diff --git a/CVE-2019/CVE-2019-127xx/CVE-2019-12749.json b/CVE-2019/CVE-2019-127xx/CVE-2019-12749.json index 86fb2b95a51..7b8ef78a8d5 100644 --- a/CVE-2019/CVE-2019-127xx/CVE-2019-12749.json +++ b/CVE-2019/CVE-2019-127xx/CVE-2019-12749.json @@ -2,8 +2,9 @@ "id": "CVE-2019-12749", "sourceIdentifier": "cve@mitre.org", "published": "2019-06-11T17:29:00.517", - "lastModified": "2024-11-21T04:23:29.590", + "lastModified": "2024-12-06T14:15:18.790", "vulnStatus": "Modified", + "cveTags": [], "descriptions": [ { "lang": "en", @@ -275,6 +276,10 @@ "url": "https://security.gentoo.org/glsa/201909-08", "source": "af854a3a-2127-422b-91ae-364da2661108" }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0010/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, { "url": "https://usn.ubuntu.com/4015-1/", "source": "af854a3a-2127-422b-91ae-364da2661108", diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46994.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46994.json index ee6bd79f7f8..5be875f801f 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46994.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46994.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46994", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:37.923", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:42:34.983", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: can: mcp251x: corregir la reanudaci\u00f3n desde la suspensi\u00f3n antes de que se activara la interfaz. Desde 8ce8c0abcba3, las colas de controladores funcionan a trav\u00e9s de priv->restart_work cuando se reanudan despu\u00e9s de la suspensi\u00f3n, incluso cuando la interfaz no estaba habilitada previamente. Esto provoca un error de desreferencia nula ya que la cola de trabajo solo se asigna e inicializa en mcp251x_open(). Para solucionar este problema, movemos el inicio de la cola de trabajo a mcp251x_can_probe() ya que no hay raz\u00f3n para hacerlo m\u00e1s tarde y repetirlo cada vez que se llama a mcp251x_open(). [mkl: corregir el manejo de errores en mcp251x_stop()]" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.38", + "matchCriteriaId": "2BB4E5E8-4AAD-475A-A1B9-F287254C7D72" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.22", + "matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.5", + "matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/03c427147b2d3e503af258711af4fc792b89b0af", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6f8f1c27b577de15f69fefce3c502bb6300d825c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e1e10a390fd9479209c4d834d916ca5e6d5d396b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/eecb4df8ec9f896b19ee05bfa632ac6c1dcd8f21", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/03c427147b2d3e503af258711af4fc792b89b0af", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/6f8f1c27b577de15f69fefce3c502bb6300d825c", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/e1e10a390fd9479209c4d834d916ca5e6d5d396b", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/eecb4df8ec9f896b19ee05bfa632ac6c1dcd8f21", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46995.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46995.json index b73c37cb920..8c3e403044f 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46995.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46995.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46995", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:37.970", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:55:32.277", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: mcp251xfd: mcp251xfd_probe(): corrige una desreferencia de puntero de error en la sonda Cuando convertimos este c\u00f3digo para usar dev_err_probe() eliminamos accidentalmente un retorno. Significa que si devm_clk_get() generar\u00e1 un Ups cuando llamemos a clk_get_rate() en la siguiente l\u00ednea." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.5", + "matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/15f8f96ec7fc35024d4e03296e4d838fcea33d83", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4cc7faa406975b460aa674606291dea197c1210c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/15f8f96ec7fc35024d4e03296e4d838fcea33d83", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/4cc7faa406975b460aa674606291dea197c1210c", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46996.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46996.json index 3feb5b4e309..6f565b5f15b 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46996.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46996.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46996", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:38.003", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:55:54.497", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,131 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nftables: corrige una fuga de memoria de la ruta de error de los datos del usuario en objetos nuevos. Libera el nombre del objeto si falla la asignaci\u00f3n de los datos del usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.10.38", + "matchCriteriaId": "8051E54C-C4D7-4B79-90C8-3C0B5A772262" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.22", + "matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.5", + "matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/2c784a500f5edd337258b0fdb2f31bc9abde1a23", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/59fa98bfa1f4013d658d990cac88c87b46ff410c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/85dfd816fabfc16e71786eda0a33a7046688b5b0", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/dd3bebf515f336214a91994348a2b86b9a1d3d7f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/2c784a500f5edd337258b0fdb2f31bc9abde1a23", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/59fa98bfa1f4013d658d990cac88c87b46ff410c", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/85dfd816fabfc16e71786eda0a33a7046688b5b0", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/dd3bebf515f336214a91994348a2b86b9a1d3d7f", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46998.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46998.json index 31af6f39c27..9abde9415e0 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46998.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46998.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46998", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:38.090", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:56:48.477", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,31 +15,173 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ethernet:enic: corrige un error de use after free en enic_hard_start_xmit. En enic_hard_start_xmit, llama a enic_queue_wq_skb(). Dentro de enic_queue_wq_skb, si ocurre alg\u00fan error, dev_kfree_skb(skb) liberar\u00e1 el skb. Pero el skb liberado todav\u00eda se usa en skb_tx_timestamp(skb). Mi parche hace que enic_queue_wq_skb() devuelva un error y vaya a spin_unlock() en caso de error. La soluci\u00f3n la proporciona Govind. Consulte https://lkml.org/lkml/2021/4/30/961." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndExcluding": "4.19.191", + "matchCriteriaId": "F677F1C8-2451-43EC-9555-E283697C189E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.120", + "matchCriteriaId": "2BDC71CF-4451-4D53-93E9-61DE7C4E25B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.38", + "matchCriteriaId": "2BB4E5E8-4AAD-475A-A1B9-F287254C7D72" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.22", + "matchCriteriaId": "83B53E9A-F426-4C03-9A5F-A931FF79827E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.5", + "matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/25a87b1f566b5eb2af2857a928f0e2310d900976", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/643001b47adc844ae33510c4bb93c236667008a3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6892396ebf04ea2c021d80e10f4075e014cd7cc3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7afdd6aba95c8a526038e7abe283eeac3e4320f1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d90529392aaf498dafa95d212295d64b2cea4e24", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f7f6f07774091a6ddd98500b85386c3c6afb30d3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/25a87b1f566b5eb2af2857a928f0e2310d900976", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/643001b47adc844ae33510c4bb93c236667008a3", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/6892396ebf04ea2c021d80e10f4075e014cd7cc3", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/7afdd6aba95c8a526038e7abe283eeac3e4320f1", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/d90529392aaf498dafa95d212295d64b2cea4e24", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/f7f6f07774091a6ddd98500b85386c3c6afb30d3", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27561.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27561.json index efe13bd875d..8956205f6b8 100644 --- a/CVE-2023/CVE-2023-275xx/CVE-2023-27561.json +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27561.json @@ -2,7 +2,7 @@ "id": "CVE-2023-27561", "sourceIdentifier": "cve@mitre.org", "published": "2023-03-03T19:15:11.330", - "lastModified": "2024-07-03T01:39:46.513", + "lastModified": "2024-12-06T14:15:19.037", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -26,9 +28,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.0, "impactScore": 5.9 @@ -39,6 +39,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -46,9 +48,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.0, "impactScore": 5.9 @@ -187,6 +187,62 @@ { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/opencontainers/runc/issues/3751", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0004/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28642.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28642.json index 344eaef99d6..bb91f069646 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28642.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28642.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28642", "sourceIdentifier": "security-advisories@github.com", "published": "2023-03-29T19:15:22.397", - "lastModified": "2023-11-07T04:10:46.520", + "lastModified": "2024-12-06T14:15:19.250", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -13,32 +13,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "LOCAL", - "attackComplexity": "LOW", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 1.8, - "impactScore": 5.9 - }, { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -46,26 +28,34 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 1.8, "impactScore": 3.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-59" - } - ] - }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -75,6 +65,16 @@ "value": "CWE-281" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] } ], "configurations": [ @@ -110,6 +110,25 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://github.com/opencontainers/runc/pull/3785", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0005/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29405.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29405.json index 437d8f79290..1602401eaf1 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29405.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29405.json @@ -2,7 +2,7 @@ "id": "CVE-2023-29405", "sourceIdentifier": "security@golang.org", "published": "2023-06-08T21:15:17.197", - "lastModified": "2023-11-25T11:15:14.647", + "lastModified": "2024-12-06T14:15:19.380", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +28,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 5.9 @@ -131,6 +131,54 @@ { "url": "https://security.gentoo.org/glsa/202311-09", "source": "security@golang.org" + }, + { + "url": "https://go.dev/cl/501224", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://go.dev/issue/60306", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] + }, + { + "url": "https://pkg.go.dev/vuln/GO-2023-1842", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://security.gentoo.org/glsa/202311-09", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0003/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-423xx/CVE-2023-42366.json b/CVE-2023/CVE-2023-423xx/CVE-2023-42366.json index bf41d62c805..209f5a1222b 100644 --- a/CVE-2023/CVE-2023-423xx/CVE-2023-42366.json +++ b/CVE-2023/CVE-2023-423xx/CVE-2023-42366.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42366", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-27T23:15:07.420", - "lastModified": "2023-11-30T05:08:23.197", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T14:15:19.530", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -77,6 +77,19 @@ "Issue Tracking", "Vendor Advisory" ] + }, + { + "url": "https://bugs.busybox.net/show_bug.cgi?id=15874", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0007/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42823.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42823.json index 2f1e100d268..c30be2e1a63 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42823.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42823.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42823", "sourceIdentifier": "product-security@apple.com", "published": "2024-02-21T07:15:47.540", - "lastModified": "2024-11-04T17:35:04.180", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:10:33.737", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,12 +17,34 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 2.7, + "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,9 +52,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 2.7, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.2, "impactScore": 1.4 @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-922" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,34 +81,169 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.7.2", + "matchCriteriaId": "3DFB829A-82EA-40BB-81F9-AD4F69F24ABA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:17.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FD0EE39C-DEC4-475C-8661-5BD76457A39E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.7.2", + "matchCriteriaId": "5EB9EAAE-441A-4844-BCB2-1716FD9ACE85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:17.0:*:*:*:*:*:*:*", + "matchCriteriaId": "502CD624-FA22-4C7B-9CA3-53CA938BE1AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.7.1", + "matchCriteriaId": "BA796DD3-80AF-4E65-8080-EC309577F00D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.6.1", + "matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.1", + "matchCriteriaId": "6B71C095-CFB3-42E1-8582-0AD365DA7855" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.1", + "matchCriteriaId": "F88E7355-ECFB-4EB0-9579-0C954C25355F" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213981", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213982", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213983", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213984", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213985", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213987", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213988", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213981", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213987", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42836.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42836.json index 5813a0262f8..dbde862043d 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42836.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42836.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42836", "sourceIdentifier": "product-security@apple.com", "published": "2024-02-21T07:15:48.333", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T13:56:19.023", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,141 @@ "value": "Se solucion\u00f3 un problema de l\u00f3gica con controles mejorados. Este problema se solucion\u00f3 en iOS 17.1 y iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. Un atacante puede acceder a vol\u00famenes de red conectados montados en el directorio de inicio." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.1", + "matchCriteriaId": "0B5787E4-1911-4926-9D81-492EFB438954" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.1", + "matchCriteriaId": "434A55CA-5660-4F40-B4A2-5ABAF4CA7263" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.7.2", + "matchCriteriaId": "81F8AB85-34DB-4536-ADDE-D0EB5DEBFD85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.6.3", + "matchCriteriaId": "E270DF97-8603-42D8-A31C-FCD89A7D2F1E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213982", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213984", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT214037", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT214038", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214037", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214038", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42838.