Auto-Update: 2024-03-25T21:00:49.911388+00:00

This commit is contained in:
cad-safe-bot 2024-03-25 21:03:38 +00:00
parent ac31a62cfb
commit f88e629a60
18 changed files with 937 additions and 33 deletions

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-45824",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:57.027",
"lastModified": "2024-03-25T19:15:57.027",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "OroPlatform is a PHP Business Application Platform (BAP). A logged in user can access page state data of pinned pages of other users by pageId hash. This vulnerability is fixed in 5.1.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/oroinc/platform/commit/cf94df7595afca052796e26b299d2ce031e289cd",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/oroinc/platform/security/advisories/GHSA-vxq2-p937-3px3",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48296",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:57.300",
"lastModified": "2024-03-25T19:15:57.300",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "OroPlatform is a PHP Business Application Platform (BAP). Navigation history, most viewed and favorite navigation items are returned to storefront user in JSON navigation response if ID of storefront user matches ID of back-office user. This vulnerability is fixed in 5.1.4.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/oroinc/orocommerce/commit/41c526498012d44cd88852c63697f1ef53b61db8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/oroinc/orocommerce/security/advisories/GHSA-v7px-46v9-5qwp",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-27299",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:57.563",
"lastModified": "2024-03-25T19:15:57.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the the \"Add News\" functionality due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accounts and in some cases, even achieve RCE. The vulnerable field lies in the `authorEmail` field which uses PHP's `FILTER_VALIDATE_EMAIL` filter. This filter is insufficient in protecting against SQL injection attacks and should still be properly escaped. However, in this version of phpMyFAQ (3.2.5), this field is not escaped properly can be used together with other fields to fully exploit the SQL injection vulnerability. This vulnerability is fixed in 3.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/drive/folders/1BFL8GHIBxSUxu0TneYf66KjFA0A4RZga?usp=sharing",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/1b68a5f89fb65996c56285fa636b818de8608011",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-qgxx-4xv5-6hcw",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-27300",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:57.807",
"lastModified": "2024-03-25T19:15:57.807",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The `email` field in phpMyFAQ's user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHP's `FILTER_VALIDATE_EMAIL` function, which only validates the email format, not its content. This vulnerability enables an attacker to execute arbitrary client-side JavaScript within the context of another user's phpMyFAQ session. This vulnerability is fixed in 3.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/09336b0ff0e0a04aa0c97c5975651af4769d2459",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/de90315c9bd4ead5fe6ba5586f6b016843aa8209",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-q7g6-xfh2-vhpx",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28105",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:58.020",
"lastModified": "2024-03-25T19:15:58.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The category image upload function in phpmyfaq is vulnerable to manipulation of the `Content-type` and `lang` parameters, allowing attackers to upload malicious files with a .php extension, potentially leading to remote code execution (RCE) on the system. This vulnerability is fixed in 3.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/9136883776af67dfdb0e8cf14f5e0ca22bf4f2e7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-pwh2-fpfr-x5gf",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28106",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:58.263",
