From 1a171f1f0373072cd84042a03c59e1d10725fc65 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 18 Sep 2024 20:03:19 +0000 Subject: [PATCH] Auto-Update: 2024-09-18T20:00:19.699246+00:00 --- CVE-2013/CVE-2013-06xx/CVE-2013-0643.json | 36 +- CVE-2013/CVE-2013-06xx/CVE-2013-0648.json | 26 +- CVE-2014/CVE-2014-04xx/CVE-2014-0497.json | 36 +- CVE-2014/CVE-2014-05xx/CVE-2014-0502.json | 36 +- CVE-2019/CVE-2019-10xx/CVE-2019-1069.json | 36 +- CVE-2021/CVE-2021-349xx/CVE-2021-34999.json | 4 +- CVE-2021/CVE-2021-350xx/CVE-2021-35000.json | 4 +- CVE-2022/CVE-2022-228xx/CVE-2022-22834.json | 8 +- CVE-2022/CVE-2022-228xx/CVE-2022-22835.json | 8 +- CVE-2023/CVE-2023-273xx/CVE-2023-27323.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27324.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27325.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27326.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27332.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27333.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27346.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27359.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27364.json | 4 +- CVE-2023/CVE-2023-273xx/CVE-2023-27365.json | 4 +- CVE-2023/CVE-2023-284xx/CVE-2023-28451.json | 39 +- CVE-2023/CVE-2023-284xx/CVE-2023-28455.json | 39 +- CVE-2023/CVE-2023-284xx/CVE-2023-28456.json | 39 +- CVE-2023/CVE-2023-284xx/CVE-2023-28457.json | 39 +- CVE-2023/CVE-2023-321xx/CVE-2023-32136.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32137.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32138.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32139.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32140.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32141.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32142.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32143.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32144.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32145.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32146.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32147.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32148.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32149.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32150.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32151.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32152.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32153.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32154.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32155.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32156.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32157.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32167.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32168.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32169.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32173.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32174.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32176.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32177.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32178.json | 4 +- CVE-2023/CVE-2023-321xx/CVE-2023-32179.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34286.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34287.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34288.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34289.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34290.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34291.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34292.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34293.json | 4 +- CVE-2023/CVE-2023-342xx/CVE-2023-34299.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34300.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34301.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34302.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34303.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34304.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34305.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34306.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34307.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34308.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34309.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34310.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34311.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35709.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35710.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35711.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35712.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35713.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35714.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35715.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35716.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35717.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35718.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35724.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35725.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35726.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35727.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35728.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35729.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35730.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35731.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35732.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35733.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35735.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35736.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35737.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35738.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35739.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35740.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35741.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35742.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35744.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35745.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35746.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35747.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35748.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35749.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35750.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35751.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35752.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35753.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35754.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35755.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35756.json | 4 +- CVE-2023/CVE-2023-357xx/CVE-2023-35757.json | 4 +- CVE-2023/CVE-2023-365xx/CVE-2023-36539.json | 20 +- CVE-2023/CVE-2023-368xx/CVE-2023-36843.json | 14 +- CVE-2023/CVE-2023-373xx/CVE-2023-37310.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37311.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37312.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37313.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37314.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37315.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37316.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37317.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37318.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37319.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37320.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37321.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37322.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37323.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37324.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37325.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37326.json | 4 +- CVE-2023/CVE-2023-373xx/CVE-2023-37328.json | 4 +- CVE-2023/CVE-2023-380xx/CVE-2023-38096.json | 4 +- CVE-2023/CVE-2023-381xx/CVE-2023-38101.json | 4 +- CVE-2023/CVE-2023-381xx/CVE-2023-38120.json | 4 +- CVE-2023/CVE-2023-394xx/CVE-2023-39473.json | 4 +- CVE-2023/CVE-2023-394xx/CVE-2023-39474.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40474.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40475.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40476.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40492.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40493.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40494.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40495.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40496.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40497.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40498.json | 4 +- CVE-2023/CVE-2023-404xx/CVE-2023-40499.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40500.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40501.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40502.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40503.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40504.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40505