admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-19T04:00:37.958540+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-19 04:03:26 +00:00
parent 09cdca3531
commit d49a69214f
36 changed files with 1479 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2022/CVE-2022-316xx/CVE-2022-31629.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-31629",
"sourceIdentifier": "security@php.net",
"published": "2022-09-28T23:15:10.540",
"lastModified": "2023-11-07T03:47:40.123",
"lastModified": "2024-04-19T02:15:06.403",
"vulnStatus": "Modified",
"descriptions": [
{
@ -167,6 +167,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNIEABBH5XCXLFWWZYIDE457SPEDZTXV/",
"source": "security@php.net"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGWIK3HMBACERGB4TSBB2JUOMPYY2VKY/",
"source": "security@php.net"
},
{
"url": "https://security.gentoo.org/glsa/202211-03",
"source": "security@php.net",

6
CVE-2023/CVE-2023-509xx/CVE-2023-50967.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50967",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-20T16:15:07.570",
"lastModified": "2024-03-20T17:18:21.343",
"lastModified": "2024-04-19T02:15:06.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -19,6 +19,10 @@
{
"url": "https://github.com/latchset/jose",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OOBFVMOAV732C7PY74AHJ62ZNKT3ISZ6/",
"source": "cve@mitre.org"
}
]
}

43
CVE-2024/CVE-2024-220xx/CVE-2024-22061.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-22061",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:06.737",
"lastModified": "2024-04-19T02:15:06.737",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23526.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23526",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:07.040",
"lastModified": "2024-04-19T02:15:07.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23528.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23528",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:07.207",
"lastModified": "2024-04-19T02:15:07.207",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23529.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23529",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:07.360",
"lastModified": "2024-04-19T02:15:07.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23530.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23530",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:07.520",
"lastModified": "2024-04-19T02:15:07.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23531.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23531",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:07.670",
"lastModified": "2024-04-19T02:15:07.670",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to perform denial of service attacks. In certain rare conditions this could also lead to reading content from memory. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23532.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23532",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:07.823",
"lastModified": "2024-04-19T02:15:07.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds Read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks. In certain conditions this could also lead to remote code execution. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23533.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23533",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:07.980",
"lastModified": "2024-04-19T02:15:07.980",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23534.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23534",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:08.137",
"lastModified": "2024-04-19T02:15:08.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-235xx/CVE-2024-23535.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-23535",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:08.300",
