [CVE-2024-41882](CVE-2024/CVE-2024-418xx/CVE-2024-41882.json) (`2024-12-24T06:15:33.810`)
- [CVE-2024-41883](CVE-2024/CVE-2024-418xx/CVE-2024-41883.json) (`2024-12-24T06:15:33.943`)
- [CVE-2024-41884](CVE-2024/CVE-2024-418xx/CVE-2024-41884.json) (`2024-12-24T06:15:34.060`)
- [CVE-2024-41885](CVE-2024/CVE-2024-418xx/CVE-2024-41885.json) (`2024-12-24T06:15:34.190`)
- [CVE-2024-41886](CVE-2024/CVE-2024-418xx/CVE-2024-41886.json) (`2024-12-24T06:15:34.360`)
- [CVE-2024-41887](CVE-2024/CVE-2024-418xx/CVE-2024-41887.json) (`2024-12-24T06:15:34.473`)
### CVEs modified in the last Commit
Recently modified CVEs: `7`
Recently modified CVEs: `1`
- [CVE-2024-40896](CVE-2024/CVE-2024-408xx/CVE-2024-40896.json) (`2024-12-24T03:15:06.727`)
- [CVE-2024-56310](CVE-2024/CVE-2024-563xx/CVE-2024-56310.json) (`2024-12-24T03:15:07.440`)
- [CVE-2024-56311](CVE-2024/CVE-2024-563xx/CVE-2024-56311.json) (`2024-12-24T03:15:07.607`)
- [CVE-2024-56312](CVE-2024/CVE-2024-563xx/CVE-2024-56312.json) (`2024-12-24T03:15:07.770`)
- [CVE-2024-56313](CVE-2024/CVE-2024-563xx/CVE-2024-56313.json) (`2024-12-24T03:15:07.927`)
- [CVE-2024-56314](CVE-2024/CVE-2024-563xx/CVE-2024-56314.json) (`2024-12-24T03:15:08.083`)
- [CVE-2024-56375](CVE-2024/CVE-2024-563xx/CVE-2024-56375.json) (`2024-12-24T03:15:08.247`)
- [CVE-2024-25255](CVE-2024/CVE-2024-252xx/CVE-2024-25255.json) (`2024-12-24T06:15:33.590`)
## Download and Usage

41
_state.csv
View File

@ -244595,6 +244595,7 @@ CVE-2024-11881,0,0,8fa46a17561a3f64d47980cb006235813b4640fc22e06e929d7ed0d5e4fb6
CVE-2024-11882,0,0,c14c2af9493e334fe3da2508e7ca83b6d319f8d382e00a76baaf2e7e94429e52,2024-12-12T06:15:22.543000
CVE-2024-11883,0,0,3efb818468ee15a4b72e48a1c8061e4502ee7a82e825630c64edf1ae726709d5,2024-12-14T05:15:09.440000
CVE-2024-11884,0,0,cc9f4dc6cbe1c2166ce740e309ba0401705b8efb2b8ab841325213a1f1dfb2c1,2024-12-14T05:15:09.640000
CVE-2024-11885,1,1,cef8a5c18be89f7a999dd515049cca621de77a85e1a6ed2a220ae124b6b8d82c,2024-12-24T06:15:32.093000
CVE-2024-11888,0,0,8a06477d55991ecfcdfbbbe13cfc5cc7673a7932d3eb8f15153aab2ef7344e32,2024-12-14T05:15:09.837000
CVE-2024-11889,0,0,c40f4924de6b0709ad2ac4ea75e730ab583fde8e75b7967e6c96aa9146701117,2024-12-14T05:15:10.030000
CVE-2024-1189,0,0,3e2c1a3fc9f24eb6eaedd5adba4b6f521645b93b8971a5e9477fe83a4ee5ef97,2024-11-21T08:49:59.850000
@ -244693,6 +244694,7 @@ CVE-2024-12026,0,0,cbdee4f4d341b218f2a9910c9db7c968e1470cd32e93684865d3bd2934d62
CVE-2024-12027,0,0,37ec4b44c0b83690aba6eca2d38a4a49f2c2ce6081a618c323d63a584206d2b7,2024-12-06T09:15:07.803000
