admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-14T23:00:24.211071+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-14 23:00:27 +00:00
parent 1c96b7a4f3
commit 00a577387b
17 changed files with 1064 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-487xx/CVE-2023-48733.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-48733",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-02-14T22:15:47.320",
"lastModified": "2024-02-14T22:15:47.320",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137",
"source": "security@ubuntu.com"
},
{
"url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139",
"source": "security@ubuntu.com"
},
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733",
"source": "security@ubuntu.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/02/14/4",
"source": "security@ubuntu.com"
}
]
}

73
CVE-2023/CVE-2023-489xx/CVE-2023-48974.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-48974",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-08T01:15:26.963",
"lastModified": "2024-02-08T03:29:33.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:54:56.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Axigen WebMail v.10.5.7 and before allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de cross-site scripting en Axigen WebMail v.10.5.7 y anteriores permite a un atacante remoto escalar privilegios a trav\u00e9s de un script manipulado al par\u00e1metro serverName_input."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:axigen:axigen_mail_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.5.7",
"matchCriteriaId": "3716F0AF-C02F-43B0-8C4F-DAA93400AD9D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.axigen.com/mail-server/download/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.axigen.com/updates/axigen-10.3.3.61",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

55
CVE-2023/CVE-2023-497xx/CVE-2023-49721.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-49721",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-02-14T22:15:47.530",
"lastModified": "2024-02-14T22:15:47.530",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137",
"source": "security@ubuntu.com"
},
{
"url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139",
"source": "security@ubuntu.com"
},
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733",
"source": "security@ubuntu.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/02/14/4",
"source": "security@ubuntu.com"
}
]
}

68
CVE-2023/CVE-2023-69xx/CVE-2023-6925.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6925",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:57.233",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:34:04.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin (the default is editor role, but access can also be granted to contributor role), to upload arbitrary files on the affected site's server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento Unlimited Addons for WPBakery Page Builder para WordPress es vulnerable a cargas de archivos arbitrarias debido a una validaci\u00f3n insuficiente del tipo de archivo en la funci\u00f3n 'importZipFile' en versiones hasta la 1.0.42 incluida. Esto hace posible que atacantes autenticados con una funci\u00f3n a la que el administrador haya concedido previamente acceso al complemento (la funci\u00f3n predeterminada es la de editor, pero tambi\u00e9n se puede conceder acceso a la funci\u00f3n de colaborador), carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer que los atacantes remotos posible la ejecuci\u00f3n del c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:unitecms:unlimited_addons_for_wpbakery_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.42",
"matchCriteriaId": "51942E26-218E-4DB1-8A23-B84731204AEF"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/unlimited-addons-for-wpbakery-page-builder/trunk/inc_php/layouts/unitecreator_layouts_exporter.class.php?rev=2900676#L703",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a78b76d6-4068-4141-9726-7db439aa6a9f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-69xx/CVE-2023-6933.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6933",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:57.407",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:30:51.970",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."
},
{
"lang": "es",
"value": "El complemento Better Search Replace para WordPress es vulnerable a la inyecci\u00f3n de objetos PHP en todas las versiones hasta la 1.4.4 incluida, a trav\u00e9s de la deserializaci\u00f3n de entradas que no son de confianza. Esto hace posible que atacantes no autenticados inyecten un objeto PHP. No hay ninguna cadena POP presente en el complemento vulnerable. Si hay una cadena POP presente a trav\u00e9s de un complemento o tema adicional instalado en el sistema de destino, podr\u00eda permitir al atacante eliminar archivos arbitrarios, recuperar datos confidenciales o ejecutar c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpengine:better_search_replace:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.4.5",
"matchCriteriaId": "09700FD2-A714-444A-9FD6-93F32B06BD1F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/better-search-replace/trunk/includes/class-bsr-db.php#L334",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3023674/better-search-replace/trunk/includes/class-bsr-db.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/895f2db1-a2ed-4a17-a4f6-cd13ee8f84af?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-69xx/CVE-2023-6953.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6953",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-05T22:15:57.587",
"lastModified": "2024-02-06T01:00:55.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:25:10.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The PDF Generator For Fluent Forms \u2013 The Contact Form Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the header, PDF body and footer content parameters in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The exploitation level depends on who is granted the right to create forms by an administrator. This level can be as low as contributor, but by default is admin."
},
{
"lang": "es",
"value": "El complemento PDF Generator For Fluent Forms \u2013 The Contact Form Plugin para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los par\u00e1metros de contenido del encabezado, el cuerpo del PDF y el pie de p\u00e1gina en todas las versiones hasta la 1.1.7 incluida, debido a una sanitizaci\u00f3n de entrada insuficiente y salida que se escapa. Esto hace posible que los atacantes inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. El nivel de explotaci\u00f3n depende de a qui\u00e9n un administrador le concede el derecho de crear formularios. Este nivel puede ser tan bajo como colaborador, pero de forma predeterminada es administrador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmanageninja:pdf_generator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.8",
"matchCriteriaId": "03E3AD11-D26F-4295-A9D0-7A515232BCF7"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023486%40fluentforms-pdf%2Ftrunk&old=2929799%40fluentforms-pdf%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b6675c48-43d4-4394-a4a3-f753bdaa5c4e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-13xx/CVE-2024-1367.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1367",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-02-14T22:15:47.753",
"lastModified": "2024-02-14T22:15:47.753",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to the execution of arbitrary code on the Security Center host. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/tns-2024-02",
"source": "vulnreport@tenable.com"
}
]
}

