admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-08-20T18:00:18.411561+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-08-20 18:03:14 +00:00
parent 9623dbd837
commit 1358cd4170
78 changed files with 7807 additions and 572 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2023/CVE-2023-280xx/CVE-2023-28074.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-28074",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-07-31T08:15:02.243",
"lastModified": "2024-08-08T21:14:12.313",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T17:15:10.200",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell BSAFE Crypto-C Micro Edition 4.1.5 and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0 contain a buffer over-read vulnerability."
"value": "Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information exposure."
},
{
"lang": "es",
@ -61,7 +61,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
@ -71,12 +71,12 @@
]
},
{
"source": "security_alert@emc.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
"value": "CWE-125"
}
]
}

39
CVE-2023/CVE-2023-486xx/CVE-2023-48643.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-48643",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-16T16:15:08.437",
"lastModified": "2024-05-17T18:36:31.297",
"lastModified": "2024-08-20T16:35:01.933",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Shrubbery tac_plus 2.x, 3.x. y 4.x hasta F4.0.4.28 permite la ejecuci\u00f3n de comandos remotos no autenticados. El producto permite a los usuarios configurar comprobaciones de autorizaci\u00f3n como comandos de shell a trav\u00e9s del archivo de configuraci\u00f3n tac_plus.cfg. Estos se ejecutan cuando un cliente env\u00eda una solicitud de autorizaci\u00f3n con un nombre de usuario que tiene directivas de autorizaci\u00f3n previa configuradas. Sin embargo, es posible inyectar comandos adicionales en estas comprobaciones porque las cadenas de los paquetes TACACS+ se utilizan como argumentos de la l\u00ednea de comandos. Si la instalaci\u00f3n carece de un secreto previamente compartido (no hay ning\u00fan secreto previamente compartido de forma predeterminada), entonces la inyecci\u00f3n se puede activar sin autenticaci\u00f3n. (El atacante necesita conocer un nombre de usuario configurado para usar un comando de autorizaci\u00f3n previa). NOTA: esto est\u00e1 relacionado con CVE-2023-45239, pero el problema est\u00e1 en el producto Shrubbery original, no en la bifurcaci\u00f3n de Meta."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/takeshixx/tac_plus-pre-auth-rce",

39
CVE-2023/CVE-2023-492xx/CVE-2023-49221.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49221",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-07T20:15:10.470",
"lastModified": "2024-06-10T02:52:08.267",
"lastModified": "2024-08-20T16:35:02.807",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Las consolas con pantalla t\u00e1ctil P62, P80 y P82 de Precor podr\u00edan permitir que un atacante remoto (dentro de la red local) eluda las restricciones de seguridad y acceda al men\u00fa de servicio, porque hay un c\u00f3digo de servicio codificado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [
{
"url": "https://securityintelligence.com/x-force/internet-connected-treadmill-vulnerabilities-discovered/",

39
CVE-2023/CVE-2023-511xx/CVE-2023-51146.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51146",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-26T22:15:07.677",
"lastModified": "2024-03-27T12:29:30.307",
"lastModified": "2024-08-20T16:35:04.123",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Vulnerabilidad de desbordamiento de b\u00fafer en TRENDnet AC1200 TEW-821DAP con versi\u00f3n de firmware 3.00b06 permite a un atacante ejecutar c\u00f3digo arbitrario mediante la acci\u00f3n adm_add_user."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51146.md",

97
CVE-2024/CVE-2024-220xx/CVE-2024-22069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22069",
"sourceIdentifier": "psirt@zte.com.cn",
"published": "2024-08-08T08:15:05.123",
"lastModified": "2024-08-08T13:04:18.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:22:39.500",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -51,10 +81,71 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:zxv10_et301_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v3.22.11p3",
"matchCriteriaId": "186C3F1A-7F78-49C0-90E6-2BE0F886476B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zte:zxv10_et301:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DEBA407-CA72-4047-AF67-04714058C326"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:zxv10_xt802_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "v2.24.10p1",
"matchCriteriaId": "3DD663A2-181C-40C4-920D-D81719C6195F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zte:zxv10_xt802:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF753B8F-BEAC-4095-8E7A-526A9B89049F"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1036424",
"source": "psirt@zte.com.cn"
"source": "psirt@zte.com.cn",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-237xx/CVE-2024-23729.json
View File

@ -2,24 +2,87 @@
"id": "CVE-2024-23729",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T19:15:07.867",
"lastModified": "2024-08-19T19:26:46.993",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:04:19.827",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity component."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n ColorOS Internet Browser com.heytap.browser versi\u00f3n 45.10.3.4.1 para Android permite a un atacante remoto ejecutar c\u00f3digo JavaScript de su elecci\u00f3n a trav\u00e9s del componente com.android.browser.RealBrowserActivity."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:heytap:internet_browser:45.10.3.4.1:*:*:*:*:android:*:*",
"matchCriteriaId": "AA24F839-4079-4130-9183-B53418BF4951"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/com.heytap.browser",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://play.google.com/store/apps/details?id=com.heytap.browser",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

33
CVE-2024/CVE-2024-271xx/CVE-2024-27184.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-27184",
"sourceIdentifier": "security@joomla.org",
"published": "2024-08-20T16:15:10.733",
"lastModified": "2024-08-20T16:15:10.733",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://developer.joomla.org/security-centre/941-20240801-core-inadequate-validation-of-internal-urls.html",
"source": "security@joomla.org"
}
]
}

21
CVE-2024/CVE-2024-271xx/CVE-2024-27185.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-27185",
"sourceIdentifier": "security@joomla.org",
"published": "2024-08-20T16:15:10.840",
"lastModified": "2024-08-20T16:15:10.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors."
}
],
"metrics": {},
"references": [
{
"url": "https://developer.joomla.org/security-centre/942-20240802-core-cache-poisoning-in-pagination.html",
"source": "security@joomla.org"
}
]
}

33
CVE-2024/CVE-2024-271xx/CVE-2024-27186.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-27186",
"sourceIdentifier": "security@joomla.org",
"published": "2024-08-20T16:15:10.893",
"lastModified": "2024-08-20T16:15:10.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://developer.joomla.org/security-centre/944-20240803-core-xss-in-html-mail-templates.html",
"source": "security@joomla.org"
}
]
}

33
CVE-2024/CVE-2024-271xx/CVE-2024-27187.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-27187",
"sourceIdentifier": "security@joomla.org",
"published": "2024-08-20T16:15:10.983",
"lastModified": "2024-08-20T16:15:10.983",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Access Controls allows backend users to overwrite their username when disallowed."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://developer.joomla.org/security-centre/945-20240804-core-improper-acl-for-backend-profile-view.html",
"source": "security@joomla.org"
}
]
}

14
CVE-2024/CVE-2024-273xx/CVE-2024-27370.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-27370",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-05T19:15:12.473",
"lastModified": "2024-06-27T16:42:33.073",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T16:35:05.843",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

12
CVE-2024/CVE-2024-289xx/CVE-2024-28979.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2024-28979",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-05-01T04:15:10.387",
"lastModified": "2024-05-23T19:05:51.923",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T17:15:18.597",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS injection vulnerability in UI. A high privileged local attacker could potentially exploit this vulnerability, leading to JavaScript injection."
"value": "Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection."
},
{
"lang": "es",
@ -61,7 +61,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
@ -71,12 +71,12 @@
]
},
{
"source": "security_alert@emc.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-79"
}
]
}

424
CVE-2024/CVE-2024-290xx/CVE-2024-29082.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29082",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-08-12T13:38:18.050",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:11:31.787",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -95,10 +115,408 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "94DAF720-5399-46A2-A9AB-3831045B86D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E3C6A-6CC6-4954-B06C-3F023C964426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "273874D4-43E0-44D4-AB4E-D66DE1F1B824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B65A1-D625-4712-8311-685CA0A6438B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "ADCC4730-7801-485C-994F-DB7B942AA9F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22B21B-526A-4119-9278-E84138D523E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C007C620-CAF2-436E-AAA9-C012CEFCEA3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B9AA55-A333-4D10-A9D8-19558465F56E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "5BFA8106-50EE-428D-9297-930CE9CC99C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D6B12-50A8-4314-AEDA-E3C669F772C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "D95A2EE8-B22F-4671-8DF8-3757A335B006"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E94FE6-235A-46F0-81B0-DFF88C454BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "060B7C85-806D-45B3-8268-10AC5E475171"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C434D025-8361-4C2D-AC7D-4E4A44237C27"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D5A3C0-8303-4E77-9DE1-75FD9DAED295"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "42E71F95-814C-4EDA-8647-B03CA6AAFDEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B23375E-0E77-4423-AEDA-9A9F26052834"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "7018E246-D211-4366-8664-90B00E68AA74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE0116E-37B8-4E0A-8874-A59989712743"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F510F0DC-C170-45A3-989B-2FA8791B4FC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "52909496-4BEB-43DB-80E3-F710BCA0CAA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61E3489-034E-4DD2-8699-477647462CF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA90833B-D40E-42F0-8ECF-86C90E4511C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

