admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-12-04T15:02:14.826318+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-12-04 15:05:26 +00:00
parent aa0bf66251
commit 185d44b52f
30 changed files with 1669 additions and 182 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
CVE-2023/CVE-2023-407xx/CVE-2023-40735.json
View File

@ -2,43 +2,25 @@
"id": "CVE-2023-40735",
"sourceIdentifier": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"published": "2023-08-21T12:15:09.410",
"lastModified": "2024-11-06T09:15:03.710",
"lastModified": "2024-12-04T13:15:05.183",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.\nThis issue affects BUTTERFLY BUTTON: As of 2023-08-21."
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cavo \u2013 Connecting for a Safer World BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -46,9 +28,27 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
@ -56,16 +56,6 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"type": "Secondary",
@ -76,6 +66,16 @@
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -129,6 +129,30 @@
{
"url": "https://www.vulsec.org/advisories",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://butterfly-button.web.app/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/TheButterflyButton",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/TheButterflySDK",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://github.com/VULSecLabs/Vulnerabilities/blob/main/CVE/CVE-2023-40735.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.butterfly-button.com/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.vulsec.org/advisories",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

68
CVE-2024/CVE-2024-119xx/CVE-2024-11935.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-11935",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-12-04T13:15:05.910",
"lastModified": "2024-12-04T13:15:05.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Email Address Obfuscation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018class\u2019 parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/email-address-obfuscation/trunk/email-address-obfuscation.php#L38",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3201993/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/email-address-obfuscation/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b777b19-ca0a-4082-80ee-e18a31ba6308?source=cve",
"source": "security@wordfence.com"
}
]
}

141
CVE-2024/CVE-2024-121xx/CVE-2024-12138.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-12138",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-12-04T14:15:19.413",
"lastModified": "2024-12-04T14:15:19.413",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in horilla up to 1.2.1. This vulnerability affects the function request_new/get_employee_shift/create_reimbursement/key_result_current_value_update/create_meetings/create_skills. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://github.com/Sp1d3rL1/horilla-RCE",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.286858",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.286858",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.451515",
"source": "cna@vuldb.com"
}
]
}

66
CVE-2024/CVE-2024-302xx/CVE-2024-30271.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30271",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-04-11T18:15:07.090",
"lastModified": "2024-04-12T12:44:04.930",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-04T14:57:13.823",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,10 +19,12 @@
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -30,9 +32,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
@ -51,10 +51,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "27.9.3",
"matchCriteriaId": "2A0871B0-F1D1-4D40-BE38-DED746FE6E07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "28.0",
"versionEndExcluding": "28.4",
"matchCriteriaId": "43945D11-D6D0-455F-9E3B-0742DEDD0084"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-25.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-25.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-302xx/CVE-2024-30272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30272",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-04-11T18:15:07.307",
"lastModified": "2024-04-12T12:44:04.930",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-04T14:45:39.650",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -19,10 +19,12 @@
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -30,9 +32,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,10 +51,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "27.9.3",
"matchCriteriaId": "2A0871B0-F1D1-4D40-BE38-DED746FE6E07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "28.0",
"versionEndExcluding": "28.4",
"matchCriteriaId": "43945D11-D6D0-455F-9E3B-0742DEDD0084"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-25.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-25.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2024/CVE-2024-302xx/CVE-2024-30273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-30273",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-04-11T18:15:07.510",
"lastModified": "2024-04-12T12:44:04.930",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-12-04T14:35:16.303",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -23,6 +23,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -30,9 +32,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
@ -42,19 +42,81 @@
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "27.9.3",
"matchCriteriaId": "2A0871B0-F1D1-4D40-BE38-DED746FE6E07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "28.0",
"versionEndExcluding": "28.4",
"matchCriteriaId": "43945D11-D6D0-455F-9E3B-0742DEDD0084"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-25.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-25.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-514xx/CVE-2024-51465.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-51465",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-12-04T14:15:20.223",
