admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-25T21:00:24.971063+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-25 21:00:28 +00:00
parent 73b6fec192
commit 04d9a24238
78 changed files with 2594 additions and 318 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
CVE-2004/CVE-2004-18xx/CVE-2004-1852.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2004-1852",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-03-23T05:00:00.000",
"lastModified": "2017-07-11T01:31:24.403",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:57:57.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -44,7 +44,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-319"
}
]
}
@ -58,33 +58,17 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dameware_development:mini_remote_control_server:3.70_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77FC1534-2AD0-43E8-A706-7158F3BB6832"
"criteria": "cpe:2.3:a:solarwinds:dameware_mini_remote_control:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0",
"versionEndExcluding": "3.74",
"matchCriteriaId": "E7EC239C-1358-4A4F-A7D6-34B715B241D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dameware_development:mini_remote_control_server:3.71_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F574913E-1713-49EC-A996-B259E8FEAC40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dameware_development:mini_remote_control_server:3.72_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "223D4A90-BDAF-4CCD-A59E-253C7D1BE3A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dameware_development:mini_remote_control_server:3.73_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD07F5E-8EC9-4E4B-BDC5-F3585780C8C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dameware_development:mini_remote_control_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8A0D9C-CC8C-419E-8985-49BF866527B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dameware_development:mini_remote_control_server:4.1_.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFCB0A0-A373-4934-9947-86E73BC67EC8"
"criteria": "cpe:2.3:a:solarwinds:dameware_mini_remote_control:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "4.2",
"matchCriteriaId": "49B9CA37-16F3-4847-9DA5-14BB582582F7"
}
]
}
@ -94,12 +78,28 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=108016344224973&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/11205",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1009557",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
},
@ -107,7 +107,15 @@
"url": "http://www.dameware.com/support/security/bulletin.asp?ID=SB3",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Product",
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/4547",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
@ -115,13 +123,20 @@
"url": "http://www.securityfocus.com/bid/9959",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15586",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

65
CVE-2005/CVE-2005-31xx/CVE-2005-3140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-3140",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-10-05T21:02:00.000",
"lastModified": "2016-10-18T03:33:06.610",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:58:37.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -44,22 +66,34 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:procom:netforce_800_firmware:4.02:m10:*:*:*:*:*:*",
"matchCriteriaId": "A506BCAF-7025-4C42-BF99-D8D09051E2A1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:procom_technology:netforce:800_4.2_m10_build20:*:*:*:*:*:*:*",
"matchCriteriaId": "59D9400D-9574-4565-BFF7-A39F7EB56764"
"criteria": "cpe:2.3:h:procom:netforce_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB21CDD8-08B0-460A-A3E4-98943C9B685F"
}
]
}
@ -69,11 +103,28 @@
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=112818351032426&w=2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/17033/",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/14997",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

31
CVE-2007/CVE-2007-47xx/CVE-2007-4786.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2007-4786",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-09-10T21:17:00.000",
"lastModified": "2023-08-11T19:03:30.373",
"lastModified": "2024-01-25T20:59:39.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-255"
"value": "CWE-319"
}
]
}
@ -105,6 +127,7 @@
"url": "http://secunia.com/advisories/26677",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
@ -112,6 +135,7 @@
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
@ -135,6 +159,7 @@
"url": "http://www.securityfocus.com/bid/25548",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -143,6 +168,7 @@
"url": "http://www.securitytracker.com/id?1018660",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -151,6 +177,7 @@
"url": "http://www.vupen.com/english/advisories/2007/3076",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},

94
CVE-2008/CVE-2008-03xx/CVE-2008-0374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-0374",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-01-22T20:00:00.000",
"lastModified": "2018-10-15T21:59:11.017",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:41:45.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,13 +70,14 @@
"description": [
{
"lang": "en",
"value": "CWE-310"
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -62,23 +85,19 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:oki_printing_solutions:c5510_mfp_printer:cu_h2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "964CF56F-E508-43F1-8A38-6E317EEB2F3C"
},
"criteria": "cpe:2.3:o:oki:c5510mfp_firmware:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "C5362609-08DD-42AC-811A-52F59ABF6576"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:oki_printing_solutions:c5510_mfp_printer:pu_01.03.01:*:*:*:*:*:*:*",
"matchCriteriaId": "85B01403-5AD0-4392-A972-378264273E41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:oki_printing_solutions:c5510_mfp_printer:system_fw_1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "083B70EA-6BDC-4CE6-8A18-AC6B148DB80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:oki_printing_solutions:c5510_mfp_printer:web_page_1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE3CC28-CC95-4C06-9682-696DD3DA1863"
"vulnerable": false,
"criteria": "cpe:2.3:h:oki:c5510mfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1AF628-BB40-454B-85B0-B39047E75F52"
}
]
}
@ -86,25 +105,52 @@
}
],
"references": [
{
"url": "http://secunia.com/advisories/28553",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/3569",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.csnc.ch/en/modules/news/news_0004.html_1394092626.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.securityfocus.com/archive/1/486511/100/0/threaded",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/27339",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39775",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
]
}
]
}

75
CVE-2008/CVE-2008-32xx/CVE-2008-3289.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-3289",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-07-24T17:41:00.000",
"lastModified": "2018-10-11T20:47:51.943",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:43:11.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-319"
}
]
}
@ -62,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:emc_dantz:retrospect_backup_client:7.5.116:*:*:*:*:*:*:*",
"matchCriteriaId": "BF365E84-EFA2-4605-945B-A628C8282F7D"
"criteria": "cpe:2.3:a:storcentric:retrospect_backup_client:7.5.116:*:*:*:*:-:*:*",
"matchCriteriaId": "20456311-7EC0-433D-AF55-253AEC29FA03"
}
]
}
@ -73,37 +95,68 @@
"references": [
{
"url": "http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/31186",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/4025",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.fortiguardcenter.com/advisory/FGA-2008-16.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch"
]
},
{
"url": "http://www.securityfocus.com/archive/1/494560/100/0/threaded",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/30308",
"source": "cve@mitre.org",
"tags": [
"Patch"
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2150/references",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43930",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