39
CVE-2024/CVE-2024-297xx/CVE-2024-29749.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29749",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-04-05T20:15:08.457",
"lastModified": "2024-04-08T18:49:25.863",
"lastModified": "2024-08-20T16:35:07.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En tmu_set_tr_thresholds de tmu.c, hay una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-04-01",

39
CVE-2024/CVE-2024-316xx/CVE-2024-31651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31651",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-15T22:15:09.023",
"lastModified": "2024-04-16T13:24:07.103",
"lastModified": "2024-08-20T16:35:08.810",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Cross-site scripting (XSS) en Cosmetics and Beauty Product Online Store v1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro Nombre."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Mohitkumar0786/CVE/blob/main/CVE-2024-31651.md",

39
CVE-2024/CVE-2024-317xx/CVE-2024-31705.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31705",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-29T18:15:07.620",
"lastModified": "2024-04-30T13:11:16.690",
"lastModified": "2024-08-20T17:35:05.360",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Un problema en Infotel Conseil GLPI v.10.XX y posteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/V3locidad/GLPI_POC_Plugins_Shell",

39
CVE-2024/CVE-2024-323xx/CVE-2024-32350.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32350",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T16:17:02.543",
"lastModified": "2024-05-14T19:17:55.627",
"lastModified": "2024-08-20T17:35:06.123",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que TOTOLINK X5000R V9.1.0cu.2350_B20230313 contiene una vulnerabilidad de ejecuci\u00f3n remota de comandos (RCE) autenticada a trav\u00e9s del par\u00e1metro \"ipsecPsk\" en el binario \"cstecgi.cgi\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md",

39
CVE-2024/CVE-2024-329xx/CVE-2024-32921.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-32921",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-06-13T21:15:55.900",
"lastModified": "2024-06-17T12:43:31.090",
"lastModified": "2024-08-20T17:35:06.963",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En lwis_initialize_transaction_fences de lwis_fence.c, hay una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-06-01",

60
CVE-2024/CVE-2024-329xx/CVE-2024-32927.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-32927",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-08-19T17:15:07.493",
"lastModified": "2024-08-19T18:36:20.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:15:03.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En sendDeviceState_1_6 de RadioExt.cpp, existe un posible use after free debido a un bloqueo inadecuado. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,10 +81,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2024-08-01",
"source": "dsap-vuln-management@google.com"
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
]
}
]
}

94
CVE-2024/CVE-2024-329xx/CVE-2024-32928.json
View File

@ -2,20 +2,106 @@
"id": "CVE-2024-32928",
"sourceIdentifier": "dsap-vuln-management@google.com",
"published": "2024-08-19T17:15:07.557",
"lastModified": "2024-08-19T18:36:20.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:13:33.947",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential man-in-the-middle attack on requests to Google cloud services by any host the traffic was routed through."
},
{
"lang": "es",
"value": "La opci\u00f3n libcurl CURLOPT_SSL_VERIFYPEER se deshabilit\u00f3 en un subconjunto de solicitudes realizadas por dispositivos de producci\u00f3n Nest, lo que permiti\u00f3 un posible ataque de intermediario en solicitudes a los servicios en la nube de Google por parte de cualquier host por el que se enrutara el tr\u00e1fico."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:nest_mini_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFD7974-8108-4FBD-A70C-3EBE70EC8A4E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:google:nest_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D380EB7-288F-420B-A971-CBDF91AEE8BF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:haxx:libcurl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D43957B-3D81-4334-9C2C-819F8B322FC7"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.google.com/product-documentation/answer/14771247?hl=en&ref_topic=12974021&sjid=9111851316942032590-NA#zippy=",
"source": "dsap-vuln-management@google.com"
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-338xx/CVE-2024-33808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-33808",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-28T16:15:16.757",
"lastModified": "2024-05-28T17:11:47.007",
"lastModified": "2024-08-20T16:35:09.667",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en /model/get_timetable.php en campcodes Complete Web-Based School Management System 1.0 permite a un atacante ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro id."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2020.pdf",

39
CVE-2024/CVE-2024-340xx/CVE-2024-34051.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34051",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-03T20:15:09.100",
"lastModified": "2024-06-04T16:57:41.057",
"lastModified": "2024-08-20T16:35:10.510",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Una vulnerabilidad de Cross-site scripting (XSS) Reflejado ubicada en htdocs/compta/paiement/card.php de Dolibarr anterior a 19.0.2 permite a atacantes remotos inyectar script web o HTML arbitrarios a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro facid."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://blog.smarttecs.com/posts/2024-004-cve-2024-34051/",

39
CVE-2024/CVE-2024-344xx/CVE-2024-34451.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-34451",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T22:15:09.130",
"lastModified": "2024-08-02T03:15:41.840",
"lastModified": "2024-08-20T17:35:07.830",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
@ -22,7 +22,42 @@
"value": "Ghost hasta 5.85.1 permite a atacantes remotos eludir un mecanismo de protecci\u00f3n de l\u00edmite de tasa de autenticaci\u00f3n mediante el uso de muchos encabezados X-Forwarded-For con diferentes valores. NOTA: la posici\u00f3n del proveedor es que Ghost debe instalarse con un proxy inverso que permita solo encabezados X-Forwarded-For confiables."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1390"
}
]
}
],
"references": [
{
"url": "https://docs.google.com/document/d/1iy0X4Vc9xXYoBxFrcW6ATo8GKPV6ivuLVzn6GgEpwqE",

39
CVE-2024/CVE-2024-350xx/CVE-2024-35099.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35099",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:39:39.483",
"lastModified": "2024-05-14T16:11:39.510",
"lastModified": "2024-08-20T17:35:08.580",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que TOTOLINK LR350 V9.3.5u.6698_B20230810 conten\u00eda un desbordamiento de pila a trav\u00e9s del par\u00e1metro de contrase\u00f1a en la funci\u00f3n loginAuth."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/V9.3.5u.6698_B20230810/README.md",

39
CVE-2024/CVE-2024-353xx/CVE-2024-35324.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35324",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-28T16:15:16.893",
"lastModified": "2024-05-28T17:11:47.007",
"lastModified": "2024-08-20T16:35:11.473",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Douchat 4.0.5 sufre una vulnerabilidad de carga de archivos arbitraria a trav\u00e9s de Public/Plugins/webuploader/server/preview.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/w0x68y/cve-lists/blob/main/CMS/Douchat/Douchat%204.0.5%20arbitrary%20file%20upload%20vulnerability.md",

39
CVE-2024/CVE-2024-353xx/CVE-2024-35354.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35354",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-30T16:15:10.413",
"lastModified": "2024-05-30T18:19:11.743",
"lastModified": "2024-08-20T16:35:12.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se ha descubierto una vulnerabilidad en la versi\u00f3n 2.3 de Di\u00f1o Physics School Assistant. La vulnerabilidad afecta a un c\u00f3digo no identificado dentro del archivo /classes/Master.php?f=save_category. La manipulaci\u00f3n del argumento id puede provocar una inyecci\u00f3n de SQL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuln.pentester.stream/pentester-vulnerability-research/post/2298670/vuln9-error-based-sql-injection",

39
CVE-2024/CVE-2024-354xx/CVE-2024-35492.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35492",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-29T20:15:13.037",
"lastModified": "2024-05-30T13:15:41.297",
"lastModified": "2024-08-20T16:35:13.950",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Se descubri\u00f3 que el commit b316989 de Cesanta Mongoose conten\u00eda una desreferencia de puntero NULL a trav\u00e9s de la funci\u00f3n scpy en src/fmt.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un paquete MQTT manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Mongoose_null_pointer.md",

39
CVE-2024/CVE-2024-355xx/CVE-2024-35540.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-35540",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T15:15:21.103",
"lastModified": "2024-08-20T15:44:20.567",
"lastModified": "2024-08-20T16:35:15.360",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://cyberaz0r.info/2024/08/typecho-multiple-vulnerabilities/",