CVE-2024-12028,0,0,1e73c6e2445828811f3920b16dca38e7a1768853994affcbd716568d4e1eb5f0,2024-12-06T09:15:07.957000
CVE-2024-1203,0,0,d1f896c2674b7d8b8ac7ccf181e7d9a7e598afaaabec693045eb0f85d52368c5,2024-11-21T08:50:01.913000
CVE-2024-12034,1,1,4c2e300bb226d14953e4b3dc5ae8d49de8b4d5f0a3f05cacf826cb6e7c67368a,2024-12-24T06:15:32.553000
CVE-2024-1204,0,0,52c83c0f4289636bc1afd18cb37875b782729e90167239cc1a53f532e5633e12,2024-11-21T08:50:02.033000
CVE-2024-12040,0,0,82ff661fdb988bbdc555297e0b0d4a5a42a6c3fde3cb51373bdf40b4e4dd0633,2024-12-12T06:15:22.947000
CVE-2024-12042,0,0,b4111492e93c9126d488ebee36a5b9ed9603a0917a66407440ec106154a8d6d8,2024-12-13T09:15:07.370000
@ -244717,8 +244719,10 @@ CVE-2024-12090,0,0,3ae49935c044b86a3444ecb09701dd060f603a46c2ce1e27c4f8226f93774
CVE-2024-12091,0,0,35c9100407a2a2f03cc09233dbdc35208e548ffdd088d484bb9b374c740b5bc0,2024-12-16T15:15:06.540000
CVE-2024-12092,0,0,6cedbb52bdc4fd872b35781acb98ac9a9b54d520c5d29f314ba42350997260f9,2024-12-16T15:15:06.677000
CVE-2024-12094,0,0,918109c0341953bed354c9dc0c1e3bf994d002b139d0d147a6756e1d0b4180c2,2024-12-05T13:15:05.923000
CVE-2024-12096,1,1,fe18071081c7ffafc6f7d452e77feb4963923e7859d410990f9129ad9e09ccd5,2024-12-24T06:15:32.720000
CVE-2024-12099,0,0,82c97da21165b875b9d77b9a11ed031ee03fad8a14b90d2e80c74afeac6e262d,2024-12-04T04:15:04.287000
CVE-2024-1210,0,0,f5a9389cac94cbfcfa3f0d961d1ea27115bf7afa331ce2988db15dbaf2efdf76,2024-11-21T08:50:02.867000
CVE-2024-12100,1,1,d36c08f92a239c009a6ddf35a16924f2d7f8840cc80d6bb06a52ecf54ad1016c,2024-12-24T06:15:32.830000
CVE-2024-12101,0,0,cf6330eb409e982923b4b0b78cc8d64ad396889b9513f5530cedf911c9fe2802,2024-12-03T16:15:20.910000
CVE-2024-12107,0,0,7da8659dc821ee4f071df4b42d3ae5a3881cc2b8cc55779739dc797df4a302eb,2024-12-04T11:15:05
CVE-2024-12110,0,0,f266935beaa447960f1dea8d3421db64eefadfd0613c53fd8d2543de02327a47,2024-12-06T09:15:08.270000
@ -244775,6 +244779,7 @@ CVE-2024-12200,0,0,23413f89ab73dcfe4f53913520af84d44004f8074e56a4f24db9e34101f9d
CVE-2024-12201,0,0,24aea21415169e4ceff164eedb7fa32646ef24d523e6e014144846720c08c29c,2024-12-12T07:15:09.607000
CVE-2024-12209,0,0,965d45920161ad8379a478313464ecb572a2b8b8ed1bf056a1646168e0b8105f,2024-12-08T06:15:04.823000
CVE-2024-1221,0,0,c833d2d1840e5e81b3c325295532e3c4cac8ba514abb434d638a7c419bdc43e8,2024-11-21T08:50:04.920000
CVE-2024-12210,1,1,5fb925d243c53e10209d9d741b85509327b3d2f2fec1736a67c8a777232f7515,2024-12-24T06:15:32.973000