56
CVE-2008/CVE-2008-41xx/CVE-2008-4122.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-4122",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-12-19T17:30:02.907",
"lastModified": "2018-10-11T20:51:00.800",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:55:42.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-310"
"value": "CWE-319"
}
]
}
@ -62,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joomla:joomla:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5F155C3B-AAF5-4393-A964-E655113D84DE"
"criteria": "cpe:2.3:a:joomla:joomla\\!:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "466E5E84-4C69-49F2-83DA-FC86202DB7F4"
}
]
}
@ -73,19 +95,35 @@
"references": [
{
"url": "http://int21.de/cve/CVE-2008-4122-joomla.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/4794",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/499295/100/0/threaded",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/archive/1/499354/100/0/threaded",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

75
CVE-2008/CVE-2008-43xx/CVE-2008-4390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-4390",
"sourceIdentifier": "cret@cert.org",
"published": "2008-12-09T00:30:00.237",
"lastModified": "2009-08-20T05:21:16.663",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:50:10.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
@ -48,13 +70,14 @@
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -62,14 +85,20 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:wvc54gc:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.19",
"matchCriteriaId": "C882AB42-F04C-4968-A9C9-035A7411153E"
},
"criteria": "cpe:2.3:o:cisco:linksys_wvc54gc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.25",
"matchCriteriaId": "AB178094-7CC3-466B-981D-1E68979F41E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:wvc54gc:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "39AE4F03-2623-476F-BFBF-5D458432BAEC"
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:linksys_wvc54gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0698E417-EEDE-40E4-AAD5-CF890FC7BEB1"
}
]
}
@ -77,25 +106,45 @@
}
],
"references": [
{
"url": "http://secunia.com/advisories/33032",
"source": "cret@cert.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/528993",
"source": "cret@cert.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/MAPG-7HJKSA",
"source": "cret@cert.org"
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.linksys.com/servlet/Satellite?blobcol=urldata&blobheadername1=Content-Type&blobheadername2=Content-Disposition&blobheadervalue1=text%2Fplain&blobheadervalue2=inline%3B+filename%3DWVC54GC-V1.0_non-RoHS-v1.25_fw_ver.txt&blobkey=id&blobtable=MungoBlobs&blobwhere=1193776031728&ssbinary=true&lid=8104724130B17",
"source": "cret@cert.org"
"source": "cret@cert.org",
"tags": [
"Product"
]
},
{
"url": "http://www.securityfocus.com/bid/32666",
"source": "cret@cert.org"
"source": "cret@cert.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

4
CVE-2021/CVE-2021-37xx/CVE-2021-3784.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3784",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T16:15:09.940",
"lastModified": "2023-12-19T15:15:07.850",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:33:55.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

12
CVE-2021/CVE-2021-42xx/CVE-2021-4245.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4245",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-15T20:15:09.783",
"lastModified": "2023-11-07T03:40:25.713",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:40:00.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The exploit has been disclosed to the public and may be used. The name of the patch is c006ce9faa43d31edb34924f1df7b79c137096cf. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215883."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en chbrown rfc6902 y clasificada como problem\u00e1tica. Una parte desconocida del archivo pointer.ts afecta a esta vulnerabilidad. La manipulaci\u00f3n conduce a una modificaci\u00f3n controlada inadecuadamente de los atributos del prototipo del objeto (\"prototype pollution\"). La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El nombre del parche es c006ce9faa43d31edb34924f1df7b79c137096cf. Se recomienda aplicar un parche para solucionar este problema. El identificador asociado de esta vulnerabilidad es VDB-215883."
}
],
"metrics": {
@ -33,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -66,7 +70,7 @@
]
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{

22
CVE-2021/CVE-2021-42xx/CVE-2021-4257.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4257",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-18T22:15:10.623",
"lastModified": "2023-11-07T03:40:27.327",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:40:48.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ctrlo lenio. It has been declared as problematic. This vulnerability affects unknown code of the file views/task.tt of the component Task Handler. The manipulation of the argument site.org.name/check.name/task.tasktype.name/task.name leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 698c5fa465169d6f23c6a41ca4b1fc9a7869013a. It is recommended to apply a patch to fix this issue. VDB-216214 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en ctrlo lenio. Ha sido declarada problem\u00e1tica. Una vulnerabilidad afecta a un c\u00f3digo desconocido del archivo views/task.tt del componente Task Handler. La manipulaci\u00f3n del argumento site.org.name/check.name/task.tasktype.name/task.name conduce a Cross-Site Scripting. El ataque se puede iniciar de forma remota. El nombre del parche es 698c5fa465169d6f23c6a41ca4b1fc9a7869013a. Se recomienda aplicar un parche para solucionar este problema. VDB-216214 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
@ -33,7 +37,7 @@
"impactScore": 2.7
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -56,8 +60,18 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2022/CVE-2022-21xx/CVE-2022-2127.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2127",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.183",
"lastModified": "2023-12-27T22:05:25.597",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:34.893",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -189,6 +189,10 @@
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0423",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2022-2127",
"source": "secalert@redhat.com",

16
CVE-2022/CVE-2022-42xx/CVE-2022-4277.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-4277",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-03T18:15:09.987",
"lastModified": "2023-11-07T03:57:23.590",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:37:48.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Shaoxing Background Management System. It has been declared as critical. This vulnerability affects unknown code of the file /Default/Bd. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214774 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Shaoxing Background Management System. Ha sido declarada cr\u00edtica. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /Default/Bd. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-214774 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
@ -33,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -66,7 +70,7 @@
]
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
@ -85,8 +89,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:background_management_system_project:background_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26F09802-5C61-4EB4-84FC-AD605F65FDCE"
"criteria": "cpe:2.3:a:xsjczx:background_management_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D269F402-17A4-40C1-A67D-AFCADE0CC5A8"
}
]
}

22
CVE-2022/CVE-2022-42xx/CVE-2022-4281.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-4281",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-05T07:15:10.223",
"lastModified": "2023-11-07T03:57:24.670",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:23:56.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Facepay 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /face-recognition-php/facepay-master/camera.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento userId conduce a la omisi\u00f3n de autorizaci\u00f3n. El ataque se puede lanzar de forma remota. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-214789."
}
],
"metrics": {
@ -33,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -56,8 +60,18 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",

