From 1519c9590459f8640ce94b2255c43f93654e958a Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 3 Sep 2024 04:03:14 +0000 Subject: [PATCH] Auto-Update: 2024-09-03T04:00:17.134051+00:00 --- CVE-2024/CVE-2024-420xx/CVE-2024-42057.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-420xx/CVE-2024-42058.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-420xx/CVE-2024-42059.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-420xx/CVE-2024-42060.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-420xx/CVE-2024-42061.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-54xx/CVE-2024-5412.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-63xx/CVE-2024-6343.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-72xx/CVE-2024-7203.json | 56 +++++++++++++++++++++ CVE-2024/CVE-2024-72xx/CVE-2024-7261.json | 56 +++++++++++++++++++++ README.md | 18 +++++-- _state.csv | 11 +++- 11 files changed, 527 insertions(+), 6 deletions(-) create mode 100644 CVE-2024/CVE-2024-420xx/CVE-2024-42057.json create mode 100644 CVE-2024/CVE-2024-420xx/CVE-2024-42058.json create mode 100644 CVE-2024/CVE-2024-420xx/CVE-2024-42059.json create mode 100644 CVE-2024/CVE-2024-420xx/CVE-2024-42060.json create mode 100644 CVE-2024/CVE-2024-420xx/CVE-2024-42061.json create mode 100644 CVE-2024/CVE-2024-54xx/CVE-2024-5412.json create mode 100644 CVE-2024/CVE-2024-63xx/CVE-2024-6343.json create mode 100644 CVE-2024/CVE-2024-72xx/CVE-2024-7203.json create mode 100644 CVE-2024/CVE-2024-72xx/CVE-2024-7261.json diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42057.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42057.json new file mode 100644 index 00000000000..beea2c9c43a --- /dev/null +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42057.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42057", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T02:15:04.213", + "lastModified": "2024-09-03T02:15:04.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device. Note that this attack could be successful only if the device was configured in User-Based-PSK authentication mode and a valid user with a long username exceeding 28 characters exists." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42058.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42058.json new file mode 100644 index 00000000000..f1671748ccc --- /dev/null +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42058.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42058", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T02:15:04.467", + "lastModified": "2024-09-03T02:15:04.467", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V5.20 through V5.38, and USG20(W)-VPN series firmware versions from V5.20 through V5.38 could allow an unauthenticated attacker to cause DoS conditions by sending crafted packets to a vulnerable device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42059.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42059.json new file mode 100644 index 00000000000..0d682dfb3da --- /dev/null +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42059.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42059", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T02:15:04.690", + "lastModified": "2024-09-03T02:15:04.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42060.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42060.json new file mode 100644 index 00000000000..f41e1fd56e8 --- /dev/null +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42060.