"lastModified": "2024-04-19T02:15:08.300",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24991.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24991",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:08.460",
"lastModified": "2024-04-19T02:15:08.460",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Null Pointer Dereference vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24992.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24992",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:08.613",
"lastModified": "2024-04-19T02:15:08.613",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "ZDI-CAN-22854https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24993.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24993",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:08.770",
"lastModified": "2024-04-19T02:15:08.770",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24994.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24994",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:08.923",
"lastModified": "2024-04-19T02:15:08.923",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24995.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24995",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:09.083",
"lastModified": "2024-04-19T02:15:09.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24996.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24996",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:09.240",
"lastModified": "2024-04-19T02:15:09.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24997.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24997",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:09.393",
"lastModified": "2024-04-19T02:15:09.393",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24998.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24998",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:09.543",
"lastModified": "2024-04-19T02:15:09.543",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-249xx/CVE-2024-24999.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-24999",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:09.690",
"lastModified": "2024-04-19T02:15:09.690",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-250xx/CVE-2024-25000.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-25000",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:09.853",
"lastModified": "2024-04-19T02:15:09.853",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-279xx/CVE-2024-27975.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-27975",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:10.007",
"lastModified": "2024-04-19T02:15:10.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-279xx/CVE-2024-27976.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-27976",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:10.150",
"lastModified": "2024-04-19T02:15:10.150",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-279xx/CVE-2024-27977.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-27977",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:10.303",
"lastModified": "2024-04-19T02:15:10.303",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete arbitrary files, thereby leading to Denial-of-Service. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-279xx/CVE-2024-27978.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-27978",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:10.447",
"lastModified": "2024-04-19T02:15:10.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Null Pointer Dereference vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-279xx/CVE-2024-27984.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-27984",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:10.597",
"lastModified": "2024-04-19T02:15:10.597",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete specific type of files and/or cause denial of service. "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