27
CVE-2022/CVE-2022-45xx/CVE-2022-4523.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-4523",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-15T21:15:12.933",
"lastModified": "2023-11-07T03:58:04.280",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:40:07.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in vexim2. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 21c0a60d12e9d587f905cd084b2c70f9b1592065. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215903."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en vexim2 y clasificada como problem\u00e1tica. Este problema afecta alg\u00fan procesamiento desconocido. La manipulaci\u00f3n conduce a Cross-Site Scripting. El ataque puede iniciarse de forma remota. El nombre del parche es 21c0a60d12e9d587f905cd084b2c70f9b1592065. Se recomienda aplicar un parche para solucionar este problema. El identificador asociado de esta vulnerabilidad es VDB-215903."
}
],
"metrics": {
@ -33,7 +37,7 @@
"impactScore": 2.7
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -56,8 +60,18 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -75,8 +89,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:virtual_exim_project:virtual_exim_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "491D51B3-9C81-4611-AC0C-626B18AA6337"
"criteria": "cpe:2.3:a:virtual_exim_project:virtual_exim_2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022-01-23",
"matchCriteriaId": "A99C9A61-3E9D-491F-A281-827B412ED68F"
}
]
}

12
CVE-2022/CVE-2022-45xx/CVE-2022-4565.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-4565",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-16T19:15:08.977",
"lastModified": "2023-11-07T03:58:10.987",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:40:35.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.8.11 is able to address this issue. It is recommended to upgrade the affected component. VDB-215974 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Dromara HuTool hasta 5.8.10 y clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo cn.hutool.core.util.ZipUtil.java. La manipulaci\u00f3n conduce al consumo de recursos. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 5.8.11 puede solucionar este problema. Se recomienda actualizar el componente afectado. VDB-215974 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
@ -33,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -66,7 +70,7 @@
]
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{

22
CVE-2022/CVE-2022-45xx/CVE-2022-4597.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-4597",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-18T11:15:10.560",
"lastModified": "2023-11-07T03:58:18.040",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:40:44.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Shoplazza LifeStyle 1.1. Affected is an unknown function of the file /admin/api/admin/v2_products of the component Create Product Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216192."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Shoplazza LifeStyle 1.1 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /admin/api/admin/v2_products del componente Create Product Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a Cross-Site Scripting. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-216192."
}
],
"metrics": {
@ -33,7 +37,7 @@
"impactScore": 2.7
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -56,8 +60,18 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2023/CVE-2023-255xx/CVE-2023-25529.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-25529",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-09-20T01:15:53.497",
"lastModified": "2023-09-22T17:17:26.360",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T19:15:08.027",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user\u2019s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering."
"value": "NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user\u2019s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering."
},
{
"lang": "es",
@ -117,6 +117,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510",
"source": "psirt@nvidia.com"
}
]
}

6
CVE-2023/CVE-2023-30xx/CVE-2023-3019.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3019",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:12.253",
"lastModified": "2024-01-10T15:15:08.633",
"lastModified": "2024-01-25T20:15:35.763",
"vulnStatus": "Modified",
"descriptions": [
{
@ -123,6 +123,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:0135",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0404",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3019",
"source": "secalert@redhat.com",

4
CVE-2023/CVE-2023-31xx/CVE-2023-3181.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3181",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2024-01-25T16:15:07.400",
"lastModified": "2024-01-25T16:15:07.400",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-349xx/CVE-2023-34966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34966",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.333",
"lastModified": "2023-12-27T22:06:19.453",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:35.050",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -183,6 +183,10 @@
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0423",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-34966",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-349xx/CVE-2023-34967.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34967",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.410",
"lastModified": "2023-12-27T22:06:24.227",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:35.203",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -183,6 +183,10 @@
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0423",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-34967",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-349xx/CVE-2023-34968.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34968",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.540",
"lastModified": "2023-12-28T14:38:56.397",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:35.400",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -178,6 +178,10 @@
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0423",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-34968",
"source": "secalert@redhat.com",

22
CVE-2023/CVE-2023-35xx/CVE-2023-3567.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3567",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:12.990",
"lastModified": "2023-11-29T15:15:08.000",
"lastModified": "2024-01-25T20:15:36.107",
"vulnStatus": "Modified",
"descriptions": [
{
@ -192,6 +192,26 @@
"url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0412",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0431",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0432",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0439",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0448",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3567",
"source": "secalert@redhat.com",

6
CVE-2023/CVE-2023-375xx/CVE-2023-37572.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-37572",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-05T06:15:48.617",
"lastModified": "2023-12-11T15:34:02.400",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:35.540",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service."
"value": "Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted."
},
{
"lang": "es",

6
CVE-2023/CVE-2023-37xx/CVE-2023-3772.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3772",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-25T16:15:11.660",
"lastModified": "2024-01-11T19:15:10.697",
"lastModified": "2024-01-25T20:15:36.360",
"vulnStatus": "Modified",
"descriptions": [
{
@ -197,6 +197,10 @@
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0412",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3772",
"source": "secalert@redhat.com",

20
CVE-2023/CVE-2023-382xx/CVE-2023-38235.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38235",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-08-10T14:15:13.680",
"lastModified": "2023-09-14T13:15:09.280",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:24:34.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 23.003.20244 (y anteriores) y 20.005.30467 (y anteriores) de Adobe Acrobat Reader est\u00e1n afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario en el sentido de que una v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -56,7 +60,7 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -64,6 +68,16 @@
"value": "CWE-125"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

10
CVE-2023/CVE-2023-38xx/CVE-2023-3812.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3812",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:13.337",
"lastModified": "2024-01-25T08:15:09.043",
"lastModified": "2024-01-25T20:15:36.750",
"vulnStatus": "Modified",
"descriptions": [
{
@ -244,6 +244,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:0378",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0412",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0461",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3812",
"source": "secalert@redhat.com",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39169",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-07T15:15:07.777",
"lastModified": "2023-12-14T15:15:07.950",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:34:50.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

10
CVE-2023/CVE-2023-391xx/CVE-2023-39191.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39191",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T19:15:10.210",
"lastModified": "2024-01-25T08:15:08.770",
"lastModified": "2024-01-25T20:15:35.643",
"vulnStatus": "Modified",
"descriptions": [
{
@ -137,6 +137,14 @@
"url": "https://access.redhat.com/errata/RHSA-2024:0381",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0439",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0448",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-39191",
"source": "secalert@redhat.com",