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42060", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T02:15:04.900", + "lastModified": "2024-09-03T02:15:04.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-420xx/CVE-2024-42061.json b/CVE-2024/CVE-2024-420xx/CVE-2024-42061.json new file mode 100644 index 00000000000..265bf89f0e6 --- /dev/null +++ b/CVE-2024/CVE-2024-420xx/CVE-2024-42061.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-42061", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T03:15:03.710", + "lastModified": "2024-09-03T03:15:03.710", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A reflected cross-site scripting (XSS) vulnerability in the CGI program \"dynamic_script.cgi\" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an attacker to trick a user into visiting a crafted URL with the XSS payload. The attacker could obtain browser-based information if the malicious script is executed on the victim\u2019s browser." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-54xx/CVE-2024-5412.json b/CVE-2024/CVE-2024-54xx/CVE-2024-5412.json new file mode 100644 index 00000000000..aa8f06a5044 --- /dev/null +++ b/CVE-2024/CVE-2024-54xx/CVE-2024-5412.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-5412", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T02:15:05.103", + "lastModified": "2024-09-03T02:15:05.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A buffer overflow vulnerability in the library \"libclinkc\" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-buffer-overflow-vulnerability-in-some-5g-nr-cpe-dsl-ethernet-cpe-fiber-ont-wifi-extender-and-security-router-devices-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6343.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6343.json new file mode 100644 index 00000000000..b09cc789924 --- /dev/null +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6343.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6343", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T02:15:05.317", + "lastModified": "2024-09-03T02:15:05.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7203.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7203.json new file mode 100644 index 00000000000..2296692b93d --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7203.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-7203", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T02:15:05.520", + "lastModified": "2024-09-03T02:15:05.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device by executing a crafted CLI command." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-72xx/CVE-2024-7261.json b/CVE-2024/CVE-2024-72xx/CVE-2024-7261.json new file mode 100644 index 00000000000..0713ead01aa --- /dev/null +++ b/CVE-2024/CVE-2024-72xx/CVE-2024-7261.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-7261", + "sourceIdentifier": "security@zyxel.com.tw", + "published": "2024-09-03T03:15:03.940", + "lastModified": "2024-09-03T03:15:03.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The improper neutralization of special elements in the parameter \"host\" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware version 6.70(ABVS.4) \n\nand earlier, WAX655E firmware version 7.00(ACDO.1) and earlier, WBE530 firmware version 7.00(ACLE.1) \n\nand earlier, and\u00a0USG LITE 60AX firmware version\u00a0V2.00(ACIP.2) could allow an unauthenticated attacker to execute OS commands by sending a crafted cookie to a vulnerable device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@zyxel.