CVE-2024-12212,0,0,4068a90166bc858f8bfa4c7fe1dbc180f7e4e033930f31a1b74471c9abd7763b,2024-12-13T01:15:05.810000
CVE-2024-12219,0,0,30a275e193bbba91aa16bdcd2e01caf0ae8c253910825d417094094009d7c6a9,2024-12-17T08:15:05.010000
CVE-2024-1222,0,0,ff0f67607974451388d42ae6b90b2e9690717b801a6493a4e7aa508a94c6883e,2024-11-21T08:50:05.110000
@ -244806,6 +244811,7 @@ CVE-2024-12260,0,0,6279b3003f5c04cde3aca10d6cb551198f7d4f49319583b742575d1bffcdf
CVE-2024-12262,0,0,8ec2a15063c99a2ece13211a7279c6a76a6a3bffd489dd7a1525f6aa0b49d16e,2024-12-21T07:15:09.163000
CVE-2024-12263,0,0,183574df079ffbee27d57051711c108d812463b16a94004cdf52784fa08d4f65,2024-12-12T06:15:23.960000
CVE-2024-12265,0,0,4ecaf6258b9c646985803002f662a35d37ddc850eb892429f8568423d5e8ff62,2024-12-12T06:15:24.143000
CVE-2024-12266,1,1,1d7106cc2c49b744bdb4d729e342d386ad6363e95bef155c87eaefa9b1480a20,2024-12-24T05:15:06.433000
CVE-2024-1227,0,0,2b74966c63acb4b53db9100814c0ea98b900c2b18de594c13a326b21bfb265c8,2024-11-21T08:50:06.103000
CVE-2024-12270,0,0,a59b36ad08a62409fa966fc5cef53e6796ba20371cadd9c7e001162bc2771bae,2024-12-07T10:15:06.200000
CVE-2024-12271,0,0,e756524ee3996486f46fc9dfb0848744c8a90daec55e50296545ffd31d194dcb,2024-12-12T13:15:07.570000
@ -244874,6 +244880,7 @@ CVE-2024-12395,0,0,75ff5ef98722c35fb11d383db877ddbb73a300c7cb334e918191d763e2409
CVE-2024-12397,0,0,661288be67552f431f0a0bf144bed2d313b12b592e50cdc78451d7c1272f6fb5,2024-12-12T09:15:05.570000
CVE-2024-1240,0,0,28733ede53b96385ee0de4a7c5187b3db0d925b1e4ab6e977522dc277dee75de,2024-11-19T19:04:53.913000
CVE-2024-12401,0,0,ba741c7b51198b95eba245807f65253a1c54ea777ddd918337cd97bd144396fe,2024-12-12T09:15:05.790000
CVE-2024-12405,1,1,ec6220f954634d3b639b31378ba74735677cbf110f68008dd4ef13446ed5c083,2024-12-24T06:15:33.123000
CVE-2024-12406,0,0,3a24bd925fcaee835bc0ee30f7ad38b16626ae1e5c8470fedd28227d3dd60123,2024-12-12T05:15:12.210000
CVE-2024-12408,0,0,a7096262faf4e55e6cc353ec4119038802550f44cf19552e71e7eca56789ef70,2024-12-21T10:15:08.067000
CVE-2024-1241,0,0,ba82bb77c28ed45b324839e72710669d8c2af006c45eeed23dee90a28ff67ea8,2024-11-21T08:50:08.490000
@ -244924,10 +244931,12 @@ CVE-2024-12501,0,0,099422e2bb99df2bd932e80161b3557d59136d70f204462f7c72270d679f0
CVE-2024-12502,0,0,149382009077c4d5fee4128c2222d378e6f99e3bf1009b70c95ce07a51b9bcc1,2024-12-14T05:15:11.260000
CVE-2024-12503,0,0,e53e761e34d39e4e7df36516ec31d7b0a69f9ff2ae79d7b9e9b3c291572b84d0,2024-12-13T17:13:37.483000
CVE-2024-12506,0,0,f5970974940384143e4bac0efb2a799b5e7e33bfe270b45789573e25acce94da,2024-12-20T07:15:11.940000
