From 53e6f90c0cab88c4fccc0e102679f3b6483066d5 Mon Sep 17 00:00:00 2001 From: cvelistV5 Github Action Date: Tue, 31 Dec 2024 12:56:59 +0000 Subject: [PATCH] 11 changes (11 new | 0 updated): - 11 new CVEs: CVE-2023-48775, CVE-2023-50850, CVE-2024-55991, CVE-2024-56031, CVE-2024-56039, CVE-2024-56046, CVE-2024-56064, CVE-2024-56067, CVE-2024-56068, CVE-2024-56071, CVE-2024-56205 - 0 updated CVEs: --- cves/2023/48xxx/CVE-2023-48775.json | 142 ++++++++++++++++++++++++++++ cves/2023/50xxx/CVE-2023-50850.json | 140 +++++++++++++++++++++++++++ cves/2024/55xxx/CVE-2024-55991.json | 123 ++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56031.json | 123 ++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56039.json | 140 +++++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56046.json | 140 +++++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56064.json | 140 +++++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56067.json | 140 +++++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56068.json | 129 +++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56071.json | 123 ++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56205.json | 123 ++++++++++++++++++++++++ cves/delta.json | 78 +++++++++++++-- cves/deltaLog.json | 74 +++++++++++++++ 13 files changed, 1606 insertions(+), 9 deletions(-) create mode 100644 cves/2023/48xxx/CVE-2023-48775.json create mode 100644 cves/2023/50xxx/CVE-2023-50850.json create mode 100644 cves/2024/55xxx/CVE-2024-55991.json create mode 100644 cves/2024/56xxx/CVE-2024-56031.json create mode 100644 cves/2024/56xxx/CVE-2024-56039.json create mode 100644 cves/2024/56xxx/CVE-2024-56046.json create mode 100644 cves/2024/56xxx/CVE-2024-56064.json create mode 100644 cves/2024/56xxx/CVE-2024-56067.json create mode 100644 cves/2024/56xxx/CVE-2024-56068.json create mode 100644 cves/2024/56xxx/CVE-2024-56071.json create mode 100644 cves/2024/56xxx/CVE-2024-56205.json diff --git a/cves/2023/48xxx/CVE-2023-48775.json b/cves/2023/48xxx/CVE-2023-48775.json new file mode 100644 index 00000000000..08f156d5d17 --- /dev/null +++ b/cves/2023/48xxx/CVE-2023-48775.json @@ -0,0 +1,142 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2023-48775", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2023-11-18T22:25:22.703Z", + "datePublished": "2024-12-31T12:47:06.401Z", + "dateUpdated": "2024-12-31T12:47:06.401Z" + }, + "containers": { + "cna": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "defaultStatus": "unaffected", + "packageName": "wp-cleanfix", + "product": "WP Cleanfix", + "vendor": "Gfazioli", + "versions": [ + { + "changes": [ + { + "at": "5.7.0", + "status": "unaffected" + } + ], + "lessThanOrEqual": "5.6.2", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Abdi Pranata (Patchstack Alliance)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects WP Cleanfix: from n/a through 5.6.2.