14
CVE-2024/CVE-2024-360xx/CVE-2024-36080.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36080",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-19T20:15:08.107",
"lastModified": "2024-05-20T13:00:04.957",
"lastModified": "2024-08-20T16:35:16.787",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.westermo.com/-/media/Files/Cyber-security/westermo_sa_EDW-100_24-05.pdf",

39
CVE-2024/CVE-2024-364xx/CVE-2024-36428.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36428",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-27T23:15:13.120",
"lastModified": "2024-05-28T12:39:28.377",
"lastModified": "2024-08-20T16:35:17.923",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "OrangeHRM 3.3.3 permite la inyecci\u00f3n SQL sortOrder de admin/viewProjects."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/4rdr/proofs/blob/main/info/OrangeHRM_3.3.3_SQLi_via_sortOrder.md",

43
CVE-2024/CVE-2024-367xx/CVE-2024-36737.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-36737",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T18:15:16.643",
"lastModified": "2024-06-07T14:56:05.647",
"lastModified": "2024-08-20T16:35:19.277",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,46 @@
"value": "Validaci\u00f3n de entrada incorrecta en OneFlow-Inc. Oneflow v0.9.1 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) ingresando un valor negativo en el par\u00e1metro oneflow.full."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-229"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Redmept1on/3a77cc722f82b57f99ccbe835aacf27d",

34
CVE-2024/CVE-2024-367xx/CVE-2024-36779.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-36779",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-06T13:15:31.590",
"lastModified": "2024-06-11T18:14:35.890",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T16:35:20.517",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

424
CVE-2024/CVE-2024-370xx/CVE-2024-37023.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37023",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-08-12T13:38:22.837",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:12:03.330",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -95,10 +115,408 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "94DAF720-5399-46A2-A9AB-3831045B86D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E3C6A-6CC6-4954-B06C-3F023C964426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "273874D4-43E0-44D4-AB4E-D66DE1F1B824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B65A1-D625-4712-8311-685CA0A6438B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "ADCC4730-7801-485C-994F-DB7B942AA9F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22B21B-526A-4119-9278-E84138D523E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C007C620-CAF2-436E-AAA9-C012CEFCEA3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B9AA55-A333-4D10-A9D8-19558465F56E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "5BFA8106-50EE-428D-9297-930CE9CC99C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D6B12-50A8-4314-AEDA-E3C669F772C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "D95A2EE8-B22F-4671-8DF8-3757A335B006"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E94FE6-235A-46F0-81B0-DFF88C454BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "060B7C85-806D-45B3-8268-10AC5E475171"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C434D025-8361-4C2D-AC7D-4E4A44237C27"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D5A3C0-8303-4E77-9DE1-75FD9DAED295"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "42E71F95-814C-4EDA-8647-B03CA6AAFDEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B23375E-0E77-4423-AEDA-9A9F26052834"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "7018E246-D211-4366-8664-90B00E68AA74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE0116E-37B8-4E0A-8874-A59989712743"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F510F0DC-C170-45A3-989B-2FA8791B4FC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "52909496-4BEB-43DB-80E3-F710BCA0CAA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61E3489-034E-4DD2-8699-477647462CF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA90833B-D40E-42F0-8ECF-86C90E4511C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

47
CVE-2024/CVE-2024-375xx/CVE-2024-37542.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37542",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-06T13:15:10.640",
"lastModified": "2024-07-08T15:49:22.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:36:05.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdevart:gallery:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.3",
"matchCriteriaId": "7F75183E-499F-4680-94D7-659F0596D168"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-broken-access-control-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

34
CVE-2024/CVE-2024-376xx/CVE-2024-37625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37625",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-17T14:15:11.790",
"lastModified": "2024-07-18T20:57:39.087",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T17:35:09.347",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

66
CVE-2024/CVE-2024-383xx/CVE-2024-38322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38322",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-06-28T19:15:06.317",
"lastModified": "2024-07-01T12:37:24.220",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:27:59.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,14 +81,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:storage_defender_resiliency_service:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndIncluding": "2.0.4",
"matchCriteriaId": "9C1808D0-E45F-42D0-8EF6-9D84A2D9976C"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294869",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7158446",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

34
CVE-2024/CVE-2024-384xx/CVE-2024-38458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38458",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-16T15:15:51.770",
"lastModified": "2024-07-26T13:27:56.937",
"vulnStatus": "Analyzed",
"lastModified": "2024-08-20T17:35:10.187",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

75
CVE-2024/CVE-2024-388xx/CVE-2024-38887.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38887",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-02T21:16:30.760",
"lastModified": "2024-08-07T16:15:45.253",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:17:55.863",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,22 +81,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:horizoncloud:caterease:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.1.1663",
"versionEndIncluding": "24.0.1.2405",
"matchCriteriaId": "8CF50968-A476-46EC-8169-58AD4C1B8984"
}
]
}
]
}
],
"references": [
{
"url": "http://caterease.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://horizon.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://packetstormsecurity.com/files/179892/Caterease-Software-SQL-Injection-Command-Injection-Bypass.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.273371",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

73
CVE-2024/CVE-2024-388xx/CVE-2024-38891.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38891",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-02T21:16:30.853",
"lastModified": "2024-08-07T16:15:45.503",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:19:34.213",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,22 +81,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:horizoncloud:caterease:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.1.1663",
"versionEndIncluding": "24.0.1.2405",
"matchCriteriaId": "8CF50968-A476-46EC-8169-58AD4C1B8984"
}
]
}
]
}
],
"references": [
{
"url": "http://caterease.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://horizon.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://packetstormsecurity.com/files/179892/Caterease-Software-SQL-Injection-Command-Injection-Bypass.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.273375",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
]
}
]
}

436
CVE-2024/CVE-2024-397xx/CVE-2024-39791.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39791",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-08-12T13:38:24.857",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:15:56.067",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,408 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "94DAF720-5399-46A2-A9AB-3831045B86D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E3C6A-6CC6-4954-B06C-3F023C964426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "273874D4-43E0-44D4-AB4E-D66DE1F1B824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B65A1-D625-4712-8311-685CA0A6438B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "ADCC4730-7801-485C-994F-DB7B942AA9F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22B21B-526A-4119-9278-E84138D523E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C007C620-CAF2-436E-AAA9-C012CEFCEA3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B9AA55-A333-4D10-A9D8-19558465F56E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "5BFA8106-50EE-428D-9297-930CE9CC99C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D6B12-50A8-4314-AEDA-E3C669F772C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "D95A2EE8-B22F-4671-8DF8-3757A335B006"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E94FE6-235A-46F0-81B0-DFF88C454BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "060B7C85-806D-45B3-8268-10AC5E475171"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C434D025-8361-4C2D-AC7D-4E4A44237C27"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D5A3C0-8303-4E77-9DE1-75FD9DAED295"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "42E71F95-814C-4EDA-8647-B03CA6AAFDEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B23375E-0E77-4423-AEDA-9A9F26052834"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "7018E246-D211-4366-8664-90B00E68AA74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE0116E-37B8-4E0A-8874-A59989712743"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F510F0DC-C170-45A3-989B-2FA8791B4FC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "52909496-4BEB-43DB-80E3-F710BCA0CAA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61E3489-034E-4DD2-8699-477647462CF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA90833B-D40E-42F0-8ECF-86C90E4511C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

436
CVE-2024/CVE-2024-398xx/CVE-2024-39815.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39815",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-08-12T13:38:25.150",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:14:18.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -85,8 +105,18 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,10 +125,408 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "94DAF720-5399-46A2-A9AB-3831045B86D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E3C6A-6CC6-4954-B06C-3F023C964426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "273874D4-43E0-44D4-AB4E-D66DE1F1B824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B65A1-D625-4712-8311-685CA0A6438B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "ADCC4730-7801-485C-994F-DB7B942AA9F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22B21B-526A-4119-9278-E84138D523E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C007C620-CAF2-436E-AAA9-C012CEFCEA3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B9AA55-A333-4D10-A9D8-19558465F56E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "5BFA8106-50EE-428D-9297-930CE9CC99C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D6B12-50A8-4314-AEDA-E3C669F772C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "D95A2EE8-B22F-4671-8DF8-3757A335B006"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E94FE6-235A-46F0-81B0-DFF88C454BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "060B7C85-806D-45B3-8268-10AC5E475171"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C434D025-8361-4C2D-AC7D-4E4A44237C27"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D5A3C0-8303-4E77-9DE1-75FD9DAED295"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "42E71F95-814C-4EDA-8647-B03CA6AAFDEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B23375E-0E77-4423-AEDA-9A9F26052834"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "7018E246-D211-4366-8664-90B00E68AA74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE0116E-37B8-4E0A-8874-A59989712743"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F510F0DC-C170-45A3-989B-2FA8791B4FC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "52909496-4BEB-43DB-80E3-F710BCA0CAA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61E3489-034E-4DD2-8699-477647462CF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA90833B-D40E-42F0-8ECF-86C90E4511C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

