From 467321849540e055e84f200552c0fb9b7af06880 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 28 Nov 2024 15:04:39 +0000 Subject: [PATCH] Auto-Update: 2024-11-28T15:01:28.142753+00:00 --- CVE-2024/CVE-2024-77xx/CVE-2024-7747.json | 64 +++++++++++++++++++++++ README.md | 33 +++--------- _state.csv | 41 ++++++++------- 3 files changed, 92 insertions(+), 46 deletions(-) create mode 100644 CVE-2024/CVE-2024-77xx/CVE-2024-7747.json diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7747.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7747.json new file mode 100644 index 00000000000..02b9dceefae --- /dev/null +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7747.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-7747", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-11-28T13:15:21.843", + "lastModified": "2024-11-28T13:15:21.843", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Wallet for WooCommerce plugin for WordPress is vulnerable to incorrect conversion between numeric types in all versions up to, and including, 1.5.6. This is due to a numerical logic flaw when transferring funds to another user. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create funds during a transfer and distribute these funds to any number of other users or their own account, rendering products free. Attackers could also request to withdraw funds if the Wallet Withdrawal extension is used and the request is approved by an administrator." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-681" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/woo-wallet/trunk/includes/class-woo-wallet-frontend.php#L407", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3145131/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fd8f3eb7-ac60-46c4-b41f-5d89e3133042?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 01405db2ff2..353361ca35e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-28T13:01:43.497648+00:00 +2024-11-28T15:01:28.142753+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-28T12:15:17.107000+00:00 +2024-11-28T13:15:21.843000+00:00 ``` ### Last Data Feed Release @@ -33,39 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -271613 +271614 ``` ### CVEs added in the last Commit -Recently added CVEs: `19` - -- [CVE-2024-11402](CVE-2024/CVE-2024-114xx/CVE-2024-11402.json) (`2024-11-28T11:15:17.613`) -- [CVE-2024-11620](CVE-2024/CVE-2024-116xx/CVE-2024-11620.json) (`2024-11-28T11:15:48.533`) -- [CVE-2024-52474](CVE-2024/CVE-2024-524xx/CVE-2024-52474.json) (`2024-11-28T11:15:48.860`) -- [CVE-2024-52475](CVE-2024/CVE-2024-524xx/CVE-2024-52475.json) (`2024-11-28T11:15:49.230`) -- [CVE-2024-52481](CVE-2024/CVE-2024-524xx/CVE-2024-52481.json) (`2024-11-28T11:15:49.610`) -- [CVE-2024-52490](CVE-2024/CVE-2024-524xx/CVE-2024-52490.json) (`2024-11-28T11:15:49.980`) -- [CVE-2024-52495](CVE-2024/CVE-2024-524xx/CVE-2024-52495.json) (`2024-11-28T11:15:50.340`) -- [CVE-2024-52496](CVE-2