admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-12-13T07:00:30.929199+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-12-13 07:03:54 +00:00
parent 078c2f16af
commit eb7b7fed35
18 changed files with 1164 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2024/CVE-2024-106xx/CVE-2024-10678.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-10678",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-12-13T06:15:24.850",
"lastModified": "2024-12-13T06:15:24.850",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Ultimate Blocks WordPress plugin before 3.2.4 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/9342c6a1-4f9a-45f3-911d-0dfee4657243/",
"source": "contact@wpscan.com"
}
]
}

21
CVE-2024/CVE-2024-109xx/CVE-2024-10939.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-10939",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-12-13T06:15:25.120",
"lastModified": "2024-12-13T06:15:25.120",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Image Widget WordPress plugin before 4.4.11 does not sanitise and escape some of its Image Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/fcf50077-b360-4b63-bece-9806b4bc8bea/",
"source": "contact@wpscan.com"
}
]
}

68
CVE-2024/CVE-2024-117xx/CVE-2024-11767.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-11767",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-13T05:15:05.843",
"lastModified": "2024-12-13T05:15:05.843",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NewsmanApp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'newsman_subscribe_widget' shortcode in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/newsmanapp/trunk/newsmanapp.php#L1054",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/newsmanapp/trunk/newsmanapp.php#L1075",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3205721/newsmanapp/trunk/newsmanapp.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22a02e75-4ab1-48fb-b618-b1dff2fcd97f?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-118xx/CVE-2024-11809.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11809",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-13T05:15:07.127",
"lastModified": "2024-12-13T05:15:07.127",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Primer MyData for Woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'img_src' parameter in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3205727%40primer-mydata%2Ftrunk&old=3188823%40primer-mydata%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aca092cf-9482-468e-8dd4-af04e25bcf33?source=cve",
"source": "security@wordfence.com"
}
]
}

78
CVE-2024/CVE-2024-118xx/CVE-2024-11833.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-11833",
"sourceIdentifier": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"published": "2024-12-13T06:15:25.233",
"lastModified": "2024-12-13T06:15:25.233",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories#release-2.11.0",
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd"
}
]
}

78
CVE-2024/CVE-2024-118xx/CVE-2024-11834.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-11834",
"sourceIdentifier": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"published": "2024-12-13T06:15:25.440",
"lastModified": "2024-12-13T06:15:25.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories#release-2.11.0",
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd"
}
]
}

78
CVE-2024/CVE-2024-118xx/CVE-2024-11835.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-11835",
"sourceIdentifier": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"published": "2024-12-13T06:15:25.600",
"lastModified": "2024-12-13T06:15:25.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.This issue affects PlexTrac: from 1.61.3 before 2.8.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories#release-2.11.0",
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd"
}
]
}

78
CVE-2024/CVE-2024-118xx/CVE-2024-11836.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-11836",
"sourceIdentifier": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"published": "2024-12-13T06:15:25.773",
"lastModified": "2024-12-13T06:15:25.773",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system resources.This issue affects PlexTrac: from 1.61.3 before 2.8.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories#release-2.11.0",
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd"
}
]
}

78
CVE-2024/CVE-2024-118xx/CVE-2024-11837.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-11837",
"sourceIdentifier": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"published": "2024-12-13T06:15:25.940",
"lastModified": "2024-12-13T06:15:25.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an N1QL Command ('N1QL Injection') vulnerability in PlexTrac\u00a0 allows N1QL Injection.This issue affects PlexTrac: from 1.61.3 before 2.8.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories#release-2.11.0",
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd"
}
]
}

78
CVE-2024/CVE-2024-118xx/CVE-2024-11838.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-11838",
"sourceIdentifier": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"published": "2024-12-13T06:15:26.100",
"lastModified": "2024-12-13T06:15:26.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API endpoint.This issue affects PlexTrac: from 1.61.3 before 2.8.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories#release-2.11.0",
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd"
}
]
}