33
CVE-2024/CVE-2024-407xx/CVE-2024-40743.json Normal file
View File

@ -0,0 +1,33 @@
{
"id": "CVE-2024-40743",
"sourceIdentifier": "security@joomla.org",
"published": "2024-08-20T16:15:11.457",
"lastModified": "2024-08-20T16:15:11.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://developer.joomla.org/security-centre/946-20240805-core-xss-vectors-in-outputfilter-strip-methods.html",
"source": "security@joomla.org"
}
]
}

141
CVE-2024/CVE-2024-407xx/CVE-2024-40778.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40778",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:11.527",
"lastModified": "2024-07-30T13:32:45.943",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:20:10.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,154 @@
"value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con una gesti\u00f3n de estado mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.6, iOS 17.6 y iPadOS 17.6, iOS 16.7.9 y iPadOS 16.7.9. Las fotos del \u00c1lbum de fotos ocultas se pueden ver sin autenticaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.9",
"matchCriteriaId": "1ACEA981-1D96-49F1-8048-74D21D71FD39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.6",
"matchCriteriaId": "34E8C966-19C7-4376-A0C3-A242720F62DF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.9",
"matchCriteriaId": "29A9994D-AE71-45E0-8CC5-E6219420F7E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.6",
"matchCriteriaId": "B191C80F-3801-4AD0-9A63-EB294A029D7C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.6",
"matchCriteriaId": "687902EF-637F-4537-B419-15A1695370B9"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/16",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/17",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214116",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214117",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

424
CVE-2024/CVE-2024-411xx/CVE-2024-41161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41161",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-08-08T18:15:10.640",
"lastModified": "2024-08-08T18:55:19.180",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:09:50.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -95,10 +115,408 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "94DAF720-5399-46A2-A9AB-3831045B86D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E3C6A-6CC6-4954-B06C-3F023C964426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "273874D4-43E0-44D4-AB4E-D66DE1F1B824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B65A1-D625-4712-8311-685CA0A6438B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "ADCC4730-7801-485C-994F-DB7B942AA9F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22B21B-526A-4119-9278-E84138D523E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C007C620-CAF2-436E-AAA9-C012CEFCEA3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B9AA55-A333-4D10-A9D8-19558465F56E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "5BFA8106-50EE-428D-9297-930CE9CC99C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D6B12-50A8-4314-AEDA-E3C669F772C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "D95A2EE8-B22F-4671-8DF8-3757A335B006"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E94FE6-235A-46F0-81B0-DFF88C454BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "060B7C85-806D-45B3-8268-10AC5E475171"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C434D025-8361-4C2D-AC7D-4E4A44237C27"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D5A3C0-8303-4E77-9DE1-75FD9DAED295"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "42E71F95-814C-4EDA-8647-B03CA6AAFDEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B23375E-0E77-4423-AEDA-9A9F26052834"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "7018E246-D211-4366-8664-90B00E68AA74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE0116E-37B8-4E0A-8874-A59989712743"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F510F0DC-C170-45A3-989B-2FA8791B4FC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "52909496-4BEB-43DB-80E3-F710BCA0CAA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61E3489-034E-4DD2-8699-477647462CF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA90833B-D40E-42F0-8ECF-86C90E4511C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

424
CVE-2024/CVE-2024-419xx/CVE-2024-41936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41936",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-08-12T13:38:31.850",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:26:54.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -95,10 +115,408 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "94DAF720-5399-46A2-A9AB-3831045B86D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E3C6A-6CC6-4954-B06C-3F023C964426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "273874D4-43E0-44D4-AB4E-D66DE1F1B824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B65A1-D625-4712-8311-685CA0A6438B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "ADCC4730-7801-485C-994F-DB7B942AA9F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22B21B-526A-4119-9278-E84138D523E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C007C620-CAF2-436E-AAA9-C012CEFCEA3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B9AA55-A333-4D10-A9D8-19558465F56E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "5BFA8106-50EE-428D-9297-930CE9CC99C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D6B12-50A8-4314-AEDA-E3C669F772C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "D95A2EE8-B22F-4671-8DF8-3757A335B006"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E94FE6-235A-46F0-81B0-DFF88C454BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "060B7C85-806D-45B3-8268-10AC5E475171"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C434D025-8361-4C2D-AC7D-4E4A44237C27"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D5A3C0-8303-4E77-9DE1-75FD9DAED295"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "42E71F95-814C-4EDA-8647-B03CA6AAFDEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B23375E-0E77-4423-AEDA-9A9F26052834"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "7018E246-D211-4366-8664-90B00E68AA74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE0116E-37B8-4E0A-8874-A59989712743"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F510F0DC-C170-45A3-989B-2FA8791B4FC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "52909496-4BEB-43DB-80E3-F710BCA0CAA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61E3489-034E-4DD2-8699-477647462CF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA90833B-D40E-42F0-8ECF-86C90E4511C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

424
CVE-2024/CVE-2024-420xx/CVE-2024-42001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42001",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-08-12T13:38:32.140",
"lastModified": "2024-08-12T13:41:36.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:37:05.447",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -95,10 +115,408 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "94DAF720-5399-46A2-A9AB-3831045B86D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2E3C6A-6CC6-4954-B06C-3F023C964426"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "273874D4-43E0-44D4-AB4E-D66DE1F1B824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var1200-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B65A1-D625-4712-8311-685CA0A6438B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "ADCC4730-7801-485C-994F-DB7B942AA9F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var600-h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB22B21B-526A-4119-9278-E84138D523E4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C007C620-CAF2-436E-AAA9-C012CEFCEA3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B9AA55-A333-4D10-A9D8-19558465F56E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "FDC4DF91-B718-4CFE-BEE7-4E9CFF121C01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9EC2642-6A5B-4DA8-A675-B9F3CAD9B35E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "5BFA8106-50EE-428D-9297-930CE9CC99C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vbg1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE4D6B12-50A8-4314-AEDA-E3C669F772C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "D95A2EE8-B22F-4671-8DF8-3757A335B006"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s-5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66E94FE6-235A-46F0-81B0-DFF88C454BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "060B7C85-806D-45B3-8268-10AC5E475171"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C434D025-8361-4C2D-AC7D-4E4A44237C27"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "3DFA50C3-2B3E-4755-98FB-63CED2CA7B8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:var11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95D5A3C0-8303-4E77-9DE1-75FD9DAED295"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "42E71F95-814C-4EDA-8647-B03CA6AAFDEB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B23375E-0E77-4423-AEDA-9A9F26052834"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "7018E246-D211-4366-8664-90B00E68AA74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11n-300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE0116E-37B8-4E0A-8874-A59989712743"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "C9C1B20A-8F03-4C6E-8715-B68DBBBAFB97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F510F0DC-C170-45A3-989B-2FA8791B4FC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vap11g-500_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "52909496-4BEB-43DB-80E3-F710BCA0CAA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vap11g-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61E3489-034E-4DD2-8699-477647462CF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.23.6.9",
"matchCriteriaId": "1FAF11BE-F3F4-4D40-9156-DDB2FFBF9470"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonets:vga-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA90833B-D40E-42F0-8ECF-86C90E4511C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

76
CVE-2024/CVE-2024-420xx/CVE-2024-42030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42030",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-08-08T09:15:07.290",
"lastModified": "2024-08-08T13:04:18.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:55:16.100",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -51,10 +81,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/8/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

101
CVE-2024/CVE-2024-420xx/CVE-2024-42031.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42031",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-08-08T09:15:07.630",
"lastModified": "2024-08-08T13:04:18.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:57:48.923",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,8 +15,41 @@
"value": "Vulnerabilidad de verificaci\u00f3n de permisos de acceso en el m\u00f3dulo de Configuraci\u00f3n. Impacto: La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -28,10 +61,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/8/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-420xx/CVE-2024-42032.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42032",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-08-08T09:15:07.740",
"lastModified": "2024-08-08T13:04:18.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:58:09.690",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -51,10 +81,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:14.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32FBF39A-164F-4F98-AB49-28C50A430C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2401DE15-9DBF-4645-A261-8C24D57C6342"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/8/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