" + } + ], + "value": "Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cleanfix: from n/a through 5.6.2." + } + ], + "impacts": [ + { + "capecId": "CAPEC-180", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-862", + "description": "CWE-862 Missing Authorization", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:47:06.401Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/wp-cleanfix/vulnerability/wordpress-wp-cleanfix-plugin-5-5-0-broken-access-control-vulnerability?_s_id=cve" + } + ], + "solutions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "No patched version is available. No reply from the vendor." + } + ], + "value": "No patched version is available. No reply from the vendor." + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress WP CleanFix plugin <= 5.6.2 - Broken Access Control vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2023/50xxx/CVE-2023-50850.json b/cves/2023/50xxx/CVE-2023-50850.json new file mode 100644 index 00000000000..82b71e8a154 --- /dev/null +++ b/cves/2023/50xxx/CVE-2023-50850.json @@ -0,0 +1,140 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2023-50850", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2023-12-14T17:19:02.630Z", + "datePublished": "2024-12-31T12:46:10.776Z", + "dateUpdated": "2024-12-31T12:46:10.776Z" + }, + "containers": { + "cna": { + "affected": [ + { + "defaultStatus": "unaffected", + "product": "WooCommerce Subscriptions", + "vendor": "Woo", + "versions": [ + { + "changes": [ + { + "at": "5.8.0", + "status": "unaffected" + } + ], + "lessThan": "5.8.0", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Rafie Muhammad (Patchstack)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Missing Authorization vulnerability in Woo WooCommerce Subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects WooCommerce Subscriptions: from n/a before 5.8.0.

" + } + ], + "value": "Missing Authorization vulnerability in Woo WooCommerce Subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Subscriptions: from n/a before 5.8.0." + } + ], + "impacts": [ + { + "capecId": "CAPEC-180", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-862", + "description": "CWE-862 Missing Authorization", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:46:10.776Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/woocommerce-subscriptions/vulnerability/wordpress-woo-subscriptions-plugin-5-8-0-broken-access-control-vulnerability?_s_id=cve" + } + ], + "solutions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress WooCommerce Subscriptions plugin to the latest available version (at least 5.8.0)." + } + ], + "value": "Update the WordPress WooCommerce Subscriptions plugin to the latest available version (at least 5.8.0)." + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress Woo Subscriptions plugin < 5.8.0 - Broken Access Control vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/55xxx/CVE-2024-55991.json b/cves/2024/55xxx/CVE-2024-55991.json new file mode 100644 index 00000000000..2b8656cecbd --- /dev/null +++ b/cves/2024/55xxx/CVE-2024-55991.json @@ -0,0 +1,123 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-55991", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:41:53.297Z", + "datePublished": "2024-12-31T12:51:02.138Z", + "dateUpdated": "2024-12-31T12:51:02.138Z" + }, + "containers": { + "cna": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "defaultStatus": "unaffected", + "packageName": "wp-crm-system", + "product": "WP-CRM System", + "vendor": "WP-CRM", + "versions": [ + { + "lessThanOrEqual": "3.2.9.1", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Mika (Patchstack Alliance)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects WP-CRM System: from n/a through 3.2.9.1.

" + } + ], + "value": "Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through 3.2.9.1." + } + ], + "impacts": [ + { + "capecId": "CAPEC-180", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-862", + "description": "CWE-862 Missing Authorization", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:51:02.138Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/wp-crm-system/vulnerability/wordpress-crm-plugin-wp-crm-system-plugin-3-2-9-1-broken-access-control-vulnerability?_s_id=cve" + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress CRM Plugin – WP-CRM System plugin <= 3.2.9.1 - Broken Access Control vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56031.json b/cves/2024/56xxx/CVE-2024-56031.json new file mode 100644 index 00000000000..51481f0c91e --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56031.json @@ -0,0 +1,123 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56031", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:42:43.877Z", + "datePublished": "2024-12-31T12:49:25.926Z", + "dateUpdated": "2024-12-31T12:49:25.926Z" + }, + "containers": { + "cna": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "defaultStatus": "unaffected", + "packageName": "smart-shopify-product", + "product": "Smart Shopify Product", + "vendor": "Yulio Aleman Jimenez", + "versions": [ + { + "lessThanOrEqual": "1.0.2", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Mika (Patchstack Alliance)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Missing Authorization vulnerability in Yulio Aleman Jimenez Smart Shopify Product allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects Smart Shopify Product: from n/a through 1.0.2.