78
CVE-2024/CVE-2024-118xx/CVE-2024-11839.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-11839",
"sourceIdentifier": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"published": "2024-12-13T06:15:26.273",
"lastModified": "2024-12-13T06:15:26.273",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "ACTIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "RED"
}
}
]
},
"weaknesses": [
{
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories#release-2.11.0",
"source": "5fea7123-217b-4b2d-ada8-8892719b43cd"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12574.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12574",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-13T05:15:07.310",
"lastModified": "2024-12-13T05:15:07.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SVG Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/svg-shortcode/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3b378256-2d9b-4aad-abfe-fecfc76f0bb4?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12579.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12579",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-13T05:15:07.473",
"lastModified": "2024-12-13T05:15:07.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10. This is due to processing user-supplied input as a regular expression. This makes it possible for unauthenticated attackers to create comments that can cause catastrophic backtracking and break pages."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3203890/minify-html-markup",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80334e81-c33d-464c-9409-f49c34681890?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-125xx/CVE-2024-12581.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12581",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-13T06:15:26.433",
"lastModified": "2024-12-13T06:15:26.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.53 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://research.cleantalk.org/cve-2024-10637/",
"source": "security@wordfence.com"
},
{
"url": "https://wpscan.com/vulnerability/df688dcc-9617-4f58-a310-891bfaea3695/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/406f3eaf-44a7-4e32-a620-8799eb74742a?source=cve",
"source": "security@wordfence.com"
}
]
}

116
CVE-2024/CVE-2024-215xx/CVE-2024-21543.json Normal file
View File

@ -0,0 +1,116 @@
{
"id": "CVE-2024-21543",
"sourceIdentifier": "report@snyk.io",
"published": "2024-12-13T05:15:07.653",
"lastModified": "2024-12-13T05:15:07.653",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Versions of the package djoser before 2.3.0 are vulnerable to Authentication Bypass when the authenticate() function fails. This is because the system falls back to querying the database directly, granting access to users with valid credentials, and eventually bypassing custom authentication checks such as two-factor authentication, LDAP validations, or requirements from configured AUTHENTICATION_BACKENDS."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "report@snyk.io",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "report@snyk.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "report@snyk.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/sunscrapers/djoser/commit/d33c3993c0c735f23cbedc60fa59fce69354f19d",
"source": "report@snyk.io"
},
{
"url": "https://github.com/sunscrapers/djoser/issues/795",
"source": "report@snyk.io"
},
{
"url": "https://github.com/sunscrapers/djoser/pull/819",
"source": "report@snyk.io"
},
{
"url": "https://github.com/sunscrapers/djoser/releases/tag/2.3.0",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-PYTHON-DJOSER-8366540",
"source": "report@snyk.io"
}
]
}

108
CVE-2024/CVE-2024-215xx/CVE-2024-21544.json Normal file
View File

@ -0,0 +1,108 @@
{
"id": "CVE-2024-21544",
"sourceIdentifier": "report@snyk.io",
"published": "2024-12-13T05:15:07.883",
"lastModified": "2024-12-13T05:15:07.883",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Versions of the package spatie/browsershot before 5.0.1 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method.\rAn attacker can exploit this vulnerability by using leading whitespace (%20) before the file:// protocol, resulting in Local File Inclusion, which allows the attacker to read sensitive files on the server."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "report@snyk.io",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "report@snyk.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "report@snyk.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/spatie/browsershot/blob/1e212b596c104138550ed4ef1b9977d8df570c67/src/Browsershot.php%23L258-L269",
"source": "report@snyk.io"
},
{
"url": "https://github.com/spatie/browsershot/commit/fae8396641b961f62bd756920b14f01a4391296e",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-8496745",
"source": "report@snyk.io"
}
]
}