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42838.json index 420c483633c..a24f4a81a30 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42838.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42838.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42838", "sourceIdentifier": "product-security@apple.com", "published": "2024-02-21T07:15:48.543", - "lastModified": "2024-08-09T16:35:01.893", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T13:51:35.313", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,12 +17,34 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.2, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,9 +52,7 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.2, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.5, "impactScore": 6.0 @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,18 +81,79 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.7.2", + "matchCriteriaId": "81F8AB85-34DB-4536-ADDE-D0EB5DEBFD85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.6.3", + "matchCriteriaId": "E270DF97-8603-42D8-A31C-FCD89A7D2F1E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213984", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT214037", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT214038", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214037", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT214038", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42839.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42839.json index 332895fd354..75e1608e283 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42839.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42839.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42839", "sourceIdentifier": "product-security@apple.com", "published": "2024-02-21T07:15:48.633", - "lastModified": "2024-02-22T19:07:27.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T13:49:37.623", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,169 @@ "value": "Esta cuesti\u00f3n se abord\u00f3 con una mejor gesti\u00f3n de estado. Este problema se solucion\u00f3 en tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 y iPadOS 17.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.2, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-922" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-922" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.1", + "matchCriteriaId": "0B5787E4-1911-4926-9D81-492EFB438954" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.1", + "matchCriteriaId": "434A55CA-5660-4F40-B4A2-5ABAF4CA7263" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.1", + "matchCriteriaId": "6B71C095-CFB3-42E1-8582-0AD365DA7855" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.1", + "matchCriteriaId": "F88E7355-ECFB-4EB0-9579-0C954C25355F" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213982", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213984", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213987", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213988", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213982", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213987", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213988", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42840.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42840.json index 96fbb185773..485ab62685c 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42840.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42840.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42840", "sourceIdentifier": "product-security@apple.com", "published": "2024-02-21T07:15:48.767", - "lastModified": "2024-11-14T19:35:02.180", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T13:28:41.990", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,12 +17,34 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +52,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 1.4 @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,18 +81,79 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.7.1", + "matchCriteriaId": "BA796DD3-80AF-4E65-8080-EC309577F00D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.6.1", + "matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213983", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213984", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213985", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213983", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213984", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://support.apple.com/en-us/HT213985", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-105xx/CVE-2024-10516.json b/CVE-2024/CVE-2024-105xx/CVE-2024-10516.json new file mode 100644 index 00000000000..639dedd1be2 --- /dev/null +++ b/CVE-2024/CVE-2024-105xx/CVE-2024-10516.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-10516", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-06T14:15:19.667", + "lastModified": "2024-12-06T14:15:19.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Swift Performance Lite plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 2.3.7.1 via the 'ajaxify' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/swift-performance-lite/trunk/includes/classes/class.ajax.php#L795", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/swift-performance-lite/trunk/includes/classes/class.ajax.php#L824", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3201933/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4921f41a-a9b1-4ae2-a903-c14ed22dcc15?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10771.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10771.json new file mode 100644 index 00000000000..fc2feea468a --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10771.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-10771", + "sourceIdentifier": "psirt@sick.de", + "published": "2024-12-06T13:15:04.797", + "lastModified": "2024-12-06T13:15:04.797", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Due to missing input validation during one step of the firmware update process, the product\nis vulnerable to remote code execution. With network access and the user level \u201dService\u201d, an attacker\ncan execute arbitrary system commands in the root user\u2019s contexts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + }, + { + "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", + "source": "psirt@sick.de" + }, + { + "url": "https://www.first.org/cvss/calculator/3.1", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10772.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10772.json new file mode 100644 index 00000000000..fa91d6b19cf --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10772.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-10772", + "sourceIdentifier": "psirt@sick.de", + "published": "2024-12-06T13:15:05.763", + "lastModified": "2024-12-06T13:15:05.763", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Since the firmware update is not validated, an attacker can install modified firmware on the\ndevice. This has a high impact on the availabilty, integrity and confidentiality up to the complete compromise of the device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-649" + } + ] + } + ], + "references": [ + { + "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + }, + { + "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", + "source": "psirt@sick.de" + }, + { + "url": "https://www.first.org/cvss/calculator/3.1", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10773.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10773.json new file mode 100644 index 00000000000..9bfe0e6d517 --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10773.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-10773", + "sourceIdentifier": "psirt@sick.de", + "published": "2024-12-06T13:15:05.897", + "lastModified": "2024-12-06T13:15:05.897", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain\nfull access to the device." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-912" + } + ] + } + ], + "references": [ + { + "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + }, + { + "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", + "source": "psirt@sick.de" + }, + { + "url": "https://www.first.org/cvss/calculator/3.1", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10774.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10774.json new file mode 100644 index 00000000000..2321d985c49 --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10774.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-10774", + "sourceIdentifier": "psirt@sick.de", + "published": "2024-12-06T13:15:06.023", + "lastModified": "2024-12-06T13:15:06.023", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of large parts of the web application without authentication." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + }, + { + "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", + "source": "psirt@sick.de" + }, + { + "url": "https://www.first.org/cvss/calculator/3.1", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-107xx/CVE-2024-10776.json b/CVE-2024/CVE-2024-107xx/CVE-2024-10776.json new file mode 100644 index 00000000000..d48f8f0270a --- /dev/null +++ b/CVE-2024/CVE-2024-107xx/CVE-2024-10776.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-10776", + "sourceIdentifier": "psirt@sick.de", + "published": "2024-12-06T13:15:06.147", + "lastModified": "2024-12-06T13:15:06.147", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Lua apps can be deployed, removed, started, reloaded or stopped without authorization via\nAppManager. This allows an attacker to remove legitimate apps creating a DoS attack, read and write\nfiles or load apps that use all features of the product available to a customer." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + }, + { + "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", + "source": "psirt@sick.de" + }, + { + "url": "https://www.first.org/cvss/calculator/3.1", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-110xx/CVE-2024-11022.json b/CVE-2024/CVE-2024-110xx/CVE-2024-11022.json new file mode 100644 index 00000000000..925ec40ca3f --- /dev/null +++ b/CVE-2024/CVE-2024-110xx/CVE-2024-11022.json @@ -0,0 +1,76 @@ +{ + "id": "CVE-2024-11022", + "sourceIdentifier": "psirt@sick.de", + "published": "2024-12-06T13:15:06.267", + "lastModified": "2024-12-06T13:15:06.267", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The authentication process to the web server uses a challenge response procedure which\ninludes the nonce and additional information. This challenge can be used several times for login and is\ntherefore vulnerable for a replay attack." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 5.6, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-323" + } + ] + } + ], + "references": [ + { + "url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + }, + { + "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", + "source": "psirt@sick.de" + }, + { + "url": "https://www.first.org/cvss/calculator/3.1", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json", + "source": "psirt@sick.de" + }, + { + "url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-113xx/CVE-2024-11321.json b/CVE-2024/CVE-2024-113xx/CVE-2024-11321.json new file mode 100644 index 00000000000..ab3a9055777 --- /dev/null +++ b/CVE-2024/CVE-2024-113xx/CVE-2024-11321.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-11321", + "sourceIdentifier": "iletisim@usom.gov.tr", + "published": "2024-12-06T14:15:19.810", + "lastModified": "2024-12-06T14:15:19.810", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hi e-learning Learning Management System (LMS) allows Reflected XSS.This issue affects Learning Management System (LMS): before 06.12.2024." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "iletisim@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-24-1878", + "source": "iletisim@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1671.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1671.json index b576ce98bba..35d2dcadff1 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1671.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1671.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1671", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2024-02-21T04:15:08.257", - "lastModified": "2024-02-26T16:27:52.697", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:28:01.590", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,118 @@ "value": "La implementaci\u00f3n inadecuada de Site Isolation en Google Chrome anterior a 122.0.6261.57 permiti\u00f3 a un atacante remoto eludir la pol\u00edtica de seguridad de contenido a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: media)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", + "versionEndExcluding": "122.0.6261.57", + "matchCriteriaId": "96BC218C-A8E3-446D-BDF5-C6E0F7D8B6FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://issues.chromium.org/issues/41487933", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Mailing List" + ] + }, + { + "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://issues.chromium.org/issues/41487933", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json index 0f3174898c9..7bf39e492a4 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1824", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:48.263", - "lastModified": "2024-05-17T02:35:37.870", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:44:58.437", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,12 +32,30 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.3, - "baseSeverity": "HIGH" + "availabilityImpact": "LOW" }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -45,13 +65,13 @@ "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", - "availabilityImpact": "PARTIAL", - "baseScore": 7.5 + "availabilityImpact": "PARTIAL" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, @@ -76,18 +96,65 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codeastro:house_rental_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BB00387A-A820-4ED3-A37C-26C93B563FA5" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.qq.com/doc/DYk9QcHVFRENObWtj", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?ctiid.254612", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.254612", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://docs.qq.com/doc/DYk9QcHVFRENObWtj", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] + }, + { + "url": "https://vuldb.com/?ctiid.254612", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] + }, + { + "url": "https://vuldb.com/?id.254612", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json index 3b0d9d90067..91c593d3588 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1825", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T17:15:08.073", - "lastModified": "2024-05-17T02:35:37.957", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:39:05.777", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,12 +32,30 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ], "cvssMetricV2": [ @@ -45,13 +65,13 @@ "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", - "availabilityImpact": "NONE", - "baseScore": 5.0 + "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, @@ -67,7 +87,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -76,18 +96,65 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codeastro:house_rental_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BB00387A-A820-4ED3-A37C-26C93B563FA5" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.qq.com/doc/DYndSY3V4UXh4dHFC", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?ctiid.254613", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.254613", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://docs.qq.com/doc/DYndSY3V4UXh4dHFC", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] + }, + { + "url": "https://vuldb.com/?ctiid.254613", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required" + ] + }, + { + "url": "https://vuldb.com/?id.254613", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20739.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20739.json index b80442f1ebe..fda10fbc823 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20739.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20739.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20739", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:48.670", - "lastModified": "2024-02-15T14:28:20.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:57:19.883", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -42,19 +42,81 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:audition:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.6.4", + "matchCriteriaId": "35C21348-82CD-4E4F-A27C-D8E853D71B46" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:audition:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0", + "versionEndExcluding": "24.2", + "matchCriteriaId": "E3B615E1-20DD-4678-B2FA-4AA378728C5E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] } ], "references": [ { "url": "https://helpx.adobe.com/security/products/audition/apsb24-11.