" + } + ], + "value": "Missing Authorization vulnerability in Yulio Aleman Jimenez Smart Shopify Product allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Shopify Product: from n/a through 1.0.2." + } + ], + "impacts": [ + { + "capecId": "CAPEC-180", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-862", + "description": "CWE-862 Missing Authorization", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:49:25.926Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/smart-shopify-product/vulnerability/wordpress-smart-shopify-product-plugin-1-0-2-arbitrary-content-deletion-vulnerability?_s_id=cve" + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress Smart Shopify Product plugin <= 1.0.2 - Arbitrary Content Deletion vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56039.json b/cves/2024/56xxx/CVE-2024-56039.json new file mode 100644 index 00000000000..a73d18d3d7c --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56039.json @@ -0,0 +1,140 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56039", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:42:50.707Z", + "datePublished": "2024-12-31T12:55:10.616Z", + "dateUpdated": "2024-12-31T12:55:10.616Z" + }, + "containers": { + "cna": { + "affected": [ + { + "defaultStatus": "unaffected", + "product": "VibeBP", + "vendor": "VibeThemes", + "versions": [ + { + "changes": [ + { + "at": "1.9.9.7.7", + "status": "unaffected" + } + ], + "lessThan": "1.9.9.7.7", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Rafie Muhammad (Patchstack)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes VibeBP allows SQL Injection.

This issue affects VibeBP: from n/a before 1.9.9.7.7.

" + } + ], + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes VibeBP allows SQL Injection.This issue affects VibeBP: from n/a before 1.9.9.7.7." + } + ], + "impacts": [ + { + "capecId": "CAPEC-66", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-66 SQL Injection" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-89", + "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:55:10.616Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/vibebp/vulnerability/wordpress-vibebp-plugin-1-9-9-7-7-unauthenticated-sql-injection-vulnerability?_s_id=cve" + } + ], + "solutions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress VibeBP plugin to the latest available version (at least 1.9.9.7.7)." + } + ], + "value": "Update the WordPress VibeBP plugin to the latest available version (at least 1.9.9.7.7)." + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress VibeBP plugin < 1.9.9.7.7 - Unauthenticated SQL Injection vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56046.json b/cves/2024/56xxx/CVE-2024-56046.json new file mode 100644 index 00000000000..89cd0a4bc02 --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56046.json @@ -0,0 +1,140 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56046", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:42:58.219Z", + "datePublished": "2024-12-31T12:53:33.199Z", + "dateUpdated": "2024-12-31T12:55:57.203Z" + }, + "containers": { + "cna": { + "affected": [ + { + "defaultStatus": "unaffected", + "product": "WPLMS", + "vendor": "VibeThemes", + "versions": [ + { + "changes": [ + { + "at": "1.9.9.1", + "status": "unaffected" + } + ], + "lessThanOrEqual": "1.9.9", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Rafie Muhammad (Patchstack)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.

This issue affects WPLMS: from n/a through 1.9.9.

" + } + ], + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9." + } + ], + "impacts": [ + { + "capecId": "CAPEC-650", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-650 Upload a Web Shell to a Web Server" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-434", + "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:55:57.203Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/wplms-plugin/vulnerability/wordpress-wplms-plugin-1-9-9-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve" + } + ], + "solutions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress WPLMS plugin to the latest available version (at least 1.9.9.1)." + } + ], + "value": "Update the WordPress WPLMS plugin to the latest available version (at least 1.9.9.1)." + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress WPLMS plugin <= 1.9.9 - Unauthenticated Arbitrary File Upload vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56064.json b/cves/2024/56xxx/CVE-2024-56064.json new file mode 100644 index 00000000000..3f7c40d4b83 --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56064.json @@ -0,0 +1,140 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56064", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:43:18.741Z", + "datePublished": "2024-12-31T12:54:21.074Z", + "dateUpdated": "2024-12-31T12:55:35.867Z" + }, + "containers": { + "cna": { + "affected": [ + { + "defaultStatus": "unaffected", + "product": "WP SuperBackup", + "vendor": "Azzaroco", + "versions": [ + { + "changes": [ + { + "at": "2.4", + "status": "unaffected" + } + ], + "lessThanOrEqual": "2.3.3", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Dave Jong (Patchstack)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Azzaroco WP SuperBackup allows Upload a Web Shell to a Web Server.