43
CVE-2024/CVE-2024-292xx/CVE-2024-29204.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2024-29204",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-04-19T02:15:10.760",
"lastModified": "2024-04-19T02:15:10.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands "
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "support@hackerone.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US",
"source": "support@hackerone.com"
}
]
}

47
CVE-2024/CVE-2024-35xx/CVE-2024-3560.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3560",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-19T02:15:10.913",
"lastModified": "2024-04-19T02:15:10.913",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the _id value in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3072233%40learnpress&new=3072233%40learnpress&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ea002da-bf37-4c6d-a46e-4f0e7f8968ad?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-35xx/CVE-2024-3598.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3598",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-19T02:15:11.083",
"lastModified": "2024-04-19T02:15:11.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Creative Button widget in all versions up to, and including, 3.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpmet.com/plugin/elementskit/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9e4b14f-0f55-47bc-8e40-19b262e50561?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-36xx/CVE-2024-3600.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3600",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-19T03:15:06.300",
"lastModified": "2024-04-19T03:15:06.300",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Poll Maker \u2013 Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the ays_poll_maker_quick_start AJAX action in addition to insufficient escaping and sanitization in all versions up to, and including, 5.1.8. This makes it possible for unauthenticated attackers to create quizzes and inject malicious web scripts into them that execute when a user visits the page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3071296%40poll-maker&new=3071296%40poll-maker&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fec015e1-7f64-4917-a242-90bd1135f680?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-36xx/CVE-2024-3615.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3615",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-19T03:15:06.470",
"lastModified": "2024-04-19T03:15:06.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Media Library Folders plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 8.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3072498%40media-library-plus&new=3072498%40media-library-plus&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f550bac-b047-4276-bde5-c15bfd4ceb49?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-37xx/CVE-2024-3731.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3731",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-19T03:15:06.633",
"lastModified": "2024-04-19T03:15:06.633",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 5.47.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3072688/customer-reviews-woocommerce/trunk/includes/reminders/class-cr-reminders-log-table.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3489038-2833-4080-b802-5733afab5de8?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-38xx/CVE-2024-3818.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3818",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-19T03:15:06.800",
"lastModified": "2024-04-19T03:15:06.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's \"Social Icons\" block in all versions up to, and including, 4.5.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3072932/essential-blocks/tags/4.5.10/blocks/social/src/components/depricated-social-links-1.js",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b226067-0287-4f7e-9415-dc3c83f2fd27?source=cve",