CVE-2024-12507,1,1,50df8c417810f2234806710a2ce33fe72e7e635577fa7e618a63ae7adbd20b67,2024-12-24T05:15:06.627000
CVE-2024-12509,0,0,dab32c4d0c7b908dd7c763fa37236c702db014098016fc1cda3fdb142e7ed5aa,2024-12-20T07:15:12.177000
CVE-2024-1251,0,0,8c0214d9f05a1f50e84514dc27e8bafe56d249b59ef6b0b677b5e947e572faed,2024-11-21T08:50:09.497000
CVE-2024-12513,0,0,6393dedffea01c8a6ef2142d1a8a9d6ba57b27f731b145d36f16e844db01eb62,2024-12-18T03:15:26.427000
CVE-2024-12517,0,0,4d330b1d19e40313cc9a81f9b8784c01c801f44b6fb4859786e4a9a0d1f904a4,2024-12-14T05:15:11.453000
CVE-2024-12518,1,1,447ffc04b2932e0ac32e3a7281f98636af5bcf470c72e14917252a07ad1c7782,2024-12-24T05:15:06.827000
CVE-2024-1252,0,0,d03beb126367df5b21be601ec7e2ecf5f48cece91d0754af14f589827736f3cf,2024-11-21T08:50:09.700000
CVE-2024-12523,0,0,185a41d328f0e130d8ed17ada12f64a855433449910369cbbb025fff8ce0f4d8,2024-12-14T05:15:11.640000
CVE-2024-12526,0,0,b192d6e45212a3c6d09a8a6cd2198d071bb3ba4da94a4e2bf151be7ad2c18324,2024-12-12T05:15:13.577000
@ -244954,16 +244963,19 @@ CVE-2024-12578,0,0,9683da78c95f4de0afe4f169763bacae0c8e4e48d594e85dbc7c32bda1c6e
CVE-2024-12579,0,0,6b066a632ed42755872bfe12897131044e41b00627589546ab36be31d813b6f2,2024-12-13T05:15:07.473000
CVE-2024-1258,0,0,36d421eec5fc7cce6382fad9fd3a9a8780da80fcb6e09fc8e5e480709b2e6caa,2024-11-21T08:50:10.573000
CVE-2024-12581,0,0,899275a869b7c967a158446f680d5b1e6ee7fb8c13fa325a1164dc54186bea7f,2024-12-13T06:15:26.433000
CVE-2024-12582,1,1,7e453b0b2fc58c5f199238f8e99bab882063c16a606bbbed878c19f5c7e5ca1a,2024-12-24T04:15:05.137000
CVE-2024-12582,0,0,7e453b0b2fc58c5f199238f8e99bab882063c16a606bbbed878c19f5c7e5ca1a,2024-12-24T04:15:05.137000
CVE-2024-12588,0,0,1933918a1bc731b9f2daeac6f15474bd290e2defc9eea3981aaebba99a0dc9b7,2024-12-21T09:15:06.233000
CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000
CVE-2024-12591,0,0,eaf713466d72851d200fb1c2165d3b74352c989b31dbbf0a4a003e2ec790fb1b,2024-12-21T10:15:09.177000
CVE-2024-12594,1,1,ec883c8b98ffa3ef7c338cd26e709fb0d04b52b030e8fd597f4a1a80f808ada4,2024-12-24T06:15:33.297000
CVE-2024-12596,0,0,5fc66f30988060a8b7bb1a593c82bd6c3fc2c995268e617c35d93ef410dc9a09,2024-12-18T04:15:08.253000
CVE-2024-1260,0,0,237fdcd6650ec6f817190c6cbe0c450181ce5f478e263f9f314859cdec5f8244,2024-11-21T08:50:10.880000
CVE-2024-12601,0,0,f9b91f2d20d6914a3b5ca3c9af2a431f615ff9e20926a30171bf1c35967a6eba,2024-12-17T12:15:20.543000
CVE-2024-12603,0,0,b77b6c9527bd0798c4124cb6a67b3eb0384daf1c81bc149052bbc09ab0e74875,2024-12-13T03:15:05.187000