55
CVE-2024/CVE-2024-14xx/CVE-2024-1471.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1471",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-02-14T22:15:47.953",
"lastModified": "2024-02-14T22:15:47.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAn HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/tns-2024-02",
"source": "vulnreport@tenable.com"
}
]
}

70
CVE-2024/CVE-2024-220xx/CVE-2024-22021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22021",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-02-07T01:15:08.320",
"lastModified": "2024-02-07T13:41:21.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:09:14.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "support@hackerone.com",
@ -38,10 +60,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:veeam:availability_orchestrator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7173B6BA-2373-4A7B-8B4B-700198F7FAD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:veeam:disaster_recovery_orchestrator:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C71310C-CACF-4575-AB51-D6B747C09F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:veeam:recovery_orchestrator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD6C8BF-9CAA-44C7-B621-3EBECEEDCD0B"
}
]
}
]
}
],
"references": [
{
"url": "https://veeam.com/kb4541",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

177
CVE-2024/CVE-2024-223xx/CVE-2024-22394.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2024-22394",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2024-02-08T02:15:07.620",
"lastModified": "2024-02-08T03:29:33.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:46:40.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.\u00a0\n\nThis issue affects only firmware version SonicOS 7.1.1-7040.\n\n"
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de autenticaci\u00f3n incorrecta en la funci\u00f3n SSL-VPN de SonicWall SonicOS, que en condiciones espec\u00edficas podr\u00eda permitir que un atacante remoto omita la autenticaci\u00f3n. Este problema afecta \u00fanicamente a la versi\u00f3n de firmware SonicOS 7.1.1-7040."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
@ -23,10 +60,142 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sonicwall:sonicos:7.1.1-7040:*:*:*:*:*:*:*",
"matchCriteriaId": "10C8F8FE-C22C-4CE0-86AE-D247042A41DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:t2270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB8E979-629B-48DF-BA96-40D9EF197732"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003",
"source": "PSIRT@sonicwall.com"
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-241xx/CVE-2024-24115.json
View File

@ -2,18 +2,22 @@
"id": "CVE-2024-24115",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-08T20:15:52.933",
"lastModified": "2024-02-08T21:03:22.000",
"lastModified": "2024-02-14T22:15:48.210",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) almacenado en la funci\u00f3n Editar p\u00e1gina de Cotonti CMS v0.9.24 permite a atacantes autenticados ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado."
}
],
"metrics": {},
"references": [
{
"url": "https://mechaneus.github.io/CVE-PENDING-COTONTI.html",
"url": "https://mechaneus.github.io/CVE-2024-24115.html",
"source": "cve@mitre.org"
}
]