28
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-13T05:00:26.319077+00:00
2024-12-13T07:00:30.929199+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-13T04:15:05.233000+00:00
2024-12-13T06:15:26.433000+00:00
```
### Last Data Feed Release
@ -33,17 +33,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
273537
273553
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `16`
- [CVE-2019-25221](CVE-2019/CVE-2019-252xx/CVE-2019-25221.json) (`2024-12-13T04:15:04.713`)
- [CVE-2024-12300](CVE-2024/CVE-2024-123xx/CVE-2024-12300.json) (`2024-12-13T04:15:05.073`)
- [CVE-2024-12572](CVE-2024/CVE-2024-125xx/CVE-2024-12572.json) (`2024-12-13T04:15:05.233`)
- [CVE-2024-12603](CVE-2024/CVE-2024-126xx/CVE-2024-12603.json) (`2024-12-13T03:15:05.187`)
- [CVE-2024-10678](CVE-2024/CVE-2024-106xx/CVE-2024-10678.json) (`2024-12-13T06:15:24.850`)
- [CVE-2024-10939](CVE-2024/CVE-2024-109xx/CVE-2024-10939.json) (`2024-12-13T06:15:25.120`)
- [CVE-2024-11767](CVE-2024/CVE-2024-117xx/CVE-2024-11767.json) (`2024-12-13T05:15:05.843`)
- [CVE-2024-11809](CVE-2024/CVE-2024-118xx/CVE-2024-11809.json) (`2024-12-13T05:15:07.127`)
- [CVE-2024-11833](CVE-2024/CVE-2024-118xx/CVE-2024-11833.json) (`2024-12-13T06:15:25.233`)
- [CVE-2024-11834](CVE-2024/CVE-2024-118xx/CVE-2024-11834.json) (`2024-12-13T06:15:25.440`)
- [CVE-2024-11835](CVE-2024/CVE-2024-118xx/CVE-2024-11835.json) (`2024-12-13T06:15:25.600`)
- [CVE-2024-11836](CVE-2024/CVE-2024-118xx/CVE-2024-11836.json) (`2024-12-13T06:15:25.773`)
- [CVE-2024-11837](CVE-2024/CVE-2024-118xx/CVE-2024-11837.json) (`2024-12-13T06:15:25.940`)
- [CVE-2024-11838](CVE-2024/CVE-2024-118xx/CVE-2024-11838.json) (`2024-12-13T06:15:26.100`)
- [CVE-2024-11839](CVE-2024/CVE-2024-118xx/CVE-2024-11839.json) (`2024-12-13T06:15:26.273`)
- [CVE-2024-12574](CVE-2024/CVE-2024-125xx/CVE-2024-12574.json) (`2024-12-13T05:15:07.310`)
- [CVE-2024-12579](CVE-2024/CVE-2024-125xx/CVE-2024-12579.json) (`2024-12-13T05:15:07.473`)
- [CVE-2024-12581](CVE-2024/CVE-2024-125xx/CVE-2024-12581.json) (`2024-12-13T06:15:26.433`)
- [CVE-2024-21543](CVE-2024/CVE-2024-215xx/CVE-2024-21543.json) (`2024-12-13T05:15:07.653`)
- [CVE-2024-21544](CVE-2024/CVE-2024-215xx/CVE-2024-21544.json) (`2024-12-13T05:15:07.883`)
### CVEs modified in the last Commit

24
_state.csv
View File

@ -138547,7 +138547,7 @@ CVE-2019-25218,0,0,04c5d570997ef927a9bd596c732917ebde12fc8075593691e05353daa2052