CVE-2024-1261,0,0,7451d11c24f2ac390a05020abbe5be1a7d1e877de58a9c0842a513a0e1790005,2024-11-21T08:50:11.030000
CVE-2024-12617,1,1,83a831859e4a03ed3cb5ae963fb3b174676a8db8142ec591708183d2bd5ed590,2024-12-24T05:15:07.013000
CVE-2024-1262,0,0,b26d9641a8cbc2c5642fa36dfff4a6fef92b6772e7113385af431217d75dfe5b,2024-11-21T08:50:11.167000
CVE-2024-12622,1,1,1297446568f77a5b8461ab26a7b963ee63acb00371fb028e031bcce8fd2cf241,2024-12-24T06:15:33.433000
CVE-2024-12626,0,0,3970c586c209c084ce4fb1eaebc207fff1fa075b914faee5e8d37954798c35e8,2024-12-19T12:15:06.160000
CVE-2024-12628,0,0,f48463b1ecdc4a2ff76d188b8ae44a2e0e32ef1e929dc806ea33e24839d1432f,2024-12-14T07:15:07.213000
CVE-2024-1263,0,0,1ded99eb7dd7c25043d30fb557b1a5799a79150045deb56dc782cc48f4b0c898,2024-11-21T08:50:11.303000
@ -245013,6 +245025,7 @@ CVE-2024-12697,0,0,d5cecf7173f2406ddb593beb534050e5e62e0db7cb6119c33f7dd946c7a0a
CVE-2024-12698,0,0,3d9cdcbe538ab50d5f6959e4225d81bf3f0e9f88aa4025e53f307853d2e0961c,2024-12-18T05:15:07.840000
CVE-2024-12700,0,0,2dcd0b7775a8370ffaf1468123900cd9e3f26a3ad94565de248ad4206488911b,2024-12-19T23:15:05.860000
CVE-2024-1271,0,0,d5b27a7a2ae180d57194d51f3421939a6fa1fd034c14866b136beeb3b91200c4,2024-11-19T20:15:30.007000
CVE-2024-12710,1,1,318188824ed4dd6c474b563eecf1b63e7910f45eb4b1ca5d30d18fc10dc02997,2024-12-24T05:15:07.193000
CVE-2024-1272,0,0,6fe2ae3dbf4ac28af0ee3734ec3f1128a5e90306284fb984019a39811655512d,2024-11-21T08:50:12.417000
CVE-2024-12721,0,0,0989421713e1283cf65ff012c2cb99df689bfe7c8a4ada18118421e0ab99972a,2024-12-21T07:15:09.793000
CVE-2024-12727,0,0,ee50b865fca622e197f4b4b023c90633327be8bd06b13b88a36817a8b69b233d,2024-12-19T21:15:07.740000
@ -249731,7 +249744,7 @@ CVE-2024-25250,0,0,db72313d2b8a86eec26ab519ea1baaf7ac154d306dc7534c2e8c4d26bd439
CVE-2024-25251,0,0,6dea5af83ad1e7e7deeb31cb468a1c94ab5c1e06beee69c782e91b5b37b29796,2024-11-21T09:00:32.163000
CVE-2024-25253,0,0,48e99cce2b2802e3aeef59d20e7058849d1e4e7be86482650a3710ee00ff024a,2024-11-19T17:35:11.063000
CVE-2024-25254,0,0,0339a82eef9bc1a7a8bb28fefdcad83242ffe04648f59e10cecbad0da67cea19,2024-11-19T19:35:13.453000
CVE-2024-25255,0,0,6ea2d55e7dcf29ad80e7e084a7c69351b2181629af5adce4864427749fd484c0,2024-11-19T17:35:13.503000
CVE-2024-25255,0,1,879d4410a08cc23864a4824dcb477088b28d669368fe48b08008f9744ea817de,2024-12-24T06:15:33.590000
CVE-2024-2526,0,0,78515660638868e1c142c32ac7faf95d6f7b943aad4ee7fea9fed3773185b119,2024-11-21T09:09:56.657000
CVE-2024-25260,0,0,6ee402f74d2c05b4570f4093e7c197c9456061478a7a78d4fa79e707475ac8a5,2024-11-21T09:00:33