"lastModified": "2024-03-25T19:15:58.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. By manipulating the news parameter in a POST request, an attacker can inject malicious JavaScript code. Upon browsing to the compromised news page, the XSS payload triggers. This vulnerability is fixed in 3.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/c94b3deadd87789389e1fad162bc3dd595c0e15a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-6p68-36m6-392r",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28107",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:58.477",
"lastModified": "2024-03-25T19:15:58.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the `insertentry` & `saveentry` when modifying records due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accounts and in some cases, even achieve RCE. This vulnerability is fixed in 3.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/d0fae62a72615d809e6710861c1a7f67ac893007",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-2grw-mc9r-822r",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-28108",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:58.700",
"lastModified": "2024-03-25T19:15:58.700",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Due to insufficient validation on the `contentLink` parameter, it is possible for unauthenticated users to inject HTML code to the page which might affect other users. _Also, requires that adding new FAQs is allowed for guests and that the admin doesn't check the content of a newly added FAQ._ This vulnerability is fixed in 3.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/4fed1d9602f0635260f789fe85995789d94d6634",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-48vw-jpf8-hwqh",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28243",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T20:15:07.950",
"lastModified": "2024-03-25T20:15:07.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\\edef` that causes a near-infinite loop, despite setting `maxExpand` to avoid such loops. This can be used as an availability attack, where e.g. a client rendering another user's KaTeX input will be unable to use the site due to memory overflow, tying up the main thread, or stack overflow. Upgrade to KaTeX v0.16.10 to remove this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-674"
}
]
}
],
"references": [
{
"url": "https://github.com/KaTeX/KaTeX/commit/e88b4c357f978b1bca8edfe3297f0aa309bcbe34",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-64fm-8hw2-v72w",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28244",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T20:15:08.160",
"lastModified": "2024-03-25T20:15:08.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\\def` or `\\newcommand` that causes a near-infinite loop, despite setting `maxExpand` to avoid such loops. KaTeX supports an option named maxExpand which aims to prevent infinitely recursive macros from consuming all available memory and/or triggering a stack overflow error. Unfortunately, support for \"Unicode (sub|super)script characters\" allows an attacker to bypass this limit. Each sub/superscript group instantiated a separate Parser with its own limit on macro executions, without inheriting the current count of macro executions from its parent. This has been corrected in KaTeX v0.16.10."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-674"
}
]
}
],
"references": [
{
"url": "https://github.com/KaTeX/KaTeX/commit/085e21b5da05414efefa932570e7201a7c70e5b2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cvr6-37gx-v8wc",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28245",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T20:15:08.370",
"lastModified": "2024-03-25T20:15:08.370",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"references": [
{
"url": "https://github.com/KaTeX/KaTeX/commit/c5897fcd1f73da9612a53e6b5544f1d776e17770",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-f98w-7cxr-ff2h",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-28246",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T20:15:08.580",
"lastModified": "2024-03-25T20:15:08.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "KaTeX is a JavaScript library for TeX math rendering on the web. Code that uses KaTeX's `trust` option, specifically that provides a function to blacklist certain URL protocols, can be fooled by URLs in malicious inputs that use uppercase characters in the protocol. In particular, this can allow for malicious input to generate `javascript:` links in the output, even if the `trust` function tries to forbid this protocol via `trust: (context) => context.protocol !== 'javascript'`. Upgrade to KaTeX v0.16.10 to remove this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-184"