72
CVE-2023/CVE-2023-39xx/CVE-2023-3935.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3935",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-09-13T14:15:09.147",
"lastModified": "2023-09-19T08:15:44.727",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:24:58.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -68,6 +68,16 @@
"value": "CWE-787"
}
]
},
{
"source": "info@cert.vde.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
@ -211,6 +221,57 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:activation_wizard:*:*:*:*:*:moryx:*:*",
"versionEndIncluding": "1.6",
"matchCriteriaId": "E8198A71-1EA7-4DAC-8D4F-EB646A0DC635"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:e-mobility_charging_suite:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.7.0",
"matchCriteriaId": "2B2B109F-41E0-4CC9-9F9F-F1AD06E1EA77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:fl_network_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.0",
"matchCriteriaId": "C8751F63-3D03-434A-BF4E-67320F6672FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:iol-conf:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.7.0",
"matchCriteriaId": "907E5EB3-8346-4371-9CFF-0F885CC0529E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:module_type_package_designer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.0",
"matchCriteriaId": "C9659319-4AEC-4112-9EAC-7892C0A37AA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:module_type_package_designer:1.2.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "BB44DD6D-7685-4346-91BC-30CB9531982A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023.6",
"matchCriteriaId": "170FABD2-23D5-4885-AA09-B4130F945564"
}
]
}
]
}
],
"references": [
@ -223,7 +284,10 @@
},
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-030/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-031/",

4
CVE-2023/CVE-2023-405xx/CVE-2023-40547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40547",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T16:15:07.717",
"lastModified": "2024-01-25T16:15:07.717",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

16
CVE-2023/CVE-2023-40xx/CVE-2023-4001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4001",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T11:15:08.270",
"lastModified": "2024-01-23T19:29:20.947",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:37.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -140,6 +140,18 @@
"Mailing List"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0437",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0456",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0468",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4001",
"source": "secalert@redhat.com",

20
CVE-2023/CVE-2023-414xx/CVE-2023-41474.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-41474",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T20:15:36.993",
"lastModified": "2024-01-25T20:15:36.993",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/JBalanza/CVE-2023-41474",
"source": "cve@mitre.org"
}
]
}

18
CVE-2023/CVE-2023-427xx/CVE-2023-42753.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-42753",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-25T21:15:15.923",
"lastModified": "2024-01-25T08:15:09.633",
"lastModified": "2024-01-25T20:15:37.117",
"vulnStatus": "Modified",
"descriptions": [
{
@ -211,6 +211,22 @@
"url": "https://access.redhat.com/errata/RHSA-2024:0378",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0402",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0403",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0412",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0461",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-42753",
"source": "secalert@redhat.com",

74
CVE-2023/CVE-2023-439xx/CVE-2023-43985.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-43985",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.317",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:07:56.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que SunnyToo stblogsearch hasta v1.0.0 contiene una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del componente StBlogSearchClass::prepareSearch."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sunnytoo:stblogsearch:*:*:*:*:*:prestashop:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "C6F521FE-EEF4-47C3-B841-1E34AF032AD4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2024/01/18/stblogsearch.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://www.sunnytoo.com/product/panda-creative-responsive-prestashop-theme",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-443xx/CVE-2023-44358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44358",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-11-16T10:15:13.740",
"lastModified": "2023-12-04T16:15:08.937",
"vulnStatus": "Modified",
"lastModified": "2024-01-25T20:34:40.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-44xx/CVE-2023-4459.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4459",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-21T19:15:09.373",
"lastModified": "2023-12-06T02:15:06.860",
"lastModified": "2024-01-25T20:15:37.910",
"vulnStatus": "Modified",
"descriptions": [
{
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0412",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4459",
"source": "secalert@redhat.com",

74
CVE-2023/CVE-2023-463xx/CVE-2023-46351.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-46351",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.367",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:14:36.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the module mib < 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods `mib::getManufacturersByCategory()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection."
},
{
"lang": "es",
"value": "En el m\u00f3dulo mib &lt; 1.6.1 de MyPresta.eu para PrestaShop, un invitado puede realizar una inyecci\u00f3n SQL. Los m\u00e9todos `mib::getManufacturersByCategory()` tienen llamadas SQL sensibles que pueden ejecutarse con una llamada http trivial y explotarse para falsificar una inyecci\u00f3n SQL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mypresta:manufacturers_\\(brands\\)_images_block:*:*:*:*:*:prestashop:*:*",
"versionEndExcluding": "1.6.1",
"matchCriteriaId": "36064C96-D338-451A-985D-4247EC713B2C"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://mypresta.eu/modules/front-office-features/manufacturers-brands-images-block.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://security.friendsofpresta.org/modules/2024/01/18/mib.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

11
CVE-2023/CVE-2023-479xx/CVE-2023-47995.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-47995",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-09T23:15:09.637",
"lastModified": "2024-01-25T18:15:07.957",
"lastModified": "2024-01-25T20:15:37.297",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service."
"value": "Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service."
},
{
"lang": "es",
@ -68,13 +68,6 @@
}
],
"references": [
{
"url": "https://freeimage.sourceforge.io/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47995",
"source": "cve@mitre.org"

8
CVE-2023/CVE-2023-47xx/CVE-2023-4732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4732",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-03T17:15:09.853",
"lastModified": "2024-01-21T02:17:30.047",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:38.027",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -175,6 +175,10 @@
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0412",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4732",
"source": "secalert@redhat.com",

75
CVE-2023/CVE-2023-500xx/CVE-2023-50028.json
View File

@ -2,23 +2,88 @@
"id": "CVE-2023-50028",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.413",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:55:05.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the module \"Sliding cart block\" (blockslidingcart) up to version 2.3.8 from PrestashopModules.eu for PrestaShop, a guest can perform SQL injection."
},
{
"lang": "es",
"value": "En el m\u00f3dulo \"Sliding cart block\" (blockslidingcart) hasta la versi\u00f3n 2.3.8 de PrestashopModules.eu para PrestaShop, un invitado puede realizar una inyecci\u00f3n SQL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:prestashopmodules:sliding_cart_block:*:*:*:*:*:prestashop:*:*",
"versionEndExcluding": "2.3.8",
"matchCriteriaId": "E41B226E-94F0-4EC8-BAC9-DEF6AD12F246"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://addons.prestashop.com/en/express-checkout-process/3321-block-sliding-cart.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://security.friendsofpresta.org/modules/2024/01/16/blockslidingcart.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-519xx/CVE-2023-51947.json
View File

@ -2,27 +2,105 @@
"id": "CVE-2023-51947",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.553",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:42:16.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication."
},
{
"lang": "es",
"value": "El control de acceso inadecuado en nasSvr.php en actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 permite a atacantes remotos leer y modificar diferentes tipos de datos sin autenticaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:actidata:actinas_sl_2u-8_rdx_firmware:3.2.03:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FCCAA0EE-7B45-4A77-9BC9-5758C529CDB1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:actidata:actinas_sl_2u-8_rdx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E538A0F-3B62-4176-AAF2-1599FA199CA1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://actinas-plus-sl-2u-8-rdx.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51947/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