CVE-2024-25262,0,0,6b97d3438756703316ea9218afd4ff7812af2caa96c0282d0288ca35efad388f,2024-11-21T09:00:33.223000
@ -261353,7 +261366,7 @@ CVE-2024-4089,0,0,7a035608d08862b8a3927991cbc7bcfd8e0cb13815d39b3b58eaf685ec21d6
CVE-2024-40892,0,0,0bef0c096de1fd9b74596dba063b1cf9ffb172ff0abd417611d342278b46245f,2024-08-21T18:15:09.710000
CVE-2024-40893,0,0,291c1cc414cfaa66f88e6f282a2cb52f9787a1f732797e904eca670adbd8e574,2024-08-21T18:15:09.803000
CVE-2024-40895,0,0,9bfbe451c0a62cc469c348ecf829cab564e06b39ab7ab75fbb9a00c7abd49483,2024-11-21T09:31:48.250000
CVE-2024-40896,0,1,4926cdf67fbc9b49af58d3bfc3b7316338055693dabf3e4f11e44bcc02a7dcf6,2024-12-24T03:15:06.727000
CVE-2024-40896,0,0,4926cdf67fbc9b49af58d3bfc3b7316338055693dabf3e4f11e44bcc02a7dcf6,2024-12-24T03:15:06.727000
CVE-2024-40897,0,0,5de984c0ce0b5f00f148c2d87f9ba7398ed21388187cb055a9d01cc9ee9adfcc,2024-11-21T09:31:48.450000
CVE-2024-40898,0,0,b930bfc2025b86aea21c8f0fe9e9b6f374f54a09bbb3f9c81abb259ea87ff81c,2024-11-21T09:31:48.670000
CVE-2024-40899,0,0,27efc19ced00bac32be0c727e443e10ff312f5514ad1f8ef8ce233abd9e28b76,2024-11-21T09:31:48.870000
@ -262049,6 +262062,12 @@ CVE-2024-41879,0,0,8c07c3bb33fe65e7519026e20f7a32ae91f32db5a27c585be0e7d1859d44c
CVE-2024-4188,0,0,710ff6eb9ce2602de8768794aee5e894ef957c640079cc398ddda794d0c95ac1,2024-11-21T09:42:21.383000
CVE-2024-41880,0,0,9e563b35b35ef29da74cc6158b6209b0d69e120a102e4a2979910f660560df95,2024-11-21T09:33:14.353000
CVE-2024-41881,0,0,e3f6f7af65d2d5b5801b09b205cc6a38d2041f74ee88d107af8472f68aa67deb,2024-11-21T09:33:14.563000
CVE-2024-41882,1,1,c95a294a115fc4bf105032fe8788521a3d90d1b9f8de2a161c9d62b8f3e67955,2024-12-24T06:15:33.810000
CVE-2024-41883,1,1,b6347f1d9970f45573b73851567ddee80f61b7e898c2583162cb9f223fd3053f,2024-12-24T06:15:33.943000
CVE-2024-41884,1,1,2efdf311cab9b111a1f617a9604fe9552a8ae905207eded473a857c14fadb040,2024-12-24T06:15:34.060000
CVE-2024-41885,1,1,7742112723af5fb46b4175d0d9f84b9d542bfb7277c1b5b970b4842da7436305,2024-12-24T06:15:34.190000
CVE-2024-41886,1,1,bc9a4c40df16285c3cdc89b6f4a8c4f6d5f5d76a753ded68c54e7c60876fa2da,2024-12-24T06:15:34.360000
CVE-2024-41887,1,1,cdc78e8e4787af6de20a5f6b65826c3620089610f14918f3267633b4c9933927,2024-12-24T06:15:34.473000
CVE-2024-41888,0,0,9ab353e16e6e702d592cb0b045deae0709a3c659713eebcb39dc6cda74e716f3,2024-11-21T09:33:14.760000
CVE-2024-41889,0,0,86f2ac71b04de3ea9b8a90be3ea4b853f4364b092d07f3588f00d3d4481d20b3,2024-08-30T17:53:40.897000