"source": "security@wordfence.com"
}
]
}

40
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-04-19T02:00:30.076854+00:00
2024-04-19T04:00:37.958540+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-04-19T01:15:06.297000+00:00
2024-04-19T03:15:06.800000+00:00
```
### Last Data Feed Release
@ -33,22 +33,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
246315
246347
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `32`
- [CVE-2024-30938](CVE-2024/CVE-2024-309xx/CVE-2024-30938.json) (`2024-04-19T00:15:10.623`)
- [CVE-2024-31750](CVE-2024/CVE-2024-317xx/CVE-2024-31750.json) (`2024-04-19T00:15:10.690`)
- [CVE-2024-23533](CVE-2024/CVE-2024-235xx/CVE-2024-23533.json) (`2024-04-19T02:15:07.980`)
- [CVE-2024-23534](CVE-2024/CVE-2024-235xx/CVE-2024-23534.json) (`2024-04-19T02:15:08.137`)
- [CVE-2024-23535](CVE-2024/CVE-2024-235xx/CVE-2024-23535.json) (`2024-04-19T02:15:08.300`)
- [CVE-2024-24991](CVE-2024/CVE-2024-249xx/CVE-2024-24991.json) (`2024-04-19T02:15:08.460`)
- [CVE-2024-24992](CVE-2024/CVE-2024-249xx/CVE-2024-24992.json) (`2024-04-19T02:15:08.613`)
- [CVE-2024-24993](CVE-2024/CVE-2024-249xx/CVE-2024-24993.json) (`2024-04-19T02:15:08.770`)
- [CVE-2024-24994](CVE-2024/CVE-2024-249xx/CVE-2024-24994.json) (`2024-04-19T02:15:08.923`)
- [CVE-2024-24995](CVE-2024/CVE-2024-249xx/CVE-2024-24995.json) (`2024-04-19T02:15:09.083`)
- [CVE-2024-24996](CVE-2024/CVE-2024-249xx/CVE-2024-24996.json) (`2024-04-19T02:15:09.240`)
- [CVE-2024-24997](CVE-2024/CVE-2024-249xx/CVE-2024-24997.json) (`2024-04-19T02:15:09.393`)
- [CVE-2024-24998](CVE-2024/CVE-2024-249xx/CVE-2024-24998.json) (`2024-04-19T02:15:09.543`)
- [CVE-2024-24999](CVE-2024/CVE-2024-249xx/CVE-2024-24999.json) (`2024-04-19T02:15:09.690`)
- [CVE-2024-25000](CVE-2024/CVE-2024-250xx/CVE-2024-25000.json) (`2024-04-19T02:15:09.853`)
- [CVE-2024-27975](CVE-2024/CVE-2024-279xx/CVE-2024-27975.json) (`2024-04-19T02:15:10.007`)
- [CVE-2024-27976](CVE-2024/CVE-2024-279xx/CVE-2024-27976.json) (`2024-04-19T02:15:10.150`)
- [CVE-2024-27977](CVE-2024/CVE-2024-279xx/CVE-2024-27977.json) (`2024-04-19T02:15:10.303`)
- [CVE-2024-27978](CVE-2024/CVE-2024-279xx/CVE-2024-27978.json) (`2024-04-19T02:15:10.447`)
- [CVE-2024-27984](CVE-2024/CVE-2024-279xx/CVE-2024-27984.json) (`2024-04-19T02:15:10.597`)
- [CVE-2024-29204](CVE-2024/CVE-2024-292xx/CVE-2024-29204.json) (`2024-04-19T02:15:10.760`)
- [CVE-2024-3560](CVE-2024/CVE-2024-35xx/CVE-2024-3560.json) (`2024-04-19T02:15:10.913`)
- [CVE-2024-3598](CVE-2024/CVE-2024-35xx/CVE-2024-3598.json) (`2024-04-19T02:15:11.083`)
- [CVE-2024-3600](CVE-2024/CVE-2024-36xx/CVE-2024-3600.json) (`2024-04-19T03:15:06.300`)
- [CVE-2024-3615](CVE-2024/CVE-2024-36xx/CVE-2024-3615.json) (`2024-04-19T03:15:06.470`)
- [CVE-2024-3731](CVE-2024/CVE-2024-37xx/CVE-2024-3731.json) (`2024-04-19T03:15:06.633`)
- [CVE-2024-3818](CVE-2024/CVE-2024-38xx/CVE-2024-3818.json) (`2024-04-19T03:15:06.800`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `2`
- [CVE-2024-22857](CVE-2024/CVE-2024-228xx/CVE-2024-22857.json) (`2024-04-19T01:15:06.297`)
- [CVE-2022-31629](CVE-2022/CVE-2022-316xx/CVE-2022-31629.json) (`2024-04-19T02:15:06.403`)
- [CVE-2023-50967](CVE-2023/CVE-2023-509xx/CVE-2023-50967.json) (`2024-04-19T02:15:06.647`)
## Download and Usage

42
_state.csv
View File

@ -198882,7 +198882,7 @@ CVE-2022-31625,0,0,438f51ed37efdd0f37f6d666c41e13c922d645462042644d552444beb2893
CVE-2022-31626,0,0,ef6dc3537ebac378c37f6b29679033faa0e66cd614afadf8401bca607189aac0,2023-11-07T03:47:39.910000
CVE-2022-31627,0,0,7d78227a8a09dc458e207f42ac43f75d0a540fefcbcbf9a3051a8d15dae1bfd4,2022-10-25T19:45:51.713000
CVE-2022-31628,0,0,b4c2e253846df6c22d8026e543608c46120fd4290728694897cb985dd5dbd598,2023-11-07T03:47:40.020000
CVE-2022-31629,0,0,de1da1a00789715b4f16031af6680dc0e3ff667c32f911f6eac69d8b29ee4d57,2023-11-07T03:47:40.123000