"lastModified": "2024-12-04T14:15:20.223",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM App Connect Enterprise Certified Container 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, and 12.3\u00a0could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7177814",
"source": "psirt@us.ibm.com"
}
]
}

18
CVE-2024/CVE-2024-522xx/CVE-2024-52277.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-52277",
"sourceIdentifier": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe",
"published": "2024-12-04T11:30:51.107",
"lastModified": "2024-12-04T12:15:19.657",
"lastModified": "2024-12-04T13:15:06.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSeal allows Content Spoofing.This issue affects DocuSeal: through 1.8.1, >1.8.1."
},
{
"lang": "es",
"value": "** LANZAMIENTO LIMITADO INICIAL ** La vulnerabilidad de tergiversaci\u00f3n de informaci\u00f3n cr\u00edtica en la interfaz de usuario (IU) en [WITHHELD] permite la suplantaci\u00f3n de contenido. Este problema afecta a [WITHHELD]: hasta [WITHHELD]."
}
],
"metrics": {
@ -70,6 +74,18 @@
}
],
"references": [
{
"url": "https://docuseal.com/",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://docuseal.eu/",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://github.com/docusealco/docuseal",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"
},
{
"url": "https://www.vulsec.org/advisories",
"source": "2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"

25
CVE-2024/CVE-2024-531xx/CVE-2024-53125.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-53125",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-12-04T14:15:20.460",
"lastModified": "2024-12-04T14:15:20.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 &= 0x7fffffff after verifier r0 &= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 < 10 goto +0 --------------> r11 = 0x2f5674a6 (r)\n 4: r1 >>= 32 r11 <<= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 < 0xa goto pc+0\n r1 >>= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5)."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/e2ef0f317a52e678fe8fa84b94d6a15b466d6ff0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e9bd9c498cb0f5843996dbe5cbce7a1836a83c70",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

56
CVE-2024/CVE-2024-74xx/CVE-2024-7488.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-7488",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-12-04T14:15:21.000",
"lastModified": "2024-12-04T14:15:21.000",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks.This issue affects Online Ordering System: through 04.12.2024.\n\n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1877",
"source": "iletisim@usom.gov.tr"
}
]
}

61
CVE-2024/CVE-2024-88xx/CVE-2024-8812.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8812",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:19.333",
"lastModified": "2024-11-22T21:15:19.333",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:56:07.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24207."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24207."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,7 +64,7 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1235/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2024/CVE-2024-88xx/CVE-2024-8813.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8813",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:19.473",
"lastModified": "2024-11-22T21:15:19.473",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:56:03.620",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24208."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24208."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,7 +64,7 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1236/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2024/CVE-2024-88xx/CVE-2024-8814.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8814",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:19.590",
"lastModified": "2024-11-22T21:15:19.590",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:55:59.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24209."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24209."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,7 +64,7 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1237/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

71
CVE-2024/CVE-2024-88xx/CVE-2024-8815.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8815",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:19.697",
"lastModified": "2024-11-22T21:15:19.697",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:55:55.787",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24210."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por corrupci\u00f3n de memoria en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una condici\u00f3n de corrupci\u00f3n de memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24210."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,19 +64,55 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1238/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2024/CVE-2024-88xx/CVE-2024-8816.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8816",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:19.803",
"lastModified": "2024-11-22T21:15:19.803",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:55:51.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24211."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de Use-After-Free del an\u00e1lisis de archivos U3D en PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones en el objeto. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24211."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1239/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2024/CVE-2024-88xx/CVE-2024-8817.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8817",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:19.917",