024/CVE-2024-524xx/CVE-2024-52496.json) (`2024-11-28T11:15:50.703`) -- [CVE-2024-52497](CVE-2024/CVE-2024-524xx/CVE-2024-52497.json) (`2024-11-28T11:15:51.137`) -- [CVE-2024-52498](CVE-2024/CVE-2024-524xx/CVE-2024-52498.json) (`2024-11-28T11:15:51.550`) -- [CVE-2024-52499](CVE-2024/CVE-2024-524xx/CVE-2024-52499.json) (`2024-11-28T11:15:51.957`) -- [CVE-2024-52501](CVE-2024/CVE-2024-525xx/CVE-2024-52501.json) (`2024-11-28T11:15:52.363`) -- [CVE-2024-53731](CVE-2024/CVE-2024-537xx/CVE-2024-53731.json) (`2024-11-28T12:15:17.107`) -- [CVE-2024-53732](CVE-2024/CVE-2024-537xx/CVE-2024-53732.json) (`2024-11-28T11:15:52.773`) -- [CVE-2024-53733](CVE-2024/CVE-2024-537xx/CVE-2024-53733.json) (`2024-11-28T11:15:53.203`) -- [CVE-2024-53734](CVE-2024/CVE-2024-537xx/CVE-2024-53734.json) (`2024-11-28T11:15:53.607`) -- [CVE-2024-53736](CVE-2024/CVE-2024-537xx/CVE-2024-53736.json) (`2024-11-28T11:15:54.027`) -- [CVE-2024-53737](CVE-2024/CVE-2024-537xx/CVE-2024-53737.json) (`2024-11-28T11:15:54.407`) -- [CVE-2024-8308](CVE-2024/CVE-2024-83xx/CVE-2024-8308.json) (`2024-11-28T11:15:54.697`) +Recently added CVEs: `1` + +- [CVE-2024-7747](CVE-2024/CVE-2024-77xx/CVE-2024-7747.json) (`2024-11-28T13:15:21.843`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -- [CVE-2024-8672](CVE-2024/CVE-2024-86xx/CVE-2024-8672.json) (`2024-11-28T10:15:08.870`) ## Download and Usage diff --git a/_state.csv b/_state.csv index a5358ee2762..efe5d0994e4 100644 --- a/_state.csv +++ b/_state.csv @@ -243599,7 +243599,7 @@ CVE-2024-11394,0,0,ed715a5643cd62dc08ee2cf492057b775795efb9422c8c56a37f188481d12 CVE-2024-11395,0,0,e97b88024677a483ae4a42afe9a8440978faa48e4e721bb1c822953f8252b946,2024-11-19T21:56:45.533000 CVE-2024-1140,0,0,346c2ed0aaabc419b4aefe2cf8513b81b972566618f29982168bc7166c832ab2,2024-02-27T19:17:32.253000 CVE-2024-11400,0,0,2b6a39a96cf5696646b5b9e32fab47bfc23a160a64905ed162280ce11db7d350,2024-11-25T15:02:53.013000 -CVE-2024-11402,1,1,8f3fd8a8eb506c6f6e3edecf9f43883a3e4c87bf00125a7e79e2d78e9478466d,2024-11-28T11:15:17.613000 +CVE-2024-11402,0,0,8f3fd8a8eb506c6f6e3edecf9f43883a3e4c87bf00125a7e79e2d78e9478466d,2024-11-28T11:15:17.613000 CVE-2024-11403,0,0,aa2618a7b6d3af70c8c76936e7400798cb8fc2bbb8402d3422568e8b944ad335,2024-11-25T14:15:06.310000 CVE-2024-11404,0,0,525efe85caba48797a4f541c0d9d8e5e1135b7d4afff8a5c0abba9ca32591f5c,2024-11-20T14:15:17.750000 CVE-2024-11406,0,0,d4abbee85b1f77460ba170fa7cbcf81435244eeb65babfc1772879a68307a74f,2024-11-20T12:15:18.890000 @@ -243732,7 +243732,7 @@ CVE-2024-11612,0,0,43a8546b6f6704b744b4ad0e6cd3f837ef8030a4f6b6c5a5933b6bba0c215 CVE-2024-11618,0,0,792ab788b226a2722a3426e09b749bb9acdd3d0ab845ea998dacbd90a5e66f09,2024-11-22T19:15:05.437000 CVE-2024-11619,0,0,a4838d434b8c8bb61e21ea750aab44437d9c4068a035e504d5209865637cd703,2024-11-22T21:15:17.500000 CVE-2024-1162,0,0,6517ec14e6db831ee5a33abab5e0e4729a77c306548683589462e3183aa8cdb4,2024-02-08T14:22:37.180000 -CVE-2024-11620,1,1,184e8607fcf501c6852e6fec1ad77671aca9199203aea6c47b3921b477f9272f,2024-11-28T11:15:48.533000 +CVE-2024-11620,0,0,184e8607fcf501c6852e6fec1ad77671aca9199203aea6c47b3921b477f9272f,2024-11-28T11:15:48.533000 CVE-2024-11622,0,0,9983eca95a5d42bc88a9506949841ef9afaec6eac673c24e94ea89c2baa2d6f0,2024-11-26T22:15:17.860000 CVE-2024-1163,0,0,23d47391c7884329270abc739e0d42e17852ac69017fc11ff4fa38853ad7cf71,2024-11-03T19:15:04.143000 CVE-2024-11630,0,0,124823e79cad8f52614d45dfbfa425539f468c43cf02153ebcf347d478214259,2024-11-22T22:15:13.637000 @@ -267419,19 +267419,19 @@ CVE-2024-52470,0,0,1056a8e921e929245f25b46d1b7e1a435f2ea3ebf136056d5c86cf3721d0f CVE-2024-52471,0,0,d8b300ef69bfcbcb29a9b3cfe811f085cc9237972a5d7ecbe7073758ecdf12a9,2024-11-20T15:15:11.010000 CVE-2024-52472,0,0,ce2cab3222d8b621b2ba91024fe7494b0185a8ad2ea776f56b82d385cdb5d210,2024-11-20T15:15:11.237000 CVE-2024-52473,0,0,5130e33c6a3f3d98a0fc58c19aa3c06c52bf935b44f029d120d52d53c95d1f26,2024-11-20T15:15:11.443000 -CVE-2024-52474,1,1,f35fcf6a40f916b46540ce59f11d6616c6973d4c68f74d2e36288e6d9b91ae09,2024-11-28T11:15:48.860000 -CVE-2024-52475,1,1,048f430e71cfa65b9b5c0a7120c7de2380a4c37fa4de1243200864d13928e676,2024-11-28T11:15:49.230000 +CVE-2024-52474,0,0,f35fcf6a40f916b46540ce59f11d6616c6973d4c68f74d2e36288e6d9b91ae09,2024-11-28T11:15:48.860000 +CVE-2024-52475,0,0,048f430e71cfa65b9b5c0a7120c7de2380a4c37fa4de1243200864d13928e676,2024-11-28T11:15:49.230000 CVE-2024-5248,0,0,6cfa5cec6de457c13d7096887dc7c2d8bd99f0e898238886822e69d1ee66037e,2024-11-03T17:15:14.860000 -CVE-2024-52481,1,1,f36c3b5551b68230f3193251192fab779548872795820d8881203867d93fb076,2024-11-28T11:15:49.610000 +CVE-2024-52481,0,0,f36c3b5551b68230f3193251192fab779548872795820d8881203867d93fb076,2024-11-28T11:15:49.610000 CVE-2024-5249,0,0,7881e207dd06fe76500d559735f87b1084a494789351514ee988debe74e79673,2024-10-01T14:26:17.410000 -CVE-2024-52490,1,1,2f72bf6f16e7c1ef88a5ad166ff8106f5613b7783eca5a9de13741c356393c41,2024-11-28T11:15:49.980000 -CVE-2024-52495,1,1,90a5d94a83491ba0aa9e1a9e4a4f5fe0ca98459576244f5c8b05a77af4905f58,2024-11-28T11:15:50.340000 -CVE-2024-52496,1,1,3f7e072f25a3e2e86befaba43547621d2bd70978a190ba0cbf1154b522b2b4fc,2024-11-28T11:15:50.703000 -CVE-2024-52497,1,1,2dfb67ac6989206e43becb4cadecdbbe12f14d96dff6ad787aa10ac60639df51,2024-11-28T11:15:51.137000 -CVE-2024-52498,1,1,7dc88433e35e501a5376d838b1b69e48bc75ad19918b9c65d7419f1705de80ed,2024-11-28T11:15:51.550000 -CVE-2024-52499,1,1,ab893b1d1da52473926df770d37b1bfb72a33c2a9668548c2bac1caa129bcb8a,2024-11-28T11:15:51.957000 +CVE-2024-52490,0,0,2f72bf6f16e7c1ef88a5ad166ff8106f5613b7783eca5a9de13741c356393c41,2024-11-28T11:15:49.980000 +CVE-2024-52495,0,0,90a5d94a83491ba0aa9e1a9e4a4f5fe0ca98459576244f5c8b05a77af4905f58,2024-11-28T11:15:50.340000 +CVE-2024-52496,0,0,3f7e072f25a3e2e86befaba43547621d2bd70978a190ba0cbf1154b522b2b4fc,2024-11-28T11:15:50.703000 +CVE-2024-52497,0,0,2dfb67ac6989206e43becb4cadecdbbe12f14d96dff6ad787aa10ac60639df51,2024-11-28T11:15:51.137000 +CVE-2024-52498,0,0,7dc88433e35e501a5376d838b1b69e48bc75ad19918b9c65d7419f1705de80ed,2024-11-28T11:15:51.550000 +CVE-2024-52499,0,0,ab893b1d1da52473926df770d37b1bfb72a33c2a9668548c2bac1caa129bcb8a,2024-11-28T11:15:51.957000 CVE-2024-5250,0,0,b4b370273f1fe30d94b715ad219dda570a7dcb84192abd50c3cb746299bdbb93,2024-10-01T14:33:47.727000 -CVE-2024-52501,1,1,820788b8853098079143f7490c7b02533ae4f012d58a67dd13e49f2a3e89b88a,2024-11-28T11:15:52.363000 +CVE-2024-52501,0,0,820788b8853098079143f7490c7b02533ae4f012d58a67dd13e49f2a3e89b88a,2024-11-28T11:15:52.363000 CVE-2024-52505,0,0,7c58f328eee3b40bfcef13b278250e7509b58c18af26b7fe642ca2ce116c61a9,2024-11-15T13:58:08.913000 CVE-2024-52506,0,0,9420310376fa2dd9c3501acaf4dd8ad5c343b22844be701c8938f04ee189a7d8,2024-11-19T21:57:32.967000 CVE-2024-52507,0,0,18377407544f5a86346c3ba14b439e11d26f6fdcec177783785d2e2abbc40b48,2024-11-18T17:11:56.587000 @@ -267749,12 +267749,12 @@ CVE-2024-5370,0,0,8d5901c25d38686248547e2a8832556411ad40480084c4770850db2b44d5a5 CVE-2024-5371,0,0,56fb3bd7c83fca20345b3582754dbd2980927fa93a960aec189b84900cda47f4,2024-06-04T19:21:07.077000 CVE-2024-5372,0,0,d8d2417bd06fb1324e3d48551a2db8f1959a8f0e0eac596d597fb3248c5962f3,2024-05-28T12:39:28.377000 CVE-2024-5373,0,0,723592340da8ccd8f25024820eebbe02ad7dbee30d73ac71e1bda91f01d7cbec,2024-06-04T19:21:07.183000 -CVE-2024-53731,1,1,99dd051791dffd2f845724af34a8772840a5c71c1582521ff72e80a4c7bf7aab,2024-11-28T12:15:17.107000 -CVE-2024-53732,1,1,abbc43ec9fa63a7364cd4412c8e7d50f2486ba52096e0e19343b21f95591685e,2024-11-28T11:15:52.773000 -CVE-2024-53733,1,1,a15424cb01b44014303701bb7a936a48f052e7c0ef953db6088888d4df1dbe37,2024-11-28T11:15:53.203000 -CVE-2024-53734,1,1,37c3e6c92db9c36a00157fe05bc0a9d9f21b6af783dd4ebbff0b37f8d3cb37b0,2024-11-28T11:15:53.607000 -CVE-2024-53736,1,1,0d1773df4ca6507e7342bf89a5427ae077afff2b59da69d6366120c174828401,2024-11-28T11:15:54.027000 -CVE-2024-53737,1,1,f3a335bb195dd0244d4039f558efb2c4498714f2b0074383fd7bed5cc5fa8cd2,2024-11-28T11:15:54.407000 +CVE-2024-53731,0,0,99dd051791dffd2f845724af34a8772840a5c71c1582521ff72e80a4c7bf7aab,2024-11-28T12:15:17.107000 +CVE-2024-53732,0,0,abbc43ec9fa63a7364cd4412c8e7d50f2486ba52096e0e19343b21f95591685e,2024-11-28T11:15:52.773000 +CVE-2024-53733,0,0,a15424cb01b44014303701bb7a936a48f052e7c0ef953db6088888d4df1dbe37,2024-11-28T11:15:53.203000 +CVE-2024-53734,0,0,37c3e6c92db9c36a00157fe05bc0a9d9f21b6af783dd4ebbff0b37f8d3cb37b0,2024-11-28T11:15:53.607000 +CVE-2024-53736,0,0,0d1773df4ca6507e7342bf89a5427ae077afff2b59da69d6366120c174828401,2024-11-28T11:15:54.027000 +CVE-2024-53737,0,0,f3a335bb195dd0244d4039f558efb2c4498714f2b0074383fd7bed5cc5fa8cd2,2024-11-28T11:15:54.407000 CVE-2024-5374,0,0,9590dde507302753225c45768250d14c5989d70c121d20e0bb9a4a301eeaee55,2024-05-28T12:39:28.377000 CVE-2024-5375,0,0,ee384884521ae20b595e19cb0f157171143b462efc516d82edefadc2db8af61c,2024-06-04T19:21:07.297000 