This issue affects WP SuperBackup: from n/a through 2.3.3.

" + } + ], + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Azzaroco WP SuperBackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through 2.3.3." + } + ], + "impacts": [ + { + "capecId": "CAPEC-650", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-650 Upload a Web Shell to a Web Server" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-434", + "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:55:35.867Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/indeed-wp-superbackup/vulnerability/wordpress-wp-superbackup-plugin-2-3-3-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve" + } + ], + "solutions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress WP SuperBackup plugin to the latest available version (at least 2.4)." + } + ], + "value": "Update the WordPress WP SuperBackup plugin to the latest available version (at least 2.4)." + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress WP SuperBackup plugin <= 2.3.3 - Unauthenticated Arbitrary File Upload vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56067.json b/cves/2024/56xxx/CVE-2024-56067.json new file mode 100644 index 00000000000..dbb84701b6b --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56067.json @@ -0,0 +1,140 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56067", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:43:18.742Z", + "datePublished": "2024-12-31T12:48:21.629Z", + "dateUpdated": "2024-12-31T12:48:21.629Z" + }, + "containers": { + "cna": { + "affected": [ + { + "defaultStatus": "unaffected", + "product": "WP SuperBackup", + "vendor": "Azzaroco", + "versions": [ + { + "changes": [ + { + "at": "2.4", + "status": "unaffected" + } + ], + "lessThanOrEqual": "2.3.3", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Dave Jong (Patchstack)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects WP SuperBackup: from n/a through 2.3.3.

" + } + ], + "value": "Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through 2.3.3." + } + ], + "impacts": [ + { + "capecId": "CAPEC-180", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-862", + "description": "CWE-862 Missing Authorization", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:48:21.629Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/indeed-wp-superbackup/vulnerability/wordpress-wp-superbackup-plugin-2-3-3-unauthenticated-backup-file-download-vulnerability?_s_id=cve" + } + ], + "solutions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress WP SuperBackup plugin to the latest available version (at least 2.4)." + } + ], + "value": "Update the WordPress WP SuperBackup plugin to the latest available version (at least 2.4)." + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress WP SuperBackup plugin <= 2.3.3 - Unauthenticated Backup File Download Vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56068.json b/cves/2024/56xxx/CVE-2024-56068.json new file mode 100644 index 00000000000..82aff1af45a --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56068.json @@ -0,0 +1,129 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56068", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:43:18.742Z", + "datePublished": "2024-12-31T12:51:45.293Z", + "dateUpdated": "2024-12-31T12:51:45.293Z" + }, + "containers": { + "cna": { + "affected": [ + { + "defaultStatus": "unaffected", + "product": "WP SuperBackup", + "vendor": "Azzaroco", + "versions": [ + { + "changes": [ + { + "at": "2.4", + "status": "unaffected" + } + ], + "lessThanOrEqual": "2.3.3", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Dave Jong (Patchstack)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Deserialization of Untrusted Data vulnerability in Azzaroco WP SuperBackup.

This issue affects WP SuperBackup: from n/a through 2.3.3.

