diff --git a/CVE-2022/CVE-2022-24xx/CVE-2022-2439.json b/CVE-2022/CVE-2022-24xx/CVE-2022-2439.json new file mode 100644 index 00000000000..fe8afd40013 --- /dev/null +++ b/CVE-2022/CVE-2022-24xx/CVE-2022-2439.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2022-2439", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T03:15:02.040", + "lastModified": "2024-09-24T03:15:02.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Easy Digital Downloads \u2013 Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'upload[file]' parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative users to call files using a PHAR wrapper, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3154854/easy-digital-downloads/tags/3.3.4/includes/admin/import/import-functions.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3154854/easy-digital-downloads/tags/3.3.4/src/Utils/FileSystem.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/644c8702-08ad-4048-ae91-041f1771f1dc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-382xx/CVE-2024-38266.json b/CVE-2024/CVE-2024-382xx/CVE-2024-38266.json new file mode 100644 index 00000000000..a3820692e23 --- /dev/null +++ b/CVE-2024/CVE-2024-382xx/CVE-2024-38266.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38266", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-24T02:15:02.220", + "lastModified": "2024-09-24T02:15:02.220", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-382xx/CVE-2024-38267.json b/CVE-2024/CVE-2024-382xx/CVE-2024-38267.json new file mode 100644 index 00000000000..e1cfcf532f4 --- /dev/null +++ b/CVE-2024/CVE-2024-382xx/CVE-2024-38267.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38267", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-24T02:15:02.750", + "lastModified": "2024-09-24T02:15:02.750", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-382xx/CVE-2024-38268.json b/CVE-2024/CVE-2024-382xx/CVE-2024-38268.json new file mode 100644 index 00000000000..14bda0e76a5 --- /dev/null +++ b/CVE-2024/CVE-2024-382xx/CVE-2024-38268.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38268", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-24T02:15:02.987", + "lastModified": "2024-09-24T02:15:02.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-382xx/CVE-2024-38269.json b/CVE-2024/CVE-2024-382xx/CVE-2024-38269.json new file mode 100644 index 00000000000..15f7327a45f --- /dev/null +++ b/CVE-2024/CVE-2024-382xx/CVE-2024-38269.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38269", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-24T02:15:03.230", + "lastModified": "2024-09-24T02:15:03.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-memory-corruption-vulnerabilities-in-some-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-versions-09-24-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8432.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8432.json new file mode 100644 index 00000000000..09df59446ee --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8432.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8432", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T02:15:03.460", + "lastModified": "2024-09-24T02:15:03.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Appointment & Event Booking Calendar Plugin \u2013 Webba Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_appearance() function in all versions up to, and including, 5.0.48. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the booking form's CSS." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/webba-booking-lite/tags/5.0.48/includes/class-wbk-request-manager.php#L1986", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3152926/webba-booking-lite/trunk/includes/class-wbk-request-manager.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23b33b77-2e72-4959-bdce-646e968f2a73?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8544.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8544.json new file mode 100644 index 00000000000..c1b4cec106b --- /dev/null +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8544.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8544", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T02:15:03.687", + "lastModified": "2024-09-24T02:15:03.687", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Pixel Cat \u2013 Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.0.5. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/facebook-conversion-pixel/trunk/includes/notices/notices.php?rev=2918763#L81", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3151635%40facebook-conversion-pixel&new=3151635%40facebook-conversion-pixel&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fc4f4a78-7224-4f58-a103-7ad4df0eb36e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8623.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8623.json new file mode 100644 index 00000000000..d4c2be939fb --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8623.