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/audition/apsb24-11.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20750.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20750.json index 2eef36969ae..f288a3bb09d 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20750.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20750.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20750", "sourceIdentifier": "psirt@adobe.com", "published": "2024-02-15T13:15:49.427", - "lastModified": "2024-02-15T14:28:20.067", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:51:42.167", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_designer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.1.1", + "matchCriteriaId": "B4C437A0-1CF2-4FF6-AEEA-77576A6539B2" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_designer/apsb24-13.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/substance3d_designer/apsb24-13.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-210xx/CVE-2024-21098.json b/CVE-2024/CVE-2024-210xx/CVE-2024-21098.json index 225bb3952ed..c099ecb6429 100644 --- a/CVE-2024/CVE-2024-210xx/CVE-2024-21098.json +++ b/CVE-2024/CVE-2024-210xx/CVE-2024-21098.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21098", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-04-16T22:15:30.550", - "lastModified": "2024-04-17T12:48:31.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:35:46.047", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secalert_us@oracle.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 3.7, + "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -30,19 +32,76 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 3.7, - "baseSeverity": "LOW" + "availabilityImpact": "LOW" }, "exploitabilityScore": 2.2, "impactScore": 1.4 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "00EDC8FF-13F2-4218-9EF4-B509364AE7B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "938A32D1-FBAB-42AE-87A7-AB19402B561A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", + "matchCriteriaId": "880BE1FE-FBFF-4CC1-B0D1-BAF025F58D4A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", + "matchCriteriaId": "27876EF0-E7C0-4B3E-8C8B-009736D1F57C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", + "matchCriteriaId": "EAD84F79-1DAE-4943-8167-861144067B4D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-215xx/CVE-2024-21571.json b/CVE-2024/CVE-2024-215xx/CVE-2024-21571.json new file mode 100644 index 00000000000..ed083711b6f --- /dev/null +++ b/CVE-2024/CVE-2024-215xx/CVE-2024-21571.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-21571", + "sourceIdentifier": "report@snyk.io", + "published": "2024-12-06T14:15:19.997", + "lastModified": "2024-12-06T14:15:19.997", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent. The vulnerability enables an attacker to execute arbitrary code within the Code Agent container. Exploiting this vulnerability would require an attacker to have network access to the Code Agent within the deployment environment. External exploitation of this vulnerability is unlikely and depends on both misconfigurations of the cluster and/or chaining with another vulnerability. However, internal exploitation (with a cluster misconfiguration) could still be possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.4, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-21571", + "source": "report@snyk.io" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26210.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26210.json index 0ec9869534e..19965465da6 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26210.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26210.json @@ -2,13 +2,13 @@ "id": "CVE-2024-26210", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:39.240", - "lastModified": "2024-04-10T13:24:00.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:42:44.433", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability" + "value": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability" }, { "lang": "es", @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,12 +49,148 @@ "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "E7BDA51E-51E0-487D-A25F-2477213B563E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "A607FDAE-53FE-49DA-806F-0533F5ECC108" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "6CA18E04-75AD-4BC1-BCF7-B7C3DD33D9D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "8E68CF86-FB36-4E0E-A919-D7010E1D9CEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "7C50F3D5-1329-4563-BB59-9C50E2EEC237" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4291", + "matchCriteriaId": "1BE5B3C6-9F18-44A0-95CC-B4CD358794BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4291", + "matchCriteriaId": "23C51F9B-0BF1-414C-BFA5-4F5B81413E9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2899", + "matchCriteriaId": "39B18FD8-656D-46D2-8BDE-AF030C278E02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3447", + "matchCriteriaId": "54B49649-55CB-4BFF-BB50-592662435694" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3447", + "matchCriteriaId": "79409538-C0CE-4051-80C3-383220427D0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "412F0026-BBE6-4F7D-ABC2-56E9F1791122" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "4EAAB276-D0E4-41CA-8A25-4DE9FC90543E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2402", + "matchCriteriaId": "7103C832-A4FB-4373-8A93-291E7A89B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.830", + "matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26210", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26210", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26213.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26213.json index bdd7c4925c5..329a3ef9b80 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26213.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26213.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26213", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:39.847", - "lastModified": "2024-04-10T13:24:00.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:41:46.023", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.0, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.0, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.0, "impactScore": 5.9 @@ -49,12 +49,50 @@ "value": "CWE-822" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.830", + "matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26213", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26213", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26214.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26214.json index 07e13c49ae3..885ebe33042 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26214.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26214.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26214", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:40.043", - "lastModified": "2024-04-10T13:24:00.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:41:12.913", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,12 +49,148 @@ "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "E7BDA51E-51E0-487D-A25F-2477213B563E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "A607FDAE-53FE-49DA-806F-0533F5ECC108" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "6CA18E04-75AD-4BC1-BCF7-B7C3DD33D9D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "8E68CF86-FB36-4E0E-A919-D7010E1D9CEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "7C50F3D5-1329-4563-BB59-9C50E2EEC237" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4291", + "matchCriteriaId": "1BE5B3C6-9F18-44A0-95CC-B4CD358794BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4291", + "matchCriteriaId": "23C51F9B-0BF1-414C-BFA5-4F5B81413E9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2899", + "matchCriteriaId": "39B18FD8-656D-46D2-8BDE-AF030C278E02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3447", + "matchCriteriaId": "54B49649-55CB-4BFF-BB50-592662435694" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3447", + "matchCriteriaId": "79409538-C0CE-4051-80C3-383220427D0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "412F0026-BBE6-4F7D-ABC2-56E9F1791122" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "4EAAB276-D0E4-41CA-8A25-4DE9FC90543E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2402", + "matchCriteriaId": "7103C832-A4FB-4373-8A93-291E7A89B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.830", + "matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26214", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26214", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26232.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26232.json index 07c98f6ae59..0d5c7442b46 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26232.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26232.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26232", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:43.460", - "lastModified": "2024-04-10T13:24:00.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:39:54.630", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.3, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.3, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.3, "impactScore": 5.9 @@ -49,12 +49,148 @@ "value": "CWE-843" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "E7BDA51E-51E0-487D-A25F-2477213B563E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "A607FDAE-53FE-49DA-806F-0533F5ECC108" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "6CA18E04-75AD-4BC1-BCF7-B7C3DD33D9D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "8E68CF86-FB36-4E0E-A919-D7010E1D9CEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "7C50F3D5-1329-4563-BB59-9C50E2EEC237" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4291", + "matchCriteriaId": "1BE5B3C6-9F18-44A0-95CC-B4CD358794BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4291", + "matchCriteriaId": "23C51F9B-0BF1-414C-BFA5-4F5B81413E9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2899", + "matchCriteriaId": "39B18FD8-656D-46D2-8BDE-AF030C278E02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3447", + "matchCriteriaId": "54B49649-55CB-4BFF-BB50-592662435694" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3447", + "matchCriteriaId": "79409538-C0CE-4051-80C3-383220427D0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "412F0026-BBE6-4F7D-ABC2-56E9F1791122" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "4EAAB276-D0E4-41CA-8A25-4DE9FC90543E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2402", + "matchCriteriaId": "7103C832-A4FB-4373-8A93-291E7A89B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.830", + "matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26232", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26232", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26244.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26244.json index e4eec34ace8..e72d259883d 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26244.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26244.json @@ -2,13 +2,13 @@ "id": "CVE-2024-26244", "sourceIdentifier": "secure@microsoft.com", "published": "2024-04-09T17:15:45.727", - "lastModified": "2024-04-10T13:24:00.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T14:33:58.663", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability" + "value": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability" }, { "lang": "es", @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,12 +49,148 @@ "value": "CWE-191" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "E7BDA51E-51E0-487D-A25F-2477213B563E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20596", + "matchCriteriaId": "A607FDAE-53FE-49DA-806F-0533F5ECC108" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "6CA18E04-75AD-4BC1-BCF7-B7C3DD33D9D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "8E68CF86-FB36-4E0E-A919-D7010E1D9CEE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "7C50F3D5-1329-4563-BB59-9C50E2EEC237" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4291", + "matchCriteriaId": "1BE5B3C6-9F18-44A0-95CC-B4CD358794BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4291", + "matchCriteriaId": "23C51F9B-0BF1-414C-BFA5-4F5B81413E9E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2899", + "matchCriteriaId": "39B18FD8-656D-46D2-8BDE-AF030C278E02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3447", + "matchCriteriaId": "54B49649-55CB-4BFF-BB50-592662435694" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3447", + "matchCriteriaId": "79409538-C0CE-4051-80C3-383220427D0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6897", + "matchCriteriaId": "412F0026-BBE6-4F7D-ABC2-56E9F1791122" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5696", + "matchCriteriaId": "4EAAB276-D0E4-41CA-8A25-4DE9FC90543E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2402", + "matchCriteriaId": "7103C832-A4FB-4373-8A93-291E7A89B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.830", + "matchCriteriaId": "F2B61B79-FEE5-4041-918D-6FE2C92771DC" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26244", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26244", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-281xx/CVE-2024-28103.json b/CVE-2024/CVE-2024-281xx/CVE-2024-28103.json index 353e1eb1c1f..0bf9402d91e 100644 --- a/CVE-2024/CVE-2024-281xx/CVE-2024-28103.json +++ b/CVE-2024/CVE-2024-281xx/CVE-2024-28103.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28103", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-04T20:15:10.237", - "lastModified": "2024-06-11T15:27:55.000", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T14:15:20.130", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -17,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -50,26 +32,34 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-noinfo" - } - ] - }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -79,6 +69,16 @@ "value": "CWE-20" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] } ], "configurations": [ @@ -133,6 +133,24 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://github.com/rails/rails/commit/35858f1d9d57f6c4050a8d9ab754bd5d088b4523", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://github.com/rails/rails/security/advisories/GHSA-fwhr-88qx-h9g7", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0002/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-298xx/CVE-2024-29857.json b/CVE-2024/CVE-2024-298xx/CVE-2024-29857.json index 80ebfd2cc22..6272be0b3b2 100644 --- a/CVE-2024/CVE-2024-298xx/CVE-2024-29857.json +++ b/CVE-2024/CVE-2024-298xx/CVE-2024-29857.json @@ -2,7 +2,7 @@ "id": "CVE-2024-29857", "sourceIdentifier": "cve@mitre.org", "published": "2024-05-14T15:17:02.970", - "lastModified": "2024-08-15T19:35:09.613", + "lastModified": "2024-12-06T14:15:20.263", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 @@ -63,6 +63,22 @@ { "url": "https://www.bouncycastle.org/latest_releases.html", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9029857", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9029857", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0008/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.bouncycastle.org/latest_releases.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38796.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38796.json index 080880b316b..00a0474a716 100644 --- a/CVE-2024/CVE-2024-387xx/CVE-2024-38796.json +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38796.json @@ -2,7 +2,7 @@ "id": "CVE-2024-38796", "sourceIdentifier": "infosec@edk2.groups.io", "published": "2024-09-27T22:15:13.153", - "lastModified": "2024-09-30T12:45:57.823", + "lastModified": "2024-12-06T14:15:20.437", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 1.2, "impactScore": 4.7 @@ -55,6 +55,10 @@ { "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-xpcr-7hjq-m6qm", "source": "infosec@edk2.groups.io" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0006/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-396xx/CVE-2024-39689.json b/CVE-2024/CVE-2024-396xx/CVE-2024-39689.json index 532d3da7198..0a415733925 100644 --- a/CVE-2024/CVE-2024-396xx/CVE-2024-39689.json +++ b/CVE-2024/CVE-2024-396xx/CVE-2024-39689.json @@ -2,7 +2,7 @@ "id": "CVE-2024-39689", "sourceIdentifier": "security-advisories@github.com", "published": "2024-07-05T19:15:10.247", - "lastModified": "2024-07-08T15:49:22.437", + "lastModified": "2024-12-06T14:15:20.550", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 @@ -63,6 +63,22 @@ { "url": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-248v-346w-9cwc", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/XpknYMPO8dI", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0001/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-46xx/CVE-2024-4633.json b/CVE-2024/CVE-2024-46xx/CVE-2024-4633.json new file mode 100644 index 00000000000..10100628522 --- /dev/null +++ b/CVE-2024/CVE-2024-46xx/CVE-2024-4633.