CVE-2019-25219,0,0,1cb37836ebcc5b11769d9904fbdfa2fec545979ad1eccec7a99d4f7ebed29908,2024-11-01T12:57:35.843000
CVE-2019-2522,0,0,638737140f258e11051ee5bbdf0348d4d75583dff335dd9bacaf5548d0e7c058,2024-11-21T04:41:02.287000
CVE-2019-25220,0,0,d816e7498110be9fdee3cfe309ef71779578ebdc0da778db7a8c501d80ff8668,2024-11-18T17:35:01.780000
CVE-2019-25221,1,1,311321c57b74993c67efeb64d8fad475a35b5a007c60ff20f6318d5b66da502f,2024-12-13T04:15:04.713000
CVE-2019-25221,0,0,311321c57b74993c67efeb64d8fad475a35b5a007c60ff20f6318d5b66da502f,2024-12-13T04:15:04.713000
CVE-2019-2523,0,0,8dbf09cc09a9d36d5d379aecf44a233c56df498cda1cca6ed13442ba59e0191b,2024-11-21T04:41:02.417000
CVE-2019-2524,0,0,e78029c84d578c9195f9dc77e1bc1d99a41eb834e1b9ea40680656159ff29559,2024-11-21T04:41:02.543000
CVE-2019-2525,0,0,45bc199935b7701dbac60abc55ae16ce2ad0edb17c245390c2e47faaca8aac93,2024-11-21T04:41:02.660000
@ -243424,6 +243424,7 @@ CVE-2024-10673,0,0,7f3730c2f092c3dd29d3ac6c30c2d960534151f96414decc18c8cd50ac98c
CVE-2024-10674,0,0,a7313216037c380fb9dfc5e5cbb480327712c6b02180efb4c5d327cb4a9f0829,2024-11-12T13:56:24.513000
CVE-2024-10675,0,0,a1b72770f2f1c98f4646c50d1ca93c6027b9b9a70a1889383ddd8c1ffee1aaf0,2024-11-21T13:57:24.187000
CVE-2024-10676,0,0,6887bcf7e7ad4dff7b3acb5ccb4703ef99e151f3c3b6329edf86e56346e5bebb,2024-11-12T13:56:24.513000
CVE-2024-10678,1,1,f9a66f8ade7015e6f08af522ed2430b7bbdeeb80feb00dc2726c8f5095dfc8fe,2024-12-13T06:15:24.850000
CVE-2024-1068,0,0,19fff8aed0f63e6149ffcd4b412aacdd7ffcb6468d1d60a7391f61d942a540cd,2024-11-21T08:49:43.460000
CVE-2024-10681,0,0,51cc5de1cc43e4859a7c22bfa25780d7c2d9551d7e52fdeded0bbacf68d87ea6,2024-12-06T10:15:04.533000
CVE-2024-10682,0,0,a7e8df655c8e75ce2215a7ec3bf41218b640524758c0db7f945bc19c5ad286f0,2024-11-21T13:57:24.187000
@ -243630,6 +243631,7 @@ CVE-2024-1093,0,0,a72c5ec761a2a6bbe9fbe0cd33f83ddedd36c1921567176890d3627671f513
CVE-2024-10933,0,0,13097ab8d5d13d6fd090605f874ed50533a9a61b28c0d36521f33f3189a5c8b5,2024-12-05T20:15:21.417000
CVE-2024-10934,0,0,6dae70f2d9b047711f71d589675cbcb98ce87c40154b32c6e0f536ad5d783b6a,2024-11-18T17:11:56.587000
CVE-2024-10937,0,0,64ce1590e73ee01f5e9be4a5c832c7764053a351d87f2b20d151b43b8e14bb5d,2024-12-05T09:15:04.377000
CVE-2024-10939,1,1,c6c000770125bbde43e77c1343e1f74c08760a2058b939420ec15b735d264a9f,2024-12-13T06:15:25.120000
CVE-2024-1094,0,0,4f6b2c2580413352eb02acf345a730d51f35d7640cec3afbef03e4f7e048ad8b,2024-11-21T08:49:46.967000
CVE-2024-10941,0,0,13c9aa5648736117eddcc05b7c7bbd41bd256da81c39332a1bd9e9e846bf4626,2024-11-08T19:01:25.633000