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-os-command-injection-vulnerability-in-aps-and-security-router-devices-09-03-2024", + "source": "security@zyxel.com.tw" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2c27f3cd76d..354bf7e2f37 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-03T02:00:17.355931+00:00 +2024-09-03T04:00:17.134051+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-03T01:15:13.690000+00:00 +2024-09-03T03:15:03.940000+00:00 ``` ### Last Data Feed Release @@ -33,14 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -261722 +261731 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `9` -- [CVE-2024-8380](CVE-2024/CVE-2024-83xx/CVE-2024-8380.json) (`2024-09-03T01:15:13.690`) +- [CVE-2024-42057](CVE-2024/CVE-2024-420xx/CVE-2024-42057.json) (`2024-09-03T02:15:04.213`) +- [CVE-2024-42058](CVE-2024/CVE-2024-420xx/CVE-2024-42058.json) (`2024-09-03T02:15:04.467`) +- [CVE-2024-42059](CVE-2024/CVE-2024-420xx/CVE-2024-42059.json) (`2024-09-03T02:15:04.690`) +- [CVE-2024-42060](CVE-2024/CVE-2024-420xx/CVE-2024-42060.json) (`2024-09-03T02:15:04.900`) +- [CVE-2024-42061](CVE-2024/CVE-2024-420xx/CVE-2024-42061.json) (`2024-09-03T03:15:03.710`) +- [CVE-2024-5412](CVE-2024/CVE-2024-54xx/CVE-2024-5412.json) (`2024-09-03T02:15:05.103`) +- [CVE-2024-6343](CVE-2024/CVE-2024-63xx/CVE-2024-6343.json) (`2024-09-03T02:15:05.317`) +- [CVE-2024-7203](CVE-2024/CVE-2024-72xx/CVE-2024-7203.json) (`2024-09-03T02:15:05.520`) +- [CVE-2024-7261](CVE-2024/CVE-2024-72xx/CVE-2024-7261.json) (`2024-09-03T03:15:03.940`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index c73a6768be4..261629a375d 100644 --- a/_state.csv +++ b/_state.csv @@ -257635,7 +257635,12 @@ CVE-2024-42053,0,0,a6062e6a4bcd11b760655238c4a48736a58caa8e1af15eed073e37dfa3063 CVE-2024-42054,0,0,c42d43c53c1cba0b73693fd7267a0550fcf147a433b2caa751a167565e636401,2024-08-29T18:10:04.747000 CVE-2024-42055,0,0,8a78ba41d377bdb827ec713a20b75c7470ce65883ded00b1b140a62404f7c216,2024-08-29T18:10:30.470000 CVE-2024-42056,0,0,09375415bf9183672b6163fe2c8648c358781f72609968fbfe75ab19ffe9a5b2,2024-08-26T15:15:07.853000 +CVE-2024-42057,1,1,741592f4a89a79db75888cbf0b537e9b4b6c34514745940fee01b1861d1c6366,2024-09-03T02:15:04.213000 +CVE-2024-42058,1,1,4286db405073696f8e08d6737708786e6b2dbd193f7c7247e504989252629e8a,2024-09-03T02:15:04.467000 +CVE-2024-42059,1,1,6b83ac4511e163ff8942939623334884101e6d21df0c2507e8348cf06e1659a7,2024-09-03T02:15:04.690000 CVE-2024-4206,0,0,094d5b07d12006961f56a1900b69d613595338528ec5cf7d408eb10d270cfa9f,2024-06-11T10:15:13.553000 +CVE-2024-42060,1,1,c7a01e26a6ddaed8b99f6baf5a9d14c3cf139dbf808856192ad35c7f6361d4dd,2024-09-03T02:15:04.900000 +CVE-2024-42061,1,1,e0941924899098c502e8f53e992cc73fd329ce8ec24c4b597aca0804a2796302,2024-09-03T03:15:03.710000 CVE-2024-42062,0,0,4478fdb9b22ea23c1311199bc27883e40d46ca58109e564d83bc2207123d372b,2024-08-19T14:15:22.663000 CVE-2024-42063,0,0,ab1fc80f4d5a337fc787a5927c5a2799f0f954cb8192994c0bb80d8c74f4b1de,2024-07-29T16:21:52.517000 CVE-2024-42064,0,0,aff9875e6448c473c643bff3b6337ebbd7539dcae5f98d4517c155e837f00f5d,2024-07-30T19:03:25.797000 @@ -259721,6 +259726,7 @@ CVE-2024-5408,0,0,92cb006098fac854b982ac43e2f15abb08c6efa42610acc2d542027955309d CVE-2024-5409,0,0,cf17c00e2696039626da2501323bb63130e64564f7c70e2680f61c8296b7486b,2024-05-28T12:39:28.377000 CVE-2024-5410,0,0,33a5ba9b12c1e74f0aa24bc0d8928f8ff241dde36fed372d790c69ac128b19a7,2024-06-10T17:16:34.350000 CVE-2024-5411,0,0,6f38aadf376ed626f84103b80eadf7d4a3da9be020ddcb9fa408be6d4c8307b5,2024-06-10T17:16:34.440000 +CVE-2024-5412,1,1,d7c69e091378a314be4eee5f6c6a4bce23b17fb9aee92dffc08e20f34f029419,2024-09-03T02:15:05.103000 