},
{
"lang": "en",
"value": "CWE-697"
}
]
}
],
"references": [
{
"url": "https://github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-3wc5-fcw2-2329",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-28850",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T19:15:58.947",
"lastModified": "2024-03-25T19:15:58.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "WP Crontrol controls the cron events on WordPress websites. WP Crontrol includes a feature that allows administrative users to create events in the WP-Cron system that store and execute PHP code subject to the restrictive security permissions documented here. While there is no known vulnerability in this feature on its own, there exists potential for this feature to be vulnerable to RCE if it were specifically targeted via vulnerability chaining that exploited a separate SQLi (or similar) vulnerability. This is exploitable on a site if one of the below preconditions are met, the site is vulnerable to a writeable SQLi vulnerability in any plugin, theme, or WordPress core, the site's database is compromised at the hosting level, the site is vulnerable to a method of updating arbitrary options in the wp_options table, or the site is vulnerable to a method of triggering an arbitrary action, filter, or function with control of the parameters. As a hardening measure, WP Crontrol version 1.16.2 ships with a new feature that prevents tampering of the code stored in a PHP cron event."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-494"
}
]
}
],
"references": [
{
"url": "https://github.com/johnbillion/wp-crontrol/releases/tag/1.16.2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/johnbillion/wp-crontrol/security/advisories/GHSA-9xvf-cjvf-ff5q",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-29025",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-03-25T20:15:08.797",
"lastModified": "2024-03-25T20:15:08.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecodedChunk` buffer until it can decode a field, this field can cumulate data without limits. This vulnerability is fixed in 4.1.108.Final."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v",
"source": "security-advisories@github.com"
}
]
}

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-29515",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-25T19:15:59.190",
"lastModified": "2024-03-25T19:15:59.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file to the save.php and config.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zzq66/cve7/",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-29666",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-25T19:15:59.253",
"lastModified": "2024-03-25T19:15:59.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissions vulnerability in Vehicle Monitoring platform system CMSV6 v.7.31.0.2 through v.7.32.0.3 allows a remote attacker to escalate privileges via the default password component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/whgojp/cve-reports/wiki/There-is-a-weak-password-in-the-CMSV6-vehicle-monitoring-platform-system",
"source": "cve@mitre.org"
}
]
}

View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-03-25T19:00:48.438871+00:00
2024-03-25T21:00:49.911388+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-03-25T18:15:08.617000+00:00
2024-03-25T20:15:08.797000+00:00
```
### Last Data Feed Release
@ -29,33 +29,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
242601
242617
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `16`
* [CVE-2023-45824](CVE-2023/CVE-2023-458xx/CVE-2023-45824.json) (`2024-03-25T19:15:57.027`)
* [CVE-2023-48296](CVE-2023/CVE-2023-482xx/CVE-2023-48296.json) (`2024-03-25T19:15:57.300`)
* [CVE-2024-27299](CVE-2024/CVE-2024-272xx/CVE-2024-27299.json) (`2024-03-25T19:15:57.563`)
* [CVE-2024-27300](CVE-2024/CVE-2024-273xx/CVE-2024-27300.json) (`2024-03-25T19:15:57.807`)
* [CVE-2024-28105](CVE-2024/CVE-2024-281xx/CVE-2024-28105.json) (`2024-03-25T19:15:58.020`)
* [CVE-2024-28106](CVE-2024/CVE-2024-281xx/CVE-2024-28106.json) (`2024-03-25T19:15:58.263`)
* [CVE-2024-28107](CVE-2024/CVE-2024-281xx/CVE-2024-28107.json) (`2024-03-25T19:15:58.477`)
* [CVE-2024-28108](CVE-2024/CVE-2024-281xx/CVE-2024-28108.json) (`2024-03-25T19:15:58.700`)
* [CVE-2024-28243](CVE-2024/CVE-2024-282xx/CVE-2024-28243.json) (`2024-03-25T20:15:07.950`)