85
CVE-2023/CVE-2023-519xx/CVE-2023-51948.json
View File

@ -2,23 +2,98 @@
"id": "CVE-2023-51948",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.663",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:19:02.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Site-wide directory listing vulnerability in /fm in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to list the files hosted by the web application."
},
{
"lang": "es",
"value": "Una vulnerabilidad de listado de directorio en todo el sitio en /fm en actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 permite a atacantes remotos enumerar los archivos alojados en la aplicaci\u00f3n web."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:actidata:actinas_sl_2u-8_rdx_firmware:3.2.03:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FCCAA0EE-7B45-4A77-9BC9-5758C529CDB1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:actidata:actinas_sl_2u-8_rdx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E538A0F-3B62-4176-AAF2-1599FA199CA1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51948/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-520xx/CVE-2023-52076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52076",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-25T16:15:07.930",
"lastModified": "2024-01-25T16:15:07.930",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

63
CVE-2023/CVE-2023-523xx/CVE-2023-52355.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-52355",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T20:15:38.353",
"lastModified": "2024-01-25T20:15:38.353",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-52355",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326",
"source": "secalert@redhat.com"
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"source": "secalert@redhat.com"
}
]
}

67
CVE-2023/CVE-2023-523xx/CVE-2023-52356.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-52356",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T20:15:39.063",
"lastModified": "2024-01-25T20:15:39.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-52356",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344",
"source": "secalert@redhat.com"
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"source": "secalert@redhat.com"
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-56xx/CVE-2023-5633.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5633",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-23T22:15:09.430",
"lastModified": "2024-01-10T15:15:10.067",
"lastModified": "2024-01-25T20:15:39.400",
"vulnStatus": "Modified",
"descriptions": [
{
@ -152,6 +152,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:0134",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0461",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5633",
"source": "secalert@redhat.com",

59
CVE-2023/CVE-2023-62xx/CVE-2023-6267.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-6267",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T19:15:08.260",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configuration based security."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-280"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6267",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251155",
"source": "secalert@redhat.com"
}
]
}

16
CVE-2023/CVE-2023-66xx/CVE-2023-6679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6679",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-11T19:15:09.440",
"lastModified": "2023-12-13T22:03:08.487",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:39.967",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -128,6 +128,18 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0439",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0448",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0461",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6679",
"source": "secalert@redhat.com",

55
CVE-2023/CVE-2023-72xx/CVE-2023-7227.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-7227",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-25T19:15:08.477",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nSystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system (DDNS) settings that could allow an attacker to execute arbitrary commands with root privileges.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-025-02",
"source": "ics-cert@hq.dhs.gov"
}
]
}

8
CVE-2024/CVE-2024-05xx/CVE-2024-0562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0562",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T19:15:08.120",
"lastModified": "2024-01-23T21:00:27.900",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-25T20:15:40.210",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -129,6 +129,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0412",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0562",
"source": "secalert@redhat.com",

74
CVE-2024/CVE-2024-07xx/CVE-2024-0712.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0712",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T14:15:12.837",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:00:41.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Beijing Baichuo Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-251538 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Beijing Baichuo Smart S150 Management Platform V31R02B15. Ha sido clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /useratte/inc/userattea.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a controles de acceso inadecuados. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-251538 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,58 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:byzoro:smart_s150_firmware:31r02b15:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9EB833-E3F1-479D-A904-FA45CFF7EAA8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:byzoro:smart_s150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8933946D-BF4C-4F40-8752-D4D6A371BE6E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GTA12138/vul/blob/main/smart%20s150/2024-1-9%20smart%20s150%20101508.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.251538",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.251538",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-07xx/CVE-2024-0718.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0718",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T16:15:11.507",
"lastModified": "2024-01-19T18:48:55.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:02:34.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in liuwy-dlsdys zhglxt 4.7.7. This issue affects some unknown processing of the file /oa/notify/edit of the component HTTP POST Request Handler. The manipulation of the argument notifyTitle leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251543."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en liuwy-dlsdys zhglxt 4.7.7 y clasificada como problem\u00e1tica. Este problema afecta un procesamiento desconocido del archivo /oa/notify/edit del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento notifyTitle conduce a cross site scripting. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251543."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liuwy-dlsdys:zhglxt:4.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8F00F2-D98C-4C0C-9A9D-C08BF4B2AE77"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/biantaibao/zhglxt_xss/blob/main/xss.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.251543",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251543",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

61
CVE-2024/CVE-2024-07xx/CVE-2024-0720.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0720",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T16:15:11.733",
"lastModified": "2024-01-19T18:48:55.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:02:45.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251544. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en FactoMineR FactoInvestigate hasta 1.9 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente HTML Report Generator es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a cross site scripting. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-251544. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:factominer:factoinvestigate:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.9",
"matchCriteriaId": "E4CA6847-DCF2-4C5F-BA0F-A88360856A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/drive/folders/1ZFjWlD5axvhWp--I7tuiZ9uOpSBmU_f6?usp=drive_link",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.251544",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251544",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

60
CVE-2024/CVE-2024-07xx/CVE-2024-0721.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0721",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T16:15:11.953",
"lastModified": "2024-01-19T18:48:55.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:04:04.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Jspxcms 10.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Survey Label Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251545 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Jspxcms 10.2.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente Survey Label Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a cross site scripting. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-251545."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jspxcms:jspxcms:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2CC8654-4A79-4A1D-8AFA-C8309ED94FCD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sweatxi/BugHub/blob/main/jspXCMS-%20Survey%20label.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.251545",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251545",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-07xx/CVE-2024-0722.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0722",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T17:15:08.360",
"lastModified": "2024-01-19T18:48:55.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:59:33.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251546 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en los proyectos de c\u00f3digo Social Networking Site 1.0 y se clasific\u00f3 como problem\u00e1tica. Una funci\u00f3n desconocida del archivo message.php del componente Message Page es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento Story conduce a cross site scripting. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-251546 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:social_networking_site:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE90865-B6CC-4E9A-AF38-C11E14AE0864"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1r-4P-gWuIxuVL2QdOXsqN6OTRtQEmo7P/view?usp=drive_link",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.251546",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251546",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