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8623", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T03:15:02.330", + "lastModified": "2024-09-24T03:15:02.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The The MDTF \u2013 Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wp-meta-data-filter-and-taxonomy-filter/trunk/classes/page.php#L248", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150646%40wp-meta-data-filter-and-taxonomy-filter&new=3150646%40wp-meta-data-filter-and-taxonomy-filter&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ba584e02-5242-4869-a452-21e6b8995bd8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8624.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8624.json new file mode 100644 index 00000000000..78bfcede075 --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8624.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8624", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T03:15:02.653", + "lastModified": "2024-09-24T03:15:02.653", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The MDTF \u2013 Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' attribute of the 'mdf_select_title' shortcode in all versions up to, and including, 1.3.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3153150%40wp-meta-data-filter-and-taxonomy-filter&new=3153150%40wp-meta-data-filter-and-taxonomy-filter&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8f50812a-c6a7-4bb3-9833-e10acd0460c0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8628.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8628.json new file mode 100644 index 00000000000..6973a9ce90d --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8628.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8628", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T03:15:02.953", + "lastModified": "2024-09-24T03:15:02.953", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber \u2013 MailOptin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-meta' shortcode in all versions up to, and including, 1.2.70.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3152552/mailoptin/trunk/src/core/src/EmailCampaigns/Shortcodes.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d64253b-5803-470d-81ba-d5629406b019?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8657.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8657.json new file mode 100644 index 00000000000..433b1726950 --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8657.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8657", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T02:15:03.937", + "lastModified": "2024-09-24T02:15:03.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ggpkg shortcode in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/garden-gnome-package/tags/2.2.9/include/ggpackage.php#L310", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3154566%40garden-gnome-package&new=3154566%40garden-gnome-package&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2a295969-454a-47fb-bc35-4e84db38c887?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8662.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8662.json new file mode 100644 index 00000000000..0079ce51859 --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8662.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8662", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T02:15:04.150", + "lastModified": "2024-09-24T02:15:04.150", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Koko Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.3.12. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/koko-analytics/tags/1.3.12/src/views/settings-page.php#L33", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3153087/koko-analytics/trunk/src/views/settings-page.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd15c7c8-6538-4443-a409-0d34ff893963?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8671.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8671.json new file mode 100644 index 00000000000..c15c13896f7 --- /dev/null +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8671.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8671", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T03:15:03.243", + "lastModified": "2024-09-24T03:15:03.243", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file overwrite due to insufficient file path validation in the inc/barcode.php file in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to overwrite arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://codecanyon.net/item/wooevents-calendar-and-event-booking/15598178", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3d7af96a-5a3c-4291-a369-f6ed78f72a3f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8716.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8716.json new file mode 100644 index 00000000000..1f01887446d --- /dev/null +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8716.