From d273b50581a4ed7dade7620c1f0d079041044963 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 20 Oct 2024 12:03:18 +0000 Subject: [PATCH] Auto-Update: 2024-10-20T12:00:17.904992+00:00 --- CVE-2024/CVE-2024-440xx/CVE-2024-44061.json | 56 ++++++++++++++ CVE-2024/CVE-2024-473xx/CVE-2024-47325.json | 56 ++++++++++++++ CVE-2024/CVE-2024-476xx/CVE-2024-47634.json | 56 ++++++++++++++ CVE-2024/CVE-2024-492xx/CVE-2024-49250.json | 56 ++++++++++++++ CVE-2024/CVE-2024-492xx/CVE-2024-49272.json | 56 ++++++++++++++ CVE-2024/CVE-2024-492xx/CVE-2024-49274.json | 56 ++++++++++++++ CVE-2024/CVE-2024-492xx/CVE-2024-49275.json | 56 ++++++++++++++ CVE-2024/CVE-2024-492xx/CVE-2024-49290.json | 56 ++++++++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49306.json | 56 ++++++++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49325.json | 56 ++++++++++++++ CVE-2024/CVE-2024-493xx/CVE-2024-49335.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49605.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49609.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49612.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49613.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49614.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49615.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49616.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49617.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49618.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49619.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49620.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49627.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49628.json | 56 ++++++++++++++ CVE-2024/CVE-2024-496xx/CVE-2024-49629.json | 56 ++++++++++++++ README.md | 58 +++++++------- _state.csv | 83 ++++++++++++++------- 27 files changed, 1483 insertions(+), 58 deletions(-) create mode 100644 CVE-2024/CVE-2024-440xx/CVE-2024-44061.json create mode 100644 CVE-2024/CVE-2024-473xx/CVE-2024-47325.json create mode 100644 CVE-2024/CVE-2024-476xx/CVE-2024-47634.json create mode 100644 CVE-2024/CVE-2024-492xx/CVE-2024-49250.json create mode 100644 CVE-2024/CVE-2024-492xx/CVE-2024-49272.json create mode 100644 CVE-2024/CVE-2024-492xx/CVE-2024-49274.json create mode 100644 CVE-2024/CVE-2024-492xx/CVE-2024-49275.json create mode 100644 CVE-2024/CVE-2024-492xx/CVE-2024-49290.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49306.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49325.json create mode 100644 CVE-2024/CVE-2024-493xx/CVE-2024-49335.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49605.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49609.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49612.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49613.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49614.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49615.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49616.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49617.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49618.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49619.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49620.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49627.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49628.json create mode 100644 CVE-2024/CVE-2024-496xx/CVE-2024-49629.json diff --git a/CVE-2024/CVE-2024-440xx/CVE-2024-44061.json b/CVE-2024/CVE-2024-440xx/CVE-2024-44061.json new file mode 100644 index 00000000000..dd4821ba27d --- /dev/null +++ b/CVE-2024/CVE-2024-440xx/CVE-2024-44061.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-44061", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:02.277", + "lastModified": "2024-10-20T10:15:02.277", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through 2.12.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/eu-vat-for-woocommerce/wordpress-eu-uk-vat-manager-for-woocommerce-plugin-2-12-8-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-473xx/CVE-2024-47325.json b/CVE-2024/CVE-2024-473xx/CVE-2024-47325.json new file mode 100644 index 00000000000..01f0ad6a710 --- /dev/null +++ b/CVE-2024/CVE-2024-473xx/CVE-2024-47325.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47325", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:03.180", + "lastModified": "2024-10-20T10:15:03.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin \u2013 MPG allows SQL Injection.This issue affects Multiple Page Generator Plugin \u2013 MPG: from n/a through 3.4.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/multiple-pages-generator-by-porthas/wordpress-multiple-page-generator-plugin-mpg-plugin-3-4-7-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-476xx/CVE-2024-47634.json b/CVE-2024/CVE-2024-476xx/CVE-2024-47634.json new file mode 100644 index 00000000000..9aa98ccc99e --- /dev/null +++ b/CVE-2024/CVE-2024-476xx/CVE-2024-47634.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-47634", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:02.217", + "lastModified": "2024-10-20T11:15:02.217", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Streamline.Lv CartBounty \u2013 Save and recover abandoned carts for WooCommerce allows Cross Site Request Forgery.This issue affects CartBounty \u2013 Save and recover abandoned carts for WooCommerce: from n/a through 8.