74
CVE-2024/CVE-2024-07xx/CVE-2024-0723.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0723",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T17:15:08.573",
"lastModified": "2024-01-19T18:48:55.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:00:19.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251547."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en freeSSHd 1.0.9 en Windows. Ha sido clasificada como problem\u00e1tica. Esto afecta a una parte desconocida. La manipulaci\u00f3n conduce a la denegaci\u00f3n del servicio. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251547."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,58 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freesshd:freesshd:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D0856F72-9F1E-425C-B434-BB9DDF88BED6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/176545/freeSSHd-1.0.9-Denial-Of-Service.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.251547",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251547",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

74
CVE-2024/CVE-2024-07xx/CVE-2024-0725.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0725",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T18:15:08.040",
"lastModified": "2024-01-19T18:48:55.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:00:34.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ProSSHD 1.2 on Windows. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251548."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en ProSSHD 1.2 en Windows. Ha sido declarada problem\u00e1tica. Esta vulnerabilidad afecta a c\u00f3digo desconocido. La manipulaci\u00f3n conduce a la denegaci\u00f3n del servicio. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-251548."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,58 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:prosshd:prosshd:1.2_20090726:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C8B3DD-5F85-4132-B905-9280256450EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/176544/ProSSHD-1.2-20090726-Denial-Of-Service.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.251548",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251548",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

73
CVE-2024/CVE-2024-07xx/CVE-2024-0728.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0728",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T19:15:08.413",
"lastModified": "2024-01-19T22:52:48.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:55:52.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by this vulnerability is an unknown functionality of the file channel.php. The manipulation of the argument c_cmodel leads to file inclusion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251551."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en ForU CMS hasta el 23-06-2020 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo channel.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento c_cmodel conduce a la inclusi\u00f3n del archivo. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251551."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -61,8 +85,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +105,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foru_cms_project:foru_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2020-06-23",
"matchCriteriaId": "EAC3894B-590E-44A9-A01C-A330C98EC000"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mi2acle/forucmsvuln/blob/master/LFI.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.251551",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251551",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

61
CVE-2024/CVE-2024-07xx/CVE-2024-0729.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0729",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T19:15:08.647",
"lastModified": "2024-01-19T22:52:48.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:56:39.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in ForU CMS up to 2020-06-23. Affected by this issue is some unknown functionality of the file cms_admin.php. The manipulation of the argument a_name leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251552."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en ForU CMS hasta el 23/06/2020 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo cms_admin.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento a_name conduce a la inyecci\u00f3n de SQL. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-251552."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foru_cms_project:foru_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2020-06-23",
"matchCriteriaId": "EAC3894B-590E-44A9-A01C-A330C98EC000"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mi2acle/forucmsvuln/blob/master/LFI.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.251552",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251552",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

60
CVE-2024/CVE-2024-07xx/CVE-2024-0730.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0730",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T19:15:08.857",
"lastModified": "2024-01-19T22:52:48.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T19:59:48.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file course_ajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251553 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Project Worlds Online Time Table Generator 1.0 y clasificada como cr\u00edtica. Una parte desconocida del archivo course_ajax.php afecta a esta vulnerabilidad. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-251553."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:projectworlds:online_time_table_generator:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89AF98EE-9983-48E4-B200-212717C6C739"
}
]
}
]
}
],
"references": [
{
"url": "https://torada.notion.site/SQL-injection-at-course_ajax-php-485d8cca5f8c43dfb1f76c7336a4a45e",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.251553",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.251553",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

4
CVE-2024/CVE-2024-08xx/CVE-2024-0822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0822",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T16:15:08.743",
"lastModified": "2024-01-25T16:15:08.743",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-08xx/CVE-2024-0879.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0879",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-01-25T15:15:07.713",
"lastModified": "2024-01-25T15:15:07.713",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-08xx/CVE-2024-0880.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0880",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-25T18:15:09.027",
"lastModified": "2024-01-25T18:15:09.027",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

88
CVE-2024/CVE-2024-08xx/CVE-2024-0882.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0882",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-25T19:15:08.687",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in qwdigital LinkWechat 5.1.0. It has been classified as problematic. This affects an unknown part of the file /linkwechat-api/common/download/resource of the component Universal Download Interface. The manipulation of the argument name with the input /profile/../../../../../etc/passwd leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252033 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-24"
}
]
}
],
"references": [
{
"url": "https://github.com/biantaibao/LinkWechat-Scrm_arbitrary-file-download-vulnerability/blob/main/report.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252033",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252033",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-08xx/CVE-2024-0883.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0883",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-25T19:15:08.940",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252034 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://blog.csdn.net/weixin_56393356/article/details/135756616",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252034",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252034",
"source": "cna@vuldb.com"
}
]
}

71
CVE-2024/CVE-2024-216xx/CVE-2024-21630.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2024-21630",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-25T20:15:40.423",
"lastModified": "2024-01-25T20:15:40.423",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Zulip is an open-source team collaboration tool. A vulnerability in version 8.0 is similar to CVE-2023-32677, but applies to multi-use invitations, not single-use invitation links as in the prior CVE. Specifically, it applies when the installation has configured non-admins to be able to invite users and create multi-use invitations, and has also configured only admins to be able to invite users to streams. As in CVE-2023-32677, this does not let users invite new users to arbitrary streams, only to streams that the inviter can already see. Version 8.1 fixes this issue. As a workaround, administrators can limit sending of invitations down to users who also have the permission to add users to streams."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/zulip/zulip/commit/0df7bd71f32f3b772e2646c6ab0d60c9b610addf",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/zulip/zulip/security/advisories/GHSA-87p9-wprh-7rm6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/zulip/zulip/security/advisories/GHSA-mrvp-96q6-jpvc",
"source": "security-advisories@github.com"
},
{
"url": "https://zulip.com/help/configure-who-can-invite-to-streams",
"source": "security-advisories@github.com"
},
{
"url": "https://zulip.com/help/restrict-account-creation#change-who-can-send-invitations",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2024/CVE-2024-224xx/CVE-2024-22432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22432",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-01-25T15:15:07.923",
"lastModified": "2024-01-25T15:15:07.923",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-225xx/CVE-2024-22529.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22529",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T16:15:08.960",
"lastModified": "2024-01-25T16:15:08.960",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