CVE-2024-5376,0,0,1916e3797ba72d918b0d6b4e68154ad489313814ec55b1e1e9e1869dabc13c93,2024-06-04T19:21:07.390000 @@ -269872,6 +269872,7 @@ CVE-2024-7743,0,0,c910ec910e11d4c23506ee8328b07eddb255cd4474ff1acb5544c0f61f82b8 CVE-2024-7744,0,0,a823fbf46efee22748872648f8b5480a3798046740a751ac0d8e636240f96097,2024-09-04T17:57:51.657000 CVE-2024-7745,0,0,76afd5f7ea045361ce9735a86d41d755b802a989163b928bd26dc99f901f92cd,2024-09-04T17:57:57.637000 CVE-2024-7746,0,0,41ddc83547faacdfc7eb4febb4b7b289d12121016bfc1367db838e5c1dc32e37,2024-08-22T14:40:44.167000 +CVE-2024-7747,1,1,6890ba0dc8915f973e3fde34719ead56d45caed226f4d231a5fdb2a81cd3c720,2024-11-28T13:15:21.843000 CVE-2024-7748,0,0,60d4b25f1168a6e3bf6b3005ca4ee08f7d282f5339961b16417038ba33cf7863,2024-11-22T15:35:28.847000 CVE-2024-7749,0,0,354e0af504a73914556896f8266f64a60f01bc01e2df6d872305a00e6c15d6fe,2024-11-22T15:35:36.317000 CVE-2024-7750,0,0,ae9806ea563d7ef9ab418b33b0dd9169de6692e64ddca227f95ec3ceb4e78bc1,2024-08-19T17:48:40.913000 @@ -270309,7 +270310,7 @@ CVE-2024-8303,0,0,7d291660edacb98ef58ef33c4f7785c68c1ad74e546b2f9d99bc765dad9ef6 CVE-2024-8304,0,0,85b305b2398367dad597d38ceb56cadd779bad44eaa5caa6e4c63c6b9d707691,2024-09-19T17:39:46.687000 CVE-2024-8305,0,0,7f2e2853c5b0c9a30dde9a55993c3f1e715eb26ccf2199e46ca87bddb3c1e21f,2024-11-07T15:38:32.323000 CVE-2024-8306,0,0,8e0a05cb4cc1d2892722cafe041f9325413c92ba2fea525dcf4a3adbe1e3e801,2024-09-18T19:51:14.850000 -CVE-2024-8308,1,1,3a55d299de797bdb92dc3ac8b5e7a4051fee74bb2413c13af46159105d5c7416,2024-11-28T11:15:54.697000 +CVE-2024-8308,0,0,3a55d299de797bdb92dc3ac8b5e7a4051fee74bb2413c13af46159105d5c7416,2024-11-28T11:15:54.697000 CVE-2024-8309,0,0,6f984c3db0a6f04efe714835dcaaefc9776eb3166b663410cbc416c51d282f9f,2024-11-01T19:19:20.327000 CVE-2024-8310,0,0,7c8549a7a64d3579b34aa56e199885805550ab7f5a2102b636629253bc8a75c3,2024-09-30T12:45:57.823000 CVE-2024-8311,0,0,5b6832ab4de9e09983d490e9b9cfb24e40403bdf974bac09340ae2b77983823b,2024-09-18T19:12:52.810000 @@ -270605,7 +270606,7 @@ CVE-2024-8667,0,0,7a3b19d0bf0d1fd1a7cae46e1fcf7d6eaf00a43e65e5504b8195d4a48801a6 CVE-2024-8668,0,0,90710183c7816e44ddec8f6349762659d94ce20b0ef640d6ca49967da8f41533,2024-10-07T17:28:08.987000 CVE-2024-8669,0,0,a540528fa4f0bbb5defe17259c589787942e6df5d18ff3bf79d91bf53c9aac43,2024-09-27T16:08:15.487000 CVE-2024-8671,0,0,44eb9fc4ae83bda74c805da6c8f69132f0b0ddef607b7afc290779058022b5c0,2024-09-26T16:38:24.447000 -CVE-2024-8672,0,1,58efc1a267c28c1f39a952b20c1a293013818b8af968c4baa7602fb20245daf7,2024-11-28T10:15:08.870000 +CVE-2024-8672,0,0,58efc1a267c28c1f39a952b20c1a293013818b8af968c4baa7602fb20245daf7,2024-11-28T10:15:08.870000 CVE-2024-8675,0,0,0a13cc68010596bf1c90ba4332bda0b184424e4f46fdbd60b8270080d14a1a03,2024-10-04T13:51:25.567000 CVE-2024-8676,0,0,008b8e88841e8e64c3780ae3f5bcff892325720d29977e289c60212a896ca60d,2024-11-26T20:15:34.260000 CVE-2024-8678,0,0,4b823977a9ffc10932161c4fd2e6fd149c78199fa23b7389b49b67f658769603,2024-10-02T19:06:48.983000