* [CVE-2024-28244](CVE-2024/CVE-2024-282xx/CVE-2024-28244.json) (`2024-03-25T20:15:08.160`)
* [CVE-2024-28245](CVE-2024/CVE-2024-282xx/CVE-2024-28245.json) (`2024-03-25T20:15:08.370`)
* [CVE-2024-28246](CVE-2024/CVE-2024-282xx/CVE-2024-28246.json) (`2024-03-25T20:15:08.580`)
* [CVE-2024-28850](CVE-2024/CVE-2024-288xx/CVE-2024-28850.json) (`2024-03-25T19:15:58.947`)
* [CVE-2024-29025](CVE-2024/CVE-2024-290xx/CVE-2024-29025.json) (`2024-03-25T20:15:08.797`)
* [CVE-2024-29515](CVE-2024/CVE-2024-295xx/CVE-2024-29515.json) (`2024-03-25T19:15:59.190`)
* [CVE-2024-29666](CVE-2024/CVE-2024-296xx/CVE-2024-29666.json) (`2024-03-25T19:15:59.253`)
### CVEs modified in the last Commit
Recently modified CVEs: `14`
Recently modified CVEs: `0`
* [CVE-2020-10256](CVE-2020/CVE-2020-102xx/CVE-2020-10256.json) (`2024-03-25T17:51:51.010`)
* [CVE-2022-32550](CVE-2022/CVE-2022-325xx/CVE-2022-32550.json) (`2024-03-25T17:51:51.010`)
* [CVE-2023-5388](CVE-2023/CVE-2023-53xx/CVE-2023-5388.json) (`2024-03-25T17:15:51.337`)
* [CVE-2024-0553](CVE-2024/CVE-2024-05xx/CVE-2024-0553.json) (`2024-03-25T18:15:08.443`)
* [CVE-2024-0743](CVE-2024/CVE-2024-07xx/CVE-2024-0743.json) (`2024-03-25T17:15:51.580`)
* [CVE-2024-1580](CVE-2024/CVE-2024-15xx/CVE-2024-1580.json) (`2024-03-25T18:15:08.617`)
* [CVE-2024-2607](CVE-2024/CVE-2024-26xx/CVE-2024-2607.json) (`2024-03-25T17:15:51.727`)
* [CVE-2024-2608](CVE-2024/CVE-2024-26xx/CVE-2024-2608.json) (`2024-03-25T17:15:51.783`)
* [CVE-2024-2610](CVE-2024/CVE-2024-26xx/CVE-2024-2610.json) (`2024-03-25T17:15:51.833`)
* [CVE-2024-2611](CVE-2024/CVE-2024-26xx/CVE-2024-2611.json) (`2024-03-25T17:15:51.880`)
* [CVE-2024-2612](CVE-2024/CVE-2024-26xx/CVE-2024-2612.json) (`2024-03-25T17:15:51.923`)
* [CVE-2024-2614](CVE-2024/CVE-2024-26xx/CVE-2024-2614.json) (`2024-03-25T17:15:51.963`)
* [CVE-2024-2616](CVE-2024/CVE-2024-26xx/CVE-2024-2616.json) (`2024-03-25T17:15:52.007`)
* [CVE-2024-29944](CVE-2024/CVE-2024-299xx/CVE-2024-29944.json) (`2024-03-25T17:15:51.670`)
## Download and Usage

View File

@ -145264,7 +145264,7 @@ CVE-2020-10251,0,0,60e00adc7774dee6d942361b5e0b5c06f892d31971df1667ec59378582af4
CVE-2020-10252,0,0,43cfb0f02c23e5df75b2573d59d524860ea2f61a2ff40097d256e2fa8d38acbc,2021-02-25T20:45:02.763000
CVE-2020-10254,0,0,a0db30a70fc6c5194ca13da5290065f4886d2fd95dd9343784ea2e45818ccc9b,2021-02-25T20:38:04.830000
CVE-2020-10255,0,0,9d937a674671927b820fea6c660adc54c3e0cb2f740c1152e2e888d23bdd3e9d,2020-03-16T15:23:07.183000
CVE-2020-10256,0,1,a947828f363adcf4866b2f95aff136b660f824c75d3f15aff38b00b5d52bedc2,2024-03-25T17:51:51.010000
CVE-2020-10256,0,0,a947828f363adcf4866b2f95aff136b660f824c75d3f15aff38b00b5d52bedc2,2024-03-25T17:51:51.010000
CVE-2020-10257,0,0,3db6f53035bf70b0f9c4e177f8691fcd6911e5880d45922af74d1de50ef17111,2021-07-21T11:39:23.747000
CVE-2020-1026,0,0,8abe83399268ab9ab7dbd4d63bfe6a90074a97f61d5d5d29e2ebb67d53c1fb51,2021-07-21T11:39:23.747000
CVE-2020-10262,0,0,96fd73feb8733734e0df3f2a8fb7066bfa7d40dc30900386676d4063b4017133,2021-07-21T11:39:23.747000
@ -199516,7 +199516,7 @@ CVE-2022-32547,0,0,a5bd6a51ac6b6b46626cf08213f993683dd84ba1a906d5a3b07a4998ddb32
CVE-2022-32548,0,0,09b723dcb5ee0280441cf4085cdd31465fd5d058440db41b872b2c3044ddb019,2022-09-01T19:56:25.640000
CVE-2022-32549,0,0,2e321239b7da9d0e9f7831c66c17606cb59cc2529d599af8d5064e404894fc90,2022-06-29T16:26:28.237000
CVE-2022-3255,0,0,20cff5462333056b961e799c5a4e584e8f1e98472b11a4bb67e4bc06520bda87,2022-09-23T14:04:48.100000
CVE-2022-32550,0,1,4506c071d389fa5f835f0d940b054c4284a431a1db069339baf104a909699a75,2024-03-25T17:51:51.010000
CVE-2022-32550,0,0,4506c071d389fa5f835f0d940b054c4284a431a1db069339baf104a909699a75,2024-03-25T17:51:51.010000
CVE-2022-32551,0,0,889fe3f166cc63ae88d0540a95aa577b889dc61a2e1bee488ba5fbbb4c65000e,2022-07-12T18:44:45.453000
CVE-2022-32552,0,0,b7d1e565c51bc07f680141408d403d02617c58441a6539541c2f984524cd9540,2022-07-05T13:20:01.290000
CVE-2022-32553,0,0,a56029ba5246bd0dcfbac9a731105655fd3365fde64a1e19d9486af6747a6d87,2022-07-05T13:19:39.413000
@ -231991,6 +231991,7 @@ CVE-2023-45820,0,0,f4c6a52d92a393c30847b4fc71894062e36da3ea4724378ac79251737821e
CVE-2023-45821,0,0,c39b8ec690d7ab53b53258af4c85cbc98ead20fb8fb737080a2aefa59f2b219f,2023-10-31T15:48:49.977000
CVE-2023-45822,0,0,ec4085568120c2cdea66e618f4ad439349d930087a5d3f00d4f5af9a3e3690bd,2023-10-30T15:37:49.727000
CVE-2023-45823,0,0,c21a8f8120dd7efefb38d08e112bb6f41c1bc7889398b8ee0408a5ed5bac79fd,2023-10-30T15:35:37.783000
CVE-2023-45824,1,1,049ea66a88d9027e0bd609d8da3a295a48e69ffec8dd943c52500e5590663021,2024-03-25T19:15:57.027000