" + } + ], + "value": "Deserialization of Untrusted Data vulnerability in Azzaroco WP SuperBackup.This issue affects WP SuperBackup: from n/a through 2.3.3." + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-502", + "description": "CWE-502 Deserialization of Untrusted Data", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:51:45.293Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/indeed-wp-superbackup/vulnerability/wordpress-wp-superbackup-plugin-2-3-3-subscriber-php-object-injection-vulnerability?_s_id=cve" + } + ], + "solutions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress WP SuperBackup wordpress plugin to the latest available version (at least 2.4)." + } + ], + "value": "Update the WordPress WP SuperBackup wordpress plugin to the latest available version (at least 2.4)." + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress WP SuperBackup plugin <= 2.3.3 - Subscriber+ PHP Object Injection vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56071.json b/cves/2024/56xxx/CVE-2024-56071.json new file mode 100644 index 00000000000..0245146f701 --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56071.json @@ -0,0 +1,123 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56071", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-14T19:43:18.742Z", + "datePublished": "2024-12-31T12:44:32.807Z", + "dateUpdated": "2024-12-31T12:44:32.807Z" + }, + "containers": { + "cna": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "defaultStatus": "unaffected", + "packageName": "simple-dashboard", + "product": "Simple Dashboard", + "vendor": "Mike Leembruggen", + "versions": [ + { + "lessThanOrEqual": "2.0", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Mika (Patchstack Alliance)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.

This issue affects Simple Dashboard: from n/a through 2.0.

" + } + ], + "value": "Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through 2.0." + } + ], + "impacts": [ + { + "capecId": "CAPEC-233", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-233 Privilege Escalation" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-266", + "description": "CWE-266 Incorrect Privilege Assignment", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:44:32.807Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/simple-dashboard/vulnerability/wordpress-simple-dashboard-plugin-2-0-privilege-escalation-vulnerability?_s_id=cve" + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress Simple Dashboard plugin <= 2.0 - Privilege Escalation vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56205.json b/cves/2024/56xxx/CVE-2024-56205.json new file mode 100644 index 00000000000..c8261e0dd1d --- /dev/null +++ b/cves/2024/56xxx/CVE-2024-56205.json @@ -0,0 +1,123 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-56205", + "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "state": "PUBLISHED", + "assignerShortName": "Patchstack", + "dateReserved": "2024-12-18T19:03:36.423Z", + "datePublished": "2024-12-31T12:43:42.040Z", + "dateUpdated": "2024-12-31T12:43:42.040Z" + }, + "containers": { + "cna": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "defaultStatus": "unaffected", + "packageName": "newsletter-page-redirects", + "product": "AI Magic", + "vendor": "AI Magic", + "versions": [ + { + "lessThanOrEqual": "1.0.4", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "user": "00000000-0000-4000-9000-000000000000", + "value": "Mika (Patchstack Alliance)" + } + ], + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.

This issue affects AI Magic: from n/a through 1.0.4.