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/woo-save-abandoned-carts/wordpress-cartbounty-plugin-8-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-492xx/CVE-2024-49250.json b/CVE-2024/CVE-2024-492xx/CVE-2024-49250.json new file mode 100644 index 00000000000..dd0d99bec9d --- /dev/null +++ b/CVE-2024/CVE-2024-492xx/CVE-2024-49250.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49250", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:02.437", + "lastModified": "2024-10-20T11:15:02.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through 2408." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/table-of-contents-plus/wordpress-table-of-contents-plus-plugin-2408-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-492xx/CVE-2024-49272.json b/CVE-2024/CVE-2024-492xx/CVE-2024-49272.json new file mode 100644 index 00000000000..9e353ebfe15 --- /dev/null +++ b/CVE-2024/CVE-2024-492xx/CVE-2024-49272.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49272", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:02.650", + "lastModified": "2024-10-20T11:15:02.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/social-auto-poster/wordpress-social-auto-poster-plugin-5-3-15-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-492xx/CVE-2024-49274.json b/CVE-2024/CVE-2024-492xx/CVE-2024-49274.json new file mode 100644 index 00000000000..b380843d078 --- /dev/null +++ b/CVE-2024/CVE-2024-492xx/CVE-2024-49274.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49274", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:02.863", + "lastModified": "2024-10-20T11:15:02.863", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/vod-infomaniak/wordpress-vod-infomaniak-plugin-1-5-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-492xx/CVE-2024-49275.json b/CVE-2024/CVE-2024-492xx/CVE-2024-49275.json new file mode 100644 index 00000000000..08ca4cc2c35 --- /dev/null +++ b/CVE-2024/CVE-2024-492xx/CVE-2024-49275.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49275", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:03.063", + "lastModified": "2024-10-20T11:15:03.063", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ideapush/wordpress-ideapush-plugin-8-69-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-492xx/CVE-2024-49290.json b/CVE-2024/CVE-2024-492xx/CVE-2024-49290.json new file mode 100644 index 00000000000..514fc6d9bbf --- /dev/null +++ b/CVE-2024/CVE-2024-492xx/CVE-2024-49290.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49290", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:03.260", + "lastModified": "2024-10-20T11:15:03.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/cooked-pro/wordpress-cooked-pro-plugin-1-8-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49306.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49306.json new file mode 100644 index 00000000000..9fcc71fc57a --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49306.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49306", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:03.460", + "lastModified": "2024-10-20T11:15:03.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through 3.5.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-content-copy-protector/wordpress-wp-content-copy-protection-no-right-click-plugin-3-5-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49325.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49325.json new file mode 100644 index 00000000000..4669764976b --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49325.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49325", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:03.657", + "lastModified": "2024-10-20T11:15:03.657", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Subscriber Broken Access Control in Photo Gallery Builder <= 3.0 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/photo-gallery-builder/wordpress-photo-gallery-builder-plugin-3-0-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-493xx/CVE-2024-49335.json b/CVE-2024/CVE-2024-493xx/CVE-2024-49335.json new file mode 100644 index 00000000000..fc3ad6eb220 --- /dev/null +++ b/CVE-2024/CVE-2024-493xx/CVE-2024-49335.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49335", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:03.430", + "lastModified": "2024-10-20T10:15:03.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/googledrive-folder-list/wordpress-googledrive-folder-list-plugin-2-2-2-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49605.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49605.json new file mode 100644 index 00000000000..a042c7f459f --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49605.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49605", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:03.640", + "lastModified": "2024-10-20T10:15:03.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS.This issue affects AVChat Video Chat: from n/a through 2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/avchat-3/wordpress-community-lite-video-chat-plugin-2-2-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49609.