"lastModified": "2024-11-22T21:15:19.917",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:55:21.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24212."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24212."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,7 +64,7 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1240/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2024/CVE-2024-88xx/CVE-2024-8818.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8818",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:20.027",
"lastModified": "2024-11-22T21:15:20.027",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:55:10.590",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24213."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo despu\u00e9s de la liberaci\u00f3n del an\u00e1lisis de archivos U3D en PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones en el objeto. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24213."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,7 +64,7 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1241/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2024/CVE-2024-88xx/CVE-2024-8819.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8819",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:20.133",
"lastModified": "2024-11-22T21:15:20.133",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:50:28.667",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24214."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24214."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1242/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2024/CVE-2024-88xx/CVE-2024-8820.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8820",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:20.243",
"lastModified": "2024-11-22T21:15:20.243",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:49:53.280",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24215."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24215."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1243/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2024/CVE-2024-88xx/CVE-2024-8821.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8821",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:20.357",
"lastModified": "2024-11-22T21:15:20.357",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:48:52.033",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24216."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de Use-After-Free del an\u00e1lisis de archivos U3D en PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de validaci\u00f3n de la existencia de un objeto antes de realizar operaciones en el objeto. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24216."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1244/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

58
CVE-2024/CVE-2024-88xx/CVE-2024-8822.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8822",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:20.470",
"lastModified": "2024-11-22T21:15:20.470",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:47:30.647",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24217."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos U3D. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24217."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1245/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-88xx/CVE-2024-8823.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8823",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:20.583",
"lastModified": "2024-11-22T21:15:20.583",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:45:59.687",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24261."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos JB2 de PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos JB2. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24261."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1246/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-88xx/CVE-2024-8824.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8824",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:20.697",
"lastModified": "2024-11-22T21:15:20.697",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:44:31.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24262."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos JB2 de PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos JB2. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24262."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1247/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-88xx/CVE-2024-8839.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8839",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:22.427",
"lastModified": "2024-11-22T21:15:22.427",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:43:09.680",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24419."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos JB2 de PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos JB2. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24419."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1262/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-88xx/CVE-2024-8840.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8840",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:22.537",
"lastModified": "2024-11-22T21:15:22.537",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:42:12.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-24420."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto en el an\u00e1lisis de archivos JB2 del editor PDF-XChange que no se encuentra dentro de los l\u00edmites de lectura. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos JB2. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. . Era ZDI-CAN-24420."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,7 +64,7 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +73,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1263/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-88xx/CVE-2024-8841.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8841",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:22.657",