65
CVE-2024/CVE-2024-243xx/CVE-2024-24311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24311",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-07T09:15:16.053",
"lastModified": "2024-02-07T13:41:11.463",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:39:26.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "Vulnerabilidad de Path Traversal en el m\u00f3dulo de L\u00ednea Gr\u00e1fica \"Multilingual and Multistore Sitemap Pro - SEO\" (lgsitemaps) para PrestaShop anterior a la versi\u00f3n 1.6.6, un invitado puede descargar informaci\u00f3n personal sin restricciones."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lineagrafica:multilingual_and_multistore_sitemap_pro:*:*:*:*:*:prestashop:*:*",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "0D220A6F-0F6B-4A4D-A930-3C372D5C6DDB"
}
]
}
]
}
],
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2024/02/06/lgsitemaps.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-243xx/CVE-2024-24350.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2024-24350",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-08T01:15:27.247",
"lastModified": "2024-02-08T03:29:33.180",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-14T21:53:21.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component."
},
{
"lang": "es",
"value": "Vulnerabilidad de carga de archivos en Software Publico e-Sic Livre v.2.0 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente de filtrado de extensi\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softwarepublico:e-sic_livre:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "02058B89-596E-4FC5-B787-0CDC3881312C"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/viniciuspinheiros/4e53b297fd6466cf12d01867ee1c9c33",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://medium.com/%40viniciuspinheiros/e-sic-livre-2-0-authenticated-file-upload-leads-to-remote-code-execution-rce-5937c9537258",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2024/CVE-2024-256xx/CVE-2024-25617.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-25617",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-14T21:15:08.197",
"lastModified": "2024-02-14T21:15:08.197",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote client or a remote server to perform Denial of Service when sending oversized headers in HTTP messages. In versions of Squid prior to 6.5 this can be achieved if the request_header_max_size or reply_header_max_size settings are unchanged from the default. In Squid version 6.5 and later, the default setting of these parameters is safe. Squid will emit a critical warning in cache.log if the administrator is setting these parameters to unsafe values. Squid will not at this time prevent these settings from being changed to unsafe values. Users are advised to upgrade to version 6.5. There are no known workarounds for this vulnerability. This issue is also tracked as SQUID-2024:2 "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-182"
},
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://github.com/squid-cache/squid/commit/72a3bbd5e431597c3fdb56d752bc56b010ba3817",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-h5x6-w8mv-xfpr",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-256xx/CVE-2024-25618.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-25618",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-14T21:15:08.410",
"lastModified": "2024-02-14T21:15:08.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows new identities from configured authentication providers (CAS, SAML, OIDC) to attach to existing local users with the same e-mail address. This results in a possible account takeover if the authentication provider allows changing the e-mail address or multiple authentication providers are configured. When a user logs in through an external authentication provider for the first time, Mastodon checks the e-mail address passed by the provider to find an existing account. However, using the e-mail address alone means that if the authentication provider allows changing the e-mail address of an account, the Mastodon account can immediately be hijacked. All users logging in through external authentication providers are affected. The severity is medium, as it also requires the external authentication provider to misbehave. However, some well-known OIDC providers (like Microsoft Azure) make it very easy to accidentally allow unverified e-mail changes. Moreover, OpenID Connect also allows dynamic client registration. This issue has been addressed in versions 4.2.6, 4.1.14, 4.0.14, and 3.5.18. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/mastodon/mastodon/commit/b31af34c9716338e4a32a62cc812d1ca59e88d15",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-vm39-j3vx-pch3",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2024/CVE-2024-256xx/CVE-2024-25619.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-25619",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-14T21:15:08.620",
"lastModified": "2024-02-14T21:15:08.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mastodon is a free, open-source social network server based on ActivityPub. When an OAuth Application is destroyed, the streaming server wasn't being informed that the Access Tokens had also been destroyed, this could have posed security risks to users by allowing an application to continue listening to streaming after the application had been destroyed. Essentially this comes down to the fact that when Doorkeeper sets up the relationship between Applications and Access Tokens, it uses a `dependent: delete_all` configuration, which means the `after_commit` callback setup on `AccessTokenExtension` didn't actually fire, since `delete_all` doesn't trigger ActiveRecord callbacks. To mitigate, we need to add a `before_destroy` callback to `ApplicationExtension` which announces to streaming that all the Application's Access Tokens are being \"killed\". Impact should be negligible given the affected application had to be owned by the user. None the less this issue has been addressed in versions 4.2.6, 4.1.14, 4.0.14, and 3.5.18. Users are advised to upgrade. There are no known workaround for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
},
{
"lang": "en",
"value": "CWE-672"
}
]
}
],
"references": [
{
"url": "https://github.com/mastodon/mastodon/commit/68eaa804c9bafdc5f798e114e9ba00161425dd71",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-7w3c-p9j8-mq3x",
"source": "security-advisories@github.com"
}
]
}