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8716", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T02:15:04.360", + "lastModified": "2024-09-24T02:15:04.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The XT Ajax Add To Cart for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.1.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/xt-woo-ajax-add-to-cart/tags/1.1.2/xt-framework/includes/class-system-status.php#L786", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3151911/xt-woo-ajax-add-to-cart/tags/1.1.3/xt-framework/includes/class-system-status.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a003129b-4a31-40f8-a9b2-9d3a3286cabe?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8738.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8738.json new file mode 100644 index 00000000000..abcda8cab01 --- /dev/null +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8738.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8738", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T02:15:04.573", + "lastModified": "2024-09-24T02:15:04.573", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/seriously-simple-stats/trunk/php/classes/class-ssp-stats.php#L1296", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3153423%40seriously-simple-stats&new=3153423%40seriously-simple-stats&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f7f810f6-b8dd-4065-8113-9842b33202ef?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8791.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8791.json new file mode 100644 index 00000000000..ac79c33a3b2 --- /dev/null +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8791.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8791", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T03:15:03.547", + "lastModified": "2024-09-24T03:15:03.547", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Donation Forms by Charitable \u2013 Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied through the update_core_user() function. This makes it possible for unauthenticated attackers to update the email address and password of arbitrary user accounts, including administrators, which can then be used to log in to those user accounts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/charitable/tags/1.8.1.14/includes/users/class-charitable-user.php#L872", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3154009/charitable/trunk/includes/users/class-charitable-user.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0ee60943-b583-4a99-8e62-846b380c98aa?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8794.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8794.json new file mode 100644 index 00000000000..5d1b8149ba8 --- /dev/null +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8794.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-8794", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T03:15:03.783", + "lastModified": "2024-09-24T03:15:03.783", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The BA Book Everything plugin for WordPress is vulnerable to arbitrary password reset in all versions up to, and including, 1.6.20. This is due to the reset_user_password() function not verifying a user's identity prior to setting a password. This makes it possible for unauthenticated attackers to reset any user's passwords, including administrators. It's important to note that the attacker will not have access to the generated password, therefore, privilege escalation is not possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-620" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ba-book-everything/tags/1.6.20/includes/class-babe-my-account.php#L610", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ba-book-everything/tags/1.6.20/includes/class-babe-users.php#L266", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3152728/ba-book-everything/trunk/includes/class-babe-users.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4e261b0e-5ca3-4f5c-acc0-41abee31b148?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8795.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8795.json new file mode 100644 index 00000000000..6725ba664c7 --- /dev/null +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8795.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-8795", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-09-24T02:15:04.790", + "lastModified": "2024-09-24T02:15:04.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The BA Book Everything plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.20. This is due to missing or incorrect nonce validation on the my_account_update() function. This makes it possible for unauthenticated attackers to update a user's account details via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This can be leveraged to reset a user's password and gain access to their account." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ba-book-everything/tags/1.6.20/includes/class-babe-my-account.php#L562", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ba-book-everything/tags/1.6.20/includes/class-babe-users.php#L203", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3152728%40ba-book-everything&new=3152728%40ba-book-everything&sfp_email=&sfph_mail=#file3", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b691560e-e285-467c-9d52-1620c63de1f0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 24f983bbbc5..d6af89b80e8 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-23T23:55:16.886186+00:00 +2024-09-24T04:00:17.666488+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-23T23:26:14.460000+00:00 +2024-09-24T03:15:03.783000+00:00 ``` ### Last Data Feed Release @@ -27,43 +27,43 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-09-23T00:00:08.643579+00:00 +2024-09-24T00:00:08.650372+00:00 ``` ### Total Number of included CVEs ```plain -263609 +263627 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `18` -- [CVE-2018-20072](CVE-2018/CVE-2018-200xx/CVE-2018-20072.json) (`2024-09-23T22:15:02.587`) -- [CVE-2021-38023](CVE-2021/CVE-2021-380xx/CVE-2021-38023.json) (`2024-09-23T22:15:02.763`) -- [CVE-2023-7281](CVE-2023/CVE-2023-72xx/CVE-2023-7281.json) (`2024-09-23T22:15:03.027`) -- [CVE-2023-7282](CVE-2023/CVE-2023-72xx/CVE-2023-7282.json) (`2024-09-23T22:15:03.083`) -- [CVE-2024-7018](CVE-2024/CVE-2024-70xx/CVE-2024-7018.json) (`2024-09-23T22:15:03.147`) -- [CVE-2024-7019](CVE-2024/CVE-2024-70xx/CVE-2024-7019.json) (`2024-09-23T22:15:03.230`) -- [CVE-2024-7020](CVE-2024/CVE-2024-70xx/CVE-2024-7020.json) (`2024-09-23T22:15:03.283`) -- [CVE-2024-7022](CVE-2024/CVE-2024-70xx/CVE-2024-7022.json) (`2024-09-23T22:15:03.337`) -- [CVE-2024-7023](CVE-2024/CVE-2024-70xx/CVE-2024-7023.json) (`2024-09-23T23:15:10.527`) -- [CVE-2024-7024](CVE-2024/CVE-2024-70xx/CVE-2024-7024.json) (`2024-09-23T23:15:10.653`) +- [CVE-2022-2439](CVE-2022/CVE-2022-24xx/CVE-2022-2439.json) (`2024-09-24T03:15:02.040`) +- [CVE-2024-38266](CVE-2024/CVE-2024-382xx/CVE-2024-38266.json) (`2024-09-24T02:15:02.220`) +- [CVE-2024-38267](CVE-2024/CVE-2024-382xx/CVE-2024-38267.json) (`2024-09-24T02:15:02.750`) +- [CVE-2024-38268](CVE-2024/CVE-2024-382xx/CVE-2024-38268.json) (`2024-09-24T02:15:02.987`) +- [CVE-2024-38269](CVE-2024/CVE-2024-382xx/CVE-2024-38269.json) (`2024-09-24T02:15:03.230`) +- [CVE-2024-8432](CVE-2024/CVE-2024-84xx/CVE-2024-8432.json) (`2024-09-24T02:15:03.460`) +- [CVE-2024-8544](CVE-2024/CVE-2024-85xx/CVE-2024-8544.json) (`2024-09-24T02:15:03.687`) +- [CVE-2024-8623](CVE-2024/CVE-2024-86xx/CVE-2024-8623.json) (`2024-09-24T03:15:02.330`) +- [CVE-2024-8624](CVE-2024/CVE-2024-86xx/CVE-2024-8624.json) (`2024-09-24T03:15:02.653`) +- [CVE-2024-8628](CVE-2024/CVE-2024-86xx/CVE-2024-8628.json) (`2024-09-24T03:15:02.953`) +- [CVE-2024-8657](CVE-2024/CVE-2024-86xx/CVE-2024-8657.json) (`2024-09-24T02:15:03.937`) +- [CVE-2024-8662](CVE-2024/CVE-2024-86xx/CVE-2024-8662.json) (`2024-09-24T02:15:04.150`) +- [CVE-2024-8671](CVE-2024/CVE-2024-86xx/CVE-2024-8671.json) (`2024-09-24T03:15:03.243`) +- [CVE-2024-8716](CVE-2024/CVE-2024-87xx/CVE-2024-8716.json) (`2024-09-24T02:15:04.360`) +- [CVE-2024-8738](CVE-2024/CVE-2024-87xx/CVE-2024-8738.json) (`2024-09-24T02:15:04.573`) +- [CVE-2024-8791](CVE-2024/CVE-2024-87xx/CVE-2024-8791.json) (`2024-09-24T03:15:03.547`) +- [CVE-2024-8794](CVE-2024/CVE-2024-87xx/CVE-2024-8794.json) (`2024-09-24T03:15:03.783`) +- [CVE-2024-8795](CVE-2024/CVE-2024-87xx/CVE-2024-8795.json) (`2024-09-24T02:15:04.790`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `0` -- [CVE-2022-25774](CVE-2022/CVE-2022-257xx/CVE-2022-25774.json) (`2024-09-23T23:21:35.443`) -- [CVE-2022-25775](CVE-2022/CVE-2022-257xx/CVE-2022-25775.json) (`2024-09-23T23:22:15.763`) -- [CVE-2024-40790](CVE-2024/CVE-2024-407xx/CVE-2024-40790.json) (`2024-09-23T22:55:36.537`) -- [CVE-2024-45619](CVE-2024/CVE-2024-456xx/CVE-2024-45619.json) (`2024-09-23T23:26:14.460`) -- [CVE-2024-5552](CVE-2024/CVE-2024-55xx/CVE-2024-5552.json) (`2024-09-23T22:31:27.563`) -- [CVE-2024-6058](CVE-2024/CVE-2024-60xx/CVE-2024-6058.json) (`2024-09-23T22:40:42.487`) -- [CVE-2024-6059](CVE-2024/CVE-2024-60xx/CVE-2024-6059.json) (`2024-09-23T22:44:27.003`) -- [CVE-2024-8660](CVE-2024/CVE-2024-86xx/CVE-2024-8660.json) (`2024-09-23T23:00:00.437`) ## Download and Usage diff --git a/_state.csv b/_state.csv index e96bb284140..41e43ce830a 100644 --- a/_state.csv +++ b/_state.csv @@ -119804,7 +119804,7 @@ CVE-2018-20069,0,0,11bc93eea8bb89572a3bd36663041753b964c1c6d0a90165ac577803d8a50 CVE-2018-2007,0,0,565467276fe44a3f15a91812729e4906725f8695b7cf0f77483bbe03d129ee49,2019-10-09T23:39:52.730000 CVE-2018-20070,0,0,03232b88ab51a82264c607ac6ddda028d6465275684647122ee5364cac67abd0,2023-11-07T02:56:10.180000 CVE-2018-20071,0,0,90965273047f10e0d8d69b9c814771631b60b51165a9de872bb0ed9ef11095f1,2023-11-07T02:56:10.587000 -CVE-2018-20072,1,1,fd9b6987358409c1b4788bca0e681ad930a99b40612af023f7edc73a86b2b1b0,2024-09-23T22:15:02.587000 +CVE-2018-20072,0,0,fd9b6987358409c1b4788bca0e681ad930a99b40612af023f7edc73a86b2b1b0,2024-09-23T22:15:02.587000 CVE-2018-20073,0,0,bc57833279c555f0e533969c7045cf9a8e9407b023f53f7ee293163f1ee32b6c,2023-11-07T02:56:11.007000 CVE-2018-2008,0,0,07a804601246a33e30397a194dbd639013dc206b3cb23cc4623aa0a99dd0630f,2019-06-21T08:15:09.263000 CVE-2018-2009,0,0,4c00f8e3d18d8dc4e0cbb9b0148327ad6c8a63123dc008abedfcc4523c43385e,2019-10-09T23:39:52.963000 @@ -180287,7 +180287,7 @@ CVE-2021-3802,0,0,42de601cedae2db371a96958608f3da35518260b223eaab2bf40a0cecb0f2f CVE-2021-38020,0,0,602ff879988722fbbe77b5a2e02ce6c96e78df43a6a076471b0bd258dafa027d,2023-11-07T03:37:11.220000 CVE-2021-38021,0,0,183763a42980cbe46a65cf123ae8f8467ded2a4f79605fee33e753e8425851e7,2023-11-07T03:37:11.457000 CVE-2021-38022,0,0,9dc7f2af146af9adefc59da25a975a1a2f2c941f22b4a027c9f6131425cef390,2023-11-07T03:37:11.650000 -CVE-2021-38023,1,1,957dc98c452c89ae445356e6db6cdaa6180486e0ddc2b59c68bb95171caac316,2024-09-23T22:15:02.763000 +CVE-2021-38023,0,0,957dc98c452c89ae445356e6db6cdaa6180486e0ddc2b59c68bb95171caac316,2024-09-23T22:15:02.763000 CVE-2021-3803,0,0,8b45f7eaffb9c6dbc233557331372b40fa2f015e924f6af028c4d29df3660711,2023-07-10T18:52:55.570000 CVE-2021-3804,0,0,a8a8cd8ef8fb7bc607d5c413bfb0e178515d0450a5633f9f62a07d6d7b929dc1,2023-07-10T19:01:51.277000 CVE-2021-3805,0,0,9a63f8c4025ce07d603d6fafbff23597a7729efc2e031857300d9ebe43d6998c,2023-01-30T18:24:08.507000 @@ -193451,6 +193451,7 @@ CVE-2022-24386,0,0,457222f095c62db0fb0ca8bf1941849311c926f62af825405c1c6aca5315e CVE-2022-24387,0,0,54dc02b7b2ac9a081a5973c3d20f765d63e8646b2df0467cc341110e81783a58,2022-03-19T01:11:04.923000 CVE-2022-24388,0,0,0aa162374a72e7b272071bc85f23bb3ac62a1dbd8bcfa58503cbe59a9d783e6a,2022-05-26T01:49:38.753000 CVE-2022-24389,0,0,1bfcfb3a923a3c536cc281292090c1401824e60d2f38b82785afa6c7ed823d33,2022-05-26T01:59:03.417000 +CVE-2022-2439,1,1,2d46a80ce64831b7b59480146ca2486ba169a87c8029fd41cdd26b7916112c8d,2024-09-24T03:15:02.040000 CVE-2022-24390,0,0,705be1c3f842778de9c5ad738b83b0073d2efbf3670df34f916910c3e6d0d305,2022-05-26T02:07:01 CVE-2022-24391,0,0,d1b442508d4e4b0ae49d9e9718627e98d284f227909aa2ed6709d35321c6a8c4,2022-05-26T02:08:19.357000 CVE-2022-24392,0,0,025d4905f7269caa1761e9832885e92f900050e154cdd466754c6513bee6cacf,2022-05-26T02:11:27.130000 @@ -194671,8 +194672,8 @@ CVE-2022-25769,0,0,79bac75ac2032bd03a72d1165ef99fe57dbcc3d6dde05c7f30a89c7730bb1 CVE-2022-2577,0,0,87c803484cf61dec9e54055b4599e6f4b1ddfe755fed9fabbd2408fb332046f5,2023-11-07T03:46:40.493000 CVE-2022-25770,0,0,26726cd6619dd406e11abd4510e22d8873fd91ccae476c9e3a36b8fe1a60ec6e,2024-09-20T12:30:17.483000 CVE-2022-25772,0,0,95d681186a9c51133bf3638b33bba1dd8f63cdc4f434660afa0e726ca2c437ec,2023-05-09T19:15:11.413000 -CVE-2022-25774,0,1,d0e5ff85a89514abcbae526b01ca548917e33c5ae11341ffc445bd385bebae92,2024-09-23T23:21:35.443000 -CVE-2022-25775,0,1,13d442125f1fbc45c63da1fbbfce8c3a29ecd7e2530175a157c827688a88996f,2024-09-23T23:22:15.763000 +CVE-2022-25774,0,0,d0e5ff85a89514abcbae526b01ca548917e33c5ae11341ffc445bd385bebae92,2024-09-23T23:21:35.443000 +CVE-2022-25775,0,0,13d442125f1fbc45c63da1fbbfce8c3a29ecd7e2530175a157c827688a88996f,2024-09-23T23:22:15.763000 CVE-2022-25776,0,0,da9b9d89b467df468b6e2a33a8a9d44c8fb088fbda6f8d67c18644d303de17aa,2024-09-20T12:30:17.483000 CVE-2022-25777,0,0,4c65ec963469e7435f82a3d28d44251d27aea65eeee72308dac7bd8a3bb10f52,2024-09-20T12:30:17.483000 CVE-2022-25778,0,0,d33a6c464736dc83925f8894577efd1831139b6d537692d92f0faae224736b0b,2022-05-11T18:44:34.810000 @@ -241207,8 +241208,8 @@ CVE-2023-7270,0,0,c4a95bbd7a0e223852dd2f2d2c06a04667d14324aaf73c1dbbc09c6df6d423 CVE-2023-7271,0,0,d3dfbc895014f6fee39494b1979fe9a27f5d54abe140606ba373f42540f5c875,2024-07-26T18:19:28 CVE-2023-7272,0,0,cc43888de86ffd529fd218a38f2e0a497e79588d2ca6b5dec5063052cab77d6c,2024-07-18T12:28:43.707000 CVE-2023-7279,0,0,f98ffb9aa7111762ac351724f18f9d9ee505a1023f26a13d8e9efc5698c9c712,2024-09-05T21:59:17.957000 -CVE-2023-7281,1,1,e748ff2b850d7374df7c6c6acc7dd0bfcf5f3ba57a1fb1a1e2a9bc05ee4d31ba,2024-09-23T22:15:03.027000 -CVE-2023-7282,1,1,0dd0cfbcaf4a9a0a9d6827f29c5d62eb4cc4367b67b6b61a96b1a8f779788d13,2024-09-23T22:15:03.083000 +CVE-2023-7281,0,0,e748ff2b850d7374df7c6c6acc7dd0bfcf5f3ba57a1fb1a1e2a9bc05ee4d31ba,2024-09-23T22:15:03.027000 +CVE-2023-7282,0,0,0dd0cfbcaf4a9a0a9d6827f29c5d62eb4cc4367b67b6b61a96b1a8f779788d13,2024-09-23T22:15:03.083000 CVE-2024-0001,0,0,4df82e8d03b6ef7bdedeb730a00e881c0a9bcad5528e18f59576ba2bd24752fd,2024-09-23T18:15:04.070000 CVE-2024-0002,0,0,c55245ffbf7ba6f57df17cbfb861953df96f9d2a3ab36f6cd35c92cb8698184b,2024-09-23T18:15:04.410000 CVE-2024-0003,0,0,207593529e3d2069aa92af05fcb274b3fcf5e6e312d23212840936b799f9b85e,2024-09-23T18:15:04.697000 @@ -255943,6 +255944,10 @@ CVE-2024-38259,0,0,2f0cfedb8167139ec174b7833291bf21a4d1e6cbb6b4c204bcfe70a7263f1 