"lastModified": "2024-11-22T21:15:22.657",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:41:07.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24432."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PDF del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24432."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -46,10 +73,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "C93EFAC4-4B02-41B1-A788-0A7FC98CD499"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386:*:*:*:*:*:*:*",
"matchCriteriaId": "207FF12C-548C-425F-9474-61148DBE69C2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1264/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-88xx/CVE-2024-8842.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2024-8842",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-11-22T21:15:22.770",
"lastModified": "2024-11-22T21:15:22.770",
"vulnStatus": "Received",
"lastModified": "2024-12-04T14:38:40.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24481."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en variables no inicializadas al analizar archivos RTF en PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos RTF. El problema es el resultado de la falta de inicializaci\u00f3n adecuada de la memoria antes de acceder a ella. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-24481."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -37,19 +64,58 @@
"weaknesses": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-457"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3.0.386",
"versionEndExcluding": "10.4.0.388",
"matchCriteriaId": "CCBDE41C-2363-4E7E-9F00-4401DF124C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3.0.386",
"versionEndExcluding": "10.4.0.388",
"matchCriteriaId": "A461E260-0A49-4131-86AB-6E3754F00630"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1265/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-89xx/CVE-2024-8962.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "The WPBITS Addons For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
},
{
"lang": "es",
"value": " El complemento WPBITS Addons For Elementor Page Builder para WordPress es vulnerable a Cross Site Scripting almacenado a trav\u00e9s de cargas de archivos SVG en todas las versiones hasta la 1.5.2 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de autor y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG."
}
],
"metrics": {

58
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-12-04T13:02:21.060028+00:00
2024-12-04T15:02:14.826318+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-12-04T12:15:20.913000+00:00
2024-12-04T14:57:13.823000+00:00
```
### Last Data Feed Release
@ -33,39 +33,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
272096
272101
```
### CVEs added in the last Commit
Recently added CVEs: `19`
Recently added CVEs: `5`
- [CVE-2024-10576](CVE-2024/CVE-2024-105xx/CVE-2024-10576.json) (`2024-12-04T12:15:18.463`)
- [CVE-2024-11854](CVE-2024/CVE-2024-118xx/CVE-2024-11854.json) (`2024-12-04T12:15:19.250`)
- [CVE-2024-12107](CVE-2024/CVE-2024-121xx/CVE-2024-12107.json) (`2024-12-04T11:15:05.000`)
- [CVE-2024-52269](CVE-2024/CVE-2024-522xx/CVE-2024-52269.json) (`2024-12-04T12:15:19.500`)
- [CVE-2024-52272](CVE-2024/CVE-2024-522xx/CVE-2024-52272.json) (`2024-12-04T11:30:50.170`)
- [CVE-2024-52273](CVE-2024/CVE-2024-522xx/CVE-2024-52273.json) (`2024-12-04T11:30:50.593`)
- [CVE-2024-52274](CVE-2024/CVE-2024-522xx/CVE-2024-52274.json) (`2024-12-04T11:30:50.713`)
- [CVE-2024-52275](CVE-2024/CVE-2024-522xx/CVE-2024-52275.json) (`2024-12-04T11:30:50.827`)
- [CVE-2024-52276](CVE-2024/CVE-2024-522xx/CVE-2024-52276.json) (`2024-12-04T11:30:50.947`)
- [CVE-2024-52277](CVE-2024/CVE-2024-522xx/CVE-2024-52277.json) (`2024-12-04T11:30:51.107`)
- [CVE-2024-52278](CVE-2024/CVE-2024-522xx/CVE-2024-52278.json) (`2024-12-04T12:15:19.763`)
- [CVE-2024-54153](CVE-2024/CVE-2024-541xx/CVE-2024-54153.json) (`2024-12-04T12:15:19.853`)
- [CVE-2024-54154](CVE-2024/CVE-2024-541xx/CVE-2024-54154.json) (`2024-12-04T12:15:20.047`)
- [CVE-2024-54155](CVE-2024/CVE-2024-541xx/CVE-2024-54155.json) (`2024-12-04T12:15:20.190`)
- [CVE-2024-54156](CVE-2024/CVE-2024-541xx/CVE-2024-54156.json) (`2024-12-04T12:15:20.340`)
- [CVE-2024-54157](CVE-2024/CVE-2024-541xx/CVE-2024-54157.json) (`2024-12-04T12:15:20.473`)
- [CVE-2024-54158](CVE-2024/CVE-2024-541xx/CVE-2024-54158.json) (`2024-12-04T12:15:20.623`)
- [CVE-2024-8894](CVE-2024/CVE-2024-88xx/CVE-2024-8894.json) (`2024-12-04T12:15:20.763`)
- [CVE-2024-8962](CVE-2024/CVE-2024-89xx/CVE-2024-8962.json) (`2024-12-04T12:15:20.913`)
- [CVE-2024-11935](CVE-2024/CVE-2024-119xx/CVE-2024-11935.json) (`2024-12-04T13:15:05.910`)
- [CVE-2024-12138](CVE-2024/CVE-2024-121xx/CVE-2024-12138.json) (`2024-12-04T14:15:19.413`)
- [CVE-2024-51465](CVE-2024/CVE-2024-514xx/CVE-2024-51465.json) (`2024-12-04T14:15:20.223`)
- [CVE-2024-53125](CVE-2024/CVE-2024-531xx/CVE-2024-53125.json) (`2024-12-04T14:15:20.460`)
- [CVE-2024-7488](CVE-2024/CVE-2024-74xx/CVE-2024-7488.json) (`2024-12-04T14:15:21.000`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `23`
- [CVE-2024-41156](CVE-2024/CVE-2024-411xx/CVE-2024-41156.json) (`2024-12-04T11:30:48.937`)
- [CVE-2023-40735](CVE-2023/CVE-2023-407xx/CVE-2023-40735.json) (`2024-12-04T13:15:05.183`)
- [CVE-2024-30271](CVE-2024/CVE-2024-302xx/CVE-2024-30271.json) (`2024-12-04T14:57:13.823`)
- [CVE-2024-30272](CVE-2024/CVE-2024-302xx/CVE-2024-30272.json) (`2024-12-04T14:45:39.650`)
- [CVE-2024-30273](CVE-2024/CVE-2024-302xx/CVE-2024-30273.json) (`2024-12-04T14:35:16.303`)
- [CVE-2024-52277](CVE-2024/CVE-2024-522xx/CVE-2024-52277.json) (`2024-12-04T13:15:06.080`)
- [CVE-2024-8812](CVE-2024/CVE-2024-88xx/CVE-2024-8812.json) (`2024-12-04T14:56:07.463`)