39
CVE-2024/CVE-2024-425xx/CVE-2024-42553.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42553",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:06.073",
"lastModified": "2024-08-20T15:44:20.567",
"lastModified": "2024-08-20T16:35:22.120",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "A Cross-Site Request Forgery (CSRF) in the component admin_room_added.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/4b22a22c73b16c7c22c06d4b3f033fdc",

39
CVE-2024/CVE-2024-425xx/CVE-2024-42555.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42555",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:06.303",
"lastModified": "2024-08-20T15:44:20.567",
"lastModified": "2024-08-20T16:35:23.320",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "A Cross-Site Request Forgery (CSRF) in the component admin_room_removed.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/afd445b90e13a27a6422cea2f5ff0f64",

39
CVE-2024/CVE-2024-425xx/CVE-2024-42560.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42560",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:06.830",
"lastModified": "2024-08-20T15:44:20.567",
"lastModified": "2024-08-20T16:35:24.553",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "A cross-site scripting (XSS) vulnerability in the component update_page_details.php of Blood Bank And Donation Management System commit dc9e039 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Details parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/4c05ee72ab4b365ef81c199aaa0558d0",

39
CVE-2024/CVE-2024-425xx/CVE-2024-42562.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42562",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:07.020",
"lastModified": "2024-08-20T15:44:20.567",
"lastModified": "2024-08-20T16:35:25.820",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "Pharmacy Management System commit a2efc8 was discovered to contain a SQL injection vulnerability via the invoice_number parameter at preview.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/2dcca275bcc18e8058cefef714a2f61b",

41
CVE-2024/CVE-2024-425xx/CVE-2024-42569.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42569",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:07.733",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:35:27.333",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at paidclass.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/20a81dbf47d371e1dabe08f350c8185d",

41
CVE-2024/CVE-2024-425xx/CVE-2024-42576.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42576",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:08.377",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:35:29.750",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "A Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/50a1d8ad7effd9ccd089952602c831d3",

41
CVE-2024/CVE-2024-425xx/CVE-2024-42585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42585",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:09.273",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:35:31.307",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "A Cross-Site Request Forgery (CSRF) in the component delete_media.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/33de7a4bd7a4517a26fa4e4911b7fb1d",

41
CVE-2024/CVE-2024-425xx/CVE-2024-42586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42586",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T13:15:09.367",
"lastModified": "2024-08-20T15:44:20.567",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:35:33.523",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
@ -11,7 +11,42 @@
"value": "A Cross-Site Request Forgery (CSRF) in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/topsky979/533b962efb1779e397a241bf7a19643c",

21
CVE-2024/CVE-2024-425xx/CVE-2024-42598.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-42598",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T16:15:11.727",
"lastModified": "2024-08-20T16:15:11.727",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges."
}
],
"metrics": {},
"references": [
{
"url": "https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_editplayer.php%20code%20injection.md",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-426xx/CVE-2024-42611.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42611",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T15:15:22.517",
"lastModified": "2024-08-20T15:44:20.567",
"lastModified": "2024-08-20T16:35:34.633",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/admin_page.php?link_id=1&mode=delete"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/jinwu1234567890/cms2/tree/main/4/readme.md",

39
CVE-2024/CVE-2024-426xx/CVE-2024-42617.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-42617",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T15:15:22.777",
"lastModified": "2024-08-20T15:44:20.567",
"lastModified": "2024-08-20T16:35:35.733",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
@ -11,7 +11,42 @@
"value": "Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_config.php?action=save&var_id=32"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/jinwu1234567890/cms2/tree/main/11/readme.md",

68
CVE-2024/CVE-2024-426xx/CVE-2024-42633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42633",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T16:15:08.740",
"lastModified": "2024-08-20T15:35:22.763",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:18:24.300",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,10 +81,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linksys:e1500_firmware:1.0.06.001:*:*:*:*:*:*:*",
"matchCriteriaId": "595EBC24-94E3-4DC3-82E3-43669168DEDD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:linksys:e1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDE5B53-540D-4B65-9501-D45AAAEEEEBC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/goldds96/Report/blob/main/Linksys/E1500/CI.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

78
CVE-2024/CVE-2024-426xx/CVE-2024-42657.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42657",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T17:15:07.967",
"lastModified": "2024-08-20T15:35:23.980",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T16:13:12.413",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -51,18 +81,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nepstech:ntpl-xpon1gfevn_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "521E8573-BFA6-434E-BFDF-EE8CC1266D2F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nepstech:ntpl-xpon1gfevn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF39747-D23D-4C7F-8EB2-E5BB7441877C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sudo-subho/CVE-2024-42657",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.linkedin.com/in/subhodeep-baroi-397629252/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://x.com/sudo_subho",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
}
]
}

83
CVE-2024/CVE-2024-426xx/CVE-2024-42658.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-42658",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-19T17:15:08.027",
"lastModified": "2024-08-19T18:36:20.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:12:50.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter"
},
{
"lang": "es",
"value": "Un problema en el enrutador Wifi Wishnet Nepstech NTPL-XPON1GFEVN v1.0 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del par\u00e1metro de la cookie"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -47,18 +81,57 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nepstech:ntpl-xpon1gfevn_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "521E8573-BFA6-434E-BFDF-EE8CC1266D2F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nepstech:ntpl-xpon1gfevn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF39747-D23D-4C7F-8EB2-E5BB7441877C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sudo-subho/CVE-2024-42658",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.linkedin.com/in/subhodeep-baroi-397629252/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://x.com/sudo_subho",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
}
]
}

21
CVE-2024/CVE-2024-429xx/CVE-2024-42919.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-42919",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-08-20T17:15:19.463",
"lastModified": "2024-08-20T17:15:19.463",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jeyabalaji711/CVE-2024-42919",
"source": "cve@mitre.org"
}
]
}

67
CVE-2024/CVE-2024-433xx/CVE-2024-43399.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-43399",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-19T15:15:09.073",
"lastModified": "2024-08-19T18:36:20.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:21:22.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running MobSF. This vulnerability is fixed in 4.0.7."
},
{
"lang": "es",
"value": "Mobile Security Framework (MobSF) es un framework de prueba de penetraci\u00f3n, an\u00e1lisis de malware y evaluaci\u00f3n de seguridad capaz de realizar an\u00e1lisis est\u00e1ticos y din\u00e1micos. Antes de 4.0.7, hab\u00eda una falla en la secci\u00f3n de an\u00e1lisis de librer\u00edas est\u00e1ticas. En concreto, durante la extracci\u00f3n de archivos de extensi\u00f3n .a, la medida destinada a prevenir ataques Zip Slip se implementa incorrectamente. Dado que la medida implementada se puede eludir, la vulnerabilidad permite a un atacante extraer archivos a cualquier ubicaci\u00f3n deseada dentro del servidor que ejecuta MobSF. Esta vulnerabilidad se solucion\u00f3 en 4.0.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -47,14 +81,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opensecurity:mobile_security_framework:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.7",
"matchCriteriaId": "4529C637-FF24-4DD7-8CBA-6FBF37E4F75B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/cc625fe8430f3437a473e82aa2966d100a4dc883",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

86
CVE-2024/CVE-2024-434xx/CVE-2024-43400.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-43400",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-19T17:15:09.097",
"lastModified": "2024-08-19T18:36:07.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:10:29.987",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. This has been patched in XWiki 14.10.21, 15.5.5, 15.10.6 and 16.0.0."
},
{
"lang": "es",
"value": "XWiki Platform es una plataforma wiki gen\u00e9rica que ofrece servicios de ejecuci\u00f3n para aplicaciones creadas sobre ella. Es posible que un usuario sin derechos de script o programaci\u00f3n cree una URL que apunte a una p\u00e1gina con JavaScript arbitrario. Esto requiere que un ingeniero social enga\u00f1e al usuario para que siga la URL. Esto ha sido parcheado en XWiki 14.10.21, 15.5.5, 15.10.6 y 16.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -47,18 +81,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.10.21",
"matchCriteriaId": "CC5486D1-904E-4848-9F2F-F1B23D0A5594"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.5.5",
"matchCriteriaId": "CA7D00D6-D2DD-4678-A328-5C2A7E96FE48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.6",
"versionEndExcluding": "15.10.6",
"matchCriteriaId": "CCB0588B-7F74-423B-9D36-4B8E4F1BA459"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/27eca8423fc1ad177518077a733076821268509c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wcg9-pgqv-xm5v",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21810",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