CVE-2022-31629,0,1,22c0d04cd0b2312202f6bf20554e3967c7d1de081f962ad1bd9a4ef5259b0a49,2024-04-19T02:15:06.403000
CVE-2022-31630,0,0,e06ddec1981eadb9721ae08d4fa211b06905c3af1853a23962180bfdeb065f63,2024-04-02T03:15:07.973000
CVE-2022-31635,0,0,9aba2adaa5ac45a66206aca6a1117959c363074715ab44bea1ccb208267fb05c,2023-06-29T20:00:00.027000
CVE-2022-31636,0,0,6c47ecfbb6099f0ee0889e49844db05a75cdd9063b7183137c37f8a5f7136e7d,2023-06-29T19:59:04.183000
@ -235515,7 +235515,7 @@ CVE-2023-50962,0,0,365daa63183eee3bc8e35da897e2163d0fc458ef66adb39b8eb249f4c8a96
CVE-2023-50963,0,0,f8ab53d3916fdeb747721dbad810b91a4d8cca1f3447b9dedd0b7a0a236caf08,2024-01-24T21:22:22.293000
CVE-2023-50965,0,0,7d1de52a11bce456c4c16ef773b97b5e53898c75617739b3525f486b2a63242b,2023-12-20T20:02:23.497000
CVE-2023-50966,0,0,a6b32088d0a5d6ef9a7d587370f326ae2061a7a42b121ce18c85e023136aaec3,2024-03-19T16:33:58.680000
CVE-2023-50967,0,0,e7275f5421060fa4a23558f3de048079c5bd4b92f10c40b901ed9b5833ad424c,2024-03-20T17:18:21.343000
CVE-2023-50967,0,1,12bb7f0dff7e3d63fd2b842969de14e4cd57549356d28acf1add50bcb3fe29e3,2024-04-19T02:15:06.647000
CVE-2023-50968,0,0,1be7697af13b25532d69588f5ad5851b1702b3a38866422424919ca1d182ecbc,2024-01-04T03:01:53.323000
CVE-2023-50969,0,0,bb94921a2527ad8ea690ec8f59e05882c7ba69efcf4869797a81c6ea2421ddb2,2024-03-29T12:45:02.937000
CVE-2023-5097,0,0,0f86cc372d2c26b6541ac3ec5ba289a39a168bf65c355711efa9e745857fe3d2,2024-01-23T19:29:08.583000
@ -240879,6 +240879,7 @@ CVE-2024-22052,0,0,0227f99d44e89893938b4544ca95dcc1c41e798d05744c94fdce48542d951
CVE-2024-22053,0,0,8caa4e40ec88ec96bdfc5af942e0f8feb54eb37f45d5fc1c8cea6c8e5bc74f38,2024-04-08T22:53:03.443000
CVE-2024-22054,0,0,ea7f90611fdd0de53fc019330b39d133a7eda202c929c51b6ca495fd39ad0bf5,2024-03-04T02:15:16.820000
CVE-2024-2206,0,0,89bb78f285eca92521ddf90479f409077fb3db3aa39188b40e35723bcbb7e9a7,2024-04-16T12:15:10.187000
CVE-2024-22061,1,1,e8a542b661be86d1ff148b359282c598c34236fa753634568502a080f8b7649d,2024-04-19T02:15:06.737000
CVE-2024-22075,0,0,e134c94ca50cfff14da7c6327f518dbd409e37e86810fc1b2a583012e3bdb9ef,2024-01-10T15:06:42.563000
CVE-2024-22076,0,0,07315b2e9c67887db1f24ee7d086d2a66716d3e4f66007058ad41d66ed9f1af5,2024-02-22T02:15:49.207000
CVE-2024-22077,0,0,c010b475c096f83047fe91548c8adb99de7b2e98732b452c87e82aaa319a4fd8,2024-03-20T13:00:16.367000
@ -241285,7 +241286,7 @@ CVE-2024-22851,0,0,e3b3a4173f66bde18bcde8b4d6e07ed058612b81ace293aa36efd8837ff83
CVE-2024-22852,0,0,fba9226bfac500a19dd8b91a9788eed1682675a652e0b6dd1f0ee08e7df876f5,2024-02-13T18:16:51.790000
CVE-2024-22853,0,0,ec6a06bd931391a16658f5323e2bffe5ddc884df4aacc34598a685bd3979b258,2024-02-12T17:50:31.950000
CVE-2024-22854,0,0,8b8b90cd6c1c9786e2fb5396ca19284ddab9c4ff42eae4bf034495afa4860075,2024-02-16T13:37:51.433000
CVE-2024-22857,0,1,dc8c498662e053f2e9a39f301d349f3ad8950912cf2843180c278fecc58efab5,2024-04-19T01:15:06.297000
CVE-2024-22857,0,0,dc8c498662e053f2e9a39f301d349f3ad8950912cf2843180c278fecc58efab5,2024-04-19T01:15:06.297000
CVE-2024-22859,0,0,f21c1f55163f2e8148347c74f0ecf53a5beec677d1447140d631069d639d308a,2024-04-11T01:24:46.117000
CVE-2024-2286,0,0,657861131740076699183211e8ffc4b18c067668bfd7d2635b81e0ec9c54a21c,2024-03-13T18:15:58.530000
CVE-2024-22860,0,0,2356d6c888fca02c70325b51a39623a7535f82a709f9194a1301833cd9cbfe59,2024-02-02T23:38:02.733000
@ -241610,7 +241611,16 @@ CVE-2024-2352,0,0,4e557b152eefae695561e230a32bfaca007da659d839878dfb899183cdbcae
CVE-2024-23520,0,0,6231203085a20b2d4cba5048549458f88829476b5e6533d86ed85baf0d8a6576,2024-03-26T12:55:05.010000
CVE-2024-23523,0,0,13316361d7846e6bf749bdea54d907de9d96954e12edb4899346015be33f686c,2024-03-17T22:38:29.433000
CVE-2024-23525,0,0,d87ac004ae364b7188eb5b5618bc7a0354a8aea809beaa37863d308d19bc3d3a,2024-01-27T22:15:08.360000
CVE-2024-23526,1,1,60f1def13e0982102ed4eef847ffe4fd389876b33123a4849d5728b85615675c,2024-04-19T02:15:07.040000