- [CVE-2024-8813](CVE-2024/CVE-2024-88xx/CVE-2024-8813.json) (`2024-12-04T14:56:03.620`)
- [CVE-2024-8814](CVE-2024/CVE-2024-88xx/CVE-2024-8814.json) (`2024-12-04T14:55:59.677`)
- [CVE-2024-8815](CVE-2024/CVE-2024-88xx/CVE-2024-8815.json) (`2024-12-04T14:55:55.787`)
- [CVE-2024-8816](CVE-2024/CVE-2024-88xx/CVE-2024-8816.json) (`2024-12-04T14:55:51.693`)
- [CVE-2024-8817](CVE-2024/CVE-2024-88xx/CVE-2024-8817.json) (`2024-12-04T14:55:21.647`)
- [CVE-2024-8818](CVE-2024/CVE-2024-88xx/CVE-2024-8818.json) (`2024-12-04T14:55:10.590`)
- [CVE-2024-8819](CVE-2024/CVE-2024-88xx/CVE-2024-8819.json) (`2024-12-04T14:50:28.667`)
- [CVE-2024-8820](CVE-2024/CVE-2024-88xx/CVE-2024-8820.json) (`2024-12-04T14:49:53.280`)
- [CVE-2024-8821](CVE-2024/CVE-2024-88xx/CVE-2024-8821.json) (`2024-12-04T14:48:52.033`)
- [CVE-2024-8822](CVE-2024/CVE-2024-88xx/CVE-2024-8822.json) (`2024-12-04T14:47:30.647`)
- [CVE-2024-8823](CVE-2024/CVE-2024-88xx/CVE-2024-8823.json) (`2024-12-04T14:45:59.687`)
- [CVE-2024-8824](CVE-2024/CVE-2024-88xx/CVE-2024-8824.json) (`2024-12-04T14:44:31.470`)
- [CVE-2024-8839](CVE-2024/CVE-2024-88xx/CVE-2024-8839.json) (`2024-12-04T14:43:09.680`)
- [CVE-2024-8840](CVE-2024/CVE-2024-88xx/CVE-2024-8840.json) (`2024-12-04T14:42:12.897`)
- [CVE-2024-8841](CVE-2024/CVE-2024-88xx/CVE-2024-8841.json) (`2024-12-04T14:41:07.097`)
- [CVE-2024-8842](CVE-2024/CVE-2024-88xx/CVE-2024-8842.json) (`2024-12-04T14:38:40.640`)
- [CVE-2024-8962](CVE-2024/CVE-2024-89xx/CVE-2024-8962.json) (`2024-12-04T12:15:20.913`)
## Download and Usage

87
_state.csv
View File

@ -231335,7 +231335,7 @@ CVE-2023-4073,0,0,f38da659b6673c490161e8d4cab88eac5a3d08db3aa00ddc31bba9a3c441f4
CVE-2023-40730,0,0,e53bc04f867a544c5c2142f4a7a7d3e2044be62442a64262e5df3e630faa7cc3,2023-09-14T17:00:29.273000
CVE-2023-40731,0,0,0d3b4e375c466ae10676028b39f9bcec599de7e021f7941e33591b60d27b8d5d,2023-09-14T16:59:57.110000
CVE-2023-40732,0,0,0de335b97cb2d8ea28ba2daf4a9181c7d5927ddd29e5111dad0cca9b99f8a9b1,2023-09-14T16:49:50.890000
CVE-2023-40735,0,0,d6e2fc791259bc0173a4da335047e8ba22c4dedae1b658e4548877262dff66e3,2024-11-06T09:15:03.710000
CVE-2023-40735,0,1,f27d911e4b1df0d5478b3a7881e66ba6fd52bceb01ac3a5de94b784c69d8aefa,2024-12-04T13:15:05.183000
CVE-2023-4074,0,0,51839cd8c1d88842439840ca3e3c8c020fefa804c32fe4e5a053d3a124748d9b,2024-01-31T17:15:14.080000
CVE-2023-40743,0,0,0f73d9585b00b12c90cacbe8597e86a593f7f0029cedf8511d7b2ade05b82d99,2024-08-02T19:15:56.317000
CVE-2023-40744,0,0,bd2ca97004f8ab866b5a6f1be3d1e9b3c291466120a8c648383110306df29689,2023-11-07T04:20:21.733000
@ -243107,7 +243107,7 @@ CVE-2024-10570,0,0,c512ffde6a7106ceaaceffb83d70a1ad2c299d9e7c750445faea3d54adc81
CVE-2024-10571,0,0,764d0722def38a147b3ba290b54cc9e9aebe855b12c99828d9c801c2e02fe1a0,2024-11-19T15:46:52.187000
CVE-2024-10573,0,0,ba06e0f3da2c6f2632d921dee19a754bb6e0516ca246eb8c3791b840d56af7a3,2024-11-26T23:15:04.850000
CVE-2024-10575,0,0,924d12914fd797ca7b437680e7624f960ff1fb4e9a84f0339e46e831bcf19838,2024-11-19T17:28:06.750000
CVE-2024-10576,1,1,5273d95cdbc38a37c97287170f89c975c483ddbcbea5bbeb00609c4fb3df0b0f,2024-12-04T12:15:18.463000
CVE-2024-10576,0,0,5273d95cdbc38a37c97287170f89c975c483ddbcbea5bbeb00609c4fb3df0b0f,2024-12-04T12:15:18.463000
CVE-2024-10577,0,0,a22bb88e9d80100e8493f63e77c4cd5ab2a37147944c69ab526442c593c29d99,2024-11-13T17:01:16.850000
CVE-2024-10579,0,0,33dc3315e2727505fbb01f5c18514afec0197a3f447e5606ebb8c22a898a16da,2024-11-26T11:21:58.330000
CVE-2024-1058,0,0,6b5e9e2c8572168cf164dc3fe2cb55f99ab49ff2791e71ab226d135ab3271443,2024-02-29T13:49:29.390000
@ -243904,7 +243904,7 @@ CVE-2024-1184,0,0,0bd0336a802b5a07ef17cf4c3337487d1573b3f8590cc13c2e3f9ac276b1f1
CVE-2024-11844,0,0,fa93732bf7a7811a41c3e6cfac99ea6aa7951ce050fad551bdb8bf6251ff9356,2024-12-03T09:15:04.473000
CVE-2024-1185,0,0,a60268243ee8d3dcf82e9c185863da8146ac8c49246dc744f2663ef723b40081,2024-06-26T15:15:19.220000
CVE-2024-11853,0,0,c70345c399e57b281a218378a22a846eb5d7cd1f69686e8d6c992b2449c02ac9,2024-12-03T08:15:06.710000
CVE-2024-11854,1,1,19031e0fe3e69020cafdc97722d8197d27bcfafae002c34b650d000ba85c0f80,2024-12-04T12:15:19.250000
CVE-2024-11854,0,0,19031e0fe3e69020cafdc97722d8197d27bcfafae002c34b650d000ba85c0f80,2024-12-04T12:15:19.250000
CVE-2024-11856,0,0,20144f62e7f4edae2d8f1729fbe98f20a8d619a96145aa244e22c04511e4c37d,2024-12-02T03:15:13.713000
CVE-2024-1186,0,0,b01b3a0462d1f7a1a803ca8f493a6219bd71eed48ddf8d36021e6ca2af3e1767,2024-05-17T02:35:17.110000
CVE-2024-11860,0,0,8f2a0fbf19059c6c3c8a5836cc661c7d3bd0f5aaad2633071ac71b0a6a9605c7,2024-11-27T17:15:10.010000
@ -243924,6 +243924,7 @@ CVE-2024-1192,0,0,2496c5c2bd24b6b1e653d79a0dbb975771788d1c54262403d529d1a596a310
CVE-2024-11925,0,0,8ba6e48179945e2c0807e717394a91dffc0cd6e22b1cec23e4da5d64788cadee,2024-11-28T07:15:05.267000
CVE-2024-1193,0,0,ffb9a4095d8f9913e32a4a9fb84e7d515c719215bffa9c1271257c84c947030d,2024-05-17T02:35:17.833000
CVE-2024-11933,0,0,ff719b80c8b04b1955877df42e564ce90eac2c09e4f59c20e785f18a1e8804d6,2024-12-03T16:04:10.350000
CVE-2024-11935,1,1,9c769b1c4d867474a0ead8d3d33ccb8daaae06c82d486a8ac440c6198046b3e0,2024-12-04T13:15:05.910000
CVE-2024-1194,0,0,2ada7ec0067a4a6c15e16c8b6d60d2605ff0ff50c80d53e3de0a5fe7493767f7,2024-05-17T02:35:17.933000
CVE-2024-1195,0,0,524480b99d81e527b71e9b6d2b12e0f3d16697f860efe8d11194cd8cf60ecd57,2024-05-17T02:35:18.037000
CVE-2024-11952,0,0,1cf8955e26709babaa743e659edcf01ad0b08b777d583067e6146dcc8a8319e6,2024-12-04T09:15:04.637000
@ -243978,10 +243979,11 @@ CVE-2024-1209,0,0,b007174870c79d931de8bd87795b421ecc64b354efa55388cf8747cc0f9b93
CVE-2024-12099,0,0,841784c9ec00c84b54988fece9d557d8124e99bf7bce550f257ab735648093ba,2024-12-04T04:15:04.287000
CVE-2024-1210,0,0,2bd6c4d9a535fadb91354d7280da4ed73754e214ed933073c198034626ca398d,2024-02-14T17:26:54.873000
CVE-2024-12101,0,0,cf6330eb409e982923b4b0b78cc8d64ad396889b9513f5530cedf911c9fe2802,2024-12-03T16:15:20.910000
CVE-2024-12107,1,1,4ecf985355ed02c46a47df39da30f4f8d3067f06e5bf8632c870b7442c3264aa,2024-12-04T11:15:05