CVE-2023-45825,0,0,88414c995076aa67d7f5d51bd87528e1f50db1b996348b886a8da3a42fd9881b,2023-10-27T18:17:11.990000
CVE-2023-45826,0,0,fb4fdde2234a33997d031bde8bd96295768aa3cdeb0dcb1add36c3acf5e6b149,2023-10-27T15:27:30.243000
CVE-2023-45827,0,0,590a647d29b19685fbfbe01785d9adf29e729c96d9c4a8d18d11575e526cfd85,2023-11-14T17:10:21.330000
@ -233572,6 +233573,7 @@ CVE-2023-48292,0,0,68d5cac89456a75198e9f6724909e441fd8528b6f63cb54901138a8ef8533
CVE-2023-48293,0,0,3ec70bbcd91ac8140cabac70ad06065e2f73970aa51dc5a1d0f7ade1ae16b5cc,2023-11-29T18:02:07.070000
CVE-2023-48294,0,0,fb8bcdc0e962b03803bc66dd0b7948bdf3959e9ed068a6ab7e81686dd3e32643,2023-11-29T20:53:09.650000
CVE-2023-48295,0,0,c4c863fa0b65897d7af34fb0a7266543c2b1ed1d72e8fe5e40a567e24c2f3179,2023-11-25T01:21:51.610000
CVE-2023-48296,1,1,2291d4912761a0bb527daaa12e65d1f364ff0766de72eb5168c6cdd1e4d384d6,2024-03-25T19:15:57.300000
CVE-2023-48297,0,0,8a9cc863aeec88effa9ed330fa7727693d20a3e8d6045445ff75b2b400886967,2024-01-25T15:42:48.877000
CVE-2023-48298,0,0,bc14e6e563010c8c6da73e3d2f28166bd0101a74a9a67d9b6073db0700a17331,2024-01-03T02:23:30.487000
CVE-2023-48299,0,0,8429fd27dcc103e7be0bb9740840a90f90d570b535fb154e7a4a4ae3a4eb18d0,2023-11-29T02:31:52.117000
@ -236306,7 +236308,7 @@ CVE-2023-5384,0,0,441f1b8a30756cc9b5f3117d86e72f400495bdf444d07abaff550854597f23
CVE-2023-5385,0,0,9ae213cb30ffb83a1a2cc696047d7aba4caab30c852d1ef2dcb64596a9208adb,2023-11-27T20:13:07.160000
CVE-2023-5386,0,0,bfe87044f02046ad817ff7d54d504256b17a835afbb668f0ba9ab1d54dcdd82f,2023-11-27T20:14:47.710000
CVE-2023-5387,0,0,45867b8235da7c9a90990530159b5190e5bd4e4eb429c6ce43ac3327afc64eac,2023-11-27T20:15:21.673000
CVE-2023-5388,0,1,d8419ed9d62f698fc384ecf6a010e6209ef73e8b48bd2655f43e432d46603c08,2024-03-25T17:15:51.337000
CVE-2023-5388,0,0,d8419ed9d62f698fc384ecf6a010e6209ef73e8b48bd2655f43e432d46603c08,2024-03-25T17:15:51.337000
CVE-2023-5389,0,0,07d2db5823402611439109f7f34a4853364795f9958639185189e21209a9cfea,2024-02-08T15:20:04.057000
CVE-2023-5390,0,0,7ebaee5947d3e1f1edd0aa63aeb1bb5e132bc79873105ca039e3fefbf61f0d4e,2024-02-08T17:18:46.787000
CVE-2023-5391,0,0,e65a9210280128a68a8a49095d5446b17a62134416876921dbd7f459dcc8b6e5,2024-02-01T00:49:46.897000
@ -238200,7 +238202,7 @@ CVE-2024-0548,0,0,80207705746d060513163459f8fabc8aa4f06c77a1331e952faa3622cbea6d
CVE-2024-0550,0,0,dfdea658ff2d4a5d2800f15c765c429e9f95b5fed7f08da72945c2e826e379dc,2024-02-28T14:06:45.783000
CVE-2024-0551,0,0,922e360153a9dcbd60fbe4dfaeb3541f29c0a6e954574d84c77eb44458c1c662,2024-02-27T14:19:41.650000
CVE-2024-0552,0,0,cb39895c5b0e747125001c9ad52f066ef8fb141fe496b45dac067f5c5920590c,2024-01-23T19:34:05.483000
CVE-2024-0553,0,1,e2cbe1c8429d5f6f433e77535bc93ac8931da8c66b87ddc1723c2726c8e27f4e,2024-03-25T18:15:08.443000
CVE-2024-0553,0,0,e2cbe1c8429d5f6f433e77535bc93ac8931da8c66b87ddc1723c2726c8e27f4e,2024-03-25T18:15:08.443000
CVE-2024-0554,0,0,c587d882bb90cc8a790d9405a76226eece938e548c8d6d0dfa16bb5ef9afac58,2024-01-23T19:37:17.313000
CVE-2024-0555,0,0,e27068c658ab2fe0ade46b360f75382aad49de171a45cc11ac1210a06742603e,2024-01-23T19:57:48.237000
CVE-2024-0556,0,0,58e51148ac56dc3dc5f63a5ecb0eb821e6a1130d50e3147308ecd24775c94ea7,2024-01-23T19:44:47.387000
@ -238359,7 +238361,7 @@ CVE-2024-0738,0,0,ee10ed3c4f4e3e86327151617a4af196ee1f28a0a53bff1b5fb0cb6653f224
CVE-2024-0739,0,0,10e21229d49a20dc89ab08d940d4f1089a7db28e12de2fcab4977d5ab051acb1,2024-03-21T02:51:23.707000
CVE-2024-0741,0,0,a9fda7b42aa854b426665305c7828769c163150b209cbb19ab9d616db9041a98,2024-02-02T17:19:30.117000
CVE-2024-0742,0,0,1ae741d10e1bed36bf34ad7f16caeaf1531efb403a5a51e45593c25df5bee474,2024-02-02T17:19:23.497000
CVE-2024-0743,0,1,dacaa2aeaf68f1371f0b5cca1647090718e67fd338218ae3423f36780ae31307,2024-03-25T17:15:51.580000
CVE-2024-0743,0,0,dacaa2aeaf68f1371f0b5cca1647090718e67fd338218ae3423f36780ae31307,2024-03-25T17:15:51.580000
CVE-2024-0744,0,0,e96805dde96bfb723552d652089a0f0d2e0f936866d1fca2d8bc36dda88ad35c,2024-01-29T22:47:40.353000
CVE-2024-0745,0,0,e95f46af45f166ba44148aad2d02421e51785e292696d491c32d77e99976a28a,2024-01-30T16:08:53.497000
CVE-2024-0746,0,0,86e154f7304b77b0253dd3ebca2a1985a3fb1b8ae7973ed11288f18ffe31e532,2024-02-02T17:19:10.737000
@ -238966,7 +238968,7 @@ CVE-2024-1564,0,0,84875cf797fa64328b336ae33772e46886c72657e3c983b9d184a2a3d50ffd
CVE-2024-1566,0,0,fae18125d42af6480c1fb49e1e6428a52d2bf4f1074f21a5dfe482b2c8d87086,2024-02-28T14:06:45.783000