" + } + ], + "value": "Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4." + } + ], + "impacts": [ + { + "capecId": "CAPEC-233", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-233 Privilege Escalation" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-266", + "description": "CWE-266 Incorrect Privilege Assignment", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", + "shortName": "Patchstack", + "dateUpdated": "2024-12-31T12:43:42.040Z" + }, + "references": [ + { + "tags": [ + "vdb-entry" + ], + "url": "https://patchstack.com/database/wordpress/plugin/newsletter-page-redirects/vulnerability/wordpress-ai-magic-seo-content-generator-article-writer-plugin-1-0-4-privilege-escalation-vulnerability?_s_id=cve" + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "WordPress AI Magic – SEO Content Generator & Article Writer plugin <= 1.0.4 - Privilege Escalation vulnerability", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + } + } +} \ No newline at end of file diff --git a/cves/delta.json b/cves/delta.json index c550f3390be..66179719482 100644 --- a/cves/delta.json +++ b/cves/delta.json @@ -1,14 +1,74 @@ { - "fetchTime": "2024-12-31T12:00:37.445Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2024-12582", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-12582", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/12xxx/CVE-2024-12582.json", - "dateUpdated": "2024-12-31T11:59:14.208Z" + "fetchTime": "2024-12-31T12:56:50.429Z", + "numberOfChanges": 11, + "new": [ + { + "cveId": "CVE-2023-48775", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-48775", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/48xxx/CVE-2023-48775.json", + "dateUpdated": "2024-12-31T12:47:06.401Z" + }, + { + "cveId": "CVE-2023-50850", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-50850", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/50xxx/CVE-2023-50850.json", + "dateUpdated": "2024-12-31T12:46:10.776Z" + }, + { + "cveId": "CVE-2024-55991", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-55991", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/55xxx/CVE-2024-55991.json", + "dateUpdated": "2024-12-31T12:51:02.138Z" + }, + { + "cveId": "CVE-2024-56031", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56031", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56031.json", + "dateUpdated": "2024-12-31T12:49:25.926Z" + }, + { + "cveId": "CVE-2024-56039", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56039", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56039.json", + "dateUpdated": "2024-12-31T12:55:10.616Z" + }, + { + "cveId": "CVE-2024-56046", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56046", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56046.json", + "dateUpdated": "2024-12-31T12:55:57.203Z" + }, + { + "cveId": "CVE-2024-56064", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56064", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56064.json", + "dateUpdated": "2024-12-31T12:55:35.867Z" + }, + { + "cveId": "CVE-2024-56067", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56067", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56067.json", + "dateUpdated": "2024-12-31T12:48:21.629Z" + }, + { + "cveId": "CVE-2024-56068", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56068", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56068.json", + "dateUpdated": "2024-12-31T12:51:45.293Z" + }, + { + "cveId": "CVE-2024-56071", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56071", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56071.json", + "dateUpdated": "2024-12-31T12:44:32.807Z" + }, + { + "cveId": "CVE-2024-56205", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56205", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56205.json", + "dateUpdated": "2024-12-31T12:43:42.040Z" } ], + "updated": [], "error": [] } \ No newline at end of file diff --git a/cves/deltaLog.json b/cves/deltaLog.json index 29e4e212b0f..f3e880dafa9 100644 --- a/cves/deltaLog.json +++ b/cves/deltaLog.json @@ -1,4 +1,78 @@ [ + { + "fetchTime": "2024-12-31T12:56:50.429Z", + "numberOfChanges": 11, + "new": [ + { + "cveId": "CVE-2023-48775", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-48775", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/48xxx/CVE-2023-48775.json", + "dateUpdated": "2024-12-31T12:47:06.401Z" + }, + { + "cveId": "CVE-2023-50850", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-50850", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/50xxx/CVE-2023-50850.json", + "dateUpdated": "2024-12-31T12:46:10.776Z" + }, + { + "cveId": "CVE-2024-55991", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-55991", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/55xxx/CVE-2024-55991.json", + "dateUpdated": "2024-12-31T12:51:02.138Z" + }, + { + "cveId": "CVE-2024-56031", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56031", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56031.json", + "dateUpdated": "2024-12-31T12:49:25.926Z" + }, + { + "cveId": "CVE-2024-56039", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56039", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56039.json", + "dateUpdated": "2024-12-31T12:55:10.616Z" + }, + { + "cveId": "CVE-2024-56046", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56046", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56046.json", + "dateUpdated": "2024-12-31T12:55:57.203Z" + }, + { + "cveId": "CVE-2024-56064", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56064", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56064.json", + "dateUpdated": "2024-12-31T12:55:35.867Z" + }, + { + "cveId": "CVE-2024-56067", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56067", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56067.json", + "dateUpdated": "2024-12-31T12:48:21.629Z" + }, + { + "cveId": "CVE-2024-56068", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56068", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56068.json", + "dateUpdated": "2024-12-31T12:51:45.293Z" + }, + { + "cveId": "CVE-2024-56071", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56071", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56071.json", + "dateUpdated": "2024-12-31T12:44:32.807Z" + }, + { + "cveId": "CVE-2024-56205", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-56205", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/56xxx/CVE-2024-56205.json", + "dateUpdated": "2024-12-31T12:43:42.040Z" + } + ], + "updated": [], + "error": [] + }, { "fetchTime": "2024-12-31T12:00:37.445Z", "numberOfChanges": 1,