CVE-2024-12107,0,0,4ecf985355ed02c46a47df39da30f4f8d3067f06e5bf8632c870b7442c3264aa,2024-12-04T11:15:05
CVE-2024-1212,0,0,da6373ae7bafa80bc186105339e693a9592b96e608bda44b9b7e9a26c6194323,2024-11-19T17:24:39.480000
CVE-2024-12123,0,0,a64c5f1053ac9ab8204a334c665b77f722022f7905b787d927f9f5c425016fc1,2024-12-04T04:15:04.430000
CVE-2024-1213,0,0,73c928f5e166c2f8b5a80c38e18cb771f40a6d802d77253df887196bd9243584,2024-03-21T12:58:51.093000
CVE-2024-12138,1,1,b627f71d7eb0f3c5b092a28495f539873055e1ed13f91ef3e777df6f0a6a06f4,2024-12-04T14:15:19.413000
CVE-2024-1214,0,0,3ce61bef6906de47cb6dca47166861f981b3b7a12f38cc6bc1c75e176d1b9b5e,2024-03-21T12:58:51.093000
CVE-2024-1215,0,0,a5f81972c1c766d6a1a96567c8d27bfbbda6117700102c01b81784829175fa50,2024-05-17T02:35:19.200000
CVE-2024-1216,0,0,2ac4284b62a708a705b7ab9ac6ff4ec2f3952b584d951b1f83e5c9b3524c781f,2024-03-21T02:51:38.760000
@ -252469,9 +252471,9 @@ CVE-2024-30268,0,0,ffa5140c145b21998fe4c37797ee5abb4701b5534f81fb1c409e5323ad32c
CVE-2024-30269,0,0,a6507b629e7b569393fa27709eec0cfdedc416a2cbb19d81e682f3fd938c0a11,2024-04-08T18:48:40.217000
CVE-2024-3027,0,0,16c67633c1c455d10e505859ab19495a9b84017838b0c8bbf9f6f233747b7450,2024-04-15T13:15:31.997000
CVE-2024-30270,0,0,efecb3f08ba92062dd267bd0c96f7f12cf461464043b62265b8f7d0e604df3fd,2024-04-05T12:40:52.763000
CVE-2024-30271,0,0,4f667ebf06641ee169a3ffa2348fd1053acc22044fe752e1f0db8c1957232f63,2024-04-12T12:44:04.930000
CVE-2024-30272,0,0,a408e080820ee91f9124f4e9a3caff1ca158aba4951c48fad2f31a3e9facd7d8,2024-04-12T12:44:04.930000
CVE-2024-30273,0,0,6b1d238c9e12ea2ba8fc60efb1a6f102260f96c472f5f331b760d3af4a0ceb07,2024-04-12T12:44:04.930000
CVE-2024-30271,0,1,cc79f14ef55e5ada2ea6b4cb77cf322f6abb8edab1e5c3186d027e6424abfdde,2024-12-04T14:57:13.823000
CVE-2024-30272,0,1,8608cde58e1e6e82a43340ffdffdd3627c273038d1a30d497551792463dc4d72,2024-12-04T14:45:39.650000
CVE-2024-30273,0,1,42c53237be689cc1cfa9b149abe835be671695859725a738c8992c03134ab2bc,2024-12-04T14:35:16.303000
CVE-2024-30274,0,0,6d6a72c834ea38ccb2874ecc4feec72c8e33b47ed0e8a1829f5848ded1ff7c3a,2024-12-03T16:31:14.377000
CVE-2024-30275,0,0,5c7fd7a6cf84690d33049db8d301fa3c3763a08fb307abbb2a39ddc9f47ba093,2024-05-16T13:03:05.353000
CVE-2024-30276,0,0,0bd4be9c7f10ca7d4fd2dfa1716549a7092cbd7f9a2adabf7913546d4cdfeadd,2024-07-09T15:50:56.480000
@ -260477,7 +260479,7 @@ CVE-2024-4115,0,0,89bc89df66a101d446d6568b359dec67345256fa579984420e2e2fe7ea4994
CVE-2024-41150,0,0,f29e18c57230cbc3b76f00f0b7fe1001f55bb08bda82442884bf5072f9726b00,2024-08-27T14:35:09.013000
CVE-2024-41151,0,0,83c870b64bd13b34d92e777b5a6ddc4ae15bc7b99f3f9858a151401c3673202e,2024-11-18T17:11:17.393000
CVE-2024-41153,0,0,dafb89be97200d81ac5d60fe35f2a445ceac861b85bb58f78c85df804ae27889,2024-10-31T14:37:48.533000
CVE-2024-41156,0,1,178f3725238ed55e1b2511f8781c2a2622ac6d889707340612f9bc5e554f517e,2024-12-04T11:30:48.937000
CVE-2024-41156,0,0,178f3725238ed55e1b2511f8781c2a2622ac6d889707340612f9bc5e554f517e,2024-12-04T11:30:48.937000
CVE-2024-41157,0,0,7a282611d45c2fbb6f2dc936e4617dedd23e7f4d2ca4cbf354d2844aba4fb55d,2024-09-04T16:30:40.737000
CVE-2024-4116,0,0,6ee64e85b69f8f11f599040da371bf02d3a94742e1ecd0f467d9a48f26243458,2024-05-17T02:40:16.110000
CVE-2024-41160,0,0,4405f1fa554ba7d9df44bc4bbb96ea93e068b229b76d85cd7934b300d79543d0,2024-09-09T12:21:53.383000
@ -266992,6 +266994,7 @@ CVE-2024-51432,0,0,06d0d3316848cec870b03db5c1c503efe28d2aee8f81e4282d342a7548539
CVE-2024-51434,0,0,8c68c9ee35eceb55bbf1a98e98603282050fe997d32967086380b48530b1bb99,2024-11-08T19:01:03.880000
CVE-2024-5144,0,0,6bbfaf13c1764c4fefc00893d80de8b864d8af9b05653210d129c904ab48e8ed,2024-05-31T18:15:13.217000
CVE-2024-5145,0,0,e9d5b011678068f9e46540aba9b4c166c9546581cf81cda6f6984ec899d8b7b6,2024-06-04T19:21:01.520000
CVE-2024-51465,1,1,bdca8003fe6667a7bb57737482afc81e26c476c0c2e3ce70c4f3a3adf1f80500,2024-12-04T14:15:20.223000
CVE-2024-5147,0,0,67fd758fa3d69d8e32fe541a58ba746107ffb7370fa9ddd99ec9988f56fe738f,2024-05-22T12:46:53.887000
CVE-2024-51478,0,0,9c645c867780dc62421ca357104dcf5de15f7abda4e26eccd09e0b3312ae61a8,2024-11-01T12:57:03.417000
CVE-2024-5148,0,0,bd5836562cd7c4456364427f29f33cc1c67447ccbfc1a9320a1023f854c7eb77,2024-09-03T12:59:02.453000
@ -267506,15 +267509,15 @@ CVE-2024-5224,0,0,db9f297ce85558665780a2b5ea4fe3a1e31ac4d111566a8ba052aeb7472c35
CVE-2024-5225,0,0,908db7200208aad82f301f521b9dc90a90551560079e967278f95345fdc58383,2024-09-23T19:46:53.890000
CVE-2024-5226,0,0,343bea1ef6104d1a60d532c3087e707033a7d2cea2eb006f3e8cf7d609df1199,2024-08-08T13:04:18.753000
CVE-2024-52268,0,0,ea9ce8fc39b5cc2a56555dd9c667efdad9c8d1fb9ef5135ccde9e9b88f547032,2024-11-19T15:57:03.780000
CVE-2024-52269,1,1,736992060686cdac7cfdb7e712e6595573a8e750ab86b85b7f8d98313a79a0b4,2024-12-04T12:15:19.500000
CVE-2024-52269,0,0,736992060686cdac7cfdb7e712e6595573a8e750ab86b85b7f8d98313a79a0b4,2024-12-04T12:15:19.500000
CVE-2024-5227,0,0,782d407fd59442ae1cd49577c63d7b8236dddc237a48b5fa6a3df2e3ceec540d,2024-05-24T01:15:30.977000
CVE-2024-52272,1,1,a3fecbc65aea2d9b1b61c930c3641fe1f1a21d26fb4a22b2f3c8f590e7642708,2024-12-04T11:30:50.170000
CVE-2024-52273,1,1,b7b3a2f5cbdd924580d00aadbad6b7f335f6885215a6863c2e9e57dfb72a2500,2024-12-04T11:30:50.593000
CVE-2024-52274,1,1,ecb13f813ac787f1c31aa47c0141b458f6c53ba8bd458f3c4ba6754a9ae6907f,2024-12-04T11:30:50.713000
CVE-2024-52275,1,1,de23971a6cc4bd67116b75ca69f0f05e1dfdda58aa0b336c64f30eb1995963ee,2024-12-04T11:30:50.827000
CVE-2024-52276,1,1,54746b97ddb09890491662c4bcbf843a83df86e03b0c283af9b1c46eabcb7a4d,2024-12-04T11:30:50.947000
CVE-2024-52277,1,1,d51097de8d0f3dc04002ef38b52b7098e9a43ac99e9b8e53652656c3239d7675,2024-12-04T12:15:19.657000
CVE-2024-52278,1,1,f6727d2bf49859f0724c1a39e0d775cbd477e6bb49e30b91be3cb4bcf4a7b7c5,2024-12-04T12:15:19.763000
CVE-2024-52272,0,0,a3fecbc65aea2d9b1b61c930c3641fe1f1a21d26fb4a22b2f3c8f590e7642708,2024-12-04T11:30:50.170000
CVE-2024-52273,0,0,b7b3a2f5cbdd924580d00aadbad6b7f335f6885215a6863c2e9e57dfb72a2500,2024-12-04T11:30:50.593000