56
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-14T21:00:33.250916+00:00
2024-02-14T23:00:24.211071+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-14T20:59:09.660000+00:00
2024-02-14T22:15:48.210000+00:00
```
### Last Data Feed Release
@ -29,51 +29,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238592
238599
```
### CVEs added in the last Commit
Recently added CVEs: `7`
* [CVE-2023-48229](CVE-2023/CVE-2023-482xx/CVE-2023-48229.json) (`2024-02-14T19:15:08.893`)
* [CVE-2023-50926](CVE-2023/CVE-2023-509xx/CVE-2023-50926.json) (`2024-02-14T20:15:45.163`)
* [CVE-2023-50927](CVE-2023/CVE-2023-509xx/CVE-2023-50927.json) (`2024-02-14T20:15:45.367`)
* [CVE-2024-25300](CVE-2024/CVE-2024-253xx/CVE-2024-25300.json) (`2024-02-14T19:15:10.213`)
* [CVE-2024-25301](CVE-2024/CVE-2024-253xx/CVE-2024-25301.json) (`2024-02-14T19:15:10.277`)
* [CVE-2024-1482](CVE-2024/CVE-2024-14xx/CVE-2024-1482.json) (`2024-02-14T20:15:45.690`)
* [CVE-2024-25165](CVE-2024/CVE-2024-251xx/CVE-2024-25165.json) (`2024-02-14T20:15:46.057`)
* [CVE-2023-48733](CVE-2023/CVE-2023-487xx/CVE-2023-48733.json) (`2024-02-14T22:15:47.320`)
* [CVE-2023-49721](CVE-2023/CVE-2023-497xx/CVE-2023-49721.json) (`2024-02-14T22:15:47.530`)
* [CVE-2024-25617](CVE-2024/CVE-2024-256xx/CVE-2024-25617.json) (`2024-02-14T21:15:08.197`)
* [CVE-2024-25618](CVE-2024/CVE-2024-256xx/CVE-2024-25618.json) (`2024-02-14T21:15:08.410`)
* [CVE-2024-25619](CVE-2024/CVE-2024-256xx/CVE-2024-25619.json) (`2024-02-14T21:15:08.620`)
* [CVE-2024-1367](CVE-2024/CVE-2024-13xx/CVE-2024-1367.json) (`2024-02-14T22:15:47.753`)
* [CVE-2024-1471](CVE-2024/CVE-2024-14xx/CVE-2024-1471.json) (`2024-02-14T22:15:47.953`)
### CVEs modified in the last Commit
Recently modified CVEs: `34`
Recently modified CVEs: `9`
* [CVE-2024-1037](CVE-2024/CVE-2024-10xx/CVE-2024-1037.json) (`2024-02-14T19:09:45.253`)
* [CVE-2024-1267](CVE-2024/CVE-2024-12xx/CVE-2024-1267.json) (`2024-02-14T19:11:41.217`)
* [CVE-2024-1266](CVE-2024/CVE-2024-12xx/CVE-2024-1266.json) (`2024-02-14T19:12:16.803`)
* [CVE-2024-21357](CVE-2024/CVE-2024-213xx/CVE-2024-21357.json) (`2024-02-14T19:15:09.520`)
* [CVE-2024-0256](CVE-2024/CVE-2024-02xx/CVE-2024-0256.json) (`2024-02-14T19:17:28.387`)
* [CVE-2024-1079](CVE-2024/CVE-2024-10xx/CVE-2024-1079.json) (`2024-02-14T19:33:09.977`)
* [CVE-2024-24303](CVE-2024/CVE-2024-243xx/CVE-2024-24303.json) (`2024-02-14T19:38:18.727`)
* [CVE-2024-1255](CVE-2024/CVE-2024-12xx/CVE-2024-1255.json) (`2024-02-14T19:40:00.650`)