CVE-2024-3826,0,0,121760e16d238bf81106004c4251c8d93e688e0e085277d4609f0e751627011d,2024-07-02T17:44:45.700000 CVE-2024-38260,0,0,73cef9e77ce89bf4b93fa7a1c854f856e4e4e75ffa70f23f415d57a3b75d2431,2024-09-13T14:53:26.410000 CVE-2024-38263,0,0,f46aea6861be934017dd7285d8a02938dbd0902e0b8a60fe9326066622646e6c,2024-09-13T14:55:01.400000 +CVE-2024-38266,1,1,ef2f3aabb045833c3a265875d7e3dfdddea9aeec049018fa15330c07b2a72710,2024-09-24T02:15:02.220000 +CVE-2024-38267,1,1,61e9995d3d6b8c76c8fef3a3ae88a848430d8768c6544d9933860129ff8dac12,2024-09-24T02:15:02.750000 +CVE-2024-38268,1,1,c0d92d39a228e71921f32f3ddc47c859074eb7e98748f90e039aa6a7881587e1,2024-09-24T02:15:02.987000 +CVE-2024-38269,1,1,28d137c665748c22a5a1296047801b7530b158c787732e0220a5e198375f8bd5,2024-09-24T02:15:03.230000 CVE-2024-3827,0,0,fe9452c74994fbdb1f4a1edea576f588d513e300bcd491a382890605454b836b,2024-08-02T12:59:43.990000 CVE-2024-38270,0,0,1961d440f3358bfa7071d7e107f3bab1b4b617abe6229812924e38655d765076,2024-09-18T18:23:40.977000 CVE-2024-38271,0,0,d0fad2223108f05be98b695595aafaa9b6e89fe7fa5d7ebe88a9244c49515816,2024-07-29T22:15:04.757000 @@ -257368,7 +257373,7 @@ CVE-2024-40787,0,0,e7872c59114f8bc6e1d61059bacac8cf94d2c897fdc9c325ee9cdaea3ebee CVE-2024-40788,0,0,51328768774901f71a8cfa9e0731eec2a8688c92707f2ca0771dadf5f755cde3,2024-08-26T17:49:39.517000 CVE-2024-40789,0,0,d0cba5a2db3863932e9e1a9c379737076ce24b22d2521d505090b6fa80e9acdf,2024-08-23T15:38:01.380000 CVE-2024-4079,0,0,bb93991a44f221a491ad95feb924066985bee7115b17c98782fedf8bbd66c067,2024-09-05T17:12:19.830000 -CVE-2024-40790,0,1,f74af1b6450b7abb69693b13c877ce53db126e23128080b9a116672c6aa27da8,2024-09-23T22:55:36.537000 +CVE-2024-40790,0,0,f74af1b6450b7abb69693b13c877ce53db126e23128080b9a116672c6aa27da8,2024-09-23T22:55:36.537000 CVE-2024-40791,0,0,13cc28bb70bc56d2de96a97e786515239720a03ff78493f2e50fd0a799380c7b,2024-09-20T12:31:20.110000 CVE-2024-40793,0,0,e270b48bbfb7457af71d2df8b98374cdb1521bf4ad146ca87a93b5903c957504,2024-08-23T15:55:17.410000 CVE-2024-40794,0,0,0846f939e0e7c288e34ad63bc25a9b5387bb5773e036a49319e63c41d5246c45,2024-08-23T15:18:40.450000 @@ -260004,7 +260009,7 @@ CVE-2024-45615,0,0,c6d6282e5a9613bcbeb55c568082301f30c66c5c3e170d6aa78e0325f2dae CVE-2024-45616,0,0,ec4ff704ba2aae95f08442d1bfa2173f2a102c1c3b0570dfa4cb1518cb449547,2024-09-13T19:21:11.507000 CVE-2024-45617,0,0,6cb16d6fbb6421ff7c08177427efbe84e4a03cb3cf72e212ba5673d3ad33ab5e,2024-09-13T19:21:08.633000 CVE-2024-45618,0,0,dc2dc7fd3bf0d86469d9d1e7cf8afe886c6a0db83c5b7c56e1d5c7bc488c4153,2024-09-13T16:30:27.693000 -CVE-2024-45619,0,1,8a23aeec22624ea6706e3aef94b8398850d40c99a63e7b8dae64374bfe1b8c78,2024-09-23T23:26:14.460000 +CVE-2024-45619,0,0,8a23aeec22624ea6706e3aef94b8398850d40c99a63e7b8dae64374bfe1b8c78,2024-09-23T23:26:14.460000 CVE-2024-4562,0,0,e0a783b0d1c16da234e0fe3d351cbae7a089d075739ba22ec0641c397b879b0f,2024-05-15T16:40:19.330000 CVE-2024-45620,0,0,62d7efd1f4f3b2c671c5ae6f75d170d2e8f1f728e1204e1922e6a8c5eec065f3,2024-09-19T19:21:38.653000 CVE-2024-45621,0,0,0e87271e3b523f5d125d92dc504ca3a7772b99de219d6f52d1ecafc891e937da,2024-09-16T17:28:53.437000 @@ -261208,7 +261213,7 @@ CVE-2024-5548,0,0,6a07d64078300a9d20971a8757a67f3f4682659414ef6d1de11cb6b5c54c02 CVE-2024-5549,0,0,2db2267d047672e6871a7836da6ae7aa97f316bb2880c93f204c63f2960062f6,2024-07-12T08:15:11.390000 CVE-2024-5550,0,0,dab352871e5b1599db274fe7ee72f4ef4902afffcd5667b3ef675a3fe452e429,2024-06-07T14:56:05.647000 CVE-2024-5551,0,0,d4fe322803a15d54f942643eecca544bbc21fd2d50a048ef751f6568e43cd352,2024-08-07T19:09:17.363000 -CVE-2024-5552,0,1,27b7e1f2348eea0c7f3bb025b66602057c4c602e939dcc27630d367adfb91cd3,2024-09-23T22:31:27.563000 +CVE-2024-5552,0,0,27b7e1f2348eea0c7f3bb025b66602057c4c602e939dcc27630d367adfb91cd3,2024-09-23T22:31:27.563000 CVE-2024-5553,0,0,c4739ca4bfc71591786473d36aff26ccf561ba778e4c902dca863cedff7bba13,2024-06-13T18:36:09.013000 CVE-2024-5554,0,0,0f1d3226bb0a486c4b917c91c2f0f711d8f9d9fbb5ad6f69f3a6a7fdce6ab9ad,2024-08-22T16:43:52.650000 CVE-2024-5555,0,0,ea0332df14a2e6edd0aa953ada9ade3a1da4ea6fb56dda0883a54ace27f96d97,2024-08-22T16:46:14.177000 @@ -261632,8 +261637,8 @@ CVE-2024-6054,0,0,dbd3e49036b5938301871d5a6c67ee17ba89370e3288082b00ca89a51a1f06 CVE-2024-6055,0,0,69ea90ebaa7aa8fe33baa786beceb3ec128eecc80f960a60b64b4cba1327c031,2024-06-20T12:44:22.977000 CVE-2024-6056,0,0,99f1dab42badb50b9019e7726a8c43368c0a3abe6ad8d6a715427a0640d89bb2,2024-09-23T16:04:18.653000 CVE-2024-6057,0,0,4f1880d8a457c0154151497f14a41bdfe090560f87d7d21e18d9c6ac0683f18d,2024-08-29T20:37:05.087000 -CVE-2024-6058,0,1,34aeceda11f80f38d584c0391ccaa9eb6fb38bf947af47d43e1b576e9ff3c1a5,2024-09-23T22:40:42.487000 -CVE-2024-6059,0,1,a3f22e86cf3480d835f2079aa405ac75308d3d1b370e70dca18b2cc307b4486b,2024-09-23T22:44:27.003000 +CVE-2024-6058,0,0,34aeceda11f80f38d584c0391ccaa9eb6fb38bf947af47d43e1b576e9ff3c1a5,2024-09-23T22:40:42.487000 +CVE-2024-6059,0,0,a3f22e86cf3480d835f2079aa405ac75308d3d1b370e70dca18b2cc307b4486b,2024-09-23T22:44:27.003000 