CVE-2024-52274,0,0,ecb13f813ac787f1c31aa47c0141b458f6c53ba8bd458f3c4ba6754a9ae6907f,2024-12-04T11:30:50.713000
CVE-2024-52275,0,0,de23971a6cc4bd67116b75ca69f0f05e1dfdda58aa0b336c64f30eb1995963ee,2024-12-04T11:30:50.827000
CVE-2024-52276,0,0,54746b97ddb09890491662c4bcbf843a83df86e03b0c283af9b1c46eabcb7a4d,2024-12-04T11:30:50.947000
CVE-2024-52277,0,1,fc2174c3dc3f35a5b0a85a074a2c2acfc285045ebf03ef343ee0d7694eb36e3c,2024-12-04T13:15:06.080000
CVE-2024-52278,0,0,f6727d2bf49859f0724c1a39e0d775cbd477e6bb49e30b91be3cb4bcf4a7b7c5,2024-12-04T12:15:19.763000
CVE-2024-5228,0,0,d7fb18ef663e7fbb963ee04e575f2bc258b900955c0912600676521519fad837,2024-05-24T01:15:30.977000
CVE-2024-52283,0,0,f59df4d918f6034e17961b306063745063af3cc2eb28f2a813fc1b7331b63f1f,2024-11-28T10:15:08.543000
CVE-2024-52286,0,0,a006a0be971b0e96964504e5809b0d7c6410ed1592b8c4976d82ae2953104dc3,2024-11-12T13:55:21.227000
@ -267992,6 +267995,7 @@ CVE-2024-53121,0,0,0df4084097284edf0dd35ebbe17aab3a3d685c9d3fdc3da9364efeff40162
CVE-2024-53122,0,0,1c299a2688f6ab9dded70cf6b0cfd3aeafa91db46a3f4d275e9dee3fcde2a23a,2024-12-02T14:15:13.010000
CVE-2024-53123,0,0,dcef2903ddd7f9038bf183b6ef6585245f13744aad480c16672e1f79f35f6cd8,2024-12-02T14:15:13.120000
CVE-2024-53124,0,0,ce00db9f52d4602938a9498c77e180ac9ff339a933c4e30878280323c81f97d8,2024-12-02T14:15:13.220000
CVE-2024-53125,1,1,43afd00df3c663365d0f10b7914fbddd39434ca1bab6ae886e0992d3c66d10ae,2024-12-04T14:15:20.460000
CVE-2024-5313,0,0,f1cdfb8a50e98ae6ac3af0ea1d50716e060963965a73a7d8f531b777ae15b8ad,2024-08-14T13:40:02.907000
CVE-2024-5314,0,0,a7cdac28c15b59d972bbd1ad7f63aae58232f4c63fcf8544d4cfc91c709ee3db,2024-05-24T13:03:05.093000
CVE-2024-5315,0,0,8579169b825e98cf3238daa1adb0a4d2ea9e4baf40a7a9906b16d52fd8bd309a,2024-05-24T13:03:05.093000
@ -268276,12 +268280,12 @@ CVE-2024-5413,0,0,b448c8c4fee794a9903e33e6c17f07ddeb3dd7c0bc677024b75809ef047d2c
CVE-2024-54131,0,0,4b4918afa2a4261da20afce1984c24b92c3cd8c05c3ee6659db317d6cf1d35a8,2024-12-03T21:15:08.127000
CVE-2024-5414,0,0,08acc305e6c9bea4a9589fa3dba157ea62649fb0f8c0ee74aad6ddc09386f1c2,2024-05-28T14:59:09.827000
CVE-2024-5415,0,0,d8ba178a70f3cfb2a3911a07d12ef045cc2ca261b5b8d85db5edc9c9636eef1e,2024-05-28T14:59:09.827000
CVE-2024-54153,1,1,fe748b404c05f0f3b478581c42b273c9674060ff9a7f772d2c51f053c33a523f,2024-12-04T12:15:19.853000
CVE-2024-54154,1,1,90e5f722e743af34caa289867c96183a78347ae32cd2d8a629d65a02c19e6b39,2024-12-04T12:15:20.047000
CVE-2024-54155,1,1,28a423121728ae6aa501b8f8f965c91c52022d7fedcd6249599cc03d4b9b5250,2024-12-04T12:15:20.190000
CVE-2024-54156,1,1,141631efa1d176f082a4f8dfe462f98b3c168ba1cd2a76c24173556a8f4cdd6f,2024-12-04T12:15:20.340000
CVE-2024-54157,1,1,755c453d5c79304160cc91f73fd65ec4aa1f1b05efb4cf07623a363a5b801532,2024-12-04T12:15:20.473000
CVE-2024-54158,1,1,d0bc033fe66b8501dff1a8ca45c65bb921cc771ac199e492f65942f226e5ad64,2024-12-04T12:15:20.623000
CVE-2024-54153,0,0,fe748b404c05f0f3b478581c42b273c9674060ff9a7f772d2c51f053c33a523f,2024-12-04T12:15:19.853000
CVE-2024-54154,0,0,90e5f722e743af34caa289867c96183a78347ae32cd2d8a629d65a02c19e6b39,2024-12-04T12:15:20.047000
CVE-2024-54155,0,0,28a423121728ae6aa501b8f8f965c91c52022d7fedcd6249599cc03d4b9b5250,2024-12-04T12:15:20.190000
CVE-2024-54156,0,0,141631efa1d176f082a4f8dfe462f98b3c168ba1cd2a76c24173556a8f4cdd6f,2024-12-04T12:15:20.340000
CVE-2024-54157,0,0,755c453d5c79304160cc91f73fd65ec4aa1f1b05efb4cf07623a363a5b801532,2024-12-04T12:15:20.473000
CVE-2024-54158,0,0,d0bc033fe66b8501dff1a8ca45c65bb921cc771ac199e492f65942f226e5ad64,2024-12-04T12:15:20.623000
CVE-2024-54159,0,0,a6966b82b06dc6cc6ffe535670f7fe423d90e23d66a5791ea4c4b55b9827bb58,2024-12-03T15:15:12.097000
CVE-2024-5416,0,0,e60ac21c549a64885b0e4526eea23fa8e926aaead7cfc8773dbbebbe7c033943,2024-09-26T14:37:59.290000
CVE-2024-5417,0,0,7aeebeb967db19ec82014e996b2aa573677c8d8d73e22110a17d0cf5ea677289,2024-10-07T15:44:01.830000
@ -270110,6 +270114,7 @@ CVE-2024-7481,0,0,029caf1b5321966d6fff7b258f5edb21656af3703408123f2c0a2bb28c2a7f
CVE-2024-7484,0,0,922e65f90a754867bdae2807b60c4750519990bf6adcc62fb148334df21e54c7,2024-08-06T16:30:24.547000
CVE-2024-7485,0,0,0b34fc91c3d825ea4087a792a0e5c6d839cf66a581a05d0c60df64b0af48f97e,2024-08-06T16:30:24.547000
CVE-2024-7486,0,0,e2579b82a31704160b51da6f8b3285ef5bff1d765f5e0369c7378c4f856658fb,2024-08-08T13:04:18.753000
CVE-2024-7488,1,1,4a73f1913c86dad7d8841567d3b6c7841f9556bb57dbbd864ebb2f69f4aabb4a,2024-12-04T14:15:21
CVE-2024-7489,0,0,a911c458f8c85ecb33feabe2fee5828bb307bd0fdaa5447d2dc32acdf03946c2,2024-10-16T07:15:16.160000
CVE-2024-7490,0,0,2dbd6717a12bca522d1065ac017f63874351831b0b05b9f6e750116d667cf962,2024-08-12T15:22:20.267000
CVE-2024-7491,0,0,d689a374fb3537e15633f4540eb868e4dc80670c3ee0d8274c63d44d12227824,2024-09-26T13:32:02.803000
@ -271186,19 +271191,19 @@ CVE-2024-8808,0,0,a747c52b1664999051d9b0fe9d3aff6496c6b7bb644b6f690fa14f1c2188e6
CVE-2024-8809,0,0,5ef323758cc04cc3437d900754b8899d6be21732d037419ae491643e0d299c4b,2024-11-22T21:15:19.110000
CVE-2024-8810,0,0,28ccf959675d77b7e3dcf659d948720de4b02c335959c6c7364babe715cf7b78,2024-11-08T19:01:03.880000
CVE-2024-8811,0,0,f149726d303ee5303af357b9626b7520300c87c24b19cbce455084888f6aaddd,2024-11-22T21:15:19.220000
CVE-2024-8812,0,0,ec4569a784180739a4af516e1685c2c692eeeaaafc7b6a6e88af060c021b6366,2024-11-22T21:15:19.333000
CVE-2024-8813,0,0,f5fd38328e189527f5f4ac84d90b1504b28cf20592614545df0c70c369d88cd3,2024-11-22T21:15:19.473000
CVE-2024-8814,0,0,5fa3bdd92d1e11d7926c995fcf3e8cbbe9c089974d3a99c321376a390d224369,2024-11-22T21:15:19.590000
CVE-2024-8815,0,0,bc815842234108d9a59d6b1fa7916a96efb3beb1e9a36e13d20e2e850214d7e3,2024-11-22T21:15:19.697000
CVE-2024-8816,0,0,0c78e173a24ab5d7693033b29cac42204f2ed60c9fbaddf7543d8c2245e2b27e,2024-11-22T21:15:19.803000
CVE-2024-8817,0,0,555e92ac83d58f922e910663782141b1590f00c137da5a80fcc0bd3e6f3e26e8,2024-11-22T21:15:19.917000
CVE-2024-8818,0,0,c039c98db7723bdc4cd74d3d2bc4ad8359c854e813a1aada40a75aa5841decfc,2024-11-22T21:15:20.027000
CVE-2024-8819,0,0,63dce9af4510f4a2eec618d261fc0210a7fa557910658f4e0cb386554696d163,2024-11-22T21:15:20.133000