CVE-2024-5413,0,0,b448c8c4fee794a9903e33e6c17f07ddeb3dd7c0bc677024b75809ef047d2c8a,2024-05-28T14:59:09.827000 CVE-2024-5414,0,0,08acc305e6c9bea4a9589fa3dba157ea62649fb0f8c0ee74aad6ddc09386f1c2,2024-05-28T14:59:09.827000 CVE-2024-5415,0,0,d8ba178a70f3cfb2a3911a07d12ef045cc2ca261b5b8d85db5edc9c9636eef1e,2024-05-28T14:59:09.827000 @@ -260478,6 +260484,7 @@ CVE-2024-6338,0,0,8956384d5cc966970e625ecbde4127bb4f84d940fa059b7aaed0155a833fd9 CVE-2024-6339,0,0,900c18b99c3b938f801abc6ad5fe5a877c8e068ea7f11186df65574c46246a21,2024-08-21T12:30:33.697000 CVE-2024-6340,0,0,fd12f25a45d92fefbb8c0ec47428250f4f56bb9c686a12a52e54d86e24fec10a,2024-07-03T18:27:40.903000 CVE-2024-6341,0,0,528f4fdde1526d72477e90a767b2f2316b168f65b64effeddb9446d8a5cdcaf5,2024-07-02T18:15:03.900000 +CVE-2024-6343,1,1,aea2201c0a2c2e2cce06fbb5c3ec5a620f0dfd8a99c027565976b956cc252ff5,2024-09-03T02:15:05.317000 CVE-2024-6344,0,0,ddc89c494afe0b7b80a518e0bed96070c096d29b8a0f403bdd242f60ce193de2,2024-06-27T00:15:13.360000 CVE-2024-6345,0,0,fc166d5e44485020c9b016f580b4f1c78befbdae01a9e6ec8b7e6b8d01a2e1ea,2024-07-15T13:00:34.853000 CVE-2024-6346,0,0,dd2451b3228a249be11318435f5e384b8c60f44f7f9b400e6ba532a21de9b77f,2024-08-01T12:42:36.933000 @@ -261056,6 +261063,7 @@ CVE-2024-7199,0,0,7ea69c706ca37b2dda1e80a6b544bb8bc45945ecc4407a97bc445bda686ee9 CVE-2024-7200,0,0,562ee7e89d7efcb6c366bd01f0dce90b526172f7ec9c4cf62a24dcbb3dc30d8c,2024-08-12T14:36:06.033000 CVE-2024-7201,0,0,ada84f4b903b0c95dc45be4013db2022612c9fdb66b840b2138f16a8a9061fa8,2024-07-29T14:12:08.783000 CVE-2024-7202,0,0,47ee30ff0ebecde915aadd7cf1bd702d0bebf04cac4786411e427c0fde39b1f2,2024-07-29T14:12:08.783000 +CVE-2024-7203,1,1,220c1071b3afa80c043080e1540771af8510164af8233b32a66b6933d9da09a2,2024-09-03T02:15:05.520000 CVE-2024-7204,0,0,1772f71824e8e67d08dd960b8980267be3eb60b7db474bb1b3294ba0efdcc4fb,2024-08-02T12:59:43.990000 CVE-2024-7205,0,0,f8b1cbec46ea51b223aac866d1ac39ee6fa7b6e832e6e62020df5a45e4b00643,2024-07-31T15:15:10.993000 CVE-2024-7208,0,0,23976b9c97cfc390397ceda1fa9cd6b5d178a3b311c11fb9c9f129febf7d4e73,2024-08-02T15:16:37.420000 @@ -261087,6 +261095,7 @@ CVE-2024-7255,0,0,a4eb887a2aa91b61ced64af6faa636cef124d2fd1032af5abcd1e986918698 CVE-2024-7256,0,0,28c6c5405ca0661376f4706f7e75647b14826bc648847c0c2ef29d4ee5bafea0,2024-08-03T18:35:04.003000 CVE-2024-7257,0,0,e6ef266df52e25692b132cfb6522d79defb5eb3e548daae54be1d69b0c3ab16e,2024-08-05T12:41:45.957000 CVE-2024-7258,0,0,7daa83813c091cf4943890cfcc79fb77dbec053060dc3ee1861fb34d4faa0557,2024-08-23T16:18:28.547000 +CVE-2024-7261,1,1,a3cff23436e9546e8c024e683d8828c4819ce385f30137f251e7a3c2471877df,2024-09-03T03:15:03.940000 CVE-2024-7262,0,0,6eb890539ac6ea65f95d63d1cc2b2db839fe55351667e7e39ec8c244bb43a119,2024-08-22T06:15:04.173000 CVE-2024-7263,0,0,9d6df8d57145d860b9f285c4defefe5eae42f914cf87b79ed3fa24860767bd90,2024-08-22T06:15:04.510000 CVE-2024-7264,0,0,12a75b53a7f63996bb7b4af3d1a6b7462e167bb63f5a12a5607f29e5ee63586a,2024-08-12T17:30:51.880000 @@ -261720,4 +261729,4 @@ CVE-2024-8366,0,0,aa72fcd41b228be7b06f6c9a81ecf2f8f9fd5e20be0db7cf0df490a8a5890f CVE-2024-8367,0,0,8148f938d91de1e8fd6536b835fce7d047e450cd706d113fc44497b29c91e0fa,2024-09-01T04:15:14.107000 CVE-2024-8368,0,0,b6512ddcc37b6e90aa53a67b75199705c7ccbc726e2c91253f9dcb246f9ed10e,2024-09-01T05:15:12.187000 CVE-2024-8370,0,0,fc6619055deaa0369ad7ec9ea228a5984b89e76836c9bae412619b763ebbc1d6,2024-09-01T22:15:14.117000 -CVE-2024-8380,1,1,59536f41ae8eb3ab90b4321adcf0c677bff349890fe9496a5f0af1786eb08033,2024-09-03T01:15:13.690000 +CVE-2024-8380,0,0,59536f41ae8eb3ab90b4321adcf0c677bff349890fe9496a5f0af1786eb08033,2024-09-03T01:15:13.690000