133
CVE-2024/CVE-2024-434xx/CVE-2024-43401.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-43401",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-19T17:15:09.317",
"lastModified": "2024-08-19T18:36:07.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:09:23.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user without script/programming right can trick a user with elevated rights to edit a content with a malicious payload using a WYSIWYG editor. The user with elevated rights is not warned beforehand that they are going to edit possibly dangerous content. The payload is executed at edit time. This vulnerability has been patched in XWiki 15.10RC1."
},
{
"lang": "es",
"value": "XWiki Platform es una plataforma wiki gen\u00e9rica que ofrece servicios de ejecuci\u00f3n para aplicaciones creadas sobre ella. Un usuario sin derechos de script/programaci\u00f3n puede enga\u00f1ar a un usuario con derechos elevados para editar un contenido con un payload malicioso utilizando un editor WYSIWYG. Al usuario con derechos elevados no se le advierte de antemano que va a editar contenido posiblemente peligroso. La carga \u00fatil se ejecuta en el momento de la edici\u00f3n. Esta vulnerabilidad ha sido parcheada en XWiki 15.10RC1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -47,58 +81,127 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionEndIncluding": "15.9",
"matchCriteriaId": "3F43BCF2-61DD-4B7A-BE47-54883DDEE567"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-f963-4cq8-2gw7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20331",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21311",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21481",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21482",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21483",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21484",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21485",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21486",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21487",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21488",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21489",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-21490",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-434xx/CVE-2024-43408.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-43408",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-08-20T17:15:19.550",
"lastModified": "2024-08-20T17:15:19.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse-placeholder-theme-component/commit/a62f711d5600e4e5d86f342d52932cb6221672e7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/discourse/discourse-placeholder-theme-component/security/advisories/GHSA-9wx4-cmv3-g5jw",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2024/CVE-2024-59xx/CVE-2024-5914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5914",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-08-14T17:15:18.220",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:22:06.357",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
@ -73,10 +105,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xsoar_commonscripts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.12.33",
"matchCriteriaId": "035D09D6-8E59-4889-AAE9-35CE4B8C4B4C"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5914",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2024/CVE-2024-59xx/CVE-2024-5915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5915",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-08-14T17:15:18.403",
"lastModified": "2024-08-14T17:49:14.177",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:23:10.493",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,9 +59,41 @@
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
@ -73,10 +105,58 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "5.1.0",
"versionEndIncluding": "5.1.9",
"matchCriteriaId": "6EFB2A77-273D-4FB8-B509-F8E5AA32F040"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.6",
"matchCriteriaId": "CC06EA04-F76C-456E-91A0-4164CE2CFABB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "6.1.0",
"versionEndExcluding": "6.1.5",
"matchCriteriaId": "921C45B7-68A7-4D30-B9E3-EF6D95E366F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "6.2.4",
"matchCriteriaId": "7BBF0FF3-EBFD-4299-95D7-D65DDC532954"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:6.3.0:*:*:*:*:windows:*:*",
"matchCriteriaId": "CF300947-06F7-4027-B57A-1F3388233670"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5915",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

583
CVE-2024/CVE-2024-61xx/CVE-2024-6163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6163",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-07-08T13:15:10.593",
"lastModified": "2024-08-02T15:35:52.750",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-08-20T17:44:11.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@checkmk.com",
"type": "Secondary",
@ -60,6 +80,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
},
{
"source": "security@checkmk.com",
"type": "Secondary",
@ -81,10 +111,557 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.0",
"matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*",
"matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*",
"matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*",
"matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*",
"matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*",
"matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*",
"matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*",
"matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*",
"matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*",
"matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*",
"matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*",
"matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*",
"matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*",
"matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*",
"matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p45:*:*:*:*:*:*",
"matchCriteriaId": "4EE19624-17FB-45DD-926D-1A745FF02CB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*",
"matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "77047A82-E6D5-4E84-9BEC-ACD2FDA91FAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "2E44AE62-1746-410F-A28E-F8292E1F8D68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "B6C1AC39-5AE0-4FC8-93FF-966400B074F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "EEC0ED95-F43B-46D7-9AA0-A0FB1C32EF1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "91C194C1-5292-4E2A-BB71-9C5CD3CE6194"
}
]
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/17011",
"source": "security@checkmk.com"
"source": "security@checkmk.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-63xx/CVE-2024-6348.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-6348",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-08-19T16:15:08.973",
"lastModified": "2024-08-19T18:36:20.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:17:03.810",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests."
},
{
"lang": "es",
"value": "La generaci\u00f3n de semillas predecible en el mecanismo de acceso de seguridad de UDS en Blind Spot Protection Sensor ECU en Nissan Altima (2022) permite a los atacantes predecir las semillas solicitadas y eludir los controles de seguridad mediante reinicios repetidos de la ECU y solicitudes de semillas."
}
],
"metrics": {
@ -55,9 +59,41 @@
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
},
{
"source": "cve@asrg.io",
"type": "Secondary",
@ -69,10 +105,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nissan-global:blind_spot_protection_sensor_ecu_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA6249A-E6EA-480A-ADA6-1B8936AA393A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nissan-global:altima:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "9C31BBA0-733B-4F85-9687-85EEABDC2664"
}
]
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/",
"source": "cve@asrg.io"
"source": "cve@asrg.io",
"tags": [
"Not Applicable"
]
}
]
}

139
CVE-2024/CVE-2024-75xx/CVE-2024-7592.json
View File

@ -2,17 +2,54 @@
"id": "CVE-2024-7592",
"sourceIdentifier": "cna@python.org",
"published": "2024-08-19T19:15:08.180",
"lastModified": "2024-08-19T19:26:46.993",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:02:16.280",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a LOW severity vulnerability affecting CPython, specifically the\n'http.cookies' standard library module.\n\n\nWhen parsing cookies that contained backslashes for quoted characters in\nthe cookie value, the parser would use an algorithm with quadratic\ncomplexity, resulting in excess CPU resources being used while parsing the\nvalue."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de gravedad BAJA que afecta a CPython, espec\u00edficamente al m\u00f3dulo de librer\u00eda est\u00e1ndar 'http.cookies'. Al analizar cookies que conten\u00edan barras invertidas para caracteres entrecomillados en el valor de la cookie, el analizador usar\u00eda un algoritmo con complejidad cuadr\u00e1tica, lo que resultar\u00eda en un exceso de recursos de CPU que se usar\u00edan al analizar el valor."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
},
{
"source": "cna@python.org",
"type": "Secondary",
@ -24,18 +61,108 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.12.5",
"matchCriteriaId": "5621585D-59F4-4B27-9980-E7602EA0B750"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:alpha0:*:*:*:*:*:*",
"matchCriteriaId": "3BA51E41-D221-431F-870F-536AF2867B50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "978582FF-B8F3-479F-AE77-359E9AEE6F23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "84E3F62C-7218-4DC3-8473-8A576739643A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "1FD15706-B8BC-4801-9F93-06771F2E12C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "0FDC359F-E8ED-4777-83FB-1EC63F095CBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "6893BDDE-4D90-4592-8701-C6B3FFEB0CFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "E316F712-F03A-4378-8192-D1640819698B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "8566F034-27CB-422E-950B-DCAA926CF64F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "EACCE6C3-7701-4966-9D88-E949C82FCA46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "A4853BF2-9C27-465F-9840-5B37013C9F74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "B266541A-E877-4CAD-A1EF-08A069441F36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.13.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8384A34C-50CD-439C-A2BB-DEA6161342C1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/python/cpython/issues/123067",
"source": "cna@python.org"
"source": "cna@python.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/python/cpython/pull/123075",
"source": "cna@python.org"
"source": "cna@python.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/",
"source": "cna@python.org"
"source": "cna@python.org",
"tags": [
"Mailing List"
]
}
]
}