CVE-2024-8820,0,0,6ac18da39acb091bc5b4570b27c4d27061f9afa5e4efe2a225938e3221b1c70d,2024-11-22T21:15:20.243000
CVE-2024-8821,0,0,ae151ee0d4e66a38e1f953a2cb9ea4ca6988ec553e5f5170989052d93bb2574f,2024-11-22T21:15:20.357000
CVE-2024-8822,0,0,a61b4cb8c6aee1f5be80cd3b5032f2305f85bca0bf17e2e56b4eda9d422d7d75,2024-11-22T21:15:20.470000
CVE-2024-8823,0,0,adc9090f6175b10dd86864237a283448073ad2580380ddb2e56ede96b2c41cdb,2024-11-22T21:15:20.583000
CVE-2024-8824,0,0,f51c50e2d27567217553c8b3618880c98307c7f5a4ab0101d5b5f492a5fb59fa,2024-11-22T21:15:20.697000
CVE-2024-8812,0,1,bb02fc6aeb6a5ac1f09542da80a7e732df3fce4abf0f1812bb84e6052fd54012,2024-12-04T14:56:07.463000
CVE-2024-8813,0,1,2eaa7ba4fc2b319f137dbd3febf169692852bcf46f553772924673950c1923d3,2024-12-04T14:56:03.620000
CVE-2024-8814,0,1,988a786909b9e0becaa242b7d30f5b4116700fa704d8c5412f3e1d1c310d422a,2024-12-04T14:55:59.677000
CVE-2024-8815,0,1,a0f1ef1ba3ef6d938b6e3988125d554ed200016bfa87a8188a2ebbd3829767d6,2024-12-04T14:55:55.787000
CVE-2024-8816,0,1,0e1aaf29dea5646f47f2bc4d56c73bacd5c4e4b975dd47d426de8f7a2984138e,2024-12-04T14:55:51.693000
CVE-2024-8817,0,1,38fc29c423f47b605821a02a0977289dcb2f443673adedf40e1ff2c2f3f447c7,2024-12-04T14:55:21.647000
CVE-2024-8818,0,1,3a7d39b233d509189babbdebb7797281f643877f96185f6f8cb7a1815b533967,2024-12-04T14:55:10.590000
CVE-2024-8819,0,1,4e4d3b7143fe200e690db17de8251a0c098db765f7f791fdff514f3c869782e7,2024-12-04T14:50:28.667000
CVE-2024-8820,0,1,87ef82b4244082d1a4881800e062311d181d9f0f28625ca7b1dbb1abd3d7f6b8,2024-12-04T14:49:53.280000
CVE-2024-8821,0,1,d0050a279d9250a40b6f05fa760c9cbfd5be21a3fd49f1a9ee0883e21e6e9c64,2024-12-04T14:48:52.033000
CVE-2024-8822,0,1,2950c312f451c38c32cd5ee0d43bfe02740e193dc615ece3742ae2e8fd457c86,2024-12-04T14:47:30.647000
CVE-2024-8823,0,1,315b56efc8d962874c8152076ad27fbee666fcd87542252f2db2c54f5b5673aa,2024-12-04T14:45:59.687000
CVE-2024-8824,0,1,081b887efb7be95b457127b5d1be656b2e827f4c77f383c21956eee1e09e7994,2024-12-04T14:44:31.470000
CVE-2024-8825,0,0,386facc7f478cbfcfa85ec990ba31bcaed7eca7d9ceff17e6e15478683dda148,2024-11-29T20:20:44.863000
CVE-2024-8826,0,0,f4e52980884276b4d0670106e2ba49b1b78815b10ae4ced581158a7b704c52a8,2024-11-29T20:08:47.553000
CVE-2024-8827,0,0,61f5eb5ff8ecf0faa7db8953d296c535df6bfdf7ae19ad117bcc6010c4727fb8,2024-11-29T20:20:34.137000
@ -271213,10 +271218,10 @@ CVE-2024-8835,0,0,ac7088e58560f5b8a53a89d7053ca91953fa04c930410cf78b9450022c4f09
CVE-2024-8836,0,0,79e7b0ebef3f34831f5721ae680df12c7c8fda724633587fb2447905129a1385,2024-11-29T20:17:29.823000
CVE-2024-8837,0,0,89e656db04439e6a29296845420167328da47c051242908b0604e6fd8193f958,2024-11-29T20:10:41.130000
CVE-2024-8838,0,0,10d39ca9b78f79c235ce4c6d2c97387f035b10246bb5c06ccf2c04f01720827b,2024-12-03T22:06:42.107000
CVE-2024-8839,0,0,2acbb4e8a6b1624d1785c0132d951382284f4d937031ff128ac25b7244df8702,2024-11-22T21:15:22.427000
CVE-2024-8840,0,0,bd5b89e0d8e6d7cd1adbf7994707d06af9e474015537950245cf092af468c08b,2024-11-22T21:15:22.537000
CVE-2024-8841,0,0,7ed3cd0a4558fa930ad6b076c4b91d74353ec9aac5958cf8e03944b719c15dbd,2024-11-22T21:15:22.657000
CVE-2024-8842,0,0,eadab63826220a1e8d1edc86000911c7b39f272a4d5f7ea92dac20a45e0a5ff3,2024-11-22T21:15:22.770000
CVE-2024-8839,0,1,dfcb598a9905352c16372165491519fa79e7e07cfa2e5867258644329e155b49,2024-12-04T14:43:09.680000
CVE-2024-8840,0,1,b608d7a40737ad530d95cc8acf900fdbf22b481e49ed67cfe05022036924b7d2,2024-12-04T14:42:12.897000
CVE-2024-8841,0,1,5b3907b9bf6ae6a634463aa043ad5265c90979211a7e3919fc540e1869116b36,2024-12-04T14:41:07.097000
CVE-2024-8842,0,1,58b2215a517c3855255ee3b31bf2c0e7ffb854269fa29ec9ca904e8149139bfa,2024-12-04T14:38:40.640000
CVE-2024-8843,0,0,bdc359026810a398006ae94b0d06b14bc02690dec55ef854528c3c02d08a2a22,2024-11-22T21:15:22.887000
CVE-2024-8844,0,0,fcacb504868d6d764f006f94e50184c1b2b0d2e323919da7dccdb5a6055d68fb,2024-11-22T21:15:23.003000
CVE-2024-8845,0,0,57499101fb1d711c0d6da0ba80832d89600f988a6b5c33815f15d2d7a0cab0c3,2024-11-22T21:15:23.110000
@ -271259,7 +271264,7 @@ CVE-2024-8889,0,0,47ebe4e7e88282b92868239007944fdd0eaf70654178d70e20d6079607f76e
CVE-2024-8890,0,0,853fdfae0cb7e409cedb2bfde6ac5084d9565e6d8770bf21e4fc31a9e1d858a1,2024-10-01T15:46:33.750000
CVE-2024-8891,0,0,aa12a440054ffbd9bbb7dd25787b2c9efe1fc6e33a09eaeb1daa5594da775bc2,2024-09-26T18:50:56.827000
CVE-2024-8892,0,0,b5404a9c6df12d8f66b57eddda13f138d35d7b48bdd71ae1e8b3a805c49716e0,2024-10-07T17:10:26.673000
CVE-2024-8894,1,1,1763d8f0152d14f0fc40e8ff8692ea66538cbd9b867d34d55eb063c726eca559,2024-12-04T12:15:20.763000
CVE-2024-8894,0,0,1763d8f0152d14f0fc40e8ff8692ea66538cbd9b867d34d55eb063c726eca559,2024-12-04T12:15:20.763000
CVE-2024-8896,0,0,f29d7c5921a0cda09067067e0d65f52d378611c678ffcbaf48892ddddf600821,2024-11-01T16:27:16.693000
CVE-2024-8897,0,0,73bf9affb964d11dd95d3adbb34f86a16b9ae0fd786e64b4bbd48b1e4387bb49,2024-09-25T19:49:02.493000
CVE-2024-8899,0,0,bed741a7f503cc73fb62578907c43fb9a7c886e42f6f545b4478cde11cdc45f7,2024-11-26T11:22:09.257000
@ -271314,7 +271319,7 @@ CVE-2024-8957,0,0,0308f2f5a0567b3e01401fcc5a35dd0d4903c31a6d3992c47cfe16c6bc21ea
CVE-2024-8959,0,0,0dc3502ed244ae66bafd80efba15dddd0bb76667e6d8b2d3ee7e3d6fc71e6baf,2024-10-25T12:56:07.750000
CVE-2024-8960,0,0,cb9c3666b1d5630b31aed515dc84bc6b9317ac9454d917c6e7a599d8d75d0609,2024-11-12T13:56:24.513000
CVE-2024-8961,0,0,ef82d8b2e398fd75b52fa0b073d3909959e3a804636999baddf212f4cb248ab3,2024-11-19T17:01:15.787000
CVE-2024-8962,1,1,db49ef994a796bebaae28014d0ce55913dd923302c59e4acd58f6e6d9eaf2181,2024-12-04T12:15:20.913000
CVE-2024-8962,0,1,4816be581bbb312715eb3c44dc8264043d82a8113eaa7eb6324ec3df1eeb3774,2024-12-04T12:15:20.913000
CVE-2024-8963,0,0,67fe8ea90f3163df4929d6782956d377bcadef461d17352cf475deabaa8fd4ad,2024-09-20T16:32:02.563000
CVE-2024-8964,0,0,c8fc4fc0d8f6e4149ea3cd0239ed4708c78c8d6f77eb0df4938d6649d94bf7d7,2024-10-10T12:56:30.817000
CVE-2024-8965,0,0,fcd9a7faf9aba17ebbc93d83d1389f5891b9c0797caaf85615a1a91da1ce5a78,2024-10-04T19:04:03.157000

Can't render this file because it is too large.