CVE-2024-4189,0,0,6ee0387791dbb31b55b271190109fca6349b3ea2ee09d9c3f70eb54d19a758e6,2024-10-21T14:08:57.430000
@ -265971,7 +265990,7 @@ CVE-2024-47507,0,0,4b5526bca6993d370893c5c6161e096044990d9b0b51024d2cb9be1f9cc10
CVE-2024-47508,0,0,9eb24349b682be71035d07f35bdd0e3c44d0149390ddd7778db3308d79b627b6,2024-10-15T12:58:51.050000
CVE-2024-47509,0,0,94c229801bddb8ce94388d34ff206e5f012170cf995eff5bd6f1382afdd7a27e,2024-10-15T12:58:51.050000
CVE-2024-4751,0,0,323d34e4e60f2c798f82031d559639fb459a06390325463f51ec0a8dd20e430a,2024-11-21T09:43:31.213000
CVE-2024-47515,1,1,8603992d38cd4ce3c095abe0a5f631e2655cc84a74600a54a87d12d9f7d4333b,2024-12-24T04:15:05.750000
CVE-2024-47515,0,0,8603992d38cd4ce3c095abe0a5f631e2655cc84a74600a54a87d12d9f7d4333b,2024-12-24T04:15:05.750000
CVE-2024-4752,0,0,710c56921216e1d7aca081e59c40f51db5ad035f8f7076b00214ce955a44b36f,2024-11-21T09:43:31.400000
CVE-2024-47522,0,0,c02f34b0206a3beffa01319045412a788f423598c15fe9aabedbdbabe223631f,2024-10-22T13:51:02.710000
CVE-2024-47523,0,0,c97d6eb97cc8d0172f2511cd438bb91b754c178ebc143b911ae3b2c8f936379d,2024-10-07T19:07:30.287000
@ -270853,11 +270872,11 @@ CVE-2024-5628,0,0,755412ba03c7f502c54c635c9705b96a4154da09bb9bfca64f93d1d41d08cf
CVE-2024-5629,0,0,f9daa1fe2950a7ccef0838fb6e6cae4a7319a3ab1da6174da12e5faf2c955f5a,2024-11-21T09:48:02.860000
CVE-2024-5630,0,0,50874e31f2d6c9403bb3dbaf933b8b3f439196ea7c18b531eba9bc061324fe0f,2024-11-21T09:48:03.020000
CVE-2024-5631,0,0,2a74e658158bae900a85436e92fd017c375ea2371e9ccb7b5a67e7bbd481f6b3,2024-11-21T09:48:03.210000
CVE-2024-56310,0,1,52fb9787ce6d270fefb09f2575978be0fb95a84a154a0887a6718d274c54ad79,2024-12-24T03:15:07.440000
CVE-2024-56311,0,1,66e9c6fbb0050254b7557259672fd0233cf69bba8f8e828ea4035d56bf3a6933,2024-12-24T03:15:07.607000
CVE-2024-56312,0,1,cb86205520ef5db7c914d1a75ac3f5ba74360f863545f19038e07f9bcdb0703c,2024-12-24T03:15:07.770000
CVE-2024-56313,0,1,77b550409f008b252773269f5c3c808c73df4beef9ebd650c5ec3a7771cae57b,2024-12-24T03:15:07.927000
CVE-2024-56314,0,1,6df7fe51a54001b033f35cf71e56a8c8648fba9702436f5b14cd4bfc37c84ea1,2024-12-24T03:15:08.083000
CVE-2024-56310,0,0,52fb9787ce6d270fefb09f2575978be0fb95a84a154a0887a6718d274c54ad79,2024-12-24T03:15:07.440000
CVE-2024-56311,0,0,66e9c6fbb0050254b7557259672fd0233cf69bba8f8e828ea4035d56bf3a6933,2024-12-24T03:15:07.607000
CVE-2024-56312,0,0,cb86205520ef5db7c914d1a75ac3f5ba74360f863545f19038e07f9bcdb0703c,2024-12-24T03:15:07.770000
CVE-2024-56313,0,0,77b550409f008b252773269f5c3c808c73df4beef9ebd650c5ec3a7771cae57b,2024-12-24T03:15:07.927000