603
CVE-2024/CVE-2024-79xx/CVE-2024-7922.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7922",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-19T15:15:09.403",
"lastModified": "2024-08-19T18:36:20.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:20:25.403",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_audio_search/cgi_create_playlist/cgi_get_album_all_tracks/cgi_get_alltracks_editlist/cgi_get_artist_all_album/cgi_get_genre_all_tracks/cgi_get_tracks_list/cgi_set_airplay_content/cgi_write_playlist of the file /cgi-bin/myMusic.cgi. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS- 326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550-04 hasta 20240814 y clasificados como cr\u00edtico. Afectado por este problema es la funci\u00f3n CGI_AUDIO_SEARCH/CGI_CREATE_PLAYLIST/CGI_GET_ALBUM_ALL_TRACKS/CGI_GET_ALLTRACKS_EDITLIST/CGI_GET_ARTIST_ALL_ALBUM/CGI_GET_GENRE_ALL_TRACKS/CGI_GET_TRACKS/CGGI ite_playList del archivo /cgi-bin/mymusic.cgi. La manipulaci\u00f3n conduce a la inyecci\u00f3n de comandos. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse."
}
],
"metrics": {
@ -64,6 +68,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -123,30 +147,593 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-120_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B21A28B5-28EC-4307-938D-DFBEDB554DE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "577E4A7A-E036-4154-824A-ABBDF7B51D80"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dnr-202l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39244DF3-C362-419D-A6FF-1B8D8B716F97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dnr-202l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F99805E4-E7D7-40D4-9340-1CCE337456FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-315l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B1A621-3FE4-4C9B-9082-2DA311BCA88B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-315l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7305E3CF-55F2-4885-BB74-FC0607D1DEF8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-320_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "180B532E-DC78-496E-B362-6E09A2C3B209"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7B6061-1B5E-47C7-981E-103C8532A5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-320l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF8C361-252B-4D72-923A-3F1EE660904C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-320l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "691EDA1F-77F4-4448-A6FE-AC280D8A1C84"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-320lw_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92854E27-F1C7-42A4-91B0-D12EE805A191"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-320lw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49987828-78FF-4571-8382-5CE15EDC8092"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-321_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12F66A8B-4985-4F6F-BECB-74A7D53FE5EA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F2B198D-7991-4B8C-981F-40DE5C948140"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dnr-322l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED124802-3717-4D45-AE2B-ECE20876FB22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dnr-322l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "908FF5BC-9EA8-476E-BB3B-5B839C4855CC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-323_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA2156D-ED3B-4E4E-9E22-A8AC6B12CAE8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-323:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD4C6779-9E57-4B64-BE79-356046955B42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-325_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "574481BB-B541-4B84-A935-64EB872100F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77CFAE33-FB2C-4239-8674-F19A8628A3A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-326_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "151E7B4E-F2CD-4090-BA3F-721B85B7EA70"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-326:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8D94FF-81FA-43BC-AA9A-6DDD578060C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-327l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C7B7F4-E654-47A7-8541-B49CD2F76A80"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-327l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CDA9CA-7092-4090-AC15-7641A8E268F8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dnr-326_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D935868-7250-4E4A-AE30-FE383023DC03"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dnr-326:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE48A4B-7F22-4EE3-9842-A9BDEBC11058"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-340l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85430BEE-D18E-4BC9-BE72-04440857E205"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-340l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88232B8-047D-496A-B14E-138BEEB64984"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-343_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88ABA04D-D603-4ACF-B165-F94A91920803"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-343:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B2DBDA-C357-41B5-BDEF-9855A8042E2B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-345_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B49595DE-4CE1-445B-B750-68615A80A8DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AF004B-2BA8-4EE4-81AE-5A4F635059C8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-726-4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA638D44-7851-4999-804F-EEFFA98D6E6A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-726-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "423AD338-46E1-4B73-8974-C2DA4E47240C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-1100-4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E919D37-0C27-45F9-922B-1E65983FDBA5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-1100-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AABE548-E243-4237-9225-38A5FFCD829F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-1200-05_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65DB23C2-7FB0-48B8-BED6-0896B2B18D7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-1200-05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A62D373D-60A7-41A5-B66B-418B97A9BA00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dns-1550-04_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EACE54-DE9E-4602-80C7-5121CFDAA616"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dns-1550-04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0561471D-6B18-43C9-B65B-32B6065275B6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_playlist.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_tracks_list.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.275108",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.275108",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.391669",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

69
CVE-2024/CVE-2024-79xx/CVE-2024-7924.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-7924",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-19T18:15:13.050",
"lastModified": "2024-08-19T18:36:07.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:07:26.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZCMS 2023. It has been declared as critical. This vulnerability affects unknown code of the file /I/list.php. The manipulation of the argument skin leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en ZZCMS 2023 y fue declarada cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /I/list.php. La manipulaci\u00f3n del aspecto del argumento conduce al path traversal. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {
@ -57,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -116,22 +140,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "654D0493-9784-4B2B-BC05-69B4BB6F86F4"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/A0kooo/cve_article/blob/master/zzcms/zzcms%20list.php%20Directory%20traversal.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.275110",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.275110",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.391876",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

78
CVE-2024/CVE-2024-79xx/CVE-2024-7925.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-7925",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-08-19T18:15:13.287",
"lastModified": "2024-08-19T18:36:07.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-08-20T16:06:31.663",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en ZZCMS 2023 y ha sido calificada como problem\u00e1tica. Este problema afecta un procesamiento desconocido del archivo 3/E_bak5.1/upload/eginfo.php. La manipulaci\u00f3n del argumento phome con la entrada ShowPHPInfo conduce a la divulgaci\u00f3n de informaci\u00f3n. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {
@ -57,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -105,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -116,22 +150,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "654D0493-9784-4B2B-BC05-69B4BB6F86F4"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/A0kooo/cve_article/blob/master/zzcms/information_leak/Zenmus%20ekinfo.php%20had%20an%20information%20leak.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.275111",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.275111",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.392121",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