CVE-2024-10943,0,0,26f3128d989fcb7c084f6a2785233e142b456ba7fa2bbfa2225352075f798149,2024-11-13T17:01:58.603000
@ -244252,6 +244254,7 @@ CVE-2024-11760,0,0,5cfb5d180120c1875ad31a782b3cbd78a6ea2212cd7c91767b7a154b08a9b
CVE-2024-11761,0,0,d23dfba4fec168c27495db29e782d019068846a5ade59e5c067fdb06c9bbac7b,2024-11-28T09:15:05.090000
CVE-2024-11765,0,0,bbcbd7fc77b6a0fb82cd27e551903b294aa23044b4d11991ca37229d7ea8585b,2024-12-12T06:15:21.570000
CVE-2024-11766,0,0,ddbc95560ca1a03f1533d2e46b0802f8fb1d46853ac4aebc4f71e98f40f98426,2024-12-12T06:15:21.757000
CVE-2024-11767,1,1,9f5aa91d1c2761db892ed68721541ab721ab50e39e1c5b0b5c905b945a5ed2ca,2024-12-13T05:15:05.843000
CVE-2024-11769,0,0,7c09ce15e3c33c67c82c4f8389595c27e00e07d607e16c4d909baefd0cbdfd8b,2024-12-04T08:15:06.680000
CVE-2024-1177,0,0,50204f0e1e82280f8898460ad80abf26f09df69c8b4bae2f8e7f259925f88097,2024-11-21T08:49:58.233000
CVE-2024-11772,0,0,8798de1b89615d4c1d5ee148ccb63311b2f2b6f0733c8b34822ca99faf169909,2024-12-10T19:15:19.817000
@ -244284,6 +244287,7 @@ CVE-2024-11803,0,0,644472c8797730bc30cd63b92f05bcde358630be8a0ae341ba8c4c7843fb1
CVE-2024-11804,0,0,2183e14d034e87c288a87450e458c5289f509d8eb4643ef4cf7c7bfc476f1b48,2024-12-12T05:15:09.910000
CVE-2024-11805,0,0,a5f68fcc3ec71060a3e1fcbfe1152276ddf9a9708302280ee1d096e56cb69ebb,2024-12-03T08:15:06.553000
CVE-2024-11807,0,0,5b0564826b05464c314eefc84d6d7fdc2dbd57c9a7cdeff75f8e6a6bda0d85b9,2024-12-04T03:15:05.083000
CVE-2024-11809,1,1,1c50a93e010e8348f7dc1177084ddb957cd543b39b4fa90aeac5a1bccb8af288,2024-12-13T05:15:07.127000
CVE-2024-1181,0,0,75e84367823a14869b96be5d2a44185a42194134ed6d728c2cc873c3b47fce46,2024-11-21T08:49:58.703000
CVE-2024-11813,0,0,47a3a35561cd3c4cfbe2425cc2aa9f8596afbe4dae47aa0811b6748805370891,2024-12-04T03:15:05.227000
CVE-2024-11814,0,0,2a13f9fe8be8eabbe1cb3354ac6af91e2a65c049708e435975b8ce27567d551d,2024-12-04T10:15:05.007000
@ -244295,6 +244299,13 @@ CVE-2024-11820,0,0,851b7a45884f50f3792038cee6a0dd94b1414d7c7c3cad4aa15d26efb61c7
CVE-2024-11823,0,0,39aa0fbc102b8a9648f017c9098019c8c94234f421f38dd89f51eddc70f54f40,2024-12-06T09:15:07.463000
CVE-2024-11828,0,0,2182fcc94d5c2924b387611eabcc64629aff0d6ea201e85bc92b19a7228cc503,2024-12-12T21:07:04.270000
CVE-2024-1183,0,0,65ecfa5c3d2b221c19281f6b798c6cc7087d171223e10f3dd191314d09620aec,2024-11-21T08:49:58.950000
CVE-2024-11833,1,1,400c0bc8f7bed746cef05b7eb9344d2eed64ee376938496522edd2a73efd06a9,2024-12-13T06:15:25.233000