69
CVE-2024/CVE-2024-225xx/CVE-2024-22562.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2024-22562",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T15:15:09.463",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:22:03.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que swftools 0.9.2 contiene un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria mediante la funci\u00f3n dict_foreach_keyvalue en swftools/lib/qc"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:swftools:swftools:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6149BA0-2082-45B7-9B43-CAC2F1768770"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/matthiaskramm/swftools/issues/210",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-227xx/CVE-2024-22729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22729",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T15:15:08.133",
"lastModified": "2024-01-25T15:15:08.133",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-227xx/CVE-2024-22749.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22749",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-25T16:15:09.010",
"lastModified": "2024-01-25T16:15:09.010",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

69
CVE-2024/CVE-2024-229xx/CVE-2024-22920.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2024-22920",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T15:15:09.560",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-25T20:26:16.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que swftools 0.9.2 contiene un use-after-free de almacenamiento din\u00e1mico a trav\u00e9s de la funci\u00f3n bufferWriteData en swftools/lib/action/compile.c."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:swftools:swftools:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6149BA0-2082-45B7-9B43-CAC2F1768770"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/matthiaskramm/swftools/issues/211",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-236xx/CVE-2024-23655.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-23655",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-25T20:15:40.913",
"lastModified": "2024-01-25T20:15:40.913",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Tuta is an encrypted email service. Starting in version 3.118.12 and prior to version 3.119.10, an attacker is able to send a manipulated email so that the user can no longer use the app to get access to received emails. By sending a manipulated email, an attacker could put the app into an unusable state. In this case, a user can no longer access received e-mails. Since the vulnerability affects not only the app, but also the web application, a user in this case has no way to access received emails. This issue was tested with iOS and the web app, but it is possible all clients are affected. Version 3.119.10 fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/tutao/tutanota/releases/tag/tutanota-release-3.119.10",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tutao/tutanota/security/advisories/GHSA-5h47-g927-629g",
"source": "security-advisories@github.com"
}
]
}

75
CVE-2024/CVE-2024-236xx/CVE-2024-23656.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2024-23656",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-25T20:15:41.107",
"lastModified": "2024-01-25T20:15:41.107",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex 2.37.0 serves HTTPS with insecure TLS 1.0 and TLS 1.1. `cmd/dex/serve.go` line 425 seemingly sets TLS 1.2 as minimum version, but the whole `tlsConfig` is ignored after `TLS cert reloader` was introduced in v2.37.0. Configured cipher suites are not respected either. This issue is fixed in Dex 2.38.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-326"
},
{
"lang": "en",
"value": "CWE-757"
}
]
}
],
"references": [
{
"url": "https://github.com/dexidp/dex/blob/70d7a2c7c1bb2646b1a540e49616cbc39622fb83/cmd/dex/serve.go#L425",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dexidp/dex/commit/5bbdb4420254ba73b9c4df4775fe7bdacf233b17",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dexidp/dex/issues/2848",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dexidp/dex/pull/2964",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dexidp/dex/security/advisories/GHSA-gr79-9v6v-gc9r",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-238xx/CVE-2024-23817.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-23817",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-25T20:15:41.313",
"lastModified": "2024-01-25T20:15:41.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application's response. Specifically, I was able to successfully inject a new HTML tag into the returned document and, as a result, was able to comment out some part of the Dolibarr App Home page HTML code. This behavior can be exploited to perform various attacks like Cross-Site Scripting (XSS). To remediate the issue, validate and sanitize all user-supplied input, especially within HTML attributes, to prevent HTML injection attacks; and implement proper output encoding when rendering user-provided data to ensure it is treated as plain text rather than executable HTML."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2024/CVE-2024-238xx/CVE-2024-23855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23855",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-25T14:15:27.183",
"lastModified": "2024-01-25T14:15:27.183",
"vulnStatus": "Received",
"lastModified": "2024-01-25T19:28:53.800",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