CVE-2024-1568,0,0,03adf0f94bdba0662cb278cdaa3b54a5cd3ae08b3ef89a1e89169605096fa6c9,2024-02-28T14:06:45.783000
CVE-2024-1570,0,0,fa96633d08cf4f7a9a083fffefdd325991610013e77e1890328cb3b85d75e300,2024-02-29T13:49:29.390000
CVE-2024-1580,0,1,57a066d99d2330e02b559e213967b9537c09f53446ae713bb9e775797aeaae56,2024-03-25T18:15:08.617000
CVE-2024-1580,0,0,57a066d99d2330e02b559e213967b9537c09f53446ae713bb9e775797aeaae56,2024-03-25T18:15:08.617000
CVE-2024-1582,0,0,5801086f12a7b25e0a24481309300eacfe3989ff6a37128452730610efa279b1,2024-03-13T12:33:51.697000
CVE-2024-1585,0,0,e91f99f5d286c3afef1058be20d258b7aa9acfdf346cd5b86fd70de17ee7844a,2024-03-13T18:15:58.530000
CVE-2024-1586,0,0,0f7dcaaedeb3b15eee35c0b1fbce415960454d76b6eae4dff9a3ecfad1011e31,2024-02-29T13:49:29.390000
@ -241672,14 +241674,14 @@ CVE-2024-26064,0,0,ff144dd493cab1ed761f56b7eed61318aa93a620b7f1f749119957a2f49a9
CVE-2024-26065,0,0,f05434d986097dd89c414a15c420cdddc61d6433e66c11de1a1a2441f62c78a5,2024-03-18T19:40:00.173000
CVE-2024-26067,0,0,771feae423c61b47115f901b11f3c3dcf0abf651e532228608443b53ddaf898b,2024-03-18T19:40:00.173000
CVE-2024-26069,0,0,816c3bf702e981a32d8f2cbc8f4ffc747fd5bb2fd9e85087b9348ecbb0d6a22b,2024-03-18T19:40:00.173000
CVE-2024-2607,0,1,89a26984e83bf730f9e0ffcdf869aba87099eedf56fce22909503cb84d4113dd,2024-03-25T17:15:51.727000
CVE-2024-2607,0,0,89a26984e83bf730f9e0ffcdf869aba87099eedf56fce22909503cb84d4113dd,2024-03-25T17:15:51.727000
CVE-2024-26073,0,0,6888cf6593fb4013d9ac96b5e0e04253a32891793ba0fc6b5d0f9bb6acf56fbf,2024-03-18T19:40:00.173000
CVE-2024-2608,0,1,ae6bcd3c34b2e2d2990ddd5b5011c47bd45b71daefa72e13093360a8fd3053e7,2024-03-25T17:15:51.783000
CVE-2024-2608,0,0,ae6bcd3c34b2e2d2990ddd5b5011c47bd45b71daefa72e13093360a8fd3053e7,2024-03-25T17:15:51.783000
CVE-2024-26080,0,0,4c7f5e68dedcd9fba242c25344b93a9a82fec0775eb26628d32eb9d1bc78f44c,2024-03-18T19:40:00.173000
CVE-2024-2609,0,0,cc8825c211fc81d11ba8d4a686cc4e666f184437fb79cc71e4c781293d9d0cab,2024-03-19T13:26:46
CVE-2024-26094,0,0,85e3ce7a818102789382308d4aee284348d003fd2b7cf5cdd2a80c2099ce4bab,2024-03-18T19:40:00.173000
CVE-2024-26096,0,0,7149acbb034794a59086aa3fa6e989a4571021a73871d6ede0203941e15d68d8,2024-03-18T19:40:00.173000
CVE-2024-2610,0,1,67723a01564f2caea2c87514edec943383e963cca14b6936c961f3c55ac7dad5,2024-03-25T17:15:51.833000
CVE-2024-2610,0,0,67723a01564f2caea2c87514edec943383e963cca14b6936c961f3c55ac7dad5,2024-03-25T17:15:51.833000
CVE-2024-26101,0,0,a99024df1b18b54a773096b0beb63b24fd79a9e9974023773ae59f2a37feed95,2024-03-18T19:40:00.173000
CVE-2024-26102,0,0,238e693f3e2d466bc8d2c153335d74273ddf22aee27378fc2288011848995267,2024-03-18T19:40:00.173000
CVE-2024-26103,0,0,d8456b4083613d4d8db27a085dde20a49ef73abb0168ef69a30fce12bb31e1c6,2024-03-18T19:40:00.173000
@ -241687,10 +241689,10 @@ CVE-2024-26104,0,0,26fa5e620c52b2c3f13956dc7ddff142e7a4604a5ec9b5dd0aa8139e69f91
CVE-2024-26105,0,0,11537b15eb4cc2020a0de2c2950a0ccff35f84e7097158552d59dda934784eba,2024-03-18T19:40:00.173000
CVE-2024-26106,0,0,1bcf517c10e9d03e04f36309423fea2ee998c751ee4d56005c66807def8df1c2,2024-03-18T19:40:00.173000
CVE-2024-26107,0,0,08a7d4a713d69f5e9264f33bf201cb0a984991aa907bf9c03d1e9d80640879b3,2024-03-18T19:40:00.173000
CVE-2024-2611,0,1,da0a89015b2775908e0c15effdf847fbad8de27ce6d4f2420dc8937b9e1cf1ff,2024-03-25T17:15:51.880000
CVE-2024-2611,0,0,da0a89015b2775908e0c15effdf847fbad8de27ce6d4f2420dc8937b9e1cf1ff,2024-03-25T17:15:51.880000
CVE-2024-26118,0,0,7c64ac890dd2a49d6d942d5500b1240c8fe85648327d773fcda60ffa1a5badd7,2024-03-18T19:40:00.173000
CVE-2024-26119,0,0,d15b90520fefb7812fc1dd26c7161c951db5fa8c9a1a7a8a2878ce59a176d881,2024-03-18T19:40:00.173000
CVE-2024-2612,0,1,563748cada404dea46a8a1098e6e9010359bb31f9781cebd62e08951dacf5761,2024-03-25T17:15:51.923000
CVE-2024-2612,0,0,563748cada404dea46a8a1098e6e9010359bb31f9781cebd62e08951dacf5761,2024-03-25T17:15:51.923000
CVE-2024-26120,0,0,1657b6d18890514d9af3eeebc8c2352500124f93d0e64bb8ac66ddfc251885ca,2024-03-18T19:40:00.173000
CVE-2024-26124,0,0,82c27b96a9dc28b3e1fb2de7ffef79a19fe8428577dd4db99bfdfe3e5dd7dcb3,2024-03-18T19:40:00.173000
CVE-2024-26125,0,0,b8e9f2510a0a2d65e00221b700c4ebf67290c396472beeb55853dce893354627,2024-03-18T19:40:00.173000
@ -241705,7 +241707,7 @@ CVE-2024-26134,0,0,c48fec61bdbea71825089d60ba10afed6847a83574a5b8775f63985c4fd7b
CVE-2024-26135,0,0,59fe0ab8843c555cfe91a706ee16a0503bc6707525e2af12cfc8995ef8319782,2024-02-20T21:52:55.187000
CVE-2024-26136,0,0,bc3bbfc3e7ddd7f5422807ceb3e66f18b225baf2ed7e74657a084b480c15c1ff,2024-02-22T19:07:37.840000