CVE-2024-11834,1,1,b4223c3487600139b2dc6f34da392d0877b89f37153f0f6d2ce4b7f993ed7954,2024-12-13T06:15:25.440000
CVE-2024-11835,1,1,58df7f1e073686cecda4af7fd302cbb6e3fec61392e0dce5022c4636e2d9dd85,2024-12-13T06:15:25.600000
CVE-2024-11836,1,1,988fea72336fd4af3f007a4cd262813c61e36630d7fec3fa5a77e33ee538af88,2024-12-13T06:15:25.773000
CVE-2024-11837,1,1,9f06bcabecdef9b57a34b6da2765b2487c153566098637bb2ee53dbd097d4a62,2024-12-13T06:15:25.940000
CVE-2024-11838,1,1,17a76d8102c8b69f78d5de60dc08c141ef46e12e1a8500f27ee840b0f6f79f51,2024-12-13T06:15:26.100000
CVE-2024-11839,1,1,bbff68b25f48266780eefedd6913fb32aa14190957006b88aef8a16b87b5c44b,2024-12-13T06:15:26.273000
CVE-2024-1184,0,0,2df19971af19652a2c9010665a81893140f6f37a453740869a5d55aaa9937e61,2024-11-21T08:49:59.067000
CVE-2024-11840,0,0,09e01e238ec312d53d671f8cf876f09242b194b014906fd4d44fc65beb910377,2024-12-11T11:15:06.453000
CVE-2024-11844,0,0,04412f8d1e89e121c8013622c692022d4f804bc36ac5e0beee05cf8987e8ae7f,2024-12-03T09:15:04.473000
@ -244487,7 +244498,7 @@ CVE-2024-1229,0,0,8ad8bfe76844e757ec6d08a1bad2f097b99b608e965943a6e4928e217dfee4
CVE-2024-12292,0,0,e027faa06b5953369db62292a4b64efc1354409048616ace4830c061b024cddd,2024-12-12T12:15:22.470000
CVE-2024-12294,0,0,c80c38451ddc3a567e7758d3362278a970e04ba14ecece8e507b66c499c77553,2024-12-11T11:15:06.623000
CVE-2024-1230,0,0,4e58704ea3cd6d96f1b95bf7630f56ca27fd7e9cf7f7c464007165035f04082e,2024-11-21T08:50:06.710000
CVE-2024-12300,1,1,699335afc6b60ce8f75d8e5292b0de9023ec03e7dc3d726459e0a0c42acf76bb,2024-12-13T04:15:05.073000
CVE-2024-12300,0,0,699335afc6b60ce8f75d8e5292b0de9023ec03e7dc3d726459e0a0c42acf76bb,2024-12-13T04:15:05.073000
CVE-2024-12305,0,0,591beb549e2fd130a4eb51689f906f54cfd4f9ef094b292b5ebd58de367d8b56,2024-12-09T09:15:04.970000
CVE-2024-12306,0,0,7a6ad19881298b2491617643bd5219a8f3696a7257d332ef3f9d18eb332eeb87,2024-12-09T09:15:05.293000
CVE-2024-12307,0,0,23aacf8c044133a030d70d78a0f87e6b3da2eadc1bf68e4a395d80d759eab88c,2024-12-09T09:15:05.433000
@ -244570,11 +244581,14 @@ CVE-2024-1256,0,0,ea8829298a5ced036094d7fead955f33827bc36bbc0a7f87a81ee1f95b95b2
CVE-2024-12564,0,0,0abcb221861e5fc99f1edf43c59fea9ce50a3b4bd68b4b9a5961d76741772172,2024-12-12T15:15:12.097000
CVE-2024-1257,0,0,7cc030c8f0ebfb33a80da788a5513945114551aaaa2999db4fa614a5f6b08a9b,2024-11-21T08:50:10.443000
CVE-2024-12570,0,0,55c8778ae52085a06019b95421840b0ea1343cca5de17e3c27e61710e2f13cc0,2024-12-12T12:15:22.660000