72
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-25T19:00:40.111528+00:00
2024-01-25T21:00:24.971063+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-25T18:19:25.647000+00:00
2024-01-25T20:59:39.773000+00:00
```
### Last Data Feed Release
@ -29,45 +29,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236794
236805
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `11`
* [CVE-2024-0880](CVE-2024/CVE-2024-08xx/CVE-2024-0880.json) (`2024-01-25T18:15:09.027`)
* [CVE-2023-6267](CVE-2023/CVE-2023-62xx/CVE-2023-6267.json) (`2024-01-25T19:15:08.260`)
* [CVE-2023-7227](CVE-2023/CVE-2023-72xx/CVE-2023-7227.json) (`2024-01-25T19:15:08.477`)
* [CVE-2023-41474](CVE-2023/CVE-2023-414xx/CVE-2023-41474.json) (`2024-01-25T20:15:36.993`)
* [CVE-2023-52355](CVE-2023/CVE-2023-523xx/CVE-2023-52355.json) (`2024-01-25T20:15:38.353`)
* [CVE-2023-52356](CVE-2023/CVE-2023-523xx/CVE-2023-52356.json) (`2024-01-25T20:15:39.063`)
* [CVE-2024-0882](CVE-2024/CVE-2024-08xx/CVE-2024-0882.json) (`2024-01-25T19:15:08.687`)
* [CVE-2024-0883](CVE-2024/CVE-2024-08xx/CVE-2024-0883.json) (`2024-01-25T19:15:08.940`)
* [CVE-2024-21630](CVE-2024/CVE-2024-216xx/CVE-2024-21630.json) (`2024-01-25T20:15:40.423`)
* [CVE-2024-23655](CVE-2024/CVE-2024-236xx/CVE-2024-23655.json) (`2024-01-25T20:15:40.913`)
* [CVE-2024-23656](CVE-2024/CVE-2024-236xx/CVE-2024-23656.json) (`2024-01-25T20:15:41.107`)
* [CVE-2024-23817](CVE-2024/CVE-2024-238xx/CVE-2024-23817.json) (`2024-01-25T20:15:41.313`)
### CVEs modified in the last Commit
Recently modified CVEs: `223`
Recently modified CVEs: `66`
* [CVE-2023-20255](CVE-2023/CVE-2023-202xx/CVE-2023-20255.json) (`2024-01-25T17:15:41.560`)
* [CVE-2023-20256](CVE-2023/CVE-2023-202xx/CVE-2023-20256.json) (`2024-01-25T17:15:41.643`)
* [CVE-2023-20259](CVE-2023/CVE-2023-202xx/CVE-2023-20259.json) (`2024-01-25T17:15:41.753`)
* [CVE-2023-20261](CVE-2023/CVE-2023-202xx/CVE-2023-20261.json) (`2024-01-25T17:15:41.857`)
* [CVE-2023-20262](CVE-2023/CVE-2023-202xx/CVE-2023-20262.json) (`2024-01-25T17:15:41.980`)
* [CVE-2023-20263](CVE-2023/CVE-2023-202xx/CVE-2023-20263.json) (`2024-01-25T17:15:42.087`)
* [CVE-2023-20264](CVE-2023/CVE-2023-202xx/CVE-2023-20264.json) (`2024-01-25T17:15:42.220`)
* [CVE-2023-20265](CVE-2023/CVE-2023-202xx/CVE-2023-20265.json) (`2024-01-25T17:15:42.363`)
* [CVE-2023-20266](CVE-2023/CVE-2023-202xx/CVE-2023-20266.json) (`2024-01-25T17:15:42.510`)
* [CVE-2023-20267](CVE-2023/CVE-2023-202xx/CVE-2023-20267.json) (`2024-01-25T17:15:42.653`)
* [CVE-2023-20268](CVE-2023/CVE-2023-202xx/CVE-2023-20268.json) (`2024-01-25T17:15:42.763`)
* [CVE-2023-20269](CVE-2023/CVE-2023-202xx/CVE-2023-20269.json) (`2024-01-25T17:15:42.883`)
* [CVE-2023-20270](CVE-2023/CVE-2023-202xx/CVE-2023-20270.json) (`2024-01-25T17:15:43.070`)
* [CVE-2023-20272](CVE-2023/CVE-2023-202xx/CVE-2023-20272.json) (`2024-01-25T17:15:43.193`)
* [CVE-2023-20273](CVE-2023/CVE-2023-202xx/CVE-2023-20273.json) (`2024-01-25T17:15:43.297`)
* [CVE-2023-20274](CVE-2023/CVE-2023-202xx/CVE-2023-20274.json) (`2024-01-25T17:15:43.440`)
* [CVE-2023-20275](CVE-2023/CVE-2023-202xx/CVE-2023-20275.json) (`2024-01-25T17:15:43.557`)
* [CVE-2023-27168](CVE-2023/CVE-2023-271xx/CVE-2023-27168.json) (`2024-01-25T17:23:30.823`)
* [CVE-2023-47995](CVE-2023/CVE-2023-479xx/CVE-2023-47995.json) (`2024-01-25T18:15:07.957`)
* [CVE-2023-5178](CVE-2023/CVE-2023-51xx/CVE-2023-5178.json) (`2024-01-25T18:15:08.087`)
* [CVE-2023-5824](CVE-2023/CVE-2023-58xx/CVE-2023-5824.json) (`2024-01-25T18:15:08.250`)
* [CVE-2023-5981](CVE-2023/CVE-2023-59xx/CVE-2023-5981.json) (`2024-01-25T18:15:08.577`)
* [CVE-2024-22877](CVE-2024/CVE-2024-228xx/CVE-2024-22877.json) (`2024-01-25T17:45:50.770`)
* [CVE-2024-0553](CVE-2024/CVE-2024-05xx/CVE-2024-0553.json) (`2024-01-25T18:15:08.780`)
* [CVE-2024-22876](CVE-2024/CVE-2024-228xx/CVE-2024-22876.json) (`2024-01-25T18:19:25.647`)
* [CVE-2023-38235](CVE-2023/CVE-2023-382xx/CVE-2023-38235.json) (`2024-01-25T20:24:34.103`)
* [CVE-2023-3935](CVE-2023/CVE-2023-39xx/CVE-2023-3935.json) (`2024-01-25T20:24:58.783`)
* [CVE-2023-44358](CVE-2023/CVE-2023-443xx/CVE-2023-44358.json) (`2024-01-25T20:34:40.990`)
* [CVE-2023-39169](CVE-2023/CVE-2023-391xx/CVE-2023-39169.json) (`2024-01-25T20:34:50.637`)
* [CVE-2024-0712](CVE-2024/CVE-2024-07xx/CVE-2024-0712.json) (`2024-01-25T19:00:41.903`)
* [CVE-2024-23855](CVE-2024/CVE-2024-238xx/CVE-2024-23855.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-0879](CVE-2024/CVE-2024-08xx/CVE-2024-0879.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-22432](CVE-2024/CVE-2024-224xx/CVE-2024-22432.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-22729](CVE-2024/CVE-2024-227xx/CVE-2024-22729.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-0822](CVE-2024/CVE-2024-08xx/CVE-2024-0822.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-22529](CVE-2024/CVE-2024-225xx/CVE-2024-22529.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-22749](CVE-2024/CVE-2024-227xx/CVE-2024-22749.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-0880](CVE-2024/CVE-2024-08xx/CVE-2024-0880.json) (`2024-01-25T19:28:53.800`)
* [CVE-2024-0728](CVE-2024/CVE-2024-07xx/CVE-2024-0728.json) (`2024-01-25T19:55:52.273`)
* [CVE-2024-0729](CVE-2024/CVE-2024-07xx/CVE-2024-0729.json) (`2024-01-25T19:56:39.780`)
* [CVE-2024-0722](CVE-2024/CVE-2024-07xx/CVE-2024-0722.json) (`2024-01-25T19:59:33.577`)
* [CVE-2024-0730](CVE-2024/CVE-2024-07xx/CVE-2024-0730.json) (`2024-01-25T19:59:48.803`)
* [CVE-2024-0723](CVE-2024/CVE-2024-07xx/CVE-2024-0723.json) (`2024-01-25T20:00:19.830`)
* [CVE-2024-0725](CVE-2024/CVE-2024-07xx/CVE-2024-0725.json) (`2024-01-25T20:00:34.827`)
* [CVE-2024-0718](CVE-2024/CVE-2024-07xx/CVE-2024-0718.json) (`2024-01-25T20:02:34.107`)
* [CVE-2024-0720](CVE-2024/CVE-2024-07xx/CVE-2024-0720.json) (`2024-01-25T20:02:45.290`)
* [CVE-2024-0721](CVE-2024/CVE-2024-07xx/CVE-2024-0721.json) (`2024-01-25T20:04:04.020`)
* [CVE-2024-0562](CVE-2024/CVE-2024-05xx/CVE-2024-0562.json) (`2024-01-25T20:15:40.210`)
* [CVE-2024-22562](CVE-2024/CVE-2024-225xx/CVE-2024-22562.json) (`2024-01-25T20:22:03.963`)
* [CVE-2024-22920](CVE-2024/CVE-2024-229xx/CVE-2024-22920.json) (`2024-01-25T20:26:16.860`)
## Download and Usage