CVE-2024-56314,0,0,6df7fe51a54001b033f35cf71e56a8c8648fba9702436f5b14cd4bfc37c84ea1,2024-12-24T03:15:08.083000
CVE-2024-56317,0,0,b4a1e923d734c9748bfefb232cd94998c16ae77377149acd2e40ce01c1c90af8,2024-12-18T23:15:18.023000
CVE-2024-56318,0,0,41fe9d7571c5ddeaf622da00eaaa1951e3cb55078c3acd81346bfd3e36464d15,2024-12-19T00:15:06.897000
CVE-2024-56319,0,0,2db5aea7f2e2c0716ff3ae059d9992998ac87c8ff6e8b34fca05f1a112cb61c5,2024-12-18T23:15:18.373000
@ -270891,7 +270910,7 @@ CVE-2024-56362,0,0,dd5033b04c0a04acaf53e636d0201cacb970804dce1ae28fdf600c92d6069
CVE-2024-56363,0,0,f22bc17bbcbacc3d4c8946803bd76249d4162387d56a582274e363a9547d6b46,2024-12-23T18:15:07.767000
CVE-2024-56364,0,0,b554e0df0a4ad57cd70c0d37933b45401c149826dc27d68ffb15442fe3902ff6,2024-12-23T16:15:07.770000
CVE-2024-5637,0,0,a5e32b0dfdcc3b00fa1c534a6efa8caef39b80f083f1c956c246ad8a83c6df00,2024-11-21T09:48:04.030000
CVE-2024-56375,0,1,a340f66ea2648ac2f29f86bc73c289c3920f7dbceb53953a8c12d3700fa25a7c,2024-12-24T03:15:08.247000
CVE-2024-56375,0,0,a340f66ea2648ac2f29f86bc73c289c3920f7dbceb53953a8c12d3700fa25a7c,2024-12-24T03:15:08.247000
CVE-2024-56378,0,0,6719f8ca56230694a59bc1f5e75e3ab9feb822f8501e080a6c8cff7081436ef7,2024-12-23T00:15:05.133000
CVE-2024-5638,0,0,4a64496852c4ee147220588b5d1940917ce749a1b3dd56d16a77a8cf3ed54b84,2024-11-21T09:48:04.153000
CVE-2024-5639,0,0,78123d59d6ff1062d5cdcc1456c84b89eb240e57bd822aee818d4edc5bb804e5,2024-11-21T09:48:04.290000
@ -274121,7 +274140,7 @@ CVE-2024-9422,0,0,84806a9eed518b06f6d8827496be4f70f3fd277675ce3978a293d23ef572b8
CVE-2024-9423,0,0,ea2ceee1b3bf62e5f678d6840797f5ce1005e985008fd3d6ffca2317e3c41048,2024-10-04T13:50:43.727000
CVE-2024-9425,0,0,c4a51c938acd490f609ca00d8a594cbbdbb46d48c8dc2d14a9f1cdc1520bf123,2024-10-22T13:55:04.537000
CVE-2024-9426,0,0,7b6d0dd14cd82427723e29a8054a247cfe756a4bd65dbe78f3544bf76c1742a2,2024-11-13T17:01:16.850000
CVE-2024-9427,1,1,1c6616ac33aa19661af89cba455c96327c2172b4ead3172e205a01d67c205bcd,2024-12-24T04:15:07.360000
CVE-2024-9427,0,0,1c6616ac33aa19661af89cba455c96327c2172b4ead3172e205a01d67c205bcd,2024-12-24T04:15:07.360000
CVE-2024-9428,0,0,f750728263efb84ececce35e10a4ed9233c40717c73069be2b71a21b69aeb302,2024-12-12T18:15:28.120000
CVE-2024-9429,0,0,62ece370cab73a52089a99a9ace0dce837bb7657fa2f1f40486fc49795e13a27,2024-10-07T20:15:10.567000
CVE-2024-9430,0,0,522b5b97eca86036f3bb0b9124f71c5d5eb35666a2a3e869645b06a142ed7bc6,2024-11-01T12:57:03.417000

Can't render this file because it is too large.