* [CVE-2024-22520](CVE-2024/CVE-2024-225xx/CVE-2024-22520.json) (`2024-02-14T19:45:35.337`)
* [CVE-2024-22519](CVE-2024/CVE-2024-225xx/CVE-2024-22519.json) (`2024-02-14T19:47:52.893`)
* [CVE-2024-22667](CVE-2024/CVE-2024-226xx/CVE-2024-22667.json) (`2024-02-14T19:49:17.490`)
* [CVE-2024-24860](CVE-2024/CVE-2024-248xx/CVE-2024-24860.json) (`2024-02-14T19:50:10.803`)
* [CVE-2024-22567](CVE-2024/CVE-2024-225xx/CVE-2024-22567.json) (`2024-02-14T19:54:19.663`)
* [CVE-2024-24304](CVE-2024/CVE-2024-243xx/CVE-2024-24304.json) (`2024-02-14T19:54:48.247`)
* [CVE-2024-23447](CVE-2024/CVE-2024-234xx/CVE-2024-23447.json) (`2024-02-14T20:02:00.753`)
* [CVE-2024-23446](CVE-2024/CVE-2024-234xx/CVE-2024-23446.json) (`2024-02-14T20:10:24.323`)
* [CVE-2024-24810](CVE-2024/CVE-2024-248xx/CVE-2024-24810.json) (`2024-02-14T20:12:54.643`)
* [CVE-2024-25003](CVE-2024/CVE-2024-250xx/CVE-2024-25003.json) (`2024-02-14T20:15:45.910`)
* [CVE-2024-25004](CVE-2024/CVE-2024-250xx/CVE-2024-25004.json) (`2024-02-14T20:15:45.980`)
* [CVE-2024-24812](CVE-2024/CVE-2024-248xx/CVE-2024-24812.json) (`2024-02-14T20:22:02.537`)
* [CVE-2024-24811](CVE-2024/CVE-2024-248xx/CVE-2024-24811.json) (`2024-02-14T20:26:39.143`)
* [CVE-2024-24130](CVE-2024/CVE-2024-241xx/CVE-2024-24130.json) (`2024-02-14T20:38:39.543`)
* [CVE-2024-1268](CVE-2024/CVE-2024-12xx/CVE-2024-1268.json) (`2024-02-14T20:39:19.037`)
* [CVE-2024-20932](CVE-2024/CVE-2024-209xx/CVE-2024-20932.json) (`2024-02-14T20:46:22.083`)
* [CVE-2024-22388](CVE-2024/CVE-2024-223xx/CVE-2024-22388.json) (`2024-02-14T20:59:09.660`)
* [CVE-2023-6953](CVE-2023/CVE-2023-69xx/CVE-2023-6953.json) (`2024-02-14T21:25:10.357`)
* [CVE-2023-6933](CVE-2023/CVE-2023-69xx/CVE-2023-6933.json) (`2024-02-14T21:30:51.970`)
* [CVE-2023-6925](CVE-2023/CVE-2023-69xx/CVE-2023-6925.json) (`2024-02-14T21:34:04.607`)
* [CVE-2023-48974](CVE-2023/CVE-2023-489xx/CVE-2023-48974.json) (`2024-02-14T21:54:56.907`)
* [CVE-2024-22021](CVE-2024/CVE-2024-220xx/CVE-2024-22021.json) (`2024-02-14T21:09:14.993`)
* [CVE-2024-24311](CVE-2024/CVE-2024-243xx/CVE-2024-24311.json) (`2024-02-14T21:39:26.980`)
* [CVE-2024-22394](CVE-2024/CVE-2024-223xx/CVE-2024-22394.json) (`2024-02-14T21:46:40.537`)
* [CVE-2024-24350](CVE-2024/CVE-2024-243xx/CVE-2024-24350.json) (`2024-02-14T21:53:21.057`)
* [CVE-2024-24115](CVE-2024/CVE-2024-241xx/CVE-2024-24115.json) (`2024-02-14T22:15:48.210`)
## Download and Usage