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-4633", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-06T14:15:20.790", + "lastModified": "2024-12-06T14:15:20.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018addExtraMimeType\u2019 function in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/depicter/tags/2.1.11/app/src/WordPress/SVGServiceProvider.php#L52", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3134888/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/965cacd3-1786-4e7d-8209-eea293b161d3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-495xx/CVE-2024-49580.json b/CVE-2024/CVE-2024-495xx/CVE-2024-49580.json index 8b68e497384..48c23e0a9c9 100644 --- a/CVE-2024/CVE-2024-495xx/CVE-2024-49580.json +++ b/CVE-2024/CVE-2024-495xx/CVE-2024-49580.json @@ -2,13 +2,13 @@ "id": "CVE-2024-49580", "sourceIdentifier": "cve@jetbrains.com", "published": "2024-10-17T13:15:14.853", - "lastModified": "2024-11-14T19:25:47.433", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T14:15:20.670", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure" + "value": "In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure" }, { "lang": "es", @@ -17,32 +17,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 3.9, - "impactScore": 1.4 - }, { "source": "cve@jetbrains.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -50,9 +32,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 1.4 @@ -60,16 +60,6 @@ ] }, "weaknesses": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "NVD-CWE-Other" - } - ] - }, { "source": "cve@jetbrains.com", "type": "Secondary", @@ -79,6 +69,16 @@ "value": "CWE-524" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-516xx/CVE-2024-51615.json b/CVE-2024/CVE-2024-516xx/CVE-2024-51615.json new file mode 100644 index 00000000000..0f19277cbc0 --- /dev/null +++ b/CVE-2024/CVE-2024-516xx/CVE-2024-51615.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51615", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:20.947", + "lastModified": "2024-12-06T14:15:20.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through 3.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-auctions/vulnerability/wordpress-wordpress-auction-plugin-plugin-3-7-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-518xx/CVE-2024-51815.json b/CVE-2024/CVE-2024-518xx/CVE-2024-51815.json new file mode 100644 index 00000000000..4a1c64d3e0b --- /dev/null +++ b/CVE-2024/CVE-2024-518xx/CVE-2024-51815.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-51815", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:21.093", + "lastModified": "2024-12-06T14:15:21.093", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro allows Code Injection.This issue affects s2Member Pro: from n/a through 241114." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/s2member/vulnerability/wordpress-s2member-excellent-for-all-kinds-of-memberships-content-restriction-paywalls-member-access-subscriptions-plugin-241114-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52335.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52335.json new file mode 100644 index 00000000000..11a73f614a6 --- /dev/null +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52335.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-52335", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-12-06T14:15:21.230", + "lastModified": "2024-12-06T14:15:21.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF05). The affected application do not properly sanitize input data before sending it to the SQL server. This could allow an attacker with access to the application could use this vulnerability to execute malicious SQL commands to compromise the whole database." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "productcert@siemens.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "productcert@siemens.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-160244", + "source": "productcert@siemens.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52533.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52533.json index 86dd9d745d0..5555a3cf1c2 100644 --- a/CVE-2024/CVE-2024-525xx/CVE-2024-52533.json +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52533.json @@ -2,8 +2,9 @@ "id": "CVE-2024-52533", "sourceIdentifier": "cve@mitre.org", "published": "2024-11-11T23:15:05.967", - "lastModified": "2024-11-23T21:15:15.090", + "lastModified": "2024-12-06T14:15:21.400", "vulnStatus": "Awaiting Analysis", + "cveTags": [], "descriptions": [ { "lang": "en", @@ -70,6 +71,10 @@ { "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00020.html", "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241206-0009/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-537xx/CVE-2024-53794.json b/CVE-2024/CVE-2024-537xx/CVE-2024-53794.json new file mode 100644 index 00000000000..9d4a1015e7f --- /dev/null +++ b/CVE-2024/CVE-2024-537xx/CVE-2024-53794.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53794", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:21.567", + "lastModified": "2024-12-06T14:15:21.567", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LOOS,Inc. Arkhe Blocks allows Stored XSS.This issue affects Arkhe Blocks: from n/a through 2.27.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arkhe-blocks/vulnerability/wordpress-arkhe-blocks-plugin-2-27-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-537xx/CVE-2024-53795.json b/CVE-2024/CVE-2024-537xx/CVE-2024-53795.json new file mode 100644 index 00000000000..95495b445ff --- /dev/null +++ b/CVE-2024/CVE-2024-537xx/CVE-2024-53795.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53795", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:21.737", + "lastModified": "2024-12-06T14:15:21.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Andy Moyle Church Admin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Church Admin: from n/a through 5.0.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/church-admin/vulnerability/wordpress-church-admin-plugin-5-0-8-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-537xx/CVE-2024-53796.json b/CVE-2024/CVE-2024-537xx/CVE-2024-53796.json new file mode 100644 index 00000000000..c0e085d4e0a --- /dev/null +++ b/CVE-2024/CVE-2024-537xx/CVE-2024-53796.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53796", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:21.910", + "lastModified": "2024-12-06T14:15:21.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows DOM-Based XSS.This issue affects Themesflat Addons For Elementor: from n/a through 2.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/themesflat-addons-for-elementor/vulnerability/wordpress-themesflat-addons-for-elementor-plugin-2-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-537xx/CVE-2024-53797.json b/CVE-2024/CVE-2024-537xx/CVE-2024-53797.json new file mode 100644 index 00000000000..3efc43dec03 --- /dev/null +++ b/CVE-2024/CVE-2024-537xx/CVE-2024-53797.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53797", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.040", + "lastModified": "2024-12-06T14:15:22.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/beaver-builder-lite-version/vulnerability/wordpress-beaver-builder-wordpress-page-builder-plugin-2-8-4-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-537xx/CVE-2024-53799.json b/CVE-2024/CVE-2024-537xx/CVE-2024-53799.json new file mode 100644 index 00000000000..828dc1750ad --- /dev/null +++ b/CVE-2024/CVE-2024-537xx/CVE-2024-53799.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53799", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.170", + "lastModified": "2024-12-06T14:15:22.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in BAKKBONE Australia FloristPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FloristPress: from n/a through 7.3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/bakkbone-florist-companion/vulnerability/wordpress-floristpress-plugin-7-3-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53801.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53801.json new file mode 100644 index 00000000000..d9c93b3d91e --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53801.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53801", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.303", + "lastModified": "2024-12-06T14:15:22.303", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/bold-page-builder/vulnerability/wordpress-bold-page-builder-plugin-5-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53802.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53802.json new file mode 100644 index 00000000000..957bdae7cd0 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53802.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53802", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.430", + "lastModified": "2024-12-06T14:15:22.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/futurio-extra/vulnerability/wordpress-futurio-extra-plugin-2-0-14-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53803.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53803.json new file mode 100644 index 00000000000..6255199f78a --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53803.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53803", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.567", + "lastModified": "2024-12-06T14:15:22.567", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-broken-access-control-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53804.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53804.json new file mode 100644 index 00000000000..3d75f60c0f4 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53804.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53804", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.697", + "lastModified": "2024-12-06T14:15:22.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-201" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-sensitive-data-exposure-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53805.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53805.json new file mode 100644 index 00000000000..3bd27667141 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53805.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53805", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.823", + "lastModified": "2024-12-06T14:15:22.823", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53806.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53806.json new file mode 100644 index 00000000000..ed2ba9b4752 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53806.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53806", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:22.967", + "lastModified": "2024-12-06T14:15:22.967", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WpMaspik Maspik \u2013 Spam blacklist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Maspik \u2013 Spam blacklist: from n/a through 2.2.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/contact-forms-anti-spam/vulnerability/wordpress-maspik-plugin-2-2-7-csrf-to-settings-change-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53807.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53807.json new file mode 100644 index 00000000000..34c3cc0e6c3 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53807.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53807", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:23.103", + "lastModified": "2024-12-06T14:15:23.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53808.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53808.json new file mode 100644 index 00000000000..873cb49a825 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53808.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53808", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:23.233", + "lastModified": "2024-12-06T14:15:23.233", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms \u2013 Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms \u2013 Ultimate Form Builder: from n/a through 8.7.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/nex-forms-express-wp-form-builder/vulnerability/wordpress-nex-forms-plugin-8-7-8-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53809.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53809.json new file mode 100644 index 00000000000..1920bba11c1 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53809.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53809", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:23.370", + "lastModified": "2024-12-06T14:15:23.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Namaste! LMS allows Cross Site Request Forgery.This issue affects Namaste! LMS: from n/a through 2.6.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/namaste-lms/vulnerability/wordpress-namaste-lms-plugin-2-6-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53810.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53810.json new file mode 100644 index 00000000000..9babed115a0 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53810.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53810", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:23.500", + "lastModified": "2024-12-06T14:15:23.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Najeeb Ahmad Simple User Registration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Simple User Registration: from n/a through 5.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-registration/vulnerability/wordpress-simple-user-registration-plugin-5-5-broken-access-control-on-user-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53811.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53811.json new file mode 100644 index 00000000000..1223e7586c0 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53811.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53811", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:23.657", + "lastModified": "2024-12-06T14:15:23.657", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through 1.0.40." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", + "baseScore": 6.6, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wdesignkit/vulnerability/wordpress-wdesignkit-plugin-1-0-40-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53812.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53812.json new file mode 100644 index 00000000000..5b94e34a22e --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53812.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53812", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:23.810", + "lastModified": "2024-12-06T14:15:23.810", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames allows Reflected XSS.This issue affects WP GeoNames: from n/a through 1.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-geonames/vulnerability/wordpress-wp-geonames-plugin-1-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53813.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53813.json new file mode 100644 index 00000000000..50e577bf116 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53813.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53813", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:23.947", + "lastModified": "2024-12-06T14:15:23.947", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through 9.6.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-travel/vulnerability/wordpress-wp-travel-plugin-9-6-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53815.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53815.json new file mode 100644 index 00000000000..84ca6fb9eb9 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53815.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53815", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:24.083", + "lastModified": "2024-12-06T14:15:24.083", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/booking-system/vulnerability/wordpress-pinpoint-booking-system-plugin-2-9-9-5-2-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53817.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53817.json new file mode 100644 index 00000000000..acfdaa26dc7 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53817.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53817", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:24.217", + "lastModified": "2024-12-06T14:15:24.217", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acowebs Product Labels For Woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through 1.5.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/aco-product-labels-for-woocommerce/vulnerability/wordpress-acowebs-product-labels-for-woocommerce-plugin-1-5-8-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53820.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53820.json new file mode 100644 index 00000000000..19892077a04 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53820.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53820", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:24.360", + "lastModified": "2024-12-06T14:15:24.