CVE-2024-6060,0,0,8504cbe6b891066e73ef95904dad6e7d3e41cca53b5727c2ba7b2242343c8b03,2024-06-26T15:15:20.570000 CVE-2024-6061,0,0,7f7515a9103fe150db8d8da13e6a9c9caaab344d369b5c8dd58076cec7cacc3f,2024-06-20T12:44:22.977000 CVE-2024-6062,0,0,808f4f8498f1342bcb60477c52f8c9df70bfd9d854975b3c8c0875386f5a1f2d,2024-06-20T12:44:22.977000 @@ -262409,12 +262414,12 @@ CVE-2024-7012,0,0,7505e34b161e28dbe95eb89541c44fc261402b7bb3b4a766cd0492f45404fd CVE-2024-7013,0,0,b2d18f592f803beaaf02ae1066b68bd9f1fd65046672577949ac6ff9d71880f4,2024-08-21T12:30:33.697000 CVE-2024-7014,0,0,bf4bcb57365a86d29a45ebd019245eec542daaec8aac5d2bd790565f954bcfee,2024-07-24T12:55:13.223000 CVE-2024-7015,0,0,2f98818b22a577671d31cb1f515142d61fc105f3f7ead87a06bda616310e4f0c,2024-09-23T09:15:03.230000 -CVE-2024-7018,1,1,cdf584d7f89ef094692d7c6842e86471336cc82e470ee442e55c1c45288ce0dc,2024-09-23T22:15:03.147000 -CVE-2024-7019,1,1,bf6369ca9d329b987348fab5c7f7086633cee325e021a22e5292146549ef4c10,2024-09-23T22:15:03.230000 -CVE-2024-7020,1,1,11b838c4a437ca749907c8258c8066053b99923b1c1c1985b26b4d9bddfaff9c,2024-09-23T22:15:03.283000 -CVE-2024-7022,1,1,305140909f686e01a41d9abb31b421e43737dd27d471038657d78edff2266f1b,2024-09-23T22:15:03.337000 -CVE-2024-7023,1,1,0ea6b7716fe7e63dfd6a457c46d46b88314c30a31b1e29fba0300ae7d318b527,2024-09-23T23:15:10.527000 -CVE-2024-7024,1,1,be6abf63741884b53f9bc199724078c5a4575ca2c16540f126fd54a669cc5cf0,2024-09-23T23:15:10.653000 +CVE-2024-7018,0,0,cdf584d7f89ef094692d7c6842e86471336cc82e470ee442e55c1c45288ce0dc,2024-09-23T22:15:03.147000 +CVE-2024-7019,0,0,bf6369ca9d329b987348fab5c7f7086633cee325e021a22e5292146549ef4c10,2024-09-23T22:15:03.230000 +CVE-2024-7020,0,0,11b838c4a437ca749907c8258c8066053b99923b1c1c1985b26b4d9bddfaff9c,2024-09-23T22:15:03.283000 +CVE-2024-7022,0,0,305140909f686e01a41d9abb31b421e43737dd27d471038657d78edff2266f1b,2024-09-23T22:15:03.337000 +CVE-2024-7023,0,0,0ea6b7716fe7e63dfd6a457c46d46b88314c30a31b1e29fba0300ae7d318b527,2024-09-23T23:15:10.527000 +CVE-2024-7024,0,0,be6abf63741884b53f9bc199724078c5a4575ca2c16540f126fd54a669cc5cf0,2024-09-23T23:15:10.653000 CVE-2024-7027,0,0,5a505a0256616ae7086bad971714674072a78d2b5b489c23bd05df293d4823ce,2024-07-24T12:55:13.223000 CVE-2024-7029,0,0,5f4ca22966bfb8fd03ea6c375443c6b1c23e214558aa93ba88feba6b27bd6aa8,2024-09-17T13:30:55.010000 CVE-2024-7030,0,0,94cdd35d577500e86064e69ea94124eea32b9ff9eeca8589a0c1d45f0f894609,2024-08-31T03:00:52.647000 @@ -263375,6 +263380,7 @@ CVE-2024-8417,0,0,8580cbd844a53cf335c90d7b0b427ee4c081c6060c525d72a654406a58e7a0 CVE-2024-8418,0,0,45db7c5e32209561e336e52f972f2bde6e59f6364560666284054dcf874b8fe1,2024-09-17T20:15:06.710000 CVE-2024-8427,0,0,57dcbf97b68dfdac544ef9faf52bed3587edeaacde16f067da96879677802837,2024-09-11T17:41:18.733000 CVE-2024-8428,0,0,d38eeb7d0c97ad7b1cddb799376a1380930df039d2cf833bc9165ae4323bcbef,2024-09-06T16:46:26.830000 +CVE-2024-8432,1,1,98753cb5889d51d18ccadf935730af6088f54ba9a275473e3b11224ea5580f1a,2024-09-24T02:15:03.460000 CVE-2024-8439,0,0,b4eacb6a11dc14d7212cfdbe9629a765b4f24ad00bc9c4fc2289184c4fdae508,2024-09-06T22:15:02.320000 CVE-2024-8440,0,0,3f774411c50724b8840130cb17d025796db2f754e3a11341f494d3734f6b4db5,2024-09-11T16:26:11.920000 CVE-2024-8441,0,0,0efac0f95475c5b753f85a6e07784bad0c26116c06bdd47c81e7d9e5f2143687,2024-09-12T21:53:43.387000 @@ -263409,6 +263415,7 @@ CVE-2024-8529,0,0,12671b61ed295efe6d3d38d0b158765da76f16b719201c5bbfb86ca5ed8c38 CVE-2024-8533,0,0,ceba1d609043d018dd2a5c62af783c64aebd2125e63ee811ba18e8a1d6a8510b,2024-09-19T01:57:23.830000 CVE-2024-8538,0,0,cdc95bc68a4038527ba5cf51b0a8358b05e3a1650fc8124f586021fbca5ad9b3,2024-09-09T13:03:38.303000 CVE-2024-8543,0,0,e190cfdf6def9f928d16ce7c20119d5fac7745c9206ec7d9500145321b367e4b,2024-09-10T12:09:50.377000 +CVE-2024-8544,1,1,b92ed2b51bae3f52bc853d79bde121bda69091c5cde9cc12e546571a35641dfd,2024-09-24T02:15:03.687000 CVE-2024-8554,0,0,46c32adbe15332664cfc930fe8c32bff96db8190902ab789492b593fa03348f1,2024-09-10T13:52:23.250000 CVE-2024-8555,0,0,0c0685cb1cca90ba97dbbe7724af46b71d0ab057cb41b6cc62e81df56a2985b7,2024-09-10T13:53:11.847000 CVE-2024-8557,0,0,86ab04a42076aa0fe9f792cba1f27d54b98becfc358809b664a63ce528fde776,2024-09-10T14:19:36.280000 @@ -263448,6 +263455,9 @@ CVE-2024-8610,0,0,9284b474db1beea95bd52a2a34ba37d6ccf26129d36f3b91404a653005c49f CVE-2024-8611,0,0,3d63bb09edc11ef6327fe857dfe381551fd3ed233dd119eaa741dce3b9b25e8e,2024-09-18T17:24:34.163000 CVE-2024-8612,0,0,331ed9f80fb6e681449c52c85030a1a5ea68111cde63d87b1f59d236efda09e1,2024-09-20T18:15:04.743000 CVE-2024-8622,0,0,8c0d8566c114d14578f376fb46a83dd09ecfc9aef59b4f73eead49a6f9d03ae6,2024-09-12T12:35:54.013000 +CVE-2024-8623,1,1,42e81c39c13f37951caf76aa5413a75c7f833f9203a1073ea177be6ef78db822,2024-09-24T03:15:02.330000 +CVE-2024-8624,1,1,dc90061b881162fecff3b8c7bbda163d5c30994424af29da75caf365db8af8da,2024-09-24T03:15:02.653000 +CVE-2024-8628,1,1,0ac26ec33bb8596fd8e966ed0a98a320b06473dfb289ac1821f08efe07a05652,2024-09-24T03:15:02.953000 