CVE-2024-23528,1,1,e84808ec6dc65e57666edb143746b9404435e85ab736063533a870cce906ea99,2024-04-19T02:15:07.207000
CVE-2024-23529,1,1,63feb4b82c5893d4639def133fc282c5db30ac976ae8a42f91fbd91b0bbb33e5,2024-04-19T02:15:07.360000
CVE-2024-2353,0,0,7b6a09da18e3356abf43fe748f30abce941d0a80813a4afe868b4c3998caa4f6,2024-04-11T01:25:22.793000
CVE-2024-23530,1,1,9cd77c811fcd4059e410102e1f8e325607191dc32d0757f1c24b1861898b7ed5,2024-04-19T02:15:07.520000
CVE-2024-23531,1,1,b4924610be0a6bc30e9c3e63568bff9b6083c978f1f3f52341b28d4920bb203d,2024-04-19T02:15:07.670000
CVE-2024-23532,1,1,dc92f2a07ba51714071b63d9e28321269122591161c8390df6761f58b99e26d0,2024-04-19T02:15:07.823000
CVE-2024-23533,1,1,0c8e1bcbb9f40d862769dc2add3c281c7ef6343317b5e6ca9cc36e06f4315e8b,2024-04-19T02:15:07.980000
CVE-2024-23534,1,1,ef74a0dd0314945325d1a8e31d8170cac14a614f20e4f9700d263b12b412b36f,2024-04-19T02:15:08.137000
CVE-2024-23535,1,1,42bf5199fdef91c494f586d03e6509fd440e330e7dcbc480b5e558679fad90f5,2024-04-19T02:15:08.300000
CVE-2024-23537,0,0,3141688dd801e454be9447130f7b415e0f5bc7bca5ca3be2a2b093257dc7db9c,2024-04-01T01:12:59.077000
CVE-2024-23538,0,0,2161270bfebb766b7866bad72736a00fa39a5426395831d5c3b05cd14292a7a2,2024-04-01T01:12:59.077000
CVE-2024-23539,0,0,abcc942e6cc6657769242b12d492f0941444ed9a95a188b732e1e59a56ce16fd,2024-04-01T01:12:59.077000
@ -242355,7 +242365,17 @@ CVE-2024-24988,0,0,5be9c22e9d6c42885be25053a8e3f832fee202eb91ce1cb05a36918eae761
CVE-2024-24989,0,0,d97e7d59a888108ba0075e9a97f262f9ddf8641635a797a2d7dbde62ef345a25,2024-02-14T18:04:45.380000
CVE-2024-2499,0,0,937cfbbbcabf9a44c0364bd98cffe1d075baa5b58aa206a922d3f920fb87da2d,2024-04-08T18:49:25.863000
CVE-2024-24990,0,0,8460904a0a222feea20d2b8fa6ac812aab0f6e9d5924ea842cc9dfa3c9617545,2024-02-14T18:04:45.380000
CVE-2024-24991,1,1,c6b0c287a05b82aa0f18fc818b525cefef87ec1fb374ab5237697acd018208d2,2024-04-19T02:15:08.460000
CVE-2024-24992,1,1,18cafd8929ac70b94577d468ef59fe0a74f7c1040ad0ab727b66647eccbac50a,2024-04-19T02:15:08.613000
CVE-2024-24993,1,1,c07c57230c892a2a5cf0a398e334b0ed2a7fe6b00ee645fa8a40664f15fe9310,2024-04-19T02:15:08.770000
CVE-2024-24994,1,1,5bdf626db1b50967aeb647f0551c624ae86fad484fc2910f54c091bd745e1aa7,2024-04-19T02:15:08.923000
CVE-2024-24995,1,1,eaf8d77c9243a299cafdf4c95c99b1358d0fb6acf2514271e9679cfbfa90f889,2024-04-19T02:15:09.083000
CVE-2024-24996,1,1,deb5f386e72ea739b70b84a9672343433733f07c7a51992569a99551c1fc72fb,2024-04-19T02:15:09.240000
CVE-2024-24997,1,1,ebc9d66a5a3b6c2a008d6c76f10110208a40ae6f813a229f2382040e45bb5964,2024-04-19T02:15:09.393000
CVE-2024-24998,1,1,3fe9bb99db7308ca0c6901b61097798161240abdf901d7b9257142eb9874be5e,2024-04-19T02:15:09.543000
CVE-2024-24999,1,1,518641239336b6fc77e3e1247573104f8b41ee09de3e1ad83b1d2adba8a40e4b,2024-04-19T02:15:09.690000
CVE-2024-2500,0,0,f5c841f144cdfe7169c1d4e3da08b5dd9b9f87140741671656f61d60bd0ec54e,2024-03-22T12:45:36.130000
CVE-2024-25000,1,1,e25dd064695d45fae0b961e6afe138d18407b0f9387d3d9f91c60e35dec23d1c,2024-04-19T02:15:09.853000
CVE-2024-25001,0,0,c1f11a8c76d43265d10cf34f1d6db6525f3220be11629d1b39a2f52375286f02,2024-02-02T09:15:37.527000
CVE-2024-25002,0,0,5b471b86f2b8e38328babfc3642e60a83c0e02cb964240f5f385287d2af3cff0,2024-03-25T16:43:06.137000
CVE-2024-25003,0,0,81fc44567692de3ff8c7fc733c0c0e2d235894df02bbd6e47e58282e052331c4,2024-02-14T20:15:45.910000
@ -243962,8 +243982,13 @@ CVE-2024-27969,0,0,eb302d2058dff500ab911479996ba4d74069db5175238a6a6a178ecc6d1e3
CVE-2024-27970,0,0,400f0279b55b3a379ae4cb2321b0f7168d543425d3ae3678bf6361a1a4e68ba1,2024-04-11T12:47:44.137000
CVE-2024-27972,0,0,e0f7933a8078741e5e2cdbc1c8aaffaa42eca2ccffc4cf4f10a410272b4fcf47,2024-04-03T12:38:04.840000
CVE-2024-27974,0,0,c5d12161a6a294fb4d33a068888d07d2dec693f9073d8d47f06182bf4fe2779a,2024-03-18T12:38:25.490000
CVE-2024-27975,1,1,f3170914807ad32195a7c7eb9996f192a631dc7df85f47d3c5fe358e48b1ed09,2024-04-19T02:15:10.007000
CVE-2024-27976,1,1,1d5e1ce12b5ea38899ec8f326a895edbf5192f82f61e07ef09af8dfc4f2ba654,2024-04-19T02:15:10.150000