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Captivate Audio Ltd Captivate Sync allows Stored XSS.This issue affects Captivate Sync: from n/a through 2.0.22." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/captivatesync-trade/vulnerability/wordpress-captivate-sync-plugin-2-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53821.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53821.json new file mode 100644 index 00000000000..78d530fdad6 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53821.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53821", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:24.497", + "lastModified": "2024-12-06T14:15:24.497", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from n/a through n/a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/pie-register-premium/vulnerability/wordpress-pie-register-premium-plugin-3-8-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53823.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53823.json new file mode 100644 index 00000000000..336f2dcfcd3 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53823.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53823", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:24.653", + "lastModified": "2024-12-06T14:15:24.653", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/the-plus-addons-for-elementor-page-builder/vulnerability/wordpress-the-plus-addons-for-elementor-plugin-5-6-14-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53824.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53824.json new file mode 100644 index 00000000000..39a19f4fcd4 --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53824.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53824", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:24.800", + "lastModified": "2024-12-06T14:15:24.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AREOI All Bootstrap Blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through 1.3.19." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/all-bootstrap-blocks/vulnerability/wordpress-all-bootstrap-blocks-plugin-1-3-20-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53825.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53825.json new file mode 100644 index 00000000000..186c2f6810c --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53825.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53825", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:24.937", + "lastModified": "2024-12-06T14:15:24.937", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 6.3.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/filebird/vulnerability/wordpress-filebird-lite-plugin-6-3-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-538xx/CVE-2024-53826.json b/CVE-2024/CVE-2024-538xx/CVE-2024-53826.json new file mode 100644 index 00000000000..f0228b1d03d --- /dev/null +++ b/CVE-2024/CVE-2024-538xx/CVE-2024-53826.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-53826", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:25.077", + "lastModified": "2024-12-06T14:15:25.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WPSight WPCasa allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPCasa: from n/a through 1.2.13." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpcasa/vulnerability/wordpress-wpcasa-plugin-1-2-13-insecure-direct-object-references-idor-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54205.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54205.json new file mode 100644 index 00000000000..005424141ec --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54205.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54205", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:25.220", + "lastModified": "2024-12-06T14:15:25.220", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through 1.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/postman-widget/vulnerability/wordpress-paloma-widget-plugin-1-14-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54206.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54206.json new file mode 100644 index 00000000000..8c59c81fe13 --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54206.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54206", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:25.357", + "lastModified": "2024-12-06T14:15:25.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in URBAN BASE Z-Downloads allows Stored XSS.This issue affects Z-Downloads: from n/a through 1.11.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/z-downloads/vulnerability/wordpress-z-downloads-plugin-1-11-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54207.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54207.json new file mode 100644 index 00000000000..05e39ec355a --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54207.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54207", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:25.490", + "lastModified": "2024-12-06T14:15:25.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows Stored XSS.This issue affects WordPress Auction Plugin: from n/a through 3.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-auctions/vulnerability/wordpress-wordpress-auction-plugin-plugin-3-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54208.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54208.json new file mode 100644 index 00000000000..4cdba1d71c2 --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54208.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54208", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:25.650", + "lastModified": "2024-12-06T14:15:25.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joni Halabi Block Controller allows Reflected XSS.This issue affects Block Controller: from n/a through 1.4.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/block-controller/vulnerability/wordpress-block-controller-plugin-1-4-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54209.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54209.json new file mode 100644 index 00000000000..d42563567b8 --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54209.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54209", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:25.790", + "lastModified": "2024-12-06T14:15:25.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Awesome Shortcodes allows Reflected XSS.This issue affects Awesome Shortcodes: from n/a through 1.7.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/awesome-shortcodes/vulnerability/wordpress-awesome-shortcodes-plugin-1-7-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54210.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54210.json new file mode 100644 index 00000000000..f055f8ec78b --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54210.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54210", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:25.940", + "lastModified": "2024-12-06T14:15:25.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexShaper Advanced Element Bucket Addons for Elementor allows Stored XSS.This issue affects Advanced Element Bucket Addons for Elementor: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cs-element-bucket/vulnerability/wordpress-advanced-element-bucket-addons-for-elementor-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54211.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54211.json new file mode 100644 index 00000000000..613ee22ad13 --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54211.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54211", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:26.093", + "lastModified": "2024-12-06T14:15:26.093", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visualmodo Borderless allows Cross-Site Scripting (XSS).This issue affects Borderless: from n/a through 1.5.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/borderless/vulnerability/wordpress-borderless-widgets-elements-templates-and-toolkit-for-elementor-gutenberg-plugin-1-5-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54212.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54212.json new file mode 100644 index 00000000000..bbfee607d9d --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54212.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54212", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:26.223", + "lastModified": "2024-12-06T14:15:26.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.2.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/magical-addons-for-elementor/vulnerability/wordpress-magical-addons-for-elementor-plugin-1-2-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54213.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54213.json new file mode 100644 index 00000000000..fc79b3c49d7 --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54213.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54213", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:26.373", + "lastModified": "2024-12-06T14:15:26.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zionbuilder.io WordPress Page Builder \u2013 Zion Builder allows Stored XSS.This issue affects WordPress Page Builder \u2013 Zion Builder: from n/a through 3.6.12." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/zionbuilder/vulnerability/wordpress-wordpress-page-builder-zion-builder-plugin-3-6-12-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54214.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54214.json new file mode 100644 index 00000000000..fe64f36d3c1 --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54214.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54214", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:26.507", + "lastModified": "2024-12-06T14:15:26.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Revy allows Upload a Web Shell to a Web Server.This issue affects Revy: from n/a through 1.18." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/revy/vulnerability/wordpress-revy-plugin-1-18-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-542xx/CVE-2024-54216.json b/CVE-2024/CVE-2024-542xx/CVE-2024-54216.json new file mode 100644 index 00000000000..5be680d91e9 --- /dev/null +++ b/CVE-2024/CVE-2024-542xx/CVE-2024-54216.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54216", + "sourceIdentifier": "audit@patchstack.com", + "published": "2024-12-06T14:15:26.633", + "lastModified": "2024-12-06T14:15:26.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Path Traversal vulnerability in NotFound ARForms allows Path Traversal.This issue affects ARForms: from n/a through 6.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-35" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arforms/vulnerability/wordpress-arforms-plugin-6-4-1-subscriber-arbitrary-file-read-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 375ea095ba4..17bad09248b 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-06T13:00:49.606731+00:00 +2024-12-06T15:00:38.294610+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-06T12:15:18.583000+00:00 +2024-12-06T14:57:19.883000+00:00 ``` ### Last Data Feed Release @@ -33,34 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -272332 +272382 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `50` -- [CVE-2024-11729](CVE-2024/CVE-2024-117xx/CVE-2024-11729.json) (`2024-12-06T11:15:07.837`) -- [CVE-2024-11730](CVE-2024/CVE-2024-117xx/CVE-2024-11730.json) (`2024-12-06T11:15:08.033`) -- [CVE-2024-53907](CVE-2024/CVE-2024-539xx/CVE-2024-53907.json) (`2024-12-06T12:15:17.730`) -- [CVE-2024-53908](CVE-2024/CVE-2024-539xx/CVE-2024-53908.json) (`2024-12-06T12:15:18.583`) +- [CVE-2024-53808](CVE-2024/CVE-2024-538xx/CVE-2024-53808.json) (`2024-12-06T14:15:23.233`) +- [CVE-2024-53809](CVE-2024/CVE-2024-538xx/CVE-2024-53809.json) (`2024-12-06T14:15:23.370`) +- [CVE-2024-53810](CVE-2024/CVE-2024-538xx/CVE-2024-53810.json) (`2024-12-06T14:15:23.500`) +- [CVE-2024-53811](CVE-2024/CVE-2024-538xx/CVE-2024-53811.json) (`2024-12-06T14:15:23.657`) +- [CVE-2024-53812](CVE-2024/CVE-2024-538xx/CVE-2024-53812.json) (`2024-12-06T14:15:23.810`) +- [CVE-2024-53813](CVE-2024/CVE-2024-538xx/CVE-2024-53813.json) (`2024-12-06T14:15:23.947`) +- [CVE-2024-53815](CVE-2024/CVE-2024-538xx/CVE-2024-53815.json) (`2024-12-06T14:15:24.083`) +- [CVE-2024-53817](CVE-2024/CVE-2024-538xx/CVE-2024-53817.json) (`2024-12-06T14:15:24.217`) +- [CVE-2024-53820](CVE-2024/CVE-2024-538xx/CVE-2024-53820.json) (`2024-12-06T14:15:24.360`) +- [CVE-2024-53821](CVE-2024/CVE-2024-538xx/CVE-2024-53821.json) (`2024-12-06T14:15:24.497`) +- [CVE-2024-53823](CVE-2024/CVE-2024-538xx/CVE-2024-53823.json) (`2024-12-06T14:15:24.653`) +- [CVE-2024-53824](CVE-2024/CVE-2024-538xx/CVE-2024-53824.json) (`2024-12-06T14:15:24.800`) +- [CVE-2024-53825](CVE-2024/CVE-2024-538xx/CVE-2024-53825.json) (`2024-12-06T14:15:24.937`) +- [CVE-2024-53826](CVE-2024/CVE-2024-538xx/CVE-2024-53826.json) (`2024-12-06T14:15:25.077`) +- [CVE-2024-54205](CVE-2024/CVE-2024-542xx/CVE-2024-54205.json) (`2024-12-06T14:15:25.220`) +- [CVE-2024-54206](CVE-2024/CVE-2024-542xx/CVE-2024-54206.json) (`2024-12-06T14:15:25.357`) +- [CVE-2024-54207](CVE-2024/CVE-2024-542xx/CVE-2024-54207.json) (`2024-12-06T14:15:25.490`) +- [CVE-2024-54208](CVE-2024/CVE-2024-542xx/CVE-2024-54208.json) (`2024-12-06T14:15:25.650`) +- [CVE-2024-54209](CVE-2024/CVE-2024-542xx/CVE-2024-54209.json) (`2024-12-06T14:15:25.790`) +- [CVE-2024-54210](CVE-2024/CVE-2024-542xx/CVE-2024-54210.json) (`2024-12-06T14:15:25.940`) +- [CVE-2024-54211](CVE-2024/CVE-2024-542xx/CVE-2024-54211.json) (`2024-12-06T14:15:26.093`) +- [CVE-2024-54212](CVE-2024/CVE-2024-542xx/CVE-2024-54212.json) (`2024-12-06T14:15:26.223`) +- [CVE-2024-54213](CVE-2024/CVE-2024-542xx/CVE-2024-54213.json) (`2024-12-06T14:15:26.373`) +- [CVE-2024-54214](CVE-2024/CVE-2024-542xx/CVE-2024-54214.json) (`2024-12-06T14:15:26.507`) +- [CVE-2024-54216](CVE-2024/CVE-2024-542xx/CVE-2024-54216.json) (`2024-12-06T14:15:26.633`) ### CVEs modified in the last Commit -Recently modified CVEs: `11` +Recently modified CVEs: `31` -- [CVE-2023-3347](CVE-2023/CVE-2023-33xx/CVE-2023-3347.json) (`2024-12-06T11:15:06.970`) -- [CVE-2023-34968](CVE-2023/CVE-2023-349xx/CVE-2023-34968.json) (`2024-12-06T11:15:05.270`) -- [CVE-2023-39418](CVE-2023/CVE-2023-394xx/CVE-2023-39418.json) (`2024-12-06T11:15:06.723`) -- [CVE-2023-5115](CVE-2023/CVE-2023-51xx/CVE-2023-5115.json) (`2024-12-06T11:15:07.183`) -- [CVE-2023-5189](CVE-2023/CVE-2023-51xx/CVE-2023-5189.json) (`2024-12-06T11:15:07.380`) -- [CVE-2023-5625](CVE-2023/CVE-2023-56xx/CVE-2023-5625.json) (`2024-12-06T11:15:07.640`) -- [CVE-2024-47248](CVE-2024/CVE-2024-472xx/CVE-2024-47248.json) (`2024-12-06T11:15:08.180`) -- [CVE-2024-47249](CVE-2024/CVE-2024-472xx/CVE-2024-47249.json) (`2024-12-06T11:15:08.340`) -- [CVE-2024-47250](CVE-2024/CVE-2024-472xx/CVE-2024-47250.json) (`2024-12-06T11:15:08.493`) -- [CVE-2024-51569](CVE-2024/CVE-2024-515xx/CVE-2024-51569.json) (`2024-12-06T11:15:08.630`) -- [CVE-2024-9633](CVE-2024/CVE-2024-96xx/CVE-2024-9633.json) (`2024-12-06T11:15:08.783`) +- [CVE-2023-28642](CVE-2023/CVE-2023-286xx/CVE-2023-28642.json) (`2024-12-06T14:15:19.250`) +- [CVE-2023-29405](CVE-2023/CVE-2023-294xx/CVE-2023-29405.json) (`2024-12-06T14:15:19.380`) +- [CVE-2023-42366](CVE-2023/CVE-2023-423xx/CVE-2023-42366.json) (`2024-12-06T14:15:19.530`) +- [CVE-2023-42823](CVE-2023/CVE-2023-428xx/CVE-2023-42823.json) (`2024-12-06T14:10:33.737`) +- [CVE-2023-42836](CVE-2023/CVE-2023-428xx/CVE-2023-42836.json) (`2024-12-06T13:56:19.023`) +- [CVE-2023-42838](CVE-2023/CVE-2023-428xx/CVE-2023-42838.json) (`2024-12-06T13:51:35.313`) +- [CVE-2023-42839](CVE-2023/CVE-2023-428xx/CVE-2023-42839.json) (`2024-12-06T13:49:37.623`) +- [CVE-2023-42840](CVE-2023/CVE-2023-428xx/CVE-2023-42840.json) (`2024-12-06T13:28:41.990`) +- [CVE-2024-1671](CVE-2024/CVE-2024-16xx/CVE-2024-1671.json) (`2024-12-06T14:28:01.590`) +- [CVE-2024-1824](CVE-2024/CVE-2024-18xx/CVE-2024-1824.json) (`2024-12-06T14:44:58.437`) +- [CVE-2024-1825](CVE-2024/CVE-2024-18xx/CVE-2024-1825.json) (`2024-12-06T14:39:05.777`) +- [CVE-2024-20739](CVE-2024/CVE-2024-207xx/CVE-2024-20739.json) (`2024-12-06T14:57:19.883`) +- [CVE-2024-20750](CVE-2024/CVE-2024-207xx/CVE-2024-20750.json) (`2024-12-06T14:51:42.167`) +- [CVE-2024-21098](CVE-2024/CVE-2024-210xx/CVE-2024-21098.json) (`2024-12-06T14:35:46.047`) +- [CVE-2024-26210](CVE-2024/CVE-2024-262xx/CVE-2024-26210.json) (`2024-12-06T14:42:44.433`) +- [CVE-2024-26213](CVE-2024/CVE-2024-262xx/CVE-2024-26213.json) (`2024-12-06T14:41:46.023`) +- [CVE-2024-26214](CVE-2024/CVE-2024-262xx/CVE-2024-26214.json) (`2024-12-06T14:41:12.913`) +- [CVE-2024-26232](CVE-2024/CVE-2024-262xx/CVE-2024-26232.json) (`2024-12-06T14:39:54.630`) +- [CVE-2024-26244](CVE-2024/CVE-2024-262xx/CVE-2024-26244.json) (`2024-12-06T14:33:58.663`) +- [CVE-2024-28103](CVE-2024/CVE-2024-281xx/CVE-2024-28103.json) (`2024-12-06T14:15:20.130`) +- [CVE-2024-29857](CVE-2024/CVE-2024-298xx/CVE-2024-29857.json) (`2024-12-06T14:15:20.263`) +- [CVE-2024-38796](CVE-2024/CVE-2024-387xx/CVE-2024-38796.json) (`2024-12-06T14:15:20.437`) +- [CVE-2024-39689](CVE-2024/CVE-2024-396xx/CVE-2024-39689.json) (`2024-12-06T14:15:20.550`) +- [CVE-2024-49580](CVE-2024/CVE-2024-495xx/CVE-2024-49580.json) (`2024-12-06T14:15:20.670`) +- [CVE-2024-52533](CVE-2024/CVE-2024-525xx/CVE-2024-52533.json) (`2024-12-06T14:15:21.400`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 