CVE-2024-8631,0,0,ec0f3e499204fe8b3096f23de4c15b4f57ab537964111dc6b7313fbad5d35ea5,2024-09-14T15:22:31.717000 CVE-2024-8635,0,0,7a33169aa1c56166fecdf7f4d906662353a5e22f1362c34800f026c91df08470,2024-09-14T15:24:45.657000 CVE-2024-8636,0,0,0c59a94a620a4c5a9ca1b46d0e9c59ab3787ae337f0eaa0364c7e33937f31aa2,2024-09-13T14:35:08.313000 @@ -263465,12 +263475,15 @@ CVE-2024-8653,0,0,9ff517ad541f0c9badefd1c8205a26f97eafbec49ef5c58c2bc37d53706b32 CVE-2024-8654,0,0,9ff4197fc4fa3acdeeaabf5d042cf9151def7011df3ee9c1e3c9b932ce455541,2024-09-10T15:50:57.713000 CVE-2024-8655,0,0,ae8f7bc5241b7c169a5dccbcccc728c3b8a01d5ae62a1e846fce72d64496b2eb,2024-09-11T16:26:11.920000 CVE-2024-8656,0,0,fc862011d1e771531d08fceed2dec553d3fda9d67ee9f88d486fa676eb49a82a,2024-09-13T14:06:04.777000 -CVE-2024-8660,0,1,e1cfacda5ac49937121e76566dcec30a46275de6b23ffe4cf313c4cb8bedeacf,2024-09-23T23:00:00.437000 +CVE-2024-8657,1,1,a0c9190bdc2cff5290512f4637b68def1b96889903d32a46efeb60b6ec8d0b09,2024-09-24T02:15:03.937000 +CVE-2024-8660,0,0,e1cfacda5ac49937121e76566dcec30a46275de6b23ffe4cf313c4cb8bedeacf,2024-09-23T23:00:00.437000 CVE-2024-8661,0,0,0afd1b1d511a5cb974c5ec483781301a64c5aef2b66e34c656ba899fea9e8652,2024-09-20T12:31:20.110000 +CVE-2024-8662,1,1,e073f824c2d6ac151923027c9c193587423576a62a0ff2f5ffd111c7dd804c8b,2024-09-24T02:15:04.150000 CVE-2024-8663,0,0,95df1e4ddd212aa242aadc3c7cf5dbe906cc5735393ec0be59f396093ac78f31,2024-09-13T14:06:04.777000 CVE-2024-8664,0,0,2555823c9f06fc746960b11f9d47a03631001b4434e03f9cf5f8083f2818653d,2024-09-13T14:06:04.777000 CVE-2024-8665,0,0,09ab15f5f9bd70753d6f594bff7ff364c9764fb90e308cd08c47d778b9a8291f,2024-09-13T14:06:04.777000 CVE-2024-8669,0,0,d594b1491726b390fde9987d33067f88d20ddc09b39dc05c59acae4af25b456f,2024-09-14T11:47:14.677000 +CVE-2024-8671,1,1,62ddf8a392006e303dd1b5cc620c16dc0d781851818d6624bae72f0b8cec3f13,2024-09-24T03:15:03.243000 CVE-2024-8680,0,0,b331324c2577289b77cd963c7051c5c6908a6bc3843fbe5a7cad425c09bae8a9,2024-09-21T09:15:02.590000 CVE-2024-8686,0,0,ede88dcdbc0e792bd803e1f16895e5a739a1631453b49ef7e6a4fb82c32bd0dd,2024-09-12T12:35:54.013000 CVE-2024-8687,0,0,113cfff3abfee2dabf4872656a1085a998928e6c5f0a4785deb63af7b2621db8,2024-09-12T12:35:54.013000 @@ -263492,12 +263505,14 @@ CVE-2024-8709,0,0,c4b78e9440da9a95da6880cb2eb594efc3dc26da0951b28cab597493ad1bb0 CVE-2024-8710,0,0,4c5169ef585cdb335030b939d5748b4dbbc0a0ee6166dc565231ca1259e5b90c,2024-09-13T16:25:47.510000 CVE-2024-8711,0,0,0a0fc486d277b8c36cfb49b6365925dae98dcfc88dd0e7309623a05e1f41ecb4,2024-09-13T16:18:15.670000 CVE-2024-8714,0,0,1f87b4efca35fcf892145b4bafa975ef81f515a87b9325943f1ad91188a98b5b,2024-09-13T16:37:22.997000 +CVE-2024-8716,1,1,a77eb658c493b56b9d7fc45aa1847dc2519991d526a5ee8bd0fb542ca8c95921,2024-09-24T02:15:04.360000 CVE-2024-8724,0,0,b84c0f858130dbe3d5efee42c723e6b66a5ac84e9dedd508f06aebfed2f7ce86,2024-09-14T11:47:14.677000 CVE-2024-8730,0,0,992937a3fe08341c8a8ac293d7e6b47ec1d7e31a336aa4a6af6fc18e9a0019bc,2024-09-13T16:37:22.997000 CVE-2024-8731,0,0,736811c720e84a581cf4a6e60c7046f380caf7eabd4dc85e633e03526e4e33b4,2024-09-13T16:37:22.997000 CVE-2024-8732,0,0,6ed7eddb51e36ae369a62ee1231179f78b88a84f43dba37664b296cc847c03a1,2024-09-13T16:37:22.997000 CVE-2024-8734,0,0,518ec29b41b55068cf15cff3f167c8abbc3bed76f84e4056089831460b7f48fe,2024-09-13T16:37:22.997000 CVE-2024-8737,0,0,25afe4ce909284044abb419a1a832ba1e8328cac65ed5fbb61fdd062608e7628,2024-09-13T16:37:22.997000 +CVE-2024-8738,1,1,77570091e19a8400baccdf28ff04402a3a9a08a3c0f09dfe28326f0a77c12a60,2024-09-24T02:15:04.573000 CVE-2024-8742,0,0,6b8bc8fc216bb6a3b43d6b286657ec19196e95b44b152c94642c410394d382b2,2024-09-13T14:06:04.777000 CVE-2024-8747,0,0,2cc71e885337169ad63d6bafe1d324a2ed027f6453604046a914c4777cfb7456,2024-09-13T16:37:22.997000 CVE-2024-8749,0,0,dc7dd50ec6adedb45c385a82f706a7ab45f55e506e70a64a626b0d8f521f6289,2024-09-18T18:53:54.860000 @@ -263521,6 +263536,9 @@ CVE-2024-8780,0,0,390f3cd9aeaa4212ebd65fe7e603fc1df2783bc2afd801c860ac757dc6f099 CVE-2024-8782,0,0,ec0da4baac22ae9eceb8ce2507375e0a71b6a51926de3cc40576bcd259fd7175,2024-09-19T01:46:07.003000 CVE-2024-8783,0,0,b434dfc5f50cf2811a1f5688ac574f745dec48e5af54cf5f568ce8560b0e2702,2024-09-19T01:38:57.033000 CVE-2024-8784,0,0,7bc5ed86fd42122481efd27561493828acec6a50cb9d34c0b1c40453c943431f,2024-09-19T01:38:35.177000 +CVE-2024-8791,1,1,7dfbe35b4c331bbb5417952bdc7a7a3eed4e4bb353eb25c59808b4c37dbd87d4,2024-09-24T03:15:03.547000 +CVE-2024-8794,1,1,fb9b1ae5f730ab41d0226194d79c2e9ec4a09c8c1f4957d26611c7125dfb94c4,2024-09-24T03:15:03.783000 +CVE-2024-8795,1,1,ce1ff4c5af2c658433bac2600921c58ddd4ddeb372cf874bcbce03ebd8a824e5,2024-09-24T02:15:04.790000 CVE-2024-8796,0,0,85a6dfb5fb230c10b66238538bd5fe186ab9999598b67e5deda1ed4d1b78b262,2024-09-20T12:30:51.220000 CVE-2024-8797,0,0,ba4df0bb11568fe010be4c16334a8844a03d9d0d5268879bae12ea87dcdf4b9f,2024-09-14T11:47:14.677000 CVE-2024-8850,0,0,16d3ef25e9e3c3a395e24ef62b53309c976d74bdad746efe4904407697f24dbe,2024-09-20T12:30:17.483000