CVE-2024-26138,0,0,4d4da9f47e13e4c424c52e5eff6306f34e02033e2d2c801866f22decefe9c2c2,2024-02-22T19:07:27.197000
CVE-2024-2614,0,1,74b9e45834bc5f5aff70c95ed7996a007a2a374ad9639edde00afe3bf9f497e0,2024-03-25T17:15:51.963000
CVE-2024-2614,0,0,74b9e45834bc5f5aff70c95ed7996a007a2a374ad9639edde00afe3bf9f497e0,2024-03-25T17:15:51.963000
CVE-2024-26140,0,0,6de2d0c9ebf70d5d176c18f61310d4c12ab2f9c1ae885cf141ebe9307850ffc6,2024-02-22T19:07:37.840000
CVE-2024-26141,0,0,9df246c55a4395e8557802daf50823ee55f3169dd101c749aaebaef21dae00c2,2024-02-29T13:49:47.277000
CVE-2024-26142,0,0,edb6243c44774fbfc22b55927ba153d435243b85e5fd0fb08002baf86f2fdeda,2024-02-28T14:07:00.563000
@ -241721,7 +241723,7 @@ CVE-2024-26150,0,0,8ea3c18b0fb78100fc3632066a5c3403e90a7daa780b43e6f9240c2ed9fee
CVE-2024-26151,0,0,23d71c73b4a2821ea019a978d698b1910ca82d8c9eb2d93a0500cf52583cbf84,2024-02-23T02:42:54.547000
CVE-2024-26152,0,0,7e68ad422883506103ec46c3174c4872da8a983d075ae50a3e01c580804f4253,2024-02-23T02:42:54.547000
CVE-2024-26159,0,0,8db8f42d5662b161251586cebfdfad3ac7119bf59dcefc0ce4412d5330cc45ab,2024-03-12T17:46:17.273000
CVE-2024-2616,0,1,e3c92b3b9aca00a51c867346d68b83b884e699ab07afe2070061dd49cd767a57,2024-03-25T17:15:52.007000
CVE-2024-2616,0,0,e3c92b3b9aca00a51c867346d68b83b884e699ab07afe2070061dd49cd767a57,2024-03-25T17:15:52.007000
CVE-2024-26160,0,0,fa9ab77966a6520f6fd48a75b259529e6a68bdc5f72bc11ac282a7c57a6be71f,2024-03-12T17:46:17.273000
CVE-2024-26161,0,0,179c500caa38708835a1de408543085e57586fd097d7453a1bf1888d48f494e3,2024-03-12T17:46:17.273000
CVE-2024-26162,0,0,abe9736aa1712017432f5ac3cb4f9e06d55b8e6b2899e4fcc1a691ec906deb0c,2024-03-12T17:46:17.273000
@ -242060,6 +242062,8 @@ CVE-2024-27295,0,0,7b61bc68a0e7596ec39f45cf16eb56847e1e2291e2b9c36b655d40907b360
CVE-2024-27296,0,0,efeac0d0835ce5e895a91174ac6e0936bc76da32bc1ae41fcb14571a12d2985d,2024-03-01T22:22:25.913000
CVE-2024-27297,0,0,4adef5b6b344504047ea652a2ba40cd8b6a71ad7086f702d549e1a8bda9ad1af,2024-03-12T12:40:13.500000
CVE-2024-27298,0,0,1aaf802a3586818726ce977e3c4d8b52b79c9b45f43876bfaeae085dddddd041,2024-03-01T22:22:25.913000
CVE-2024-27299,1,1,176aea8d23b232e608245888debcb0647d2db76661c9933dd5b0554caf52337a,2024-03-25T19:15:57.563000
CVE-2024-27300,1,1,3160f448301cd9af5646b8fce77c89cd9d1626279754d262e3ad239ca5375ebc,2024-03-25T19:15:57.807000
CVE-2024-27301,0,0,ea4f96db3674e6fe8e03ff7f55175b1f9fdc58c05fa850d93965ca0498d5bb55,2024-03-14T20:11:36.180000
CVE-2024-27302,0,0,f49f7cb8056f6127ae14fec0cfff2d0bf177dfba1318b206d31d7b548bf3e9f5,2024-03-06T21:42:48.053000
CVE-2024-27303,0,0,5bf58561ed507a70ca73108a11218e0be9a2a377c18b42118ebe9af756d8ec79,2024-03-06T21:42:48.053000
@ -242246,6 +242250,10 @@ CVE-2024-28098,0,0,e6bafc5c1852b134e115137ad3427dd38b064af4ce40b8aa45bfc1cdd7573
CVE-2024-2810,0,0,b92d6e3c897f758ac7040d83811d4a7f895aec8457cffb8c1afb1549e2cbf96d,2024-03-22T12:45:36.130000
CVE-2024-28101,0,0,e11a50d18e90b930590d2818b294820a502a44e40046d3b082407cc261fb1fa1,2024-03-21T12:58:51.093000
CVE-2024-28102,0,0,5173038e442300ac4f9841553f79acc51f599800474c7e2979929429acf935f8,2024-03-21T12:58:51.093000
CVE-2024-28105,1,1,1e7beafb03e644141304d24087ff8acd32ac7fc246fe0ea56b912fe6dba4716f,2024-03-25T19:15:58.020000
CVE-2024-28106,1,1,bb2c389659b7d47d7f4731b5f1aba2a584a421dafc9f1c605b135ae67786751f,2024-03-25T19:15:58.263000
CVE-2024-28107,1,1,4daf19aae99ff65363486cf8c27fd6cda9c3b2687a68ae8e2ab6467687460c3a,2024-03-25T19:15:58.477000
CVE-2024-28108,1,1,fec09cb41fe9dd09fa90f08da9d84092bab20ea842ad59e0f701afc0558b4919,2024-03-25T19:15:58.700000
CVE-2024-2811,0,0,f7057bb7f00ea7a6844ea17aaf27f5b41bb400a788aa8b2ef4be0037da4fe7f5,2024-03-22T12:45:36.130000
CVE-2024-28110,0,0,0aa63c709bee34101fee09332c67840fa8b7d5aea01ed58b7f238cd7f26f2f87,2024-03-07T13:52:27.110000
CVE-2024-28111,0,0,ef109000cb681b8950a504435d888106cd334990070bd9ca1f33bba165c1974a,2024-03-07T13:52:27.110000
@ -242325,6 +242333,10 @@ CVE-2024-28238,0,0,38219e010007b7fe5426826144cd2eabd2e22d36d31c50aa8471901674b52
CVE-2024-28239,0,0,faccbe471f1ae24e1ff85c8426d7d0f8447bb8e496567a24af19b5962ca5e940,2024-03-13T12:33:51.697000
CVE-2024-2824,0,0,b51ff6d9b96df45cee8ace66bda2fe24718173170fbb213d719055238fa4da73,2024-03-22T19:02:10.300000
CVE-2024-28242,0,0,9b0e39431cf5407ac797c89bdeeecca7ea971387c91b8e8005c08f8a0179928d,2024-03-17T22:38:29.433000
CVE-2024-28243,1,1,e0119a28ec2c44f4cb1af1d18bda62a690b344f16c003db20f70f756f1081594,2024-03-25T20:15:07.950000
CVE-2024-28244,1,1,934446e44fd5669812bb7e483c32615ece1dc5df50710a3c2a5bb1a3fd0169ea,2024-03-25T20:15:08.160000