453dc6ecfc9..5e9243da475 100644 --- a/_state.csv +++ b/_state.csv @@ -130953,7 +130953,7 @@ CVE-2019-12745,0,0,4494f5a769be676f018a13780e7ea5c84127756c65a331a5daed235c68077 CVE-2019-12746,0,0,45c719dc499321c2c1ca798815073ba4511784e1db806095ecb0d85fb888481c,2024-11-21T04:23:29.167000 CVE-2019-12747,0,0,f309481fe81e346dfabce52e730c9013a6bd70fc63b0de176c3cc8b5c811c4b6,2024-11-21T04:23:29.320000 CVE-2019-12748,0,0,7b17da4d95ab6913d725efd2524b9d7b99e8b85b8aa14715f309f2ce15d5fea1,2024-11-21T04:23:29.453000 -CVE-2019-12749,0,0,cd95c0115c5367f1341df720787a8cab97b198cea56be05bc496f6631a036d6b,2024-11-21T04:23:29.590000 +CVE-2019-12749,0,1,d9523b490c8afba6533155d28be765044e980586d5e6aec92a604c1a3fbd687a,2024-12-06T14:15:18.790000 CVE-2019-1275,0,0,1d3067af2580824a16e3984715bd8ee087469e3131faf7e0f2839e78bc5295a5,2023-11-07T03:08:00.430000 CVE-2019-12750,0,0,f461072b58c87a88103bfa9d10d61bba4ea345544ba1e6e37053addc99c2cbc2,2024-11-21T04:23:29.760000 CVE-2019-12751,0,0,a64f1c454df03834648e39b0b6a268d09b559dd24622c5ab4f947191f678b3a6,2024-11-21T04:23:29.897000 @@ -187134,11 +187134,11 @@ CVE-2021-46990,0,0,3e4ac0af655ffa67aafe6583a51f4992e8dee7b3c5537062fca28ff84cfa3 CVE-2021-46991,0,0,f3f161f91325f1426ad11e08d068f744953007e52a77b86fa73cc8203e02b7de,2024-02-28T14:06:45.783000 CVE-2021-46992,0,0,3b16720d3cef6c7f4a65ba23608e80851b1f858dd42d7ebe5c67c0d0e5a3f026,2024-02-28T14:06:45.783000 CVE-2021-46993,0,0,ebd7fcdb3b7d2aeb27404cedc21325c15dca1e92129e0f70358bab6001a5b4b8,2024-02-28T14:06:45.783000 -CVE-2021-46994,0,0,0148ce5a1c359fb0e523655f3fd0c3fd618fdd5515645ed39a1dd72ee0a894e3,2024-02-28T14:06:45.783000 -CVE-2021-46995,0,0,9d6d30b86a40749c585438ce2dac96cd2135b30e659ac4f51521d3d6ce0e74a7,2024-02-28T14:06:45.783000 -CVE-2021-46996,0,0,024f2369d8d12d33f811427cf765fd31367db1a16c41a3c2d6e0ba272de1e676,2024-02-28T14:06:45.783000 +CVE-2021-46994,0,1,5c26f1bffad42113527c03012feabb3100b9729be111faf4a3e0339d6d4c855a,2024-12-06T14:42:34.983000 +CVE-2021-46995,0,1,04279b80c7aa4fa88f6ee3921cc621493bb5af4103005f0ffdf207d8a315335e,2024-12-06T14:55:32.277000 +CVE-2021-46996,0,1,452e5f54c471438a622b93c6c092100d01f800bbb0e695a93e2c585fff40203f,2024-12-06T14:55:54.497000 CVE-2021-46997,0,0,880a46a46d0f74cc4d992d9e9e606d94e04250b93a1a59abf25aaf882e5f3020,2024-02-28T14:06:45.783000 -CVE-2021-46998,0,0,4c11b2099bc73b2a808279e1fd6a136a4d17e7801ff41b8686087f801d12877d,2024-02-28T14:06:45.783000 +CVE-2021-46998,0,1,ff4906a7e8c07b0c23bb35c4e304cafbec2df7e7b473dfe12365d5e630a6c30d,2024-12-06T14:56:48.477000 CVE-2021-46999,0,0,df41955a351aca8b23d0cfb675313534a11af96ff6ad7f09a13efe0d627c45d9,2024-02-28T14:06:45.783000 CVE-2021-47000,0,0,f7d67fb7f20a77921409cd476255c80bc98baac890e9eed1fe936a1a4ea5db1c,2024-11-01T15:35:02.613000 CVE-2021-47001,0,0,3f3542f71002a0a41f8e915ba88b6e6237965c1f0a2dde55af3ab6562f5d29c5,2024-02-28T14:06:45.783000 @@ -221115,7 +221115,7 @@ CVE-2023-27558,0,0,3152db8bf93600e5c430d3c646d94a75601408a592c12b14f5356dbd8976c CVE-2023-27559,0,0,89b65af55b343f1609b5bec09e49c4cb5a0413f5d3b1498a49c1d5a55f7b1cd6,2024-02-01T14:09:30.907000 CVE-2023-2756,0,0,ea062251e9834603901cbeeed71c4caf34f1486aec7cdb3b73155417ccefa5fd,2023-05-25T19:15:29.773000 CVE-2023-27560,0,0,d919eb794a2f4a489029f15afa36adfc1421485a07d4fc26b5b17316598a0623,2023-03-10T18:54:55.587000 -CVE-2023-27561,0,0,4d0c127d91cefb6ee7c7f597a55a913b57e532ecaa8ded522d8b5c1a48efc91b,2024-07-03T01:39:46.513000 +CVE-2023-27561,0,1,cc938c97b78df35a11cb554397a0774a390b7256ecd5fb69409e93ff6b318c50,2024-12-06T14:15:19.037000 CVE-2023-27562,0,0,4d0d11c30764e579e9f791761aa90f6a20fdd9a50194b8507e8dd39a4c1f7982,2023-06-22T15:15:12.007000 CVE-2023-27563,0,0,fa31fdd1243d1c0deb2b6312562f2ba5c2dc3d2a7975f21582b8d8c05c2384aa,2023-06-22T15:15:12.123000 CVE-2023-27564,0,0,024ddfb9fdb6aed4dce622ca9ee802ab57e888a44c31f4fa5d5e16504cb9a084,2023-06-22T15:15:12.233000 @@ -222094,7 +222094,7 @@ CVE-2023-28638,0,0,63d38f63a489d923c5caa02656967d57d7d29b963fcbf0c456e17002087e1 CVE-2023-28639,0,0,92eafce286b9ecf810aec9dc3d0badc512b26a731f3f277d3fbda13905b19d88,2023-04-12T17:03:39.217000 CVE-2023-2864,0,0,314e25735d760d40ff3220238aa793ee749fdeea4f06595d4948ee74efe532b2,2024-05-17T02:23:19.267000 CVE-2023-28640,0,0,e186682831f1b777fa9ffb0d0234c919d34250cdb1c79ee447712a69fd3b5f16,2023-11-07T04:10:46.373000 -CVE-2023-28642,0,0,fd6c8db961a5f5123ff2d98dd76f84e945dded58e76153ddf3cedcdf15b7327d,2023-11-07T04:10:46.520000 +CVE-2023-28642,0,1,f65b3ad5e32db0c8422a602f12856ba1e8a52fde6ed3ef1a5ba41c55c68630f4,2024-12-06T14:15:19.250000 CVE-2023-28643,0,0,1fe35a13137df7137bed4071ec419224db265d9bc275af8f70aa595d5d4d906c,2023-04-06T19:03:25.907000 CVE-2023-28644,0,0,5fbe381d6108ee0fa9e7cc006a60dfac82cef46df1036100fa47683019843d98,2023-11-07T04:10:46.733000 CVE-2023-28645,0,0,3f5ac2abb8486464af2c21ba69bc6f43d95c68703113377fa08351a9cd2542a6,2023-04-07T18:56:54.510000 @@ -222777,7 +222777,7 @@ CVE-2023-29401,0,0,d96c7b4002542f47de4559420209a3b4fd04a81089df4770f9600e51d4feb CVE-2023-29402,0,0,b135c34a6a91971729949652c21f91e4e4e19a37d169faaed0bb4458d4313b2c,2023-11-25T11:15:14.390000 CVE-2023-29403,0,0,855b7280642e19e598f9cd1683bac3502041c1e6d75ea199061adf32a54ada49,2023-11-25T11:15:14.497000 CVE-2023-29404,0,0,5a587825e9b0b7b74216afda5ab1dbcf41bda3722a6f9101f477da498239bf5d,2023-11-25T11:15:14.573000 -CVE-2023-29405,0,0,48363f44c26be5eeea042724e3583ec1ed82e0cc65d3bab6a8f00dd80f30401c,2023-11-25T11:15:14.647000 +CVE-2023-29405,0,1,74cd2ca6da030ee467cc89d6c787160ab7368d3095aa6d48bc44dd9371b1a96c,2024-12-06T14:15:19.380000 CVE-2023-29406,0,0,34596623842e10db974e0ca4a734b14ee165dee8e58c56fdc21cca264fe3b44e,2023-11-25T11:15:14.727000 CVE-2023-29407,0,0,0e7c2ee1d351db91cc69491e515a830fa3dcfe109f3f8588e2076c043e98cb5e,2023-11-07T04:11:11.257000 CVE-2023-29408,0,0,13545fb7eceaac0e042b0222f4c3922b1bac3cbd3d5e23b645473f0ef2fc1375,2023-11-07T04:11:11.403000 @@ -225839,7 +225839,7 @@ CVE-2023-33461,0,0,0de3f4305f427b4ff32b903080fb5c836a3af93f2489c41c6aae59dfd6589 CVE-2023-33466,0,0,8f3bb95382db1efdd63c10853d2c8cab520a0781d1269adfe6c9d0fc3cdbbf5b,2024-11-26T19:15:20.670000 CVE-2023-33468,0,0,44c774863a2d55e63b1845bf55de3fe4506ca7c2a56eeb4bf92cb746976655cf,2023-08-16T18:03:44.977000 CVE-2023-33469,0,0,9dfbe3344d4b40c67ae0a1b0ae4fa865b29407207caaece6d4bed88b6c198b8f,2023-08-17T01:40:13.813000 -CVE-2023-3347,0,1,a696e84bb9777b03e51c37c98d1d947f63d519aa3abc395b8daa6eb2d867b0e8,2024-12-06T11:15:06.970000 +CVE-2023-3347,0,0,a696e84bb9777b03e51c37c98d1d947f63d519aa3abc395b8daa6eb2d867b0e8,2024-12-06T11:15:06.970000 CVE-2023-33472,0,0,4e392d2a388ce9abe0c997c30940e227ec62bc6840750c8b00be8631020e78aa,2024-10-24T16:35:02.907000 CVE-2023-33476,0,0,4a297145be72f944481cc47e9f376d2cf456cf13a342260740e97ecbfcefc9c3,2023-11-25T11:15:16.937000 CVE-2023-33477,0,0,6db6ebce2662ad326ee213faec74c36ba5dbdc9868890686df97f67004511859,2023-06-13T19:14:00.687000 @@ -226877,7 +226877,7 @@ CVE-2023-34962,0,0,af634868fa0054f2b7c45c13462d01abdaf327d9c48e86310a5f366a8816c CVE-2023-34965,0,0,d85b9c37e2f9457d4eb477b5a252039dfcd7c6ab7df67904bd6c23d6018002fa,2023-06-23T18:14:58.423000 CVE-2023-34966,0,0,e75a448d8c9fbf6c3347ce32800fe0287eb15d0c2764bf0acdf69025b4f72033,2024-09-16T13:15:04.757000 CVE-2023-34967,0,0,20789ddbd16a5c66b434fe47b18c7a83f5f97a7fa1510768acd3053a2dc98058,2024-09-16T13:15:04.940000 -CVE-2023-34968,0,1,fe3692b93005707350ca321400a2a0da67649bf024375cb73f339fb65b0e9864,2024-12-06T11:15:05.270000 +CVE-2023-34968,0,0,fe3692b93005707350ca321400a2a0da67649bf024375cb73f339fb65b0e9864,2024-12-06T11:15:05.270000 CVE-2023-34969,0,0,20f3b57435e16371f80459f3c182a2bb410744533b482b94d4ff3198fb3f72ab,2023-12-27T16:36:58.353000 CVE-2023-3497,0,0,4d047266b8d04b5eb358e7cea115fd0dab7c7524efcd458770d1e7272757dc4b,2023-07-29T01:15:09.270000 CVE-2023-34970,0,0,0cf20f552104745cd280f12f0fd3bfe8bacaaf04a1a90475f6f521b43ad00ab6,2023-10-05T16:59:07.947000 @@ -230293,7 +230293,7 @@ CVE-2023-39414,0,0,df3366c5cd098a0f58ec464993c3c9a90cc0b1e3be0c34d75d97071eae949 CVE-2023-39415,0,0,27b9dd5456a592ff692af46b1f23533abbd434af7c0c962ebf0040a220d751b2,2023-08-23T16:48:55.417000 CVE-2023-39416,0,0,6807b062ba92b9cf862f68fd9ddeafbe506e4d8e4e3f7b2b9e67a4ddb023742a,2023-08-23T16:48:22.340000 CVE-2023-39417,0,0,878757a17fb5484845fa16a22486747940d4a7a20731835c89d9701d12a28f86,2024-09-09T08:15:01.823000 -CVE-2023-39418,0,1,76e89eb72127620876f629590671233f01806815a96f9d116e7517ad06b4b079,2024-12-06T11:15:06.723000 +CVE-2023-39418,0,0,76e89eb72127620876f629590671233f01806815a96f9d116e7517ad06b4b079,2024-12-06T11:15:06.723000 CVE-2023-39419,0,0,ee267622741a44d152afc4fe62f01b921f09d42e74bafbc7a6ab718b4f39626f,2023-08-15T16:12:43.840000 CVE-2023-3942,0,0,73ae15f39ea20fcda0dae967d14f10440c888a7e04de1225762effbf472b33f6,2024-05-21T16:54:35.880000 CVE-2023-39420,0,0,e7922bf0247b1c9a74063e3b4cbbd26add9ab0cad203a7cf48dfcb82d73a2721,2023-09-12T14:11:24.750000 @@ -232510,7 +232510,7 @@ CVE-2023-42362,0,0,8b4a6f0f5fcef1b3349470e98c5950e51de404839b937ab34f5ae50f377d5 CVE-2023-42363,0,0,180f5da82e3a5c686901ab47f072f1c9e480db17de45e8e75faad3cc96fcbb65,2023-11-30T05:06:49.523000 CVE-2023-42364,0,0,c97fb0877e6ed1a03f89f750771c88d1dd91299c500b1da32c4b44394c8cb2d4,2024-10-11T21:36:08.877000 CVE-2023-42365,0,0,b406aedf5cff3690cb0cdced542258b1116fc3739fd082c9556fafea525dcb3b,2023-11-30T05:08:08.770000 -CVE-2023-42366,0,0,96aa4788059f0643e44792bf7c219cbf02f22946e327a1c617c1427bb3d00c10,2023-11-30T05:08:23.197000 +CVE-2023-42366,0,1,65dcc4173f13150e581108c0c9566b44a19e34af7c1293ecabe288ee31a0be98,2024-12-06T14:15:19.530000 CVE-2023-4237,0,0,6cf38aec3bd975284a4d86b8e8e2c267e312c6daf36ee9d95139bc404b921d75,2023-12-01T12:15:07.670000 CVE-2023-42371,0,0,0e281a41b11b08a02a0cd51a620dbf419b44c135c1cb4fbf938f26407644aeea,2023-09-21T17:26:09.130000 CVE-2023-42374,0,0,3234420f5caac7400d28a5d1e23e00687f8cb4e55adc666217ad31bc29a13ce3,2024-10-21T20:17:34.267000 @@ -232879,7 +232879,7 @@ CVE-2023-4282,0,0,085a2ef782c4ab33d8733756104530425d8c8aa9e976ffea2f9c3c7c799557 CVE-2023-42820,0,0,4f4a424580624de974093ce23efe959ca821d9a703013ffd027ed0f76cbf69b2,2023-09-29T15:04:32.443000 CVE-2023-42821,0,0,66f6aadae2a34eeac865f857102bc3b26a5c60b6e36f3488d9988d4daf35e5af,2023-09-26T14:59:06.790000 CVE-2023-42822,0,0,8190ac9dadae4e7d4fa3ad2550ce9d236b8884c40ebd4e9f3eb483d3c568be1d,2023-11-03T21:15:16.230000 -CVE-2023-42823,0,0,db1fd6995028860cfdc29311d82aa77ca995032e2e43b4369365896bb8231790,2024-11-04T17:35:04.180000 +CVE-2023-42823,0,1,70dd7f6b5c8bc5a829a8a72c8db49652d99b172be25cab71e1ba63a6c349e42a,2024-12-06T14:10:33.737000 CVE-2023-42824,0,0,fbab300b421eef9746a3064fce9bc8b6eeaaf600e6642ec0d3b5a6981e34e19e,2024-11-29T14:58:56.110000 CVE-2023-42826,0,0,c7e4ad3cd8aa997f54826518199738e903ac4af1c487d59e3b2d8e98f8642331,2024-01-12T14:42:28.700000 CVE-2023-42828,0,0,e2f1754bcff1d34297cb8e4955796ced60cae334d5c978995cc13802654d392a,2024-01-17T21:22:41.863000 @@ -232891,11 +232891,11 @@ CVE-2023-42832,0,0,d4139f8d7ebcb6dbe3f816f6f2093afb5b55323ca863cc15652de2caab2f0 CVE-2023-42833,0,0,e734eedae2bb752eeb00548b60901154a053eb23181a33e00797702140032cb8,2024-11-06T20:35:06.280000 CVE-2023-42834,0,0,14e2fba0f6e9a7407b7066d6e47f2e3f9c9cd1e34de0be9cbc98c4daf103a291,2024-12-06T02:57:06.637000 CVE-2023-42835,0,0,9956dc456ba41773404d8f44ad7b269b3f7a358f4e5a280c805b86e2ebbfd44f,2024-12-04T22:34:26.587000 -CVE-2023-42836,0,0,57dd9f5214333cc32869174710fab8ff9c58d3ed310e22708cf2b23e79addefb,2024-02-22T19:07:27.197000 -CVE-2023-42838,0,0,d2c7cb1076afde325efe19ebd9189ea0f891ccc309473cf4021fe8881f3b600e,2024-08-09T16:35:01.893000 -CVE-2023-42839,0,0,765dd4087b9c648a2614e4f77e8cb2a77a0f084da4aebcff5c956301f137e1c8,2024-02-22T19:07:27.197000 +CVE-2023-42836,0,1,41392f6b460b4e057e3bcec26a92d2622dbe2bbf4f90e1b65389263aa691c08d,2024-12-06T13:56:19.023000 +CVE-2023-42838,0,1,5f38c10fa599c8161f30883b8dcf218bf82058392e8253a87f2a3eddeca9c76d,2024-12-06T13:51:35.313000 +CVE-2023-42839,0,1,39ea04a2699b0f7e4c5dcb0cdb48039dc64ac9c18539c7db4f5ded80049365b0,2024-12-06T13:49:37.623000 CVE-2023-4284,0,0,61fe561181169a40965e309f813ea607fd0daab2834cbef8e665fe00162fc64c,2023-11-07T04:22:25.233000 -CVE-2023-42840,0,0,cd82264bc86c6b2cae0cfb802b7b76d55587d9910f0b6c0aa67585421b1bd358,2024-11-14T19:35:02.180000 +CVE-2023-42840,0,1,f1f04b9061bdce447f5753f3876abfe458e8bb3d9b95843639858d111f70f4da,2024-12-06T13:28:41.990000 CVE-2023-42841,0,0,1ba74cc5d5e854bd871cdd5a2c1321cd1721679505b9b640a088d8b01d078fa3,2024-09-10T21:35:05.947000 CVE-2023-42842,0,0,e6c3110fb32fb31efa637e19595877e38152993b501001f3e91f7f4195c48558,2023-12-13T01:15:08.050000 CVE-2023-42843,0,0,fdcaee2947060de20442c439e087fd1ee28a11ba66828a8d78ea7542fc20bb0f,2024-11-04T17:35:05.077000 @@ -238549,7 +238549,7 @@ CVE-2023-51142,0,0,3cc421719bb627f399e2e569c0e2f084a8d2b6a78a2b82bf6a4efa03230e2 CVE-2023-51146,0,0,665d49e788e0dece9a1ced017989b7a5e3600cd53a97e4d88ddab1a009ccef0c,2024-08-20T16:35:04.123000 CVE-2023-51147,0,0,75e5ad9e43cde03291b18d115e151db0aadaa5d5d0263e6c24a28fb6db5ae3b5,2024-08-05T21:35:01.980000 CVE-2023-51148,0,0,bce6f23f629ff4a4d092df77207bd3625ab8bab51457c9d3b72eb9275af90b21,2024-08-03T19:35:01.547000 -CVE-2023-5115,0,1,05e3e9c0dc22461b743c2358ed803bf3147865ec12621e61796b475c03cf4d88,2024-12-06T11:15:07.183000 +CVE-2023-5115,0,0,05e3e9c0dc22461b743c2358ed803bf3147865ec12621e61796b475c03cf4d88,2024-12-06T11:15:07.183000 CVE-2023-51154,0,0,733ec9b18ea85f01f34e9765897ada4e832b65ac33fdca877dda8af7f30fd092,2024-01-10T15:58:18.733000 CVE-2023-51157,0,0,8f9b732372eef7b0a17c80ee530e72ee53023301d6e9793fef1728afd0fae67b,2024-10-02T16:58:20.160000 CVE-2023-5116,0,0,591765d4d588c72144ede930c6a51f214c6b6a2dea94dcfbd541442fb6e59c4b,2023-11-07T04:23:28.397000 @@ -239080,7 +239080,7 @@ CVE-2023-51886,0,0,17a987ce8e9d4293c97b1e144f14d734e91014c1a5c8636de0492c2716c2c CVE-2023-51887,0,0,3617f2c6023aa853023bfe854b24cfedd6b5765a6faa2f3c4fe8d892cba62440,2024-02-05T17:29:49.697000 CVE-2023-51888,0,0,9187ef2a1e845145b9da21ae72a5ebcb83ad50f0cdc421a41aecb6389d22b1d2,2024-09-05T18:35:05.327000 CVE-2023-51889,0,0,225f817fd8e1547554e8995f8a260965ee9dcf250964df6b70d82cef6d56e9e7,2024-02-05T14:10:48.287000 -CVE-2023-5189,0,1,f877579052e7e020385bd9010538c2c710e7d8d7f1242bfd44a5823be3c89969,2024-12-06T11:15:07.380000 +CVE-2023-5189,0,0,f877579052e7e020385bd9010538c2c710e7d8d7f1242bfd44a5823be3c89969,2024-12-06T11:15:07.380000 CVE-2023-51890,0,0,dac6d98652777713b7321c29dc97b96542610ef74ace66a9064ce4a9f2192735,2024-02-05T13:57:15.610000 CVE-2023-51892,0,0,c09f0c2b2c371cf705b4ad5404d499e4dfcc7cd524eb297df40e44c4cbb9a356,2024-01-26T17:12:58.500000 CVE-2023-5190,0,0,f6ef6916ba9706af49edb1ffd45ec17cf07e081fa4117b6926025e95e6ef332e,2024-02-20T19:50:53.960000 @@ -240311,7 +240311,7 @@ CVE-2023-5621,0,0,c418664501b2f113540a10fbe54573420e49f52f46bc96886f617927fd44a4 CVE-2023-5622,0,0,f19fe82900e70a4450099d29884259279e7aeae442e6aa22b36ae355f702bc7b,2023-11-07T18:04:15.357000 CVE-2023-5623,0,0,2f3b29c1eef030c9ad5a4ede8de04f56f932e285b9b218b7356d7e60e1761594,2024-09-09T16:35:03.113000 CVE-2023-5624,0,0,ba5097aba2a2a247854c1d9b4796e1185da31c5dd8141edfd0344a8f714da575,2023-11-06T18:20:25.737000 -CVE-2023-5625,0,1,d6e5cc0e0e24cb371dc02d5b4f02cec480ec92045fbfad8c9a58d3e6a920a821,2024-12-06T11:15:07.640000 +CVE-2023-5625,0,0,d6e5cc0e0e24cb371dc02d5b4f02cec480ec92045fbfad8c9a58d3e6a920a821,2024-12-06T11:15:07.640000 CVE-2023-5626,0,0,340b8c1c87a43fe8a63e58d41c520f026228ad8445e5d8be6ece89714d56eba5,2023-10-25T00:11:45.460000 CVE-2023-5627,0,0,02bc7ecc7610787f79ee1f759006d4f0a686d373d965838b8defe095f670549d,2023-11-09T13:56:03.517000 CVE-2023-5629,0,0,7e6798797b363836a6f68c0660a0441b52f3631f60a9991276c08a96f308608b,2023-12-27T18:45:15.347000 @@ -243103,6 +243103,7 @@ CVE-2024-10509,0,0,a9d05e50f1563ceed5339878fa8c2329eea9e28284f4c0c86984d14b77803 CVE-2024-1051,0,0,301df872c002365b13eaea34d02a8084366516306d472e0b862c9b6067f5d33d,2024-04-01T01:12:59.077000 CVE-2024-10510,0,0,1a1b225dc371f891ed5076d52ce3977c9397cc1b9a9aecca92726347c481951f,2024-11-29T16:15:08.733000 CVE-2024-10515,0,0,907400a34dad51b072b2c37123f6c966421eb7a65eb80907a16cb7d23ffaf400,2024-11-20T16:35:17.020000 +CVE-2024-10516,1,1,80d7290c2ec65db45d446d2efa0f433d5ae74d502fbd8f3f6b779554880f29c2,2024-12-06T14:15:19.667000 CVE-2024-10519,0,0,764e527fb6f6b94c2143fe0825f329c8a5cf4ea95dfe91426d264d50631dfd38,2024-11-23T10:15:03.600000 CVE-2024-1052,0,0,2826dc83bebd9032f48348a63ffd25025c2a6126abd483892ed79004a77aef0f,2024-02-15T18:49:40.180000 CVE-2024-10520,0,0,5acdd0c5659959d9ac18fb296c8b0ca775c2f72b2836f5d69fce1935ac3f49b0,2024-11-20T12:15:18.390000 @@ -243293,6 +243294,11 @@ CVE-2024-10766,0,0,e35f492b9f66f3ec904d31d42b260648e53321433ee2cae35a4e477e4ef29 CVE-2024-10768,0,0,594fbdf596dfab7cfec85356d137af72f3f7c97c4f287c31f07abfe79e0c4dc2,2024-11-06T15:04:45.200000 