CVE-2024-27977,1,1,70a643385facb14247e3547392dd309f56efec8e9db5f393e53f50d2d113730b,2024-04-19T02:15:10.303000
CVE-2024-27978,1,1,9d5c55fde4cf2368f2af2e298045fe619af3c06327a8c40c4bcc89f81e6d504d,2024-04-19T02:15:10.447000
CVE-2024-27981,0,0,bca4d502eb0003b495c2e3eabf4c8b77f995ffb842787b13a54996fb18ec7ff9,2024-04-05T12:40:52.763000
CVE-2024-27983,0,0,5d8a6df11a15da2385f41c72a25a785a374e7614ce97421584556107f6abcf28,2024-04-09T12:48:04.090000
CVE-2024-27984,1,1,c8a067e47e84a2180f7bdb9acd8d0d44f722f50a0d033bcebc4fc840fd18261a,2024-04-19T02:15:10.597000
CVE-2024-27985,0,0,955e6906e119ba8a42b7cac63660ecdcdbf497ae4a9c4abc6cb5033779d5aab5,2024-04-11T12:47:44.137000
CVE-2024-27986,0,0,221ac31a72264e8303bc0dc716d0bcad27f92aa2e3b64824247f9d02601983b8,2024-03-14T12:52:09.877000
CVE-2024-27987,0,0,457341cfe208a4dd4f1ca3a12fe23df96b337000dbd585aed58689be29e5bec4,2024-03-15T12:53:06.423000
@ -244564,6 +244589,7 @@ CVE-2024-29200,0,0,2fded465a0d157f739ca7c28831045e810d35e1ed39056bf30a71fa62dc84
CVE-2024-29201,0,0,5033916f5c6e37ebfb2f1925ef22415c52e7214153fce901347173dc9b9eb9c1,2024-04-01T01:12:59.077000
CVE-2024-29202,0,0,2407457fd23b926dc515687b0bc64391303eb3a1899c8635138115822d2488d1,2024-04-01T01:12:59.077000
CVE-2024-29203,0,0,132c3d83e906b655066bee1fc4d3f90e18def73beb9178e8cc6662be34f71a9c,2024-03-26T17:09:53.043000
CVE-2024-29204,1,1,50bcadcffb7042132fe5a6f4e0933ac061049cc3a0ec12ed4ad9761c05371eff,2024-04-19T02:15:10.760000
CVE-2024-2921,0,0,6f7f3b512cf8e7465b0aea1823cce56bf608a3c1f40869feddab084c3da126e6,2024-04-09T19:15:38.423000
CVE-2024-29216,0,0,59c06798795d05e391cdd301154441d31362295e800c3b46a2b7bd83a3e2dbc0,2024-03-25T13:47:14.087000
CVE-2024-29218,0,0,534d5e5cd011d00ac4ec7ef6f7ea20330c5dcb3ce76fa1cbb0c5b3262c626826,2024-04-15T13:15:31.997000
@ -245374,7 +245400,7 @@ CVE-2024-30927,0,0,f0ca620bd380fc4f1ccf67f78c004dabef9fdc1d9d0778dca361e1c58ed74
CVE-2024-30928,0,0,22bcfa61a6efb801c03fe4d44924874ed08d99203f0359224dc9ee60383a39e9,2024-04-18T22:15:10.293000
CVE-2024-30929,0,0,46ebe1aa75ad0dbebaa2c0af2fddb1f94a50a36f7e771317d5d4073a02074018,2024-04-18T22:15:10.343000
CVE-2024-3093,0,0,32bf1c70eab5da7d509a40d74982ac8945909f57d49846c0cf619694e2add382,2024-04-10T13:23:38.787000
CVE-2024-30938,1,1,620a33b3124a7c24d6e0b8dee15b885d0b5336f4dfcd78322070fba8011dfe50,2024-04-19T00:15:10.623000
CVE-2024-30938,0,0,620a33b3124a7c24d6e0b8dee15b885d0b5336f4dfcd78322070fba8011dfe50,2024-04-19T00:15:10.623000
CVE-2024-3094,0,0,cba466c06d21b74e1043491724188f63d6d0b9ba1993a884907c833ea9999b43,2024-04-12T07:15:08.740000
CVE-2024-30946,0,0,0dff329aaece035fc82f00595012379643bd5a0edb89ee3a7369d6609e13a4d1,2024-04-02T18:12:16.283000
CVE-2024-30950,0,0,30e94ba74b1c9e764e05183270b9cbf984b1fc3b08e88dd08137339dc8cca5d1,2024-04-17T20:08:21.887000
@ -245672,7 +245698,7 @@ CVE-2024-31652,0,0,208b4f263a9a44614b423f2ea1b775ae64777df67f6e60b98c2159dddb5c4
CVE-2024-3167,0,0,f4a160a1382e038713f603968880deb87a3b362a15bab9fc55aa42721dc9dd6e,2024-04-10T13:23:38.787000
CVE-2024-31678,0,0,6d17d4ce9eaa15ebb6367a838566d027b53ddba56e09f333fd8cadacfd1d2447,2024-04-12T12:44:04.930000
CVE-2024-31680,0,0,9cd3893ac983fae5e4213584fc439ab2d2b21e3e6bebab8790c0104ed80c76e1,2024-04-17T12:48:07.510000
CVE-2024-31750,1,1,bb9d7af25a5f9577252efc3846a929343145b4a6bcd46fd506a5b87ceda77375,2024-04-19T00:15:10.690000
CVE-2024-31750,0,0,bb9d7af25a5f9577252efc3846a929343145b4a6bcd46fd506a5b87ceda77375,2024-04-19T00:15:10.690000
CVE-2024-31759,0,0,7081cd22df5b9e4148ecc914176fc1f6cc04366073f8b1e4eccd8dfe4f2b7d73,2024-04-17T12:48:07.510000
CVE-2024-31760,0,0,7b1e0b53a94a63e7f108110799c5f85524efc23136fc5608e680b8482e690959,2024-04-17T12:48:07.510000
CVE-2024-3178,0,0,e1b2edc538f836ffb506a17d476e0f961db2588242ddd1b2358ad3487cd818bf,2024-04-04T12:48:41.700000
@ -246182,6 +246208,7 @@ CVE-2024-3541,0,0,8ef69c8e6da7ddd7e7450a9f158541d95c357cb1dd6df6b3a0f6b582158556
CVE-2024-3542,0,0,4d97b2c4768d708eda9f830cb6de715802771123d52ff8ee61d741f1b848e5f9,2024-04-11T01:26:05.483000