CVE-2024-12572,1,1,34129db9c33eecd2b2ac243db0a2f51d7be08fff7793d1c2147b501507591f87,2024-12-13T04:15:05.233000
CVE-2024-12572,0,0,34129db9c33eecd2b2ac243db0a2f51d7be08fff7793d1c2147b501507591f87,2024-12-13T04:15:05.233000
CVE-2024-12574,1,1,cd64e5c6acfbc2001e449c794a77f29c15120ff149ae10a4a58ebcc5a40e8b07,2024-12-13T05:15:07.310000
CVE-2024-12579,1,1,3eeb6f5a7d75fd4b84c0338d8badc8feb93f7dfd7c0753fc05e5113ec1cad16f,2024-12-13T05:15:07.473000
CVE-2024-1258,0,0,debedad37d9addee2213fe56690e6af35567d54f911af42012dde5a258793ebd,2024-11-21T08:50:10.573000
CVE-2024-12581,1,1,63b42d274abe5ff6fab4e046f026b25c5bfe866ba46f47bdf0ce6ab1471cc5a7,2024-12-13T06:15:26.433000
CVE-2024-1259,0,0,20758d1bd1b7d5c9a9cfa7609b802ac82aa264b25c107b9463c99ee9056f246a,2024-11-21T08:50:10.730000
CVE-2024-1260,0,0,237fdcd6650ec6f817190c6cbe0c450181ce5f478e263f9f314859cdec5f8244,2024-11-21T08:50:10.880000
CVE-2024-12603,1,1,05f555b32dd614ac077ebf9b933027296b1c2a9642df9299a2387226bc4503eb,2024-12-13T03:15:05.187000
CVE-2024-12603,0,0,05f555b32dd614ac077ebf9b933027296b1c2a9642df9299a2387226bc4503eb,2024-12-13T03:15:05.187000
CVE-2024-1261,0,0,7451d11c24f2ac390a05020abbe5be1a7d1e877de58a9c0842a513a0e1790005,2024-11-21T08:50:11.030000
CVE-2024-1262,0,0,b26d9641a8cbc2c5642fa36dfff4a6fef92b6772e7113385af431217d75dfe5b,2024-11-21T08:50:11.167000
CVE-2024-1263,0,0,1ded99eb7dd7c25043d30fb557b1a5799a79150045deb56dc782cc48f4b0c898,2024-11-21T08:50:11.303000
@ -246657,6 +246671,8 @@ CVE-2024-2154,0,0,0457c00e24736b547ac4f7f247e75fccaa09d13ea0de83ed7c8761e6cfd867
CVE-2024-21540,0,0,ca361900c1eaa9a3b1242a94b8aed82eaba7c8170c10a4efa35cbfaad6b1984c,2024-11-17T09:15:11.853000
CVE-2024-21541,0,0,5334d81827b035e812e898c211255fb4104fa0827d052caba8f8153293e7f7ad,2024-11-19T16:20:37.887000
CVE-2024-21542,0,0,71d7ac2f297762d496c833f12b77f71c133bcff4cded6f12936512da06dfadcb,2024-12-10T05:15:07.567000
CVE-2024-21543,1,1,942aecc11d2e411db7673ff5ac29e7bbfdf4ac36ae84aab1ab795f1e11fab08c,2024-12-13T05:15:07.653000
CVE-2024-21544,1,1,f92338e27ca7cfe45e2d65ce8b8aef7fb384b6b1640f3fb7308ca92fea06faf1,2024-12-13T05:15:07.883000
CVE-2024-21545,0,0,12417d057214273e4a76243ffeaf97d513746844d668a1420616fa022f5af746,2024-09-26T13:32:02.803000
CVE-2024-2155,0,0,1def2d989b10107bcc4deca9404884628c1ba17bdc1993a4df13bb309b4ac8eb,2024-11-21T09:09:09.070000
CVE-2024-21550,0,0,6b574e14ae55a92be9fd93a1bb9ebb56cb79876aa6e47f41fbbb48bbd5163e82,2024-08-13T17:33:13.537000

Can't render this file because it is too large.