CVE-2024-1077,0,0,9052c519c4a7de5cf3516fc923116c25b788d5b36a137a2e416fb3d37403344d,2024-07-03T01:44:58.330000 CVE-2024-10770,0,0,0f5897dd9aba481faece95da66f5bd3d6a2ccff92cbfd04ce22fd4f1ffbf1962,2024-11-12T13:56:24.513000 +CVE-2024-10771,1,1,2bdaf5f350857db085c6e2cbcad842965b39d81f3de96808dc2b2eadbe59c7c0,2024-12-06T13:15:04.797000 +CVE-2024-10772,1,1,7b3ef49ce18ceb36a77f36f8da60cc13fd1bde97d91a7687f0ec371fc7e42c5a,2024-12-06T13:15:05.763000 +CVE-2024-10773,1,1,b319e829a4d7aec519407c526440ea8c5f06e2a685cfe8ac56794c25d8265526,2024-12-06T13:15:05.897000 +CVE-2024-10774,1,1,52937a67d38a3ca4cac2593ed92f182d11272077b05cfaff7c900f9be6d717e0,2024-12-06T13:15:06.023000 +CVE-2024-10776,1,1,dc03190d23e9d412efd455c6483bd5505809f6c4d558cf1599ece83716580b1b,2024-12-06T13:15:06.147000 CVE-2024-10777,0,0,3b1d73e1a971a48dac25456c2710dc464cc6938365e3cee5ecfa9c80b527be78,2024-12-05T10:31:38.960000 CVE-2024-10778,0,0,079913d9652b6f58f66290bfdff6b3da5883740d014ac44b1539fe6c742670ea,2024-11-13T17:01:16.850000 CVE-2024-10779,0,0,03484221afac3766470b5ced8d3332eee24d28c027104d12405179c89d30afec,2024-11-12T13:56:24.513000 @@ -243468,6 +243474,7 @@ CVE-2024-11019,0,0,6604c210a97cc053c22ce6d13cc0dc17ae5bad1195d1bb4d86b14fe4426ef CVE-2024-1102,0,0,0928bf44049eedf97e0b54e5fbfa6f0206fb5c0a5ae4e275eff0db0e3aa685dd,2024-10-16T15:15:15.150000 CVE-2024-11020,0,0,d8da56d08b04c1b6283579c38861d54ff29b7503469ff5458753549fabf50559,2024-11-18T18:59:39.293000 CVE-2024-11021,0,0,5330750d11b3fde718ec5c3eb7f0a1e1a342a8ecd281acc88c611cccbde0d765,2024-11-18T19:00:03.487000 +CVE-2024-11022,1,1,fbb95cf268a32e4c430506821a558f8758ec8d3943db808bbb2b4f9222d666bd,2024-12-06T13:15:06.267000 CVE-2024-11023,0,0,2473f75aeae9518b2cbff4e6006b6c4d1b296463725df83234e5d555adc056df,2024-11-18T17:11:17.393000 CVE-2024-11024,0,0,fdd235bc026a01ae98bcf6f4aacaacc2569951a9e4c3435d41b8fce72f321275,2024-11-26T11:21:58.660000 CVE-2024-11025,0,0,51ef2781824cbb1e5ad5a3093b4ee510c5b9ab10b930b0d0a4e2edd5971f47cb,2024-11-27T11:17:41.740000 @@ -243672,6 +243679,7 @@ CVE-2024-11318,0,0,9febe7cf088687dfbeb6d2d8f74590e0f8059ffca33de9b68ad34437f87d2 CVE-2024-11319,0,0,10049ab876319f9ecb08a7b21cc61880e37e90d0ecd4d79058dbd3eba0407f5e,2024-11-20T14:59:38.297000 CVE-2024-1132,0,0,3de6e62885ac8497a4c1d8f4950ebedc171b13b33dfedd6a9eea9ae164fd993a,2024-07-03T01:45:01.507000 CVE-2024-11320,0,0,043dd45fc8afc6a3f6d5124b009a260902c28d8e6731495b55f0e622c6d087a7,2024-11-26T17:26:33.327000 +CVE-2024-11321,1,1,24fd8bd007c643665b32f36154d7304e0354bc074c31df8252c4ae2adea88453,2024-12-06T14:15:19.810000 CVE-2024-11323,0,0,fe6c4abcb6520792924b391cb014a8d5e6a41ac24f15f5e456d25994e6bc1b95,2024-12-06T09:15:06.157000 CVE-2024-11324,0,0,488b7e62366c4a9086d212f9c909a0d6b63bf80e00073241feeb20f5eaa9b760,2024-12-05T10:31:39.313000 CVE-2024-11325,0,0,14da4d35c2181419813fe9ac1dccdd051d8a95ab923f557a3b686e3cf070cb30,2024-12-03T10:15:05.067000 @@ -243930,9 +243938,9 @@ CVE-2024-11708,0,0,5872b1f165a61acebbe70a5730336bc20a16b17ac8491536799290291f1eb CVE-2024-1171,0,0,59f6a72a19a26da04118a5786af1566b99863895f524fbe4b34406571782a615,2024-02-29T13:49:29.390000 CVE-2024-1172,0,0,11b44e5ce5101f5b7c8ab7c5bd49458795761e0ba5cf2024c3b79ca4ef4be57d,2024-02-29T13:49:29.390000 CVE-2024-11728,0,0,753a75db283c7db0f2e00d3fa24caf432d819763e56027f5a42ffc4b676c2e11,2024-12-06T10:15:05.853000 -CVE-2024-11729,1,1,2827c895dedc0ed4dd965773a11bae36af1e873ca6340b82c6f253a207f9bedf,2024-12-06T11:15:07.837000 +CVE-2024-11729,0,0,2827c895dedc0ed4dd965773a11bae36af1e873ca6340b82c6f253a207f9bedf,2024-12-06T11:15:07.837000 CVE-2024-1173,0,0,d3495940fb5216c0fbed831a88233211893c24cb888781ac48f1d76bb3bc26ba,2024-05-02T18:00:37.360000 -CVE-2024-11730,1,1,1c75a29ac86330ee59ce7e562964d19e5b2f34b817b5e3f64dd6b06aec3955ea,2024-12-06T11:15:08.033000 +CVE-2024-11730,0,0,1c75a29ac86330ee59ce7e562964d19e5b2f34b817b5e3f64dd6b06aec3955ea,2024-12-06T11:15:08.033000 CVE-2024-11732,0,0,9ac5f8faeb8d3d023aef30c0e1c16293895e21fbeef4db588eecb4bcce0a9632,2024-12-03T08:15:06.383000 CVE-2024-1174,0,0,1a20d0936daa8c05ea33a8dfff3a4c4c734ee1e57e74d832a558685298d668aa,2024-08-28T21:35:03.473000 CVE-2024-11742,0,0,159958446bfcddf210e603d44dd5e0653c4d00985f509f964ecd8fded8c95573,2024-12-04T21:04:48.830000 @@ -244523,7 +244531,7 @@ CVE-2024-1666,0,0,1f8333a8347ccf0940f5f18eb72bff97cea1045d2d21b82516336ffe998970 CVE-2024-1668,0,0,5d777dacf70894c13bb98378761ebbab538d2f58e3be366f3dd859cfdec3a507,2024-03-13T18:15:58.530000 CVE-2024-1669,0,0,ae22d791fe16b24d1cf628f15b39c04205c9c5736dce59302c0c7b298ad8f6d8,2024-10-31T15:35:21.517000 CVE-2024-1670,0,0,1076fe172d6239bf170090e8e565b53f2a5e980bdc541ad08c209e2df3f767db,2024-08-28T15:35:13.310000 -CVE-2024-1671,0,0,b90d151a59720bfc66cb3bbbb41d4e1a2a08b8f84ae511718307d6e0d6c90578,2024-02-26T16:27:52.697000 +CVE-2024-1671,0,1,6fd857ed8e49d57c866ab67a431487c43ed38119f3b000302a23833074e59abd,2024-12-06T14:28:01.590000 CVE-2024-1672,0,0,5df25617ae1b8580bd17e41342f3db39038751d4dea40ef6d92d4a83e8eeb0f4,2024-08-01T13:46:08.940000 CVE-2024-1673,0,0,72b6738109f060ca33cec8daa581f20d84f924c2dda86dec338ec0b1edf6aa3e,2024-08-01T13:46:09.737000 CVE-2024-1674,0,0,4ba13d339c0085a8c6736e2e58ccbdd34850427ed620a2dbb72ff03c39afc724,2024-12-04T21:15:21.223000 @@ -244673,8 +244681,8 @@ CVE-2024-1820,0,0,2713d72ca083bebe41db6fd6955c5fc85fd2c1f22edbdb4d3b9e50e4701834 CVE-2024-1821,0,0,001bd53445b58573a4f69eca07101a26be5e9f423ab10e8b9d706b56c68f6750,2024-05-17T02:35:37.590000 CVE-2024-1822,0,0,d3338217ebea9fb35a562bced306fdd327dfa4cb5bd43514437e68a1ee06baf3,2024-05-17T02:35:37.690000 CVE-2024-1823,0,0,bc40ee6def2096397277259f2c87f4cce8e67327f079668d1eed732237ff5870,2024-05-17T02:35:37.780000 -CVE-2024-1824,0,0,9ff3f5b7c2fbba113f8afe6d07bff00b09fb7cfdd8234e20f8b98e31899a010b,2024-05-17T02:35:37.870000 -CVE-2024-1825,0,0,39555e7b089c1fe4c9f2340d3e9be2491609c6639f0f983154b7b56215b19b44,2024-05-17T02:35:37.957000 +CVE-2024-1824,0,1,ad2a7bf090b861f97d4813ba1c9ca7e736c2450e66a5946f4013518d94817777,2024-12-06T14:44:58.437000 +CVE-2024-1825,0,1,94224c598383aeea43f74621bfb1622acdf3624bba639eb6baf3398ac6cb0efd,2024-12-06T14:39:05.777000 CVE-2024-1826,0,0,42fdb5fdbc00d6401c68ce7d560abba32125c286c8fb55822f1f7a22aebae5da,2024-05-17T02:35:38.050000 CVE-2024-1827,0,0,0e289188acddaf89433afe2d33a125098ebabdc35f05fdc28220ef133ca893ba,2024-05-17T02:35:38.147000 CVE-2024-1828,0,0,d30dcd240d65de8a32ac8b960df82dc1e6398d8f2e3bc8779f205ba6c13d06b8,2024-05-17T02:35:38.243000 @@ -245397,7 +245405,7 @@ CVE-2024-20735,0,0,7f602082b83c75af61f423dc61a35835f7519ac84540b03dd4211e3c12310 CVE-2024-20736,0,0,60ca92845b9282544e6e9ea2c365b3d29fb1c0b234b60381a7185badb42c97c3,2024-03-12T14:54:37.200000 CVE-2024-20737,0,0,810ac54ab4bd1c1209c5c62f1250812a632893121c758fd3f17d8bed703a1af1,2024-12-05T15:09:48.830000 CVE-2024-20738,0,0,234845e3658080b4965af41cf35a03b6397a154442f1c582db87a847336205c9,2024-03-15T17:15:07.907000 -CVE-2024-20739,0,0,66e13416f7ab022d3486880880fe2c50c46b451e65e18cd68cbfff77699ffce7,2024-02-15T14:28:20.067000 +CVE-2024-20739,0,1,e39dffeefaa340b09cbd469cfa0c76060e62ef700cf659a1ae1e165c597c7f10,2024-12-06T14:57:19.883000 CVE-2024-2074,0,0,7d373614838a94921c8511a8888765e9ed3349ea79e8e599534f642442667245,2024-05-17T02:38:02.163000 CVE-2024-20740,0,0,d0282bdf940309e71ce445ff98085e5fa793f46a7be343b1cf5f48d50f5f9994,2024-02-16T20:08:32.477000 CVE-2024-20741,0,0,3e0433e176a59104b613d42d78b50656537a1dcbc720620c126ff771ba841bf0,2024-02-16T20:08:23.677000 @@ -245410,7 +245418,7 @@ CVE-2024-20747,0,0,2f6cc84d9c3f642d7aa7aa3c408889cba0af9c15116c9e379af5658f23269 CVE-2024-20748,0,0,b2727d2679f4034f9765faf610fc86c3782a5a3ec6973417780e4f3e7e755b6c,2024-03-05T22:17:26.913000 CVE-2024-20749,0,0,275b3a7c68a00702bdf8390602bbf378fd8c74dda5b1c131d384e754ef7e05a3,2024-03-05T22:17:17.527000 CVE-2024-2075,0,0,697ddb04b7f782de85ad884f01abc82cd245882cddd4cdff25b25e7ab89a49df,2024-05-17T02:38:02.263000 -CVE-2024-20750,0,0,733596897cd420f49d9ddf9eb46b4cb28601761cf0a1f58dedb2f621b2a473f4,2024-02-15T14:28:20.067000 +CVE-2024-20750,0,1,e438b6e6ebe7b605c5f210490a6424d8cc079504ede835c369a2b78128b40286,2024-12-06T14:51:42.167000 CVE-2024-20752,0,0,55d4f68342f3f1f07fda826e7e0bb3f2cc0c0bfe38a211d90fc2973a7dfae8f0,2024-12-04T22:05:25.983000 CVE-2024-20753,0,0,2ce18c159e068066ae48b89cf399c038a77f7045dedbcf8fd4c4911f7575d30d,2024-07-22T18:20:55.763000 CVE-2024-20754,0,0,f1651dde78abbc62bb949b8ba0f8487c988cbc51443d86b48da7724d4e1be3f9,2024-12-04T21:55:42.963000 @@ -245774,7 +245782,7 @@ CVE-2024-21094,0,0,263056239ff6ad0bc667e8c6542629ef5df05fe8ce26e38409cfe58bcbaf0 CVE-2024-21095,0,0,71837bbaf2bea328402990b14e523963606d49d2731911e5f425e34df69f4f33,2024-07-03T01:46:33.287000 CVE-2024-21096,0,0,6aea65a83e2d5b0b6b2c176040905d4617084dd4a49f2855ae52e067c47fcfb6,2024-06-18T02:15:09.823000 CVE-2024-21097,0,0,180e09f8ab03fa9202c965312463df6de0d343b6920ea63f93e36f9d95609d57,2024-04-17T12:48:31.863000 -CVE-2024-21098,0,0,6d4c7c29d84d44117c2ddddd591dc940d4aab6a0b106a5d85613f57420b56b9f,2024-04-17T12:48:31.863000 +CVE-2024-21098,0,1,474d349fe791b59a45a4f0ea3b001446503f6f0220c6860a433cd83652825994,2024-12-06T14:35:46.047000 CVE-2024-21099,0,0,18ee7f90aec4d9c34bf08ab839549123e62f8937c0d3b02741d81fa2e6dfe88e,2024-10-31T19:35:02.343000 CVE-2024-2110,0,0,1270b7a979206100ed725d968c0cf72fd1f82b851f2f2372b42faaa8d203e40d,2024-03-28T12:42:56.150000 CVE-2024-21100,0,0,a46a163d2ef0a0b6b1fddd7395d7d5cb51902aea83a18389f53792a38f659f53,2024-04-17T12:48:31.863000 @@ -246230,6 +246238,7 @@ CVE-2024-2155,0,0,499612150b3a1be829ef430bb3388eb54a55d7bb52271f37f2a76ceb8af6c5 CVE-2024-21550,0,0,0a53a3a179cb6ecaf9ed04811bdf34ec295d6a8521b7681bf2ba3945e955d773,2024-08-13T17:33:13.537000 CVE-2024-21552,0,0,cca88d3958ef8dbde43c3d8aa2af78ed997fde7ae88029225af47b23b037e5fa,2024-07-24T12:55:13.223000 CVE-2024-2156,0,0,3e156cd1519b9856caf676cc7af155ea1ba3901c226a3a379024601d5610634d,2024-05-17T02:38:05.157000 +CVE-2024-21571,1,1,d37e58d960b59009984c70d286739e560ae0d50ece0a82d653578b73814bd68d,2024-12-06T14:15:19.997000 CVE-2024-21583,0,0,5ee759afacfac4eacf9b9c2f67334664ec22ef2b0f47b92ba28f55ea8a67006f,2024-10-31T14:35:10.887000 CVE-2024-21584,0,0,8b5526ceb3e16a0ab47a1bfab91d9be92bc9a5e69e8211c3726ea53cdfac9e76,2024-03-12T12:40:13.500000 CVE-2024-21585,0,0,a95479b2f7def09a92725835fa7942a8a00417c5c30ba7ad5352ec09d8740afc,2024-01-31T00:15:45.920000 @@ -249517,11 +249526,11 @@ CVE-2024-26207,0,0,eebd3198eee2d220773a7a6c3806203e4676eeda6560419c6378b5c07dbbc CVE-2024-26208,0,0,8f730376c288f09d6ee59e01661391b3e5964c86e9e8e6c053d6aa85d08179ac,2024-04-10T13:24:00.070000 CVE-2024-26209,0,0,c46c66129570027182c14cea9a5c1e59089637bf26c9752158cf497ee6de3f5e,2024-04-10T13:24:00.070000 CVE-2024-2621,0,0,3706442027ec8371e4c938f5d9a813d037caf3980d1ca0ec9e941adc0a9a6c02,2024-05-17T02:38:22.030000 -CVE-2024-26210,0,0,279dff8292aa9c2941ef991f31347597abedd06810574cad980f20469a83f0e1,2024-04-10T13:24:00.070000 +CVE-2024-26210,0,1,80668a0088efda63c0156312b85125604fcb808022ff6ecf79973436c0b409ba,2024-12-06T14:42:44.433000 CVE-2024-26211,0,0,a71137a808631f005ea74a6e19924c3ddb403ca8859f05d513b3b1abad73046f,2024-04-10T13:24:00.070000 CVE-2024-26212,0,0,745c9d2208bed878109b747091234ccf4830eed0889faa789f841b4e264bb29d,2024-04-10T13:24:00.070000 -CVE-2024-26213,0,0,c56c9258996a41382ce4c5f149cc30a73c2f8de9749d36ec350f9669d95e3faa,2024-04-10T13:24:00.070000 -CVE-2024-26214,0,0,f6d89937dd4255b8ca0e8d8900d9b4fb6901dfce88ec8d24cd72c4f888e42d56,2024-04-10T13:24:00.070000 +CVE-2024-26213,0,1,5a2a2da6d81a01672bc99c3e79b917c0c1e54771e696947d704edfaa4d0f49b6,2024-12-06T14:41:46.023000 +CVE-2024-26214,0,1,8866865b72676a3d79c514af72de9a6fb00238adfc940346c8215eeec13cf909,2024-12-06T14:41:12.913000 CVE-2024-26215,0,0,447bd4aaa07baccfcf39f4c99d61040b5fa157d4370064b7d8cab5112bef83ab,2024-04-10T13:24:00.070000 CVE-2024-26216,0,0,350addffbffd9f25bf808345ca68c898dee8056c709d15b74a8ed23bd53c6421,2024-04-10T13:24:00.070000 CVE-2024-26217,0,0,742b5a13943e10004408aee7eed3265e0ea73e6518cc8e08040e912720b36f41,2024-04-10T13:24:00.070000 @@ -249540,7 +249549,7 @@ CVE-2024-26229,0,0,8983ceb973c169ac11af789c03edc988929a27e92bcd4cffac36479def225 CVE-2024-2623,0,0,583f2a4720af00a8e7dec609b6cc4b0204f3751244fefec1832ba195e96e4ccd,2024-04-10T13:23:38.787000 CVE-2024-26230,0,0,8a9ef4247f1e4abf231282388fc406a7808aaa332f528bc22f1d641494009d0b,2024-04-10T13:24:00.070000 CVE-2024-26231,0,0,2d4d9e666c73e560d56125946e1cafdbc01255d6310d9a36a1799ab461de8e9f,2024-04-10T13:24:00.070000 -CVE-2024-26232,0,0,13b10f68be98f521a6c09ec9cd72fda3efb0419c949d941b3f7150c3da749236,2024-04-10T13:24:00.070000 +CVE-2024-26232,0,1,3b717e9ae005d4734140ff5837bde84cda000758a327ccc4b5664a77a5b55004,2024-12-06T14:39:54.630000 CVE-2024-26233,0,0,8846b8664d20a1c11345ca0cc21b1686adbb40d7811db865a136075e1df52d29,2024-04-10T13:24:00.070000 CVE-2024-26234,0,0,79d79d1235b61ee2cc661f1471a8a02ae1b4c86677f570e542d4e4759c4977c3,2024-04-10T13:24:00.070000 CVE-2024-26235,0,0,5a4984c95102365ff54eb9d5859eb9eaf5f7097c94aa9a768a64dbe8d87b0c6b,2024-04-10T13:24:00.070000 @@ -249553,7 +249562,7 @@ CVE-2024-26240,0,0,469d109d7f6dbe34081d9860472aff3b4e252c2c74e78521b270d4e97c1e5 CVE-2024-26241,0,0,ad49425919c070a9631331db70a22ebb9d6d5ba3446192474b9ed36e91182f09,2024-04-10T13:24:00.070000 CVE-2024-26242,0,0,87be43bdf41cad376dd7ec9618b8c7069b8c8b4a0eda2f8823d78d95a17b33c7,2024-04-10T13:24:00.070000 CVE-2024-26243,0,0,e04487756be793068388e34a50c118bebe898bacb93a5503cf9b46b13b0f4b83,2024-04-10T13:24:00.070000 -CVE-2024-26244,0,0,78d97183f80639d42d681a3725493d18ed7183bab202915951e1e4addb6a8d90,2024-04-10T13:24:00.070000 +CVE-2024-26244,0,1,7541ec5473155fdc897929ec7500413844789371b750f5769ea582fc80ab0c6d,2024-12-06T14:33:58.663000 CVE-2024-26245,0,0,d8e7715693a4c17db96124229016576d132c978af86f165ed843021cc0e24bae,2024-04-10T13:24:00.070000 CVE-2024-26246,0,0,281c00482b3c35bb6fb58282b68f55f76ce6bc574686f37dcb024dae18841f5f,2024-06-11T16:15:22.197000 CVE-2024-26247,0,0,2e08eb3ba6b627c10ba27bd8963a5aabfaab07773e08696de8ef39c9e2d29c88,2024-06-11T16:15:22.333000 @@ -251091,7 +251100,7 @@ CVE-2024-2810,0,0,a6138bc48d0ad782bdb60e8557544808b5ef91a2fc4ce0cda3b3c53204635c CVE-2024-28100,0,0,28f0fa28af9eb2a57ea2713e94841dde9665441eb3d638492d6a597570e9c4d0,2024-09-16T17:28:07.347000 CVE-2024-28101,0,0,a1f8d89ff6e2fe4f9ee7b88d676867a71496a3d21b3393b755ab9f1348fee98d,2024-03-21T12:58:51.093000 CVE-2024-28102,0,0,2e25e475353b428725cda7fe0e916bc49ec4c129ea0b8f2f75fa8309f53bf0d3,2024-03-21T12:58:51.093000 -CVE-2024-28103,0,0,8a9e6ff0bb9d54d8ac1c9163b05fb11e82067abc5fdfd4f8ff53c9880ea54597,2024-06-11T15:27:55 +CVE-2024-28103,0,1,26a1df0a97af3e8bf340a44226684b9b3738afd934bc956d23ac51b24faba65f,2024-12-06T14:15:20.130000 CVE-2024-28105,0,0,baac5204e0e544ff02a84be49b1a0b2af6b7fda1e027e2d6f71f507778a03865,2024-03-26T12:55:05.010000 CVE-2024-28106,0,0,92d332069a01fb4162bd949f388a76a4a6bafd9fe08eb19180021ebfc0b7aac4,2024-03-26T12:55:05.010000 CVE-2024-28107,0,0,7cb4d63d60d834fb8424dd326caafdeb864f42ebac2ad3f535c760a638117bc0,2024-03-26T12:55:05.010000 @@ -252181,7 +252190,7 @@ CVE-2024-29851,0,0,a89530d2196122bf2e1df60f524dc0d42f1a66aa656e26ff3129a8660d38d CVE-2024-29852,0,0,726c48fca6ecce09ba0891a4732d56a8cd51267214424717a9c0997e21d90cb7,2024-07-03T01:52:49.260000 CVE-2024-29853,0,0,c1ae8cba1ec19d8da2e0ffbfe16c680f8b2163da29207d481a72323097831057,2024-07-03T01:52:49.947000 CVE-2024-29855,0,0,b2802ced0a558e4f090c6287efb3198501503af3c94eb0da01eddf25e7dcba7e,2024-06-11T13:54:12.057000 -CVE-2024-29857,0,0,ab5aace8726aee3d1e7393ae75a416217cc2ccbc3ddcccec94ddfc2d233ec46c,2024-08-15T19:35:09.613000 +CVE-2024-29857,0,1,d0f8da7d297215a9aa89339fb466a7b41b1ef03fad42cb6defbc9cbd2e5f42d8,2024-12-06T14:15:20.263000 CVE-2024-29858,0,0,aa5c90a68e61d5eea7826384e8d70b409ed6638b27cfe587538945dd40bbacb5,2024-08-05T20:35:08.840000 CVE-2024-29859,0,0,0c52659382beed573a576d19d14344fb05eadf0b0b39ff1fc944de0677e36d69,2024-08-05T17:35:11.090000 CVE-2024-2986,0,0,952d70d69d44f406b2fd5c4135c9fe58871a413b604b281f838364e0f0dd222b,2024-05-17T02:38:40.777000 @@ -259127,7 +259136,7 @@ CVE-2024-38792,0,0,5b519dd0c92964123f827781527184beafd48bba42a30bc8682cb043da48d CVE-2024-38793,0,0,8ad7655f99bb4b3fa4f36342468e0b68d719584b816ac8effce8d0ff63e4b98c,2024-09-13T20:57:16.150000 CVE-2024-38794,0,0,a1751b8cf7a38a8fd06679d7156a15e060095904b59bf6ad6d0a13d5b62cdfb0,2024-11-01T20:24:53.730000 CVE-2024-38795,0,0,83e6ed558db6ed1b1b849abb4b7528bc0fb3b0856b9448de9d080b54c41c3121,2024-08-30T16:31:03.887000 -CVE-2024-38796,0,0,3d9cb4aa62a4ae6711850289216ae812a45627870de9e62adff5833551edb19a,2024-09-30T12:45:57.823000 +CVE-2024-38796,0,1,c4c33fa7474078d5c275288ac0c26a4a7de9b623a9c9f1253ec9f217f7c619bc,2024-12-06T14:15:20.437000 CVE-2024-3880,0,0,6dd5da57a8412b823038a64a32d07af4547e4dfdd637b54b90b4556bfd34431d,2024-06-04T19:20:26 CVE-2024-38806,0,0,aa1ff0885d521aab036aaf6506258a484aa869322b524482869e0e1df3ac4a48,2024-07-19T13:01:44.567000 CVE-2024-38807,0,0,6663b89433c5ca3162ac8e0676fc16d9b92af7b1823f84debbce11cbc23a4743,2024-08-23T16:18:28.547000 @@ -259734,7 +259743,7 @@ CVE-2024-39685,0,0,042761f44ce108a0e8b681adf57defab48684290feb2ccd00f3033b8ecdd8 CVE-2024-39686,0,0,2e6c61babe9b1c203a7674ce8864a707096efb3630e9c5b266f2ae907e30b8c0,2024-09-11T15:37:20.323000 