CVE-2024-28245,1,1,c546468cb3694163bd1d797cfe51142dba6cf171909f41053df96a18f5d53143,2024-03-25T20:15:08.370000
CVE-2024-28246,1,1,a31e3ec472a2fefca7e2d2fc4962d14814e6b1e837b56165e76670e074db0a40,2024-03-25T20:15:08.580000
CVE-2024-28248,0,0,b617812c524b85d27f2a46b3a739648463fa9ffb5a6e46ea47ba0c68bd3fa409,2024-03-19T13:26:46
CVE-2024-28249,0,0,7f01b3731d6ed3594265964b9061da88eb89dfe99b6d59bfec8413859c3ac454,2024-03-19T13:26:46
CVE-2024-2825,0,0,731d564e18c15016bfac25b783d866bfc2b3073e42c4b54f0ca736209097bfbb,2024-03-25T01:51:01.223000
@ -242465,6 +242477,7 @@ CVE-2024-28835,0,0,807354fa6b4609be92d801df299988ca81259642594a0e94cba8cafe4de90
CVE-2024-28847,0,0,77ca7298b6799783b77992e414cebfaaf69a1bd2c05124cbdf6b914d3e0bb310,2024-03-17T22:38:29.433000
CVE-2024-28848,0,0,f738fe56a5bc4cdb728fabdb4b9cb52618afbf9827db3dbc12ec3f1fb91169bf,2024-03-21T02:52:25.197000
CVE-2024-28849,0,0,5e73d26630408070b9f2d0554aca63f533ce0044a2d97ed66eab06494ab2be18,2024-03-23T03:15:11.970000
CVE-2024-28850,1,1,1d7ce55a2b28f062d7e286d9465b7ed662f190716d21e23a54ba08f46a8974ec,2024-03-25T19:15:58.947000
CVE-2024-28851,0,0,f15187ac52243f1288d6dabed456ab5bd2287b2db60c97a538d0582f4f0ba12d,2024-03-17T22:38:29.433000
CVE-2024-28854,0,0,8cb03aded6b194ffbf5e93b6a999bfbf01ac8f736343c4fc752b0e38a8bc9f90,2024-03-17T22:38:29.433000
CVE-2024-28855,0,0,2384a3330fde47f752f152bfa13a6226cb6b236bb18ff2466f5e886c7d3e893c,2024-03-19T13:26:46
@ -242479,6 +242492,7 @@ CVE-2024-28891,0,0,0aa614d18123b6bc2c76e9c8b5d356a2e7d71bba766bbf9db36fdc818df4c
CVE-2024-28916,0,0,3588de3801d3f24953276fa6b57f2d684fb38fc8b3ed3ad7d8613e127e6022b7,2024-03-21T12:58:51.093000
CVE-2024-29009,0,0,e428945e790b35d2116d11f320908f919961bf6f75e41d300d21cf55f5bcc19c,2024-03-25T13:47:14.087000
CVE-2024-29018,0,0,996b521b7d9365d8d41596984cc4ea0a166d70f0fc41d183b4857a8a3632cdd4,2024-03-21T12:58:51.093000
CVE-2024-29025,1,1,598c6a42361f85342a77bfecefe79230d1e37c2f1b5e0396b0f92ae4ecb3d3d5,2024-03-25T20:15:08.797000
CVE-2024-29026,0,0,ae12b0436e3ecdf28001034b69d1ac66de23f0f8b6b646a25aa4e89d5c652db8,2024-03-21T12:58:51.093000
CVE-2024-29027,0,0,0443c0a5c3d136c6828a405e5e82a90c05a4f9edd7fbc1d30ba3bd5c5a4c0f72,2024-03-20T13:00:16.367000
CVE-2024-29031,0,0,7f58d37a0fe973dfcea39547446f82cfc81d56a030b41fe804de053f1e911236,2024-03-22T12:45:36.130000
@ -242571,7 +242585,9 @@ CVE-2024-29472,0,0,8914457096a81cfec257e1932986907f8b2f25a966f10c0d7629905ec24b0
CVE-2024-29473,0,0,2dcbe7e94767e08f46a9353b62d8f30da500a221f5affb32fc9ef958cfff985b,2024-03-21T12:58:51.093000
CVE-2024-29474,0,0,cd74b93fedbacc13ab911c0f2a2b89e07d9e578953f3b262ce40503b72930e98,2024-03-21T12:58:51.093000
CVE-2024-29499,0,0,bc8db29a97bf5517e5213278d0d5f5ecdec4b51f00adea3262848d25f6e735bc,2024-03-22T19:02:10.300000
CVE-2024-29515,1,1,56178cd0a3dedb065e0281a7015d8a355456da4af63e18194c370c98d4f6bde4,2024-03-25T19:15:59.190000
CVE-2024-29650,0,0,3de71c7e130cece9a4956a25a7008efc5004a21e047c073aea3bd083423d5a0e,2024-03-25T16:43:06.137000
CVE-2024-29666,1,1,3d3e8998729d7c81601d3d6c0867b3edf5ea58a2411ca65573245ab0d6ade13e,2024-03-25T19:15:59.253000
CVE-2024-29732,0,0,3aff958eec55f5cf06538251c792be6423021bd21573f6f2f920d098c9ad37bd,2024-03-21T12:58:51.093000
CVE-2024-29858,0,0,585719d860c91771e96e52d882eed744121f21e899f727afe6b381f4ffbb308d,2024-03-21T12:58:51.093000
CVE-2024-29859,0,0,6ebff5730a73f542ffebf0a56f74146bb69314ac3f95118519ec4b678666f245,2024-03-21T12:58:51.093000
@ -242592,7 +242608,7 @@ CVE-2024-29879,0,0,f281e5565c18f62981e30c243c39ad05583d9bbab1631a620c93b3c78846e
CVE-2024-29880,0,0,e4ba47a3336aba44b26bc2b767c682c9997cfe6f0e16a9457e7fe50a3abeaa1c,2024-03-21T15:24:35.093000
CVE-2024-29916,0,0,dd300e18b662f862d3dd0881eace85d81be3f3aaeb79c908bcef100a80a89dd1,2024-03-21T19:47:03.943000
CVE-2024-29943,0,0,39d573a490fc5d2b219e8af270d3feeff9aa72e4341ddd52f10b0ddfa677f78e,2024-03-22T15:34:43.663000
CVE-2024-29944,0,1,4d21f9c7c1ab1ff30cce77b261f7b06b8e28526248b968d986726dab452f24fc,2024-03-25T17:15:51.670000
CVE-2024-29944,0,0,4d21f9c7c1ab1ff30cce77b261f7b06b8e28526248b968d986726dab452f24fc,2024-03-25T17:15:51.670000
CVE-2024-30156,0,0,aff0cd27a6d4ebd55e03f44f61cc23ee9163e094843acbac5af736e684ab9391,2024-03-25T01:51:01.223000
CVE-2024-30161,0,0,f6d00094643508d05d1e5626fca4ef83c82ab69ba4696adb329c49eff6d0ab4a,2024-03-25T01:51:01.223000
CVE-2024-30187,0,0,f8d37ff5304c8d102184c9586047a497264eab63488a1192b60bf85807ce2976,2024-03-25T13:47:14.087000

Can't render this file because it is too large.