93
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-08-20T16:00:18.583404+00:00
2024-08-20T18:00:18.411561+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-08-20T15:50:32.013000+00:00
2024-08-20T17:44:11.677000+00:00
```
### Last Data Feed Release
@ -33,69 +33,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
260646
260654
```
### CVEs added in the last Commit
Recently added CVEs: `34`
Recently added CVEs: `8`
- [CVE-2024-42604](CVE-2024/CVE-2024-426xx/CVE-2024-42604.json) (`2024-08-20T15:15:21.940`)
- [CVE-2024-42605](CVE-2024/CVE-2024-426xx/CVE-2024-42605.json) (`2024-08-20T15:15:22.020`)
- [CVE-2024-42606](CVE-2024/CVE-2024-426xx/CVE-2024-42606.json) (`2024-08-20T15:15:22.100`)
- [CVE-2024-42607](CVE-2024/CVE-2024-426xx/CVE-2024-42607.json) (`2024-08-20T15:15:22.213`)
- [CVE-2024-42608](CVE-2024/CVE-2024-426xx/CVE-2024-42608.json) (`2024-08-20T14:15:09.697`)
- [CVE-2024-42609](CVE-2024/CVE-2024-426xx/CVE-2024-42609.json) (`2024-08-20T15:15:22.357`)
- [CVE-2024-42610](CVE-2024/CVE-2024-426xx/CVE-2024-42610.json) (`2024-08-20T15:15:22.437`)
- [CVE-2024-42611](CVE-2024/CVE-2024-426xx/CVE-2024-42611.json) (`2024-08-20T15:15:22.517`)
- [CVE-2024-42613](CVE-2024/CVE-2024-426xx/CVE-2024-42613.json) (`2024-08-20T15:15:22.600`)
- [CVE-2024-42616](CVE-2024/CVE-2024-426xx/CVE-2024-42616.json) (`2024-08-20T15:15:22.690`)
- [CVE-2024-42617](CVE-2024/CVE-2024-426xx/CVE-2024-42617.json) (`2024-08-20T15:15:22.777`)
- [CVE-2024-42618](CVE-2024/CVE-2024-426xx/CVE-2024-42618.json) (`2024-08-20T15:15:22.853`)
- [CVE-2024-42621](CVE-2024/CVE-2024-426xx/CVE-2024-42621.json) (`2024-08-20T15:15:22.933`)
- [CVE-2024-42662](CVE-2024/CVE-2024-426xx/CVE-2024-42662.json) (`2024-08-20T15:15:23.090`)
- [CVE-2024-43376](CVE-2024/CVE-2024-433xx/CVE-2024-43376.json) (`2024-08-20T15:15:23.277`)
- [CVE-2024-43377](CVE-2024/CVE-2024-433xx/CVE-2024-43377.json) (`2024-08-20T15:15:23.490`)
- [CVE-2024-43397](CVE-2024/CVE-2024-433xx/CVE-2024-43397.json) (`2024-08-20T15:15:23.673`)
- [CVE-2024-43404](CVE-2024/CVE-2024-434xx/CVE-2024-43404.json) (`2024-08-20T15:15:23.867`)
- [CVE-2024-43406](CVE-2024/CVE-2024-434xx/CVE-2024-43406.json) (`2024-08-20T15:15:24.070`)
- [CVE-2024-43409](CVE-2024/CVE-2024-434xx/CVE-2024-43409.json) (`2024-08-20T15:15:24.270`)
- [CVE-2024-6377](CVE-2024/CVE-2024-63xx/CVE-2024-6377.json) (`2024-08-20T14:15:09.917`)
- [CVE-2024-6378](CVE-2024/CVE-2024-63xx/CVE-2024-6378.json) (`2024-08-20T14:15:10.127`)
- [CVE-2024-6379](CVE-2024/CVE-2024-63xx/CVE-2024-6379.json) (`2024-08-20T14:15:10.323`)
- [CVE-2024-8003](CVE-2024/CVE-2024-80xx/CVE-2024-8003.json) (`2024-08-20T14:15:10.767`)
- [CVE-2024-8005](CVE-2024/CVE-2024-80xx/CVE-2024-8005.json) (`2024-08-20T14:15:11.130`)
- [CVE-2024-27184](CVE-2024/CVE-2024-271xx/CVE-2024-27184.json) (`2024-08-20T16:15:10.733`)
- [CVE-2024-27185](CVE-2024/CVE-2024-271xx/CVE-2024-27185.json) (`2024-08-20T16:15:10.840`)
- [CVE-2024-27186](CVE-2024/CVE-2024-271xx/CVE-2024-27186.json) (`2024-08-20T16:15:10.893`)
- [CVE-2024-27187](CVE-2024/CVE-2024-271xx/CVE-2024-27187.json) (`2024-08-20T16:15:10.983`)
- [CVE-2024-40743](CVE-2024/CVE-2024-407xx/CVE-2024-40743.json) (`2024-08-20T16:15:11.457`)
- [CVE-2024-42598](CVE-2024/CVE-2024-425xx/CVE-2024-42598.json) (`2024-08-20T16:15:11.727`)
- [CVE-2024-42919](CVE-2024/CVE-2024-429xx/CVE-2024-42919.json) (`2024-08-20T17:15:19.463`)
- [CVE-2024-43408](CVE-2024/CVE-2024-434xx/CVE-2024-43408.json) (`2024-08-20T17:15:19.550`)
### CVEs modified in the last Commit
Recently modified CVEs: `195`
Recently modified CVEs: `68`
- [CVE-2024-7775](CVE-2024/CVE-2024-77xx/CVE-2024-7775.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7777](CVE-2024/CVE-2024-77xx/CVE-2024-7777.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7780](CVE-2024/CVE-2024-77xx/CVE-2024-7780.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7782](CVE-2024/CVE-2024-77xx/CVE-2024-7782.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7827](CVE-2024/CVE-2024-78xx/CVE-2024-7827.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7850](CVE-2024/CVE-2024-78xx/CVE-2024-7850.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7926](CVE-2024/CVE-2024-79xx/CVE-2024-7926.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7927](CVE-2024/CVE-2024-79xx/CVE-2024-7927.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7928](CVE-2024/CVE-2024-79xx/CVE-2024-7928.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7929](CVE-2024/CVE-2024-79xx/CVE-2024-7929.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7930](CVE-2024/CVE-2024-79xx/CVE-2024-7930.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7931](CVE-2024/CVE-2024-79xx/CVE-2024-7931.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7933](CVE-2024/CVE-2024-79xx/CVE-2024-7933.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7934](CVE-2024/CVE-2024-79xx/CVE-2024-7934.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7935](CVE-2024/CVE-2024-79xx/CVE-2024-7935.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7936](CVE-2024/CVE-2024-79xx/CVE-2024-7936.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7937](CVE-2024/CVE-2024-79xx/CVE-2024-7937.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7942](CVE-2024/CVE-2024-79xx/CVE-2024-7942.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7943](CVE-2024/CVE-2024-79xx/CVE-2024-7943.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7944](CVE-2024/CVE-2024-79xx/CVE-2024-7944.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7945](CVE-2024/CVE-2024-79xx/CVE-2024-7945.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7946](CVE-2024/CVE-2024-79xx/CVE-2024-7946.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7947](CVE-2024/CVE-2024-79xx/CVE-2024-7947.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7948](CVE-2024/CVE-2024-79xx/CVE-2024-7948.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-7949](CVE-2024/CVE-2024-79xx/CVE-2024-7949.json) (`2024-08-20T15:44:20.567`)
- [CVE-2024-42032](CVE-2024/CVE-2024-420xx/CVE-2024-42032.json) (`2024-08-20T16:58:09.690`)
- [CVE-2024-42553](CVE-2024/CVE-2024-425xx/CVE-2024-42553.json) (`2024-08-20T16:35:22.120`)
- [CVE-2024-42555](CVE-2024/CVE-2024-425xx/CVE-2024-42555.json) (`2024-08-20T16:35:23.320`)
- [CVE-2024-42560](CVE-2024/CVE-2024-425xx/CVE-2024-42560.json) (`2024-08-20T16:35:24.553`)
- [CVE-2024-42562](CVE-2024/CVE-2024-425xx/CVE-2024-42562.json) (`2024-08-20T16:35:25.820`)
- [CVE-2024-42569](CVE-2024/CVE-2024-425xx/CVE-2024-42569.json) (`2024-08-20T16:35:27.333`)
- [CVE-2024-42576](CVE-2024/CVE-2024-425xx/CVE-2024-42576.json) (`2024-08-20T16:35:29.750`)
- [CVE-2024-42585](CVE-2024/CVE-2024-425xx/CVE-2024-42585.json) (`2024-08-20T16:35:31.307`)
- [CVE-2024-42586](CVE-2024/CVE-2024-425xx/CVE-2024-42586.json) (`2024-08-20T16:35:33.523`)
- [CVE-2024-42611](CVE-2024/CVE-2024-426xx/CVE-2024-42611.json) (`2024-08-20T16:35:34.633`)
- [CVE-2024-42617](CVE-2024/CVE-2024-426xx/CVE-2024-42617.json) (`2024-08-20T16:35:35.733`)
- [CVE-2024-42633](CVE-2024/CVE-2024-426xx/CVE-2024-42633.json) (`2024-08-20T16:18:24.300`)
- [CVE-2024-42657](CVE-2024/CVE-2024-426xx/CVE-2024-42657.json) (`2024-08-20T16:13:12.413`)
- [CVE-2024-42658](CVE-2024/CVE-2024-426xx/CVE-2024-42658.json) (`2024-08-20T16:12:50.290`)
- [CVE-2024-43399](CVE-2024/CVE-2024-433xx/CVE-2024-43399.json) (`2024-08-20T16:21:22.747`)
- [CVE-2024-43400](CVE-2024/CVE-2024-434xx/CVE-2024-43400.json) (`2024-08-20T16:10:29.987`)
- [CVE-2024-43401](CVE-2024/CVE-2024-434xx/CVE-2024-43401.json) (`2024-08-20T16:09:23.747`)
- [CVE-2024-5914](CVE-2024/CVE-2024-59xx/CVE-2024-5914.json) (`2024-08-20T16:22:06.357`)
- [CVE-2024-5915](CVE-2024/CVE-2024-59xx/CVE-2024-5915.json) (`2024-08-20T16:23:10.493`)
- [CVE-2024-6163](CVE-2024/CVE-2024-61xx/CVE-2024-6163.json) (`2024-08-20T17:44:11.677`)
- [CVE-2024-6348](CVE-2024/CVE-2024-63xx/CVE-2024-6348.json) (`2024-08-20T16:17:03.810`)
- [CVE-2024-7592](CVE-2024/CVE-2024-75xx/CVE-2024-7592.json) (`2024-08-20T16:02:16.280`)
- [CVE-2024-7922](CVE-2024/CVE-2024-79xx/CVE-2024-7922.json) (`2024-08-20T16:20:25.403`)
- [CVE-2024-7924](CVE-2024/CVE-2024-79xx/CVE-2024-7924.json) (`2024-08-20T16:07:26.443`)
- [CVE-2024-7925](CVE-2024/CVE-2024-79xx/CVE-2024-7925.json) (`2024-08-20T16:06:31.663`)
## Download and Usage

576
_state.csv
View File

File diff suppressed because it is too large Load Diff