CVE-2024-39687,0,0,1f0dde45c697bd142eb547e4c25395e40bc6f58804b4b24f10fa4126a251ad78,2024-07-08T15:49:22.437000 CVE-2024-39688,0,0,f9a109f744d8d9750bb28db20ceb187800f9a3cef74608c8a11095841eb71e45,2024-09-11T15:41:17.747000 -CVE-2024-39689,0,0,86295f6760848f0b510226e65028fed1b62502a931685ba6acf948103d5d29cb,2024-07-08T15:49:22.437000 +CVE-2024-39689,0,1,6cdb0b20090f6a1a80c8489afda351a145d9dfa546705147a5a30aa3e60a316f,2024-12-06T14:15:20.550000 CVE-2024-3969,0,0,017089a8e0e25cc18c41dde22c453ecf92ec4c4a53bf3304535dbfbcbb40fc3d,2024-05-28T17:11:55.903000 CVE-2024-39690,0,0,548c1a8a7761f7a2711f05cc07ec0b531924c96fc05350235330c19432d9ad9a,2024-08-21T16:01:47.157000 CVE-2024-39691,0,0,5b1b13e200d826d3f40f75a75371b183af197da1146b1c1721e666feddcea9c6,2024-07-08T15:49:22.437000 @@ -263982,6 +263991,7 @@ CVE-2024-46326,0,0,f0578270eab46bab4492a6b2c704cfe94c3e0445c11c1280b1ace56f9af50 CVE-2024-46327,0,0,d444c66c2d1131cacb5a6cc939ae8062aae08f60f0b531cdd6bc43039126a6e8,2024-09-30T12:46:20.237000 CVE-2024-46328,0,0,150e1d7b5fcc22f852cb919b13410447bdf1e8cb19cb878b6bbbd7be01f4269b,2024-09-30T12:46:20.237000 CVE-2024-46329,0,0,8c93b211ce727ef89bff0e17a07fc114c301812ff446c3d9b747d9a6ed124748,2024-09-30T12:46:20.237000 +CVE-2024-4633,1,1,4cdf78648e543caf341f3fdf9533a66b1614accc7a76cc1fe5624943f4beb066,2024-12-06T14:15:20.790000 CVE-2024-46330,0,0,694a83d49b52528846704b8ab10d96522c40f75c60f0196ff365133296a0aac0,2024-09-30T12:46:20.237000 CVE-2024-46331,0,0,bc972d3ed92383a2cca8ac982c2c605e5d48eb080cd2e18eef8c2744ad28678e,2024-09-30T12:45:57.823000 CVE-2024-46333,0,0,353a1745548fb23b6f535da18db20a292a6e09d70b0bb02da74b22f7aa66ca4f,2024-09-30T12:45:57.823000 @@ -264597,10 +264607,10 @@ CVE-2024-4723,0,0,7af98ecd367a90ef8c416c400db7bb1bdf630fc1c111a3c8e6b7b48b9bb15b CVE-2024-4724,0,0,1e35a8d6fb4d3f11b5f0d2a27ec10d126d5383267b650c161b24f017393ebb63,2024-06-04T19:20:47.830000 CVE-2024-47240,0,0,831fca78a2032785727b73be16136073448f60052857b8463d392806d75f9e1e,2024-10-22T15:28:55.637000 CVE-2024-47241,0,0,58a524562b790b246361050e626ab15f35dfe376489ed5527ca425e0e170e59e,2024-10-21T17:10:22.857000 -CVE-2024-47248,0,1,92bcb60e07bcda7a3eb684d7bd0a6d91a70e7169e246c3b381697bbd80864f53,2024-12-06T11:15:08.180000 -CVE-2024-47249,0,1,a7f699a14cd340d6204f2853f013a69adb50d4dad2f1f815c8aefd4039d99e87,2024-12-06T11:15:08.340000 +CVE-2024-47248,0,0,92bcb60e07bcda7a3eb684d7bd0a6d91a70e7169e246c3b381697bbd80864f53,2024-12-06T11:15:08.180000 +CVE-2024-47249,0,0,a7f699a14cd340d6204f2853f013a69adb50d4dad2f1f815c8aefd4039d99e87,2024-12-06T11:15:08.340000 CVE-2024-4725,0,0,038fe38ac4531e61bf3177f0fb7b7333acb4571c75548945a25c993c1898f93c,2024-06-04T19:20:47.930000 -CVE-2024-47250,0,1,11c644dbe63a41f5d721b32a69341c30ccc7630321c43481390341a1ac6587de,2024-12-06T11:15:08.493000 +CVE-2024-47250,0,0,11c644dbe63a41f5d721b32a69341c30ccc7630321c43481390341a1ac6587de,2024-12-06T11:15:08.493000 CVE-2024-47253,0,0,0c81facaa1aa1f7ae0b0e27b1673e803ebaeec77aef71a1827f37f9dbd7dbd49,2024-11-07T12:15:24.630000 CVE-2024-47254,0,0,81bb7fbcf9de24b32604c709597f53a5bfd5dadb66fc238800b57d25b4c1a55f,2024-11-07T12:15:24.747000 CVE-2024-47255,0,0,4e4181b499a17b720343878ad776ef93b384b10f1546c28d389a3c7b495a0310,2024-11-07T12:15:24.857000 @@ -265935,7 +265945,7 @@ CVE-2024-4957,0,0,e3bb8e47c8dfba146bed7647eff25fc6cc8427bb0bd54429262b4324d627ab CVE-2024-49574,0,0,b617967e93da689f445f38134ba47043080cbdf46d6acc332d4ced620bedb693,2024-11-20T16:32:37.770000 CVE-2024-49579,0,0,0f0dd66a3db0fe299ae55b9b0e6c22f11c400dc3ee27d05103041b63e67e9d3e,2024-11-14T19:24:45.603000 CVE-2024-4958,0,0,15591ba73d7708bbd560fadc0281274b5c7c2c12545797826fbf6e13e1222639,2024-06-03T14:46:24.250000 -CVE-2024-49580,0,0,89085af96d96dbfcdc87aa1d40157bd1a1b8615e2e8f40b207dbbe916ae159de,2024-11-14T19:25:47.433000 +CVE-2024-49580,0,1,3616bf5be4f69eda17b61f84b4b764987072fb4d926e0d601ddb18e72d10c716,2024-12-06T14:15:20.670000 CVE-2024-49581,0,0,88736c9a5c653b012c32f21980d87b41c363ec40ca6fbdff7f49248d090d1060,2024-12-02T21:15:10.830000 CVE-2024-4959,0,0,862ee7700763d202e5d5dada80050e48cca3b83d56a63673f2017bcf5adb7503,2024-07-03T02:08:22.750000 CVE-2024-49592,0,0,2c7b7fb1be7fc5fd754e82efd0fe5851f47e43e4cc7b8ec1fd6fcc2811eb81ce,2024-11-27T17:15:12.093000 @@ -267233,7 +267243,7 @@ CVE-2024-51565,0,0,a7ddfdb609c02584d7a89c3915e0de70c86be13e9f8ef270589ef24614c5e CVE-2024-51566,0,0,1fd52d54ba2a2afa1bd706d74deb2afeee5b314d5e4c8525c97ce6b09c31f06c,2024-11-26T21:15:08.313000 CVE-2024-51567,0,0,9629c1871377d5b3a8fc7e24f37cf5fff8c7d9ecc5af9890fa03e865aa78aead,2024-11-08T21:14:28.807000 CVE-2024-51568,0,0,ef96c64ab696ce1dd0f4d9f421838b3895b55219506da5bc264e22e1b5e0e5b2,2024-11-01T12:57:03.417000 -CVE-2024-51569,0,1,97749bc3cd1412bd3be900ea07d859b63213ae6788fb52624c50c42ebb16167b,2024-12-06T11:15:08.630000 +CVE-2024-51569,0,0,97749bc3cd1412bd3be900ea07d859b63213ae6788fb52624c50c42ebb16167b,2024-12-06T11:15:08.630000 CVE-2024-5157,0,0,24d31b037c5fbef35f77d9be746cd537f78e6f1e98b9c21955d97a62fe59949f,2024-07-03T02:08:34.407000 CVE-2024-51570,0,0,c32b58de950118e1e049594e92f53929812b854ff223f3930e4209ac944b600a,2024-11-12T13:56:24.513000 CVE-2024-51571,0,0,3fd77a33a50e24f063546fc706f0cc6af0599e1b1745ad0ad52f8eaeb4035ce4,2024-11-12T13:55:21.227000 @@ -267283,6 +267293,7 @@ CVE-2024-51611,0,0,df71ebdad6b83784c059a213dbfeff0cd4ad4cfa07621a54c78ae28de90b1 CVE-2024-51612,0,0,68d292e6c4edc9ad2cb6a4f4df85c4beb58f5e75eb303880d4a399c88b63d1b7,2024-11-12T13:56:24.513000 CVE-2024-51613,0,0,e5e09d28c859e2362905d8484d126a9fa39bc52028d1cd16464bb2210975b217,2024-11-12T13:56:24.513000 CVE-2024-51614,0,0,63cdeacb54d19dcfb54e02c8657a90ad9ae3a114b299bd21c1e05a1c274f1760,2024-11-12T13:56:24.513000 +CVE-2024-51615,1,1,d07f30ae525e81e9f0733501e7991ac5a1ac5929f4aa56a94b2df07e9d38bc67,2024-12-06T14:15:20.947000 CVE-2024-51616,0,0,cf636cc1f193b36cff5e148daead26866a401c0d74193e3062126d3d950e7af4,2024-11-12T13:56:24.513000 CVE-2024-51617,0,0,77bcf6eaa59f43ef29c696ce11e1295c75665e465750d9d86097f5cfce97c9ed,2024-11-19T21:57:32.967000 CVE-2024-51618,0,0,a14f9a40a8de2c9a06120521248f457bd75487776ac5e30c5360bbecd2f15681,2024-11-12T13:56:24.513000 @@ -267470,6 +267481,7 @@ CVE-2024-51811,0,0,c3aeb720a545e51755d532198c2abdc83efba780e137ef31bb72259e442a2 CVE-2024-51812,0,0,02f43140d289864be158795111468c5df6a7496f2148e1822f8482211ec782b2,2024-11-19T21:57:32.967000 CVE-2024-51813,0,0,881717fa3ecd7ac7d0617f645bf9efe6c17eaa1fcf36e99fe920e6653b9955d9,2024-11-19T21:57:32.967000 CVE-2024-51814,0,0,dbff728a4bb725cd61a55f9b86a3b2cfa71283c788fbc8b18818e13bf895164f,2024-11-20T15:15:09.277000 +CVE-2024-51815,1,1,b6dbcbda46ce5d90f05b2d275f1b5c9908a44d2bc21f9e8c13ebc2a188bd4b34,2024-12-06T14:15:21.093000 CVE-2024-51816,0,0,8fc70476a3889656ef33f9afbdbb737c9f6e4b707f3dcc28c9ce574c6061d052,2024-11-19T21:57:32.967000 CVE-2024-51817,0,0,20f680e52bd4285719fadbc157e923760b56af7bafeb285f28103b1939afa9d0,2024-11-19T21:57:32.967000 CVE-2024-51819,0,0,bec0915328d873462a4ad31df1c7c2e51d312796bf4ba393de43d362e9dec6da,2024-11-19T21:57:32.967000 @@ -267720,6 +267732,7 @@ CVE-2024-52318,0,0,2bba437e59239c6e36ab9227be3e173d0f3c7cc38d614e024ac840e507a6b CVE-2024-5232,0,0,8d68905f3b69b3dadb32694d2c73f30dc32ad3c794d56bacf5b1c8bfed3d3bb6,2024-06-04T19:21:02.890000 CVE-2024-52323,0,0,4140a8efee2487f8a0ab9781f1095192b3a647c23a2a9eaba3cf214b9a3b68db,2024-11-27T15:15:26.377000 CVE-2024-5233,0,0,d230ff373762a089849cb791769c151d4d1eb1a364270894bffa0dbac945e679,2024-06-04T19:21:02.993000 +CVE-2024-52335,1,1,67cb6fd051960e0d43068da517ea954ddbbef4d3acfef3df39a8dfefdedc4271,2024-12-06T14:15:21.230000 CVE-2024-52336,0,0,dd607d54a19f06d9586ad47f8dcb31a3a661a8cc06227fd4e6ebe7bf5d6da0a8,2024-12-05T14:15:21.663000 CVE-2024-52337,0,0,9656de207aa30a2d131aa04cba5e006cf8cd5efaccbbfa03406364f930f0e487,2024-12-02T08:15:07.793000 CVE-2024-52338,0,0,9bcca0f5584def2789a1613da17d1dfa11f003cf9877e634fced8f070cd4a571,2024-11-29T15:15:17.550000 @@ -267920,7 +267933,7 @@ CVE-2024-5253,0,0,73f9562f224a9a11b8b8279a7bf00d920003fa046cb7c88a3a55caf281adab CVE-2024-52530,0,0,9accb3b51708da4056e1b2d60bf748a8c8f27363e68e7120159317514b4fed53,2024-11-12T19:35:14.927000 CVE-2024-52531,0,0,4a9a627b31c610f608576c39893b61b41c0efeb9f9d97b523937261d20004d52,2024-11-12T19:35:15.807000 CVE-2024-52532,0,0,82ab4898c82b79d45f58347a35d13014aa77e1fd942e3edcc771ee91b2c6c3ad,2024-11-12T19:35:16.970000 -CVE-2024-52533,0,0,586390a868afdd1378ad560eae2002ee4f7e9b9edb1cd1a36b6cd6c49ba102a3,2024-11-23T21:15:15.090000 +CVE-2024-52533,0,1,1eb71d89b0eb5dd4c4750374cbcae2f7fe6179355aa90c3882a1d10864ff06bd,2024-12-06T14:15:21.400000 CVE-2024-5254,0,0,78882d871be0a19bc95888168cf12372f503de77ac359f287536c8f062c38532,2024-07-19T15:32:05.560000 CVE-2024-52544,0,0,dc4f2bf9ed92fd5a9a3d26c46def7b10fe91ddfaad84031aa1a9b721cb5f1e3d,2024-12-03T21:15:07.390000 CVE-2024-52545,0,0,f159917a3165decd746abc05c415f20d4b4f8722e3e1ee2a30ac7f07512f801f,2024-12-03T21:15:07.490000 @@ -268392,9 +268405,35 @@ CVE-2024-53789,0,0,0cd2c8e734d87f5ff29c7519080e96932e6ae611e3be8577ab3c11bfb215e CVE-2024-5379,0,0,f1dd25a1f48845d51cd2d3d553915019ba63e0d50a7cb63638140d83426dbbeb,2024-06-04T19:21:07.600000 CVE-2024-53792,0,0,f009c6ce656203f8698667a7a8b6410f02ab5bb9d11f62134a5b95054d5b3de6,2024-12-02T14:15:19.460000 CVE-2024-53793,0,0,f5cb19ad8d226899765c0a6b6688756efabf7b6fa8f4dcbaf2d25a5eff86f1d9,2024-12-02T14:15:19.587000 +CVE-2024-53794,1,1,de4129c472d4b0c18aebf717223a3b07a6c1966e196572988d226d33aa7d7c9c,2024-12-06T14:15:21.567000 +CVE-2024-53795,1,1,197dde02b926b2da2d02917dbbaecd3adc7034cf70183bc1513051a92058549e,2024-12-06T14:15:21.737000 +CVE-2024-53796,1,1,3940b9aec5f8eb8d096778a0ca386d0abf80c6d5c20801a9e51de8f324bbc6ea,2024-12-06T14:15:21.910000 +CVE-2024-53797,1,1,1ef85d2754c881c38d7db701645316297e3b39c75001dc7074af0b3581a9f9a4,2024-12-06T14:15:22.040000 +CVE-2024-53799,1,1,9bdd5c6f0d17386ab439b7d4bda2bf946de53ddc1565a72c71d408bbc8cb5996,2024-12-06T14:15:22.170000 CVE-2024-5380,0,0,1a43ccdfd322bdb041c1bd02966c3ff303ab6a44cb8598c469f347dceefe258b,2024-06-04T19:21:07.720000 +CVE-2024-53801,1,1,b8493c5da7e4969312ab16bcb21ccef974bb339cb3975e9d70844ec730654afd,2024-12-06T14:15:22.303000 +CVE-2024-53802,1,1,aba4ed3898da55589f3b3b8259659297c5838bfeffb954a35b59f1b358351de6,2024-12-06T14:15:22.430000 +CVE-2024-53803,1,1,c0a16547241af65798237bea0711bc366a91bd94e50f83aba7ed92431e7697b0,2024-12-06T14:15:22.567000 +CVE-2024-53804,1,1,54837bb70428b7b5ca62b4bd833be242d2493d23c8dbc785bb8bc92f7ce6b92c,2024-12-06T14:15:22.697000 +CVE-2024-53805,1,1,d3a33e10ef48aee284a437850ee40599174dc0a827fd44cf08bdbb9acef86bd2,2024-12-06T14:15:22.823000 +CVE-2024-53806,1,1,eabc8fb7be2cc6c9d1b7bd1c1ef86ac0f148b0e41ffd2914cedd784a68066fb5,2024-12-06T14:15:22.967000 +CVE-2024-53807,1,1,4cb44800edab87606c3c808cd297c506422c8d2d7f227b4f4ba235a47c0835f1,2024-12-06T14:15:23.103000 +CVE-2024-53808,1,1,50a8b68f2b4052d83f1af1f99c0f41ad5c4b5198b07a27b8def0a107612c2b73,2024-12-06T14:15:23.233000 +CVE-2024-53809,1,1,4a7fe55f5f075560e87fceb070c7aa32a6768776c3713302e394849224fe9141,2024-12-06T14:15:23.370000 CVE-2024-5381,0,0,e60d0bf720c06b0401aa74a4fcd990afc31874a89cad5638c50edeb5ec515420,2024-06-04T19:21:07.820000 +CVE-2024-53810,1,1,110f922493c1522908dd102d47187bf218195f08ecad5a193d8f167e9d2ac665,2024-12-06T14:15:23.500000 +CVE-2024-53811,1,1,844f029398f5d92d55e156dfe21810da51db12804d733ca861f862523816217a,2024-12-06T14:15:23.657000 +CVE-2024-53812,1,1,b3504ef9ad392f9b7a2f2ab19940e26f3dfa93b535ffee4d93b26b563b69a4ac,2024-12-06T14:15:23.810000 +CVE-2024-53813,1,1,244a6535378524e2ff584fe5541298fa9c89ab738dbafd79cf5c8601c6943dc5,2024-12-06T14:15:23.947000 +CVE-2024-53815,1,1,6e5efebdc63b43d839005cb59df4ade0e6773841fa541aaf1a9abdfdb5ddac75,2024-12-06T14:15:24.083000 +CVE-2024-53817,1,1,96bb48c0166e589bbeca975b95f628a186c352e3c0e603fbcf1428355ceae865,2024-12-06T14:15:24.217000 CVE-2024-5382,0,0,89de52ac46497e2894cab1bab1dd4b0e93975c2cd2d4911a68fe0b848c20cc76,2024-06-11T18:27:00.427000 +CVE-2024-53820,1,1,8b9cc45352ae33c8291ea20192bb5c333426151aa7fee21c72522cb15feb811c,2024-12-06T14:15:24.360000 +CVE-2024-53821,1,1,792a507641fa360dafbc8e4c4c28bb769ff57668bbc0d7c484e269b74f713bd7,2024-12-06T14:15:24.497000 +CVE-2024-53823,1,1,0882c95e9e54ea387f4e94129da2452bec1445de5ad272b72ac6b7fdbd8fb723,2024-12-06T14:15:24.653000 +CVE-2024-53824,1,1,a77f443a4dd9d80a9b3d51aa886347579cbbb6e6ef128a1c434f4452eded537a,2024-12-06T14:15:24.800000 +CVE-2024-53825,1,1,a935473ac9480ea7a4ce7e03aa3b09420e04eb2d14d6df25b05c05b7ca30b9d4,2024-12-06T14:15:24.937000 +CVE-2024-53826,1,1,53622564734baebe585de44d081da958070c44c12dbe2f7d313c4ef412c76635,2024-12-06T14:15:25.077000 CVE-2024-5383,0,0,d150bf26fb35d2a14ee1eb4bf942c0bdbcc9199cee0de8b154db204bf6e2357b,2024-06-20T20:15:20.457000 CVE-2024-5384,0,0,73e6d40ec5d3477f7ae6e5e9fbabb11a01cb879f05dde3e0d9f2c2760497516c,2024-06-04T19:21:07.913000 CVE-2024-53843,0,0,fb790ea92e56bce04d8543f109eb747d943f316d3eeab0b48f576ddbb2ed9eb5,2024-11-26T00:15:07.430000 @@ -268422,8 +268461,8 @@ CVE-2024-53899,0,0,ca94e39391001349829a2f872ca5d1d0c6ef0f2f07a2a901a4f8c2f87ada2 CVE-2024-5390,0,0,577e03013c579fd5ea5c07b95a092cd4d32be3fa4130d25da9e61ffe468007ab,2024-06-04T19:21:08.020000 CVE-2024-53900,0,0,0f97d412cd34f05b1034ca5cdea562aa28c01c093581f7334d64c64b3b6f83bb,2024-12-04T04:15:04.573000 CVE-2024-53901,0,0,52cbcc170c451b305e90c5f0e2a88558d86a9bc5446c93579e76a9aa43a0081d,2024-11-26T19:52:01.653000 -CVE-2024-53907,1,1,962cc7878123310731233fe4e866e8b82aa91ffc46cf7ad305067594376d40c3,2024-12-06T12:15:17.730000 -CVE-2024-53908,1,1,f47c460fed802133c8321dffc2075e166f59a97fc72832548075843311ea9b97,2024-12-06T12:15:18.583000 +CVE-2024-53907,0,0,962cc7878123310731233fe4e866e8b82aa91ffc46cf7ad305067594376d40c3,2024-12-06T12:15:17.730000 +CVE-2024-53908,0,0,f47c460fed802133c8321dffc2075e166f59a97fc72832548075843311ea9b97,2024-12-06T12:15:18.583000 CVE-2024-53909,0,0,f496b480d61110aca5ba4afaa8506ac48e157eddeacabdc9f46723c429d54992,2024-11-29T20:54:47.700000 CVE-2024-5391,0,0,a7c29f93c1b76aed47351138468a6c5b251b9f9a4ad39cf688118719a36ed1c7,2024-06-07T20:15:12.687000 CVE-2024-53910,0,0,b42cc0f8352ffa3f12c2a867329f0f66efd78292ca02cc30bc8a41459e9297ac,2024-11-29T20:54:55.080000 @@ -268509,7 +268548,18 @@ CVE-2024-5417,0,0,7aeebeb967db19ec82014e996b2aa573677c8d8d73e22110a17d0cf5ea6772 CVE-2024-5418,0,0,a687af8fa8fe7200b6255f9fba7bdce69460001467d8b2873093024e735e15d4,2024-05-31T13:01:46.727000 CVE-2024-5419,0,0,0d1c725f53c48278ea7823202c4adf24cf8a04c4aff5d8363f101c1d9f2798db,2024-07-03T15:43:09.450000 CVE-2024-5420,0,0,3867de6c80eaebb04ae4def03e9baadba6a4785f9b7d05c922afac144ffa3470,2024-06-10T18:15:38.367000 +CVE-2024-54205,1,1,ab4a813251a431eef4b691df34351928c648fb61652f1d094b5af65c4a956a0d,2024-12-06T14:15:25.220000 +CVE-2024-54206,1,1,d63be3e6d6e9f23f822343d5cd6ad1b64f490230e61d57b5eab9ded76a5db72a,2024-12-06T14:15:25.357000 +CVE-2024-54207,1,1,d5152b9fcb63a366e8a14d2739503e79ba236baf5f2d3b9088bf067aa941c2d2,2024-12-06T14:15:25.490000 +CVE-2024-54208,1,1,f63513bc41e5634ef29455e397a27ff6a4d88a9f63ef32cf266d3985031ad6e8,2024-12-06T14:15:25.650000 +CVE-2024-54209,1,1,40242acecc3dbb35e1841b4fa7616426284dcf2b4061bd9417ed2a87eaeb7132,2024-12-06T14:15:25.790000 CVE-2024-5421,0,0,687f3a5898a97c7e4a575e3431d3fe4a696cee8599b8881eabbed4fc7122e815,2024-06-10T18:15:38.447000 +CVE-2024-54210,1,1,f4f44d3701fa2c6fcf1fb1113c2c566f9155fa87b9bc77146f80549babfae591,2024-12-06T14:15:25.940000 +CVE-2024-54211,1,1,f866d1158577c70f45f842f22608c81b9da82d9a18e2293d3b6464146e40e26e,2024-12-06T14:15:26.093000 +CVE-2024-54212,1,1,292626600c7dae2b694bfd536bb8292fb4759fb620deaa0072a7fc74ad2c8c47,2024-12-06T14:15:26.223000 +CVE-2024-54213,1,1,7c355a6808801514e249faf953226ca9a5caba2aefb006a99b068e6277c1b58e,2024-12-06T14:15:26.373000 +CVE-2024-54214,1,1,80eae0d962e49e100b3ac477e8c5b2cfe4d285b84af9e52ac5d37a9007fa6940,2024-12-06T14:15:26.507000 +CVE-2024-54216,1,1,b62aa2dfa0260d35b7a24603d0b2a7e7ab63f3ee82818bd636894d8d89128c10,2024-12-06T14:15:26.633000 CVE-2024-5422,0,0,a7ac042f03539b57f700d43aa5929a4431fad7f2a64327cabdefb452ddb8c884,2024-06-10T18:15:38.520000 CVE-2024-54221,0,0,2d54c3720cb1b4520ade85573de8a9c71ac793b9986236bbad8e6d309beb5464,2024-12-05T00:15:19.200000 CVE-2024-5423,0,0,c0eb8661372608209ca31873262040c83e56e01f96081eb3f127055f8501110c,2024-08-29T15:41:13.247000 @@ -272039,7 +272089,7 @@ CVE-2024-9628,0,0,61a27472b9da741357728e2747c61581a42641370f854cfe14defa2dd6861d CVE-2024-9629,0,0,31c72e7d62d8dbf8ba1681676a61a2f04680ade1749c367b775242f4864b6d17,2024-10-29T14:34:50.257000 CVE-2024-9630,0,0,95cf42fc9d833aab63558caaeb38c94fd9570f2d1a1e45300ec7feb07db9cd04,2024-10-25T12:56:07.750000 CVE-2024-9632,0,0,c06a5ac998e148649dc6c5dee5c57116c25a0e87e4991e75c7be58f6925baae3,2024-11-13T20:15:17.487000 -CVE-2024-9633,0,1,5fde387dca0cdb92478ea9771613f1a40acbf1ba66e1a7a30b789fc8c50dd387,2024-12-06T11:15:08.783000 +CVE-2024-9633,0,0,5fde387dca0cdb92478ea9771613f1a40acbf1ba66e1a7a30b789fc8c50dd387,2024-12-06T11:15:08.783000 CVE-2024-9634,0,0,d64c376a2cd176bba19f7a8121026bf8ac88c7cb95243ab4e56bfc5d5fa1c1d3,2024-10-16T16:38:14.557000 CVE-2024-9635,0,0,057bf1a09c4312cba9e84d78870d78055a3c94a0147361b84910cfe32249aff9,2024-11-23T07:15:05.027000 CVE-2024-9637,0,0,bfd23401e1c5bf70ae99ee491fd04ce8ab223b8247ed87e78ca84ed9446a1b72,2024-10-28T13:58:09.230000