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49609.json new file mode 100644 index 00000000000..d756f72ff81 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49609.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49609", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:03.860", + "lastModified": "2024-10-20T10:15:03.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through 0.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/author-discussion/wordpress-author-discussion-plugin-0-2-2-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49612.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49612.json new file mode 100644 index 00000000000..6ecf62cc3c8 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49612.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49612", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:04.053", + "lastModified": "2024-10-20T10:15:04.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infotuts SW Contact Form allows Blind SQL Injection.This issue affects SW Contact Form: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/sw-contact-form/wordpress-sw-contact-form-plugin-1-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49613.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49613.json new file mode 100644 index 00000000000..aea36ee05b9 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49613.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49613", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:04.263", + "lastModified": "2024-10-20T10:15:04.263", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lodel Geraldo Simple Code Insert Shortcode allows SQL Injection.This issue affects Simple Code Insert Shortcode: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/simple-code-insert-shortcode/wordpress-simple-code-insert-shortcode-plugin-1-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49614.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49614.json new file mode 100644 index 00000000000..b12b85e353c --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49614.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49614", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:04.477", + "lastModified": "2024-10-20T10:15:04.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dan Alexander SermonAudio Widgets allows SQL Injection.This issue affects SermonAudio Widgets: from n/a through 1.9.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/sermonaudio-widgets/wordpress-sermonaudio-widgets-plugin-1-9-3-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49615.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49615.json new file mode 100644 index 00000000000..e1057ee566d --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49615.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49615", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:04.690", + "lastModified": "2024-10-20T10:15:04.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/safetymails-forms/wordpress-safetyforms-plugin-1-0-0-csrf-to-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49616.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49616.json new file mode 100644 index 00000000000..ec5f1fa8017 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49616.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49616", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:04.903", + "lastModified": "2024-10-20T10:15:04.903", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/rate-own-post/wordpress-rate-own-post-plugin-1-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49617.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49617.json new file mode 100644 index 00000000000..2d86095a6c7 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49617.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49617", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:05.130", + "lastModified": "2024-10-20T10:15:05.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/back-link-tracker/wordpress-back-link-tracker-plugin-1-0-0-csrf-to-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49618.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49618.json new file mode 100644 index 00000000000..bf622459ae7 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49618.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49618", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:05.347", + "lastModified": "2024-10-20T10:15:05.347", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through 1.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/mytweetlinks/wordpress-mytweetlinks-plugin-1-1-1-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49619.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49619.json new file mode 100644 index 00000000000..54e8ae1261f --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49619.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49619", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:05.560", + "lastModified": "2024-10-20T10:15:05.560", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acespritech Solutions Pvt. Ltd. Social Link Groups allows Blind SQL Injection.This issue affects Social Link Groups: from n/a through 1.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/social-link-groups/wordpress-social-link-groups-plugin-1-1-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49620.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49620.json new file mode 100644 index 00000000000..ffaeebb028d --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49620.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49620", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:05.770", + "lastModified": "2024-10-20T10:15:05.770", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Naudin Vladimir FERMA.Ru.Net allows Blind SQL Injection.This issue affects FERMA.Ru.Net: from n/a through 1.3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/ferma-ru-net-checkout/wordpress-ferma-ru-net-plugin-1-3-3-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49627.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49627.json new file mode 100644 index 00000000000..c42088eacfa --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49627.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49627", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:03.873", + "lastModified": "2024-10-20T11:15:03.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-image-seo/wordpress-wordpress-image-seo-plugin-1-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49628.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49628.json new file mode 100644 index 00000000000..f2f38ed59aa --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49628.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49628", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T11:15:04.077", + "lastModified": "2024-10-20T11:15:04.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/most-and-least-read-posts-widget/wordpress-most-and-least-read-posts-widget-plugin-2-5-18-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-496xx/CVE-2024-49629.json b/CVE-2024/CVE-2024-496xx/CVE-2024-49629.json new file mode 100644 index 00000000000..42bac7bc903 --- /dev/null +++ b/CVE-2024/CVE-2024-496xx/CVE-2024-49629.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-49629", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-10-20T10:15:05.990", + "lastModified": "2024-10-20T10:15:05.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/endless-posts-navigation/wordpress-endless-posts-navigation-plugin-2-2-7-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 38372f4e401..640b390ba09 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-20T10:00:17.078428+00:00 +2024-10-20T12:00:17.904992+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-20T09:15:07.220000+00:00 +2024-10-20T11:15:04.077000+00:00 ``` ### Last Data Feed Release @@ -33,38 +33,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -266213 +266238 ``` ### CVEs added in the last Commit -Recently added CVEs: `29` +Recently added CVEs: `25` -- [CVE-2024-49286](CVE-2024/CVE-2024-492xx/CVE-2024-49286.json) (`2024-10-20T08:15:03.233`) -- [CVE-2024-49323](CVE-2024/CVE-2024-493xx/CVE-2024-49323.json) (`2024-10-20T08:15:03.460`) -- [CVE-2024-49324](CVE-2024/CVE-2024-493xx/CVE-2024-49324.json) (`2024-10-20T09:15:03.227`) -- [CVE-2024-49326](CVE-2024/CVE-2024-493xx/CVE-2024-49326.json) (`2024-10-20T09:15:03.750`) -- [CVE-2024-49327](CVE-2024/CVE-2024-493xx/CVE-2024-49327.json) (`2024-10-20T09:15:04.440`) -- [CVE-2024-49328](CVE-2024/CVE-2024-493xx/CVE-2024-49328.json) (`2024-10-20T08:15:03.667`) -- [CVE-2024-49329](CVE-2024/CVE-2024-493xx/CVE-2024-49329.json) (`2024-10-20T09:15:04.860`) -- [CVE-2024-49330](CVE-2024/CVE-2024-493xx/CVE-2024-49330.json) (`2024-10-20T09:15:05.133`) -- [CVE-2024-49331](CVE-2024/CVE-2024-493xx/CVE-2024-49331.json) (`2024-10-20T09:15:05.377`) -- [CVE-2024-49332](CVE-2024/CVE-2024-493xx/CVE-2024-49332.json) (`2024-10-20T09:15:05.560`) -- [CVE-2024-49334](CVE-2024/CVE-2024-493xx/CVE-2024-49334.json) (`2024-10-20T08:15:03.907`) -- [CVE-2024-49604](CVE-2024/CVE-2024-496xx/CVE-2024-49604.json) (`2024-10-20T08:15:04.117`) -- [CVE-2024-49606](CVE-2024/CVE-2024-496xx/CVE-2024-49606.json) (`2024-10-20T08:15:04.323`) -- [CVE-2024-49607](CVE-2024/CVE-2024-496xx/CVE-2024-49607.json) (`2024-10-20T09:15:05.763`) -- [CVE-2024-49608](CVE-2024/CVE-2024-496xx/CVE-2024-49608.json) (`2024-10-20T09:15:05.973`) -- [CVE-2024-49610](CVE-2024/CVE-2024-496xx/CVE-2024-49610.json) (`2024-10-20T09:15:06.190`) -- [CVE-2024-49611](CVE-2024/CVE-2024-496xx/CVE-2024-49611.json) (`2024-10-20T08:15:04.523`) -- [CVE-2024-49621](CVE-2024/CVE-2024-496xx/CVE-2024-49621.json) (`2024-10-20T09:15:06.390`) -- [CVE-2024-49622](CVE-2024/CVE-2024-496xx/CVE-2024-49622.json) (`2024-10-20T09:15:06.613`) -- [CVE-2024-49623](CVE-2024/CVE-2024-496xx/CVE-2024-49623.json) (`2024-10-20T09:15:06.810`) -- [CVE-2024-49624](CVE-2024/CVE-2024-496xx/CVE-2024-49624.json) (`2024-10-20T09:15:07.013`) -- [CVE-2024-49625](CVE-2024/CVE-2024-496xx/CVE-2024-49625.json) (`2024-10-20T09:15:07.220`) -- [CVE-2024-49626](CVE-2024/CVE-2024-496xx/CVE-2024-49626.json) (`2024-10-20T08:15:04.730`) -- [CVE-2024-49630](CVE-2024/CVE-2024-496xx/CVE-2024-49630.json) (`2024-10-20T08:15:04.933`) -- [CVE-2024-49631](CVE-2024/CVE-2024-496xx/CVE-2024-49631.json) (`2024-10-20T08:15:05.130`) +- [CVE-2024-44061](CVE-2024/CVE-2024-440xx/CVE-2024-44061.json) (`2024-10-20T10:15:02.277`) +- [CVE-2024-47325](CVE-2024/CVE-2024-473xx/CVE-2024-47325.json) (`2024-10-20T10:15:03.180`) +- [CVE-2024-47634](CVE-2024/CVE-2024-476xx/CVE-2024-47634.json) (`2024-10-20T11:15:02.217`) +- [CVE-2024-49250](CVE-2024/CVE-2024-492xx/CVE-2024-49250.json) (`2024-10-20T11:15:02.437`) +- [CVE-2024-49272](CVE-2024/CVE-2024-492xx/CVE-2024-49272.json) (`2024-10-20T11:15:02.650`) +- [CVE-2024-49274](CVE-2024/CVE-2024-492xx/CVE-2024-49274.json) (`2024-10-20T11:15:02.863`) +- [CVE-2024-49275](CVE-2024/CVE-2024-492xx/CVE-2024-49275.json) (`2024-10-20T11:15:03.063`) +- [CVE-2024-49290](CVE-2024/CVE-2024-492xx/CVE-2024-49290.json) (`2024-10-20T11:15:03.260`) +- [CVE-2024-49306](CVE-2024/CVE-2024-493xx/CVE-2024-49306.json) (`2024-10-20T11:15:03.460`) +- [CVE-2024-49325](CVE-2024/CVE-2024-493xx/CVE-2024-49325.json) (`2024-10-20T11:15:03.657`) +- [CVE-2024-49335](CVE-2024/CVE-2024-493xx/CVE-2024-49335.json) (`2024-10-20T10:15:03.430`) +- [CVE-2024-49605](CVE-2024/CVE-2024-496xx/CVE-2024-49605.json) (`2024-10-20T10:15:03.640`) +- [CVE-2024-49609](CVE-2024/CVE-2024-496xx/CVE-2024-49609.json) (`2024-10-20T10:15:03.860`) +- [CVE-2024-49612](CVE-2024/CVE-2024-496xx/CVE-2024-49612.json) (`2024-10-20T10:15:04.053`) +- [CVE-2024-49613](CVE-2024/CVE-2024-496xx/CVE-2024-49613.json) (`2024-10-20T10:15:04.263`) +- [CVE-2024-49614](CVE-2024/CVE-2024-496xx/CVE-2024-49614.json) (`2024-10-20T10:15:04.477`) +- [CVE-2024-49615](CVE-2024/CVE-2024-496xx/CVE-2024-49615.json) (`2024-10-20T10:15:04.690`) +- [CVE-2024-49616](CVE-2024/CVE-2024-496xx/CVE-2024-49616.json) (`2024-10-20T10:15:04.903`) +- [CVE-2024-49617](CVE-2024/CVE-2024-496xx/CVE-2024-49617.json) (`2024-10-20T10:15:05.130`) +- [CVE-2024-49618](CVE-2024/CVE-2024-496xx/CVE-2024-49618.json) (`2024-10-20T10:15:05.347`) +- [CVE-2024-49619](CVE-2024/CVE-2024-496xx/CVE-2024-49619.json) (`2024-10-20T10:15:05.560`) +- [CVE-2024-49620](CVE-2024/CVE-2024-496xx/CVE-2024-49620.json) (`2024-10-20T10:15:05.770`) +- [CVE-2024-49627](CVE-2024/CVE-2024-496xx/CVE-2024-49627.json) (`2024-10-20T11:15:03.873`) +- [CVE-2024-49628](CVE-2024/CVE-2024-496xx/CVE-2024-49628.json) (`2024-10-20T11:15:04.077`) +- [CVE-2024-49629](CVE-2024/CVE-2024-496xx/CVE-2024-49629.json) (`2024-10-20T10:15:05.990`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index eb93bae4e4c..ba650976cce 100644 --- a/_state.csv +++ b/_state.csv @@ -242310,9 +242310,9 @@ CVE-2024-1018,0,0,6a41753bbb9bddfdeb27e8da1aa301f604399583ccfe73ec2b7c0e024f66f4 CVE-2024-1019,0,0,9d34fb91efb6a448073ac765944da7eab7ec7fd07c6fef378639c859599f6841,2024-02-20T02:15:49.973000 CVE-2024-10191,0,0,0d543e8a82bc8c79a47d9712105c05a38228b23d0440b597d65516663ce860f2,2024-10-20T06:15:02.413000 CVE-2024-10192,0,0,9f3a26656d3a0aa5ee219d066ee638d49fb09c17860b4f18ed9a6f860568e3c9,2024-10-20T07:15:02.103000 -CVE-2024-10193,1,1,b93daf4f357fcb75b4b37e60362b781cc35ddbaaea37fe390b0a2133c2aa00aa,2024-10-20T08:15:02.300000 -CVE-2024-10194,1,1,01d2cafbf34c62e6f1147d9592057704a8ba426a02b5123a102e0bc34f4d9f79,2024-10-20T08:15:02.710000 -CVE-2024-10195,1,1,ed593f10b27233229e70d7006e552e63b4bf846b117fb3ae7173871eb91ce5c3,2024-10-20T09:15:02.393000 +CVE-2024-10193,0,0,b93daf4f357fcb75b4b37e60362b781cc35ddbaaea37fe390b0a2133c2aa00aa,2024-10-20T08:15:02.300000 +CVE-2024-10194,0,0,01d2cafbf34c62e6f1147d9592057704a8ba426a02b5123a102e0bc34f4d9f79,2024-10-20T08:15:02.710000 +CVE-2024-10195,0,0,ed593f10b27233229e70d7006e552e63b4bf846b117fb3ae7173871eb91ce5c3,2024-10-20T09:15:02.393000 CVE-2024-1020,0,0,d848db5207b830f092dac5463c394c0f65f6423556f55d15e70d177c797c2de1,2024-05-17T02:35:10.867000 CVE-2024-1021,0,0,89180a6ed9705fc79d8d8a15633a1cfe9e27adac2a4a623501249d49427826d0,2024-05-17T02:35:10.970000 CVE-2024-1022,0,0,f42eaa1b302319f7e3148377e0522c31bf6c16d407215c446c1d3f1b55b4debd,2024-05-17T02:35:11.070000 @@ -260198,6 +260198,7 @@ CVE-2024-44058,0,0,2a31d13e7c34ecf4ce5a2c39e291bd8b424b5c5c23539a4a1d30676f56f1c CVE-2024-44059,0,0,3f6c3a8dc5dadae72dc0df667c364ac97c0b5812f742d2c5b5a2597b4b344930,2024-09-27T15:33:52.013000 CVE-2024-4406,0,0,4d2edf89174eefb11c1e35948c69459d7b4d6dd1a09c10eb7a0704c1561ef984,2024-05-02T18:00:37.360000 CVE-2024-44060,0,0,6924c0c83b583f3e58aed5b3f0343601ab88a5f9325e897d35fa92b3431e95c6,2024-09-27T14:04:50.977000 +CVE-2024-44061,1,1,0be7c24cb59152e36f043fab4c10b62c2a9ced8e25cc34b20f38c610aa8f88df,2024-10-20T10:15:02.277000 CVE-2024-44062,0,0,d6bef9112163640e773e122d40930de4ecec4777328c835263d4052bfb0847a1,2024-09-27T15:49:46.487000 CVE-2024-44063,0,0,8ea7a84a37f53fc26574f2d48b688739bfe3dad8852d642a265a023b1a91cd34,2024-09-27T14:31:05.703000 CVE-2024-44064,0,0,4e74c010eb0f0db49dd4385b0641f0bed56c75cde28c530ba6b3d37d998a5b5d,2024-09-24T18:15:30.537000 @@ -261789,6 +261790,7 @@ CVE-2024-47320,0,0,34657895a2dc740604de3ed70971ec71840d6f541e4b1dab5738b65bfae57 CVE-2024-47322,0,0,8b232be4cdc689515d55262ec30fa58411c26ba1e6f796e82a1afc447dc811dd,2024-10-07T17:47:48.410000 CVE-2024-47323,0,0,9437c7effa68c712270b139ca11dd61e48e93b311d9f840ede69c45aa4843c11,2024-10-07T17:48:28.117000 CVE-2024-47324,0,0,9d0a8be9058b908dcef652c569e8b2141d19736e2ee3f4e8dc4463e949bd1e2a,2024-10-07T17:48:28.117000 +CVE-2024-47325,1,1,2ca5e9aa4ccab3eba097bd7bbcbc5e60fe130cb0752b918f5c433159e8deafa6,2024-10-20T10:15:03.180000 CVE-2024-47326,0,0,becaddd8932d32a061dc10bf0f467953cb83f3406fc8da77294097e28e38b53b,2024-10-07T17:47:48.410000 CVE-2024-47327,0,0,c538510929aaa1efef8590e5c0955bb05270eb6eca4d47152891a99d515cb043,2024-10-07T17:47:48.410000 CVE-2024-47329,0,0,8f9cf4ad2ce9c10f9ea9bbbdd9112304e1d41b0ef8826075f80f55633e097d19,2024-10-07T17:47:48.410000 @@ -261972,6 +261974,7 @@ CVE-2024-47630,0,0,adfa126a6bff751cacedf82d84a5f3e91767172ee22cb0ebf2bbe0582808e CVE-2024-47631,0,0,2f5538e06e1703745ac31e3e4aff85429449cb6536170f3449d5c719692260bc,2024-10-07T17:47:48.410000 CVE-2024-47632,0,0,86e12c89344fd18c9940736a7e6a5db1287861f4d951d9a231cba9485bf7a1d1,2024-10-07T17:47:48.410000 CVE-2024-47633,0,0,7b59299b7ab0b71990c59d871565371c288abbd036b35f6cb6499efd86c70120,2024-10-07T17:47:48.410000 +CVE-2024-47634,1,1,a1bd48ccc5f7dcdb5ea7a260ce3648170a46d7ba6d20cd60098525dcc259b19b,2024-10-20T11:15:02.217000 CVE-2024-47635,0,0,f0938227f4d08edb6147f27db4a3110fa41d32874c7b3f4eb3d409a9071f6c87,2024-10-07T17:47:48.410000 CVE-2024-47636,0,0,300b53ad3b56bdfe242daa94b07eff6e5ccd9aa8581554b844321a4f299321e6,2024-10-15T12:58:51.050000 CVE-2024-47637,0,0,e4b543420eae93f2afe4e99f554aa703bb23d396109484c61c62fa5d0986af60,2024-10-16T16:38:14.557000 @@ -262168,7 +262171,7 @@ CVE-2024-48043,0,0,d7022e96ce1ce67c4f59e004a095bf6b87f052300567a30fb9f9fb2d5938d CVE-2024-48046,0,0,423091e4b5e8d6a105e8bdc778f5cf951b1df2d4a2635710b325a5130f1d15ea,2024-10-18T12:52:33.507000 CVE-2024-48047,0,0,3283398b8a8a75e7e31eaa0ac97fe84164a0704ec4cafc99d8da73b654c081f8,2024-10-18T12:52:33.507000 CVE-2024-48048,0,0,eca0ce0d3598806c22101f7f6a854102f0b0e3e7ffa812170ec79d143adac13e,2024-10-18T12:52:33.507000 -CVE-2024-48049,1,1,c6cef7042c3715849b7db8cf2901ac7f2456fb67bd07d6a07453176e6135ff84,2024-10-20T08:15:03 +CVE-2024-48049,0,0,c6cef7042c3715849b7db8cf2901ac7f2456fb67bd07d6a07453176e6135ff84,2024-10-20T08:15:03 CVE-2024-4805,0,0,a2ff69b1db9dd7c01e8bcdbe532fffb4f68853ea688982e077b1b01529f57c85,2024-06-04T19:20:50.553000 CVE-2024-4806,0,0,f8a0e203429c4f99450a15aa6a4b26ee8c7effa68e79948138bc0eccf2af8e7f,2024-06-04T19:20:50.670000 CVE-2024-4807,0,0,e5ccc41d46958232939be978f4766518ab72a806619364a653b00c23b63fbc68,2024-06-04T19:20:50.770000 @@ -262403,6 +262406,7 @@ CVE-2024-49246,0,0,29d95ab5e5ada47ed1ce4c5316c1ed56016d0bd62d5eaa8336ee05aabfec2 CVE-2024-49247,0,0,53d4a3018db37a197b470c54ef2b547817388692345ae27d113283d6ff358a44,2024-10-16T16:38:14.557000 CVE-2024-49248,0,0,5faff4bb312391427ded9d8a70538602237b0eda16601aaf8b69a0fc4e882c09,2024-10-18T12:52:33.507000 CVE-2024-4925,0,0,e685289dc2254f889ad5a234b3fb30d6e7f6b2466e13190ceb3e2217a8a2793e,2024-06-04T19:20:53.933000 +CVE-2024-49250,1,1,2e0b2419e538f6623a5f3acc778b66738f5aedb70ddbdc87e7937924fc549dc8,2024-10-20T11:15:02.437000 CVE-2024-49251,0,0,1715499fccdde32ea2c893d31b436444d1bc0be13aed0a2d0465f762db10dd8b,2024-10-16T16:38:14.557000 CVE-2024-49252,0,0,182fb601bd0f0026d40746462390dd120c29fe4ba3aa7cbbc89f2ffc2d833923,2024-10-16T16:38:14.557000 CVE-2024-49253,0,0,c1f3ed991f55da6518dd76ba83c95379c82378b9259ca4d054ec768bb2d242ed,2024-10-16T16:38:14.557000 @@ -262424,6 +262428,9 @@ CVE-2024-49268,0,0,8e55027882e89f0cab080b75d56d3c5721f6f46b9ae50eb1c51727bddbf92 CVE-2024-4927,0,0,4ddbe2418b736eceb0ee18662dc9ab0b7588d5e8a0dde06117bae0c9075b3606,2024-06-12T12:15:09.767000 CVE-2024-49270,0,0,616a2e437b03b1730ae710990d1f9b5d13bcf5a41263b98d33736d5e3831391d,2024-10-16T16:38:14.557000 CVE-2024-49271,0,0,6fd9d076a620483355861bd31b6d3fba7a6e8c77968d9b9b52f107ebea5c9f8b,2024-10-16T16:38:14.557000 +CVE-2024-49272,1,1,6005fa9a888a1eeaa182b2aa818956ae0a6b05ce74c9bd899267ff9a3002fa9c,2024-10-20T11:15:02.650000 +CVE-2024-49274,1,1,a233e4bc15eff903b2c2d5e8618b07413f960b599063e587f67c7ae40a18a5cb,2024-10-20T11:15:02.863000 +CVE-2024-49275,1,1,76b178cba6823b7b39e33385b621b5ef1a887fac280d97bdd39b76c4523c5042,2024-10-20T11:15:03.063000 CVE-2024-49276,0,0,6a6b58791e9512e826c457e3bee8f08f7b1de60db24c986554adb1b116c01f0f,2024-10-18T12:52:33.507000 CVE-2024-49277,0,0,413e0fb3e700b4ddf1e7bf9c0606cf9c4881f3636c1ad9b858708a2ee8b7a3f5,2024-10-18T12:52:33.507000 CVE-2024-49278,0,0,f5bee9930ffbbfdde604c657853a18e3b9208ed8b4b0cf0c41230a88e43b006c,2024-10-18T12:52:33.507000 @@ -262435,11 +262442,12 @@ CVE-2024-49282,0,0,3a6f5cd82ec68a1bfbe1f4f156ef6268706ea2c2772c6f37ca60ccaad2879 CVE-2024-49283,0,0,261a1f8cfe011441b757e2549150d49caf0cbd82863bcb1702fead1f8711ada8,2024-10-18T12:52:33.507000 CVE-2024-49284,0,0,bec1f0da1bcb0850e4841345e95550bca16d99530b59e5207d183ff1f4e1c3e0,2024-10-18T12:52:33.507000 CVE-2024-49285,0,0,6f46c329c3d1526d526943e0333d6d72992c68afd2913a4ef362b73e606f2e17,2024-10-18T12:52:33.507000 -CVE-2024-49286,1,1,afd3215a4f6eb26b8efcaa632ef4959bc1f464dea27447d4b8933cf82ca9222b,2024-10-20T08:15:03.233000 +CVE-2024-49286,0,0,afd3215a4f6eb26b8efcaa632ef4959bc1f464dea27447d4b8933cf82ca9222b,2024-10-20T08:15:03.233000 CVE-2024-49287,0,0,0066d2fce1ed85532c90a9906dc911278ca46d873038b8dcfb2d0c4b3b95c685,2024-10-18T12:52:33.507000 CVE-2024-49288,0,0,9794858fdab905561c3b5d43269f1d3f1bacba7fba1bb0436d9d456534b0053f,2024-10-18T12:52:33.507000 CVE-2024-49289,0,0,1007ec713acd15fdb5c2262f73a22207aad725968297cd9b79b0f4fcd3d741cb,2024-10-18T12:52:33.507000 CVE-2024-4929,0,0,6b801c4c5a7fb7e65ec83572f903c6a563e938f183cb222d57e6a2e237461199,2024-06-04T19:20:54.337000 +CVE-2024-49290,1,1,eb6bcb41e5eb7444117c64e0179e6cd34e2e2c74d6a8e77c1f29691623d12961,2024-10-20T11:15:03.260000 CVE-2024-49291,0,0,44e011055ffcc94f31147e91008bfca453f458c355b4c10d5e081a4748d73d9a,2024-10-18T12:52:33.507000 CVE-2024-49292,0,0,5f09a14990b6c411313ed3c0517e00101a5bacb90324a262f26a26dc9ec6f772,2024-10-18T12:52:33.507000 CVE-2024-49295,0,0,2233f6c9986d9f1a990d0d54b1c1d91ca1475b5db77026f702ef776949b63fa2,2024-10-18T12:52:33.507000 @@ -262452,6 +262460,7 @@ CVE-2024-49301,0,0,7d2494e642de20b5bc929cc6d54a8fb5dcf5cfdb65768055f9017f846af36 CVE-2024-49302,0,0,710ce60d767e5f3fed4efed760bfd34a8e958088ece1205aa9bb54b219723f7a,2024-10-18T12:52:33.507000 CVE-2024-49304,0,0,58dd4c2ddea953ce346c3f95611ced2fd41151c190485df9958a7a12599bf8c0,2024-10-18T12:52:33.507000 CVE-2024-49305,0,0,40dab16b7a70081634fde6765f3a20a4620c68c7c77381519add7b12c075078b,2024-10-18T12:52:33.507000 +CVE-2024-49306,1,1,b160051bf913be3506368a066c82f43cca24b73859c192a461a1ee0ce279a33d,2024-10-20T11:15:03.460000 CVE-2024-49307,0,0,666a5148f43aeccd18eb31fe6200f031359163a4193a62896c07267bd5dddec8,2024-10-18T12:52:33.507000 CVE-2024-49308,0,0,80b5bf0dcffe8ff357d2779a75304405ea747e2bcb1322a132f94886c9a31297,2024-10-18T12:52:33.507000 CVE-2024-49309,0,0,6a184f4fa1aea4b522b78b6818e7a615b1f64b5d3ee9ecb78863e4ec5e510708,2024-10-18T12:52:33.507000 @@ -262469,17 +262478,19 @@ CVE-2024-49319,0,0,42677cde087b60b4589de437a49f5349c2181024ba44b1ead05df0b607435 CVE-2024-4932,0,0,c4279e0e81804cf3f06e3c52edfd706c295877ccc3771ef54ad83261fb500b37,2024-05-17T02:40:43.357000 CVE-2024-49320,0,0,f646a0aed9b94f9c2a4b6085270ae6d0667dce332670da7784078783e12bfcb6,2024-10-18T12:52:33.507000 CVE-2024-49322,0,0,541e4efebd0d76588052862000e37b2e98e8b9ac15619c2b0422f26ed3288fd3,2024-10-18T12:52:33.507000 -CVE-2024-49323,1,1,a0c9fe1ee25043a5c6ce05b64b3da5b674bffb891728ab885f2c49640cf68957,2024-10-20T08:15:03.460000 -CVE-2024-49324,1,1,cc2f963c5f422ee0027ce69cf8bf6eafe929476dcf60ea9a2e07206d47bfbab4,2024-10-20T09:15:03.227000 -CVE-2024-49326,1,1,d7908215e9d2214195d5bc633c5438a600bd9c43bad62020f15072425e6fcc81,2024-10-20T09:15:03.750000 -CVE-2024-49327,1,1,e41bb1c667eb48938a61682c1c37a793df0b5de0b414fa2a241672410499ff91,2024-10-20T09:15:04.440000 -CVE-2024-49328,1,1,0d6ecb7d5c6fcb51275a237ec2f39deaca4172d76585df39c61a1b0c61d9109a,2024-10-20T08:15:03.667000 -CVE-2024-49329,1,1,59670216a09b4738ba946011f66a4c6a99a3913bbd36d8936b66a62208466f47,2024-10-20T09:15:04.860000 +CVE-2024-49323,0,0,a0c9fe1ee25043a5c6ce05b64b3da5b674bffb891728ab885f2c49640cf68957,2024-10-20T08:15:03.460000 +CVE-2024-49324,0,0,cc2f963c5f422ee0027ce69cf8bf6eafe929476dcf60ea9a2e07206d47bfbab4,2024-10-20T09:15:03.227000 +CVE-2024-49325,1,1,9df72777228182d0a9090ef68eaab934638b83a097fc69885b6bb8855853ca58,2024-10-20T11:15:03.657000 +CVE-2024-49326,0,0,d7908215e9d2214195d5bc633c5438a600bd9c43bad62020f15072425e6fcc81,2024-10-20T09:15:03.750000 +CVE-2024-49327,0,0,e41bb1c667eb48938a61682c1c37a793df0b5de0b414fa2a241672410499ff91,2024-10-20T09:15:04.440000 +CVE-2024-49328,0,0,0d6ecb7d5c6fcb51275a237ec2f39deaca4172d76585df39c61a1b0c61d9109a,2024-10-20T08:15:03.667000 +CVE-2024-49329,0,0,59670216a09b4738ba946011f66a4c6a99a3913bbd36d8936b66a62208466f47,2024-10-20T09:15:04.860000 CVE-2024-4933,0,0,4d4c0ec531cab6a4561c767f5a9082d29f26ceefaadcc74bb08507bf05ca5d17,2024-06-04T19:20:54.643000 -CVE-2024-49330,1,1,4a14d60e6487eed0a0e509e68520c01a154c90f737f6d3f17ca17d212bc1005a,2024-10-20T09:15:05.133000 -CVE-2024-49331,1,1,8315190692b66bdd9dc06750b13ee16e7d7ed6ee7975da2ee77eecdc1b9ec128,2024-10-20T09:15:05.377000 -CVE-2024-49332,1,1,b946a62d8dd58f6ed9eeec4e464b268cf9dc10e8958bc966734228931575c636,2024-10-20T09:15:05.560000 -CVE-2024-49334,1,1,593a46afaef51690e8b3758fb4bd27c91fe210e50d585ffc4f5027ebabcfb2a7,2024-10-20T08:15:03.907000 +CVE-2024-49330,0,0,4a14d60e6487eed0a0e509e68520c01a154c90f737f6d3f17ca17d212bc1005a,2024-10-20T09:15:05.133000 +CVE-2024-49331,0,0,8315190692b66bdd9dc06750b13ee16e7d7ed6ee7975da2ee77eecdc1b9ec128,2024-10-20T09:15:05.377000 +CVE-2024-49332,0,0,b946a62d8dd58f6ed9eeec4e464b268cf9dc10e8958bc966734228931575c636,2024-10-20T09:15:05.560000 +CVE-2024-49334,0,0,593a46afaef51690e8b3758fb4bd27c91fe210e50d585ffc4f5027ebabcfb2a7,2024-10-20T08:15:03.907000 +CVE-2024-49335,1,1,bd3d818e564d33e1dded1c7c97e9cc68566642cdf9b198edaa39fc72b391f966,2024-10-20T10:15:03.430000 CVE-2024-4934,0,0,fd5d4b9709dde517f56a9aae7369c165c45ceba9bcf88bee680213c2fc56b62f,2024-08-01T13:59:37.220000 CVE-2024-49340,0,0,37285f025630fd9eb79c4269f84ef859e190bfac2e34728b5f3d3dbad2273eb0,2024-10-16T16:38:14.557000 CVE-2024-4936,0,0,51b2c41822c3ce01e84bd55c02328ac3499013d52d632d2af56d406c35d5a658,2024-08-06T18:29:27.013000 @@ -262519,23 +262530,37 @@ CVE-2024-49580,0,0,2a4b2f9ee960712197ef0f3776cc1a15f015ed4f9adbe3a24755a9ff67152 CVE-2024-4959,0,0,862ee7700763d202e5d5dada80050e48cca3b83d56a63673f2017bcf5adb7503,2024-07-03T02:08:22.750000 CVE-2024-49593,0,0,28b8568333d09b89b040a623f287dcf302e51d7008368ee150b7fde946577e54,2024-10-18T12:53:04.627000 CVE-2024-4960,0,0,1e2962fabc78c9680506fb58bfd339ee733c096965130a77b4df6d334c6fc642,2024-08-01T21:15:53.753000 -CVE-2024-49604,1,1,b40933b0080b8f014da1d2708b99a9bd5694c1bc5fb401c2b9cc2bcd9eb9aabe,2024-10-20T08:15:04.117000 -CVE-2024-49606,1,1,970c4f813628b1c92dfe10abaccfba5e5bb9dcacf698b41a73eab726e1985769,2024-10-20T08:15:04.323000 -CVE-2024-49607,1,1,394d1823ee45ac19dcec09bf4d66a301e3354aa44e2c061cc1cf9d5564aabd0c,2024-10-20T09:15:05.763000 -CVE-2024-49608,1,1,5703481f68249d421fa1894222a1c8fdcb1148e41f290d4834fe8cacc7c5c9f2,2024-10-20T09:15:05.973000 +CVE-2024-49604,0,0,b40933b0080b8f014da1d2708b99a9bd5694c1bc5fb401c2b9cc2bcd9eb9aabe,2024-10-20T08:15:04.117000 +CVE-2024-49605,1,1,c8b91a8df179cf12f03687dece48dc98c1d85430d37b748abd1280f9ac90fef4,2024-10-20T10:15:03.640000 +CVE-2024-49606,0,0,970c4f813628b1c92dfe10abaccfba5e5bb9dcacf698b41a73eab726e1985769,2024-10-20T08:15:04.323000 +CVE-2024-49607,0,0,394d1823ee45ac19dcec09bf4d66a301e3354aa44e2c061cc1cf9d5564aabd0c,2024-10-20T09:15:05.763000 +CVE-2024-49608,0,0,5703481f68249d421fa1894222a1c8fdcb1148e41f290d4834fe8cacc7c5c9f2,2024-10-20T09:15:05.973000 +CVE-2024-49609,1,1,4778251f408a40d30b7e076a1848a5654ebb60d92bbab4b5ff2405754725f4f5,2024-10-20T10:15:03.860000 CVE-2024-4961,0,0,fcb73b246c680abaae254870453939d7dbf5d8c46c3dbb2f7ab747d994c3a111,2024-08-01T21:15:53.893000 -CVE-2024-49610,1,1,b101be7ee593fa54887871bddc9d836a4ce7e6f96fc62bf46db38e2c2511cac7,2024-10-20T09:15:06.190000 -CVE-2024-49611,1,1,c4b41ef91e7d543f2fac2d2d92091ee29cb741f381295d71e0c877c5c7190fbe,2024-10-20T08:15:04.523000 +CVE-2024-49610,0,0,b101be7ee593fa54887871bddc9d836a4ce7e6f96fc62bf46db38e2c2511cac7,2024-10-20T09:15:06.190000 +CVE-2024-49611,0,0,c4b41ef91e7d543f2fac2d2d92091ee29cb741f381295d71e0c877c5c7190fbe,2024-10-20T08:15:04.523000 +CVE-2024-49612,1,1,1f797abcb29039806457eb80ab51d9cfab363b16d4515478a67f891fedb83f0b,2024-10-20T10:15:04.053000 +CVE-2024-49613,1,1,6a532176e64e3612e2a88812ebe12c2511283729c5d5f714ddef0cc53ed53a27,2024-10-20T10:15:04.263000 +CVE-2024-49614,1,1,84fe2b3b72d127ff552f39d783df59f42f757358082fb079bf106cae073efc25,2024-10-20T10:15:04.477000 +CVE-2024-49615,1,1,9cb61e08d9f5dcae695c862084239d672f4ec44827983f70bbc01022c2d0a033,2024-10-20T10:15:04.690000 +CVE-2024-49616,1,1,08a9e0f59c6b404014ce65c231be180ec79f795845c1bab9ffd0df79d2008ad0,2024-10-20T10:15:04.903000 +CVE-2024-49617,1,1,d075fcb8ec40d8bae8573a2f5874c6b74fac10a3d394d8fd4dccd93695539aaa,2024-10-20T10:15:05.130000 +CVE-2024-49618,1,1,b5f1ea0b2c5a87c5276afadfd5e726e1641cbabe6853546de5104fa8ab70155e,2024-10-20T10:15:05.347000 +CVE-2024-49619,1,1,83f0f55d3ff0f5cb31a21bc15d7d560fa98e859db7849c6a97176ad4dbfab637,2024-10-20T10:15:05.560000 CVE-2024-4962,0,0,b9e851b58a3c7e382510249caa4fcb1d6185432495cf3586b8784f0d9e4becfd,2024-08-01T21:15:54 -CVE-2024-49621,1,1,31c5fc383c2bcd92c8016fc1e37275b190c35f48a40db581601ab773f1a0cc51,2024-10-20T09:15:06.390000 -CVE-2024-49622,1,1,bc572e3dd5a73f77b49c87edadcb0ac0fb6fabc75afd5e88d295cad9a4c6127f,2024-10-20T09:15:06.613000 -CVE-2024-49623,1,1,f6c67fa2af542014e989cfcfe48235a26dcefd0e335430c5b37d90bf937998d5,2024-10-20T09:15:06.810000 -CVE-2024-49624,1,1,8847baeee1605f47537944445db3a53a137bb62a458b2490652be0df62649a76,2024-10-20T09:15:07.013000 -CVE-2024-49625,1,1,b834beffa72f84e4ed52feffb817767630e94087ee1dc7bde031b748f614fba0,2024-10-20T09:15:07.220000 -CVE-2024-49626,1,1,8eec36db163acf17703deb452e38c37d7800102b1591ba9946f04fb09303b66d,2024-10-20T08:15:04.730000 +CVE-2024-49620,1,1,ace0e3dd31da55f7042660788ac8aa4459be4ba98045162f791a388c1ba91743,2024-10-20T10:15:05.770000 +CVE-2024-49621,0,0,31c5fc383c2bcd92c8016fc1e37275b190c35f48a40db581601ab773f1a0cc51,2024-10-20T09:15:06.390000 +CVE-2024-49622,0,0,bc572e3dd5a73f77b49c87edadcb0ac0fb6fabc75afd5e88d295cad9a4c6127f,2024-10-20T09:15:06.613000 +CVE-2024-49623,0,0,f6c67fa2af542014e989cfcfe48235a26dcefd0e335430c5b37d90bf937998d5,2024-10-20T09:15:06.810000 +CVE-2024-49624,0,0,8847baeee1605f47537944445db3a53a137bb62a458b2490652be0df62649a76,2024-10-20T09:15:07.013000 +CVE-2024-49625,0,0,b834beffa72f84e4ed52feffb817767630e94087ee1dc7bde031b748f614fba0,2024-10-20T09:15:07.220000 +CVE-2024-49626,0,0,8eec36db163acf17703deb452e38c37d7800102b1591ba9946f04fb09303b66d,2024-10-20T08:15:04.730000 +CVE-2024-49627,1,1,c69f9e379c7eae08bd88d21a253d9105fda03949487beddc18e488db1f228fdd,2024-10-20T11:15:03.873000 +CVE-2024-49628,1,1,2fab35dba9c95af63e2ac61ab446f4d0add0a5713e0f15831fa201deddba9332,2024-10-20T11:15:04.077000 +CVE-2024-49629,1,1,250a834ce1e45a2303a39b725561ab1ce639b8f64d3f703144b8e46fe79d7b65,2024-10-20T10:15:05.990000 CVE-2024-4963,0,0,ef1fba35c0790604656a5e5622c9c7f4af0f1d1414e5784cd7a21207910d8397,2024-08-01T21:15:54.113000 -CVE-2024-49630,1,1,c6691254deb15688d63a82ac964df1c02ee7fab215e1972b2aba0fd7a14bf009,2024-10-20T08:15:04.933000 -CVE-2024-49631,1,1,8a93e4c32c1333afdbac1599269c1679d369ac64b691a32e25df596e3de86d58,2024-10-20T08:15:05.130000 +CVE-2024-49630,0,0,c6691254deb15688d63a82ac964df1c02ee7fab215e1972b2aba0fd7a14bf009,2024-10-20T08:15:04.933000 +CVE-2024-49631,0,0,8a93e4c32c1333afdbac1599269c1679d369ac64b691a32e25df596e3de86d58,2024-10-20T08:15:05.130000 CVE-2024-4964,0,0,786ceb95d48675f478c0edd25187f0304d39eb81096edb79d2e9ae0401f68be3,2024-08-01T21:15:54.223000 CVE-2024-4965,0,0,5bd9bf33c1ad1b27237ab2761363d4d9817c8f50155c84d844f98b12772718a0,2024-08-08T15:15:18.730000 CVE-2024-4966,0,0,ca96dc16e6a41cb4de3af3c10d7787996b0688fd8eb0522e09efb3ad5052b418,2024-05-17T02:40:44.507000