CVE-2024-3545,0,0,5bce2ec2b9cfe5866e6246067691b4f478da11354be249c7fe197f29a14875e8,2024-04-10T13:23:38.787000
CVE-2024-3556,0,0,3585ee5c92a9c3d529b040dd670fbfee3d6182484f87bd29638348adaae5ce9a,2024-04-09T22:15:07.470000
CVE-2024-3560,1,1,721f1860e9f6a3cd4e574cbffc6c79a855c47c036adcf2195b6936c67354f175,2024-04-19T02:15:10.913000
CVE-2024-3566,0,0,e417ef1ceca67d3a9a8ba800520d4a9974bcf4eba2e3e6325dafdfbfe6af8d6b,2024-04-10T19:49:51.183000
CVE-2024-3567,0,0,95d4f85888c7c90830bdb6bbe6ab9e66d33c542ba2d85efb396aaa8b077bff79,2024-04-10T19:49:51.183000
CVE-2024-3568,0,0,573133d2a7191a46b0975280ef7162f7787321191e0ad33f2c4c70c7e8d9c3f5,2024-04-10T19:49:51.183000
@ -246192,9 +246219,12 @@ CVE-2024-3572,0,0,fac7085e464e1d98d017bfc9635e53b969d9f55d28ae04030a557f0ab1b043
CVE-2024-3573,0,0,f978306925f93ca64332932b6f5a09fb648fa8e8ad9d4b00bd427fd81ec82478,2024-04-16T13:24:07.103000
CVE-2024-3574,0,0,a6cc99c8a389ea7db1c37fe05b40106752b73810cdac85caab18aeb26d6bc576,2024-04-16T13:24:07.103000
CVE-2024-3575,0,0,59be73eca5c53cbbcf99414bd65c6b74b4dff22ff5983c2d091439c46f610b22,2024-04-16T13:24:07.103000
CVE-2024-3598,1,1,38ea03bb11b2a3dcfea676fa08a3a68a1e817dccb905362a18d6ae9eab2e2f98,2024-04-19T02:15:11.083000
CVE-2024-3600,1,1,5c4d1a0b7fcb3caed4029227172a6ee2b46197f7f7788696f5b2a158073294a3,2024-04-19T03:15:06.300000
CVE-2024-3612,0,0,e0d19b8169faa543fe07df31c32af820c3a5ced7fa57ca7287705d9232ae4829,2024-04-11T12:47:44.137000
CVE-2024-3613,0,0,a614d408e2c081a95a02143aaf10401b031bc93c1ffc8d948d650496e0fce6ef,2024-04-11T12:47:44.137000
CVE-2024-3614,0,0,880d074aab9025081ce04d1528b9be7ca3f1ab52d453f94e3fadd54af8dcf90d,2024-04-11T12:47:44.137000
CVE-2024-3615,1,1,019977664dc3f2a64ef4f145a58c026fe3179a1f15fe62c9c9a2a9bd6394669a,2024-04-19T03:15:06.470000
CVE-2024-3616,0,0,56696ec8b557e5b6fae677fc5434a70e194bb2840cad6b6eaefcd3bcfc031191,2024-04-11T12:47:44.137000
CVE-2024-3617,0,0,c202e45e18a05e224fe886a0e8e50519bc042f3aff5bf662eb5f09ee2f56b21b,2024-04-11T12:47:44.137000
CVE-2024-3618,0,0,4930954b63fbf1867ea6023e0e85abb5ce3c463a36dea55dc99465af5aaf2537,2024-04-11T12:47:44.137000
@ -246224,6 +246254,7 @@ CVE-2024-3707,0,0,cb892298714e8d1628bf09ece0bc00ef0a1a1429034ce83bb3286f4d822c16
CVE-2024-3719,0,0,f291ba68ba6e93978bc9c39b527e377db4603f9cf0b58326694ce4a62db06977,2024-04-15T13:15:31.997000
CVE-2024-3720,0,0,548129ada226460eeed0bbe63afac7cb948fd16d011c5ffd900fa7625265466b,2024-04-15T13:15:31.997000
CVE-2024-3721,0,0,e2cd22ce24461bd25c9ec7cb92e927b75c559a9256137266b8480ef946c8e320,2024-04-15T13:15:31.997000
CVE-2024-3731,1,1,a7fc236793a05fda35ac5ca270bc2fdf422798a2636bdb6be8e8dbdcf4ff667c,2024-04-19T03:15:06.633000
CVE-2024-3735,0,0,9300dd852c0feb2e50ee641119a226f214818e2f2843b357387d0b439146ec2c,2024-04-15T13:15:31.997000
CVE-2024-3736,0,0,8e1e49a70c099a42d25fc2ef350c0eb9767073e2fa96b7ffe6bc4d265c3f8c23,2024-04-15T13:15:31.997000
CVE-2024-3737,0,0,1990edd10a050a438850658c5a42b3f737afd31a7356a3decab691dfe1bc7cad,2024-04-15T13:15:31.997000
@ -246260,6 +246291,7 @@ CVE-2024-3802,0,0,5395fe7b87f4e5ca6c4397aa1001686137daab009656e2126daa68d47ebdf7
CVE-2024-3803,0,0,5839bf1f5fc97242d8c9adb88b40fa5013a07555baee205c3d9bec592a883085,2024-04-16T13:24:07.103000
CVE-2024-3804,0,0,d2c04bcba3b9dcee33d8ad0e898646d48639f7e3e6aed11c413cf03cea6afbe3,2024-04-16T13:24:07.103000
CVE-2024-3817,0,0,46e4b3903939ad7f28eeb8afee28fc4c5b18be71847d60ae426ede3b66e11122,2024-04-18T13:04:28.900000
CVE-2024-3818,1,1,71d5aeca55980529ae70296f9d468fb05cf02f42adf82bd924f7d084f6bed92c,2024-04-19T03:15:06.800000
CVE-2024-3825,0,0,cf5f4f310b2c59b261c07d67ee6e69189162f7e44f9cdead90080a906b42b533,2024-04-17T15:31:50.160000
CVE-2024-3832,0,0,9dd56fad5460e31af71408aef448c2395575e6dee46d55026c2ec166be133ff0,2024-04-17T12:48:07.510000
CVE-2024-3833,0,0,dff090d851a013a09ba1359f006f48badc9604823081b1a17b5c5719cae664d1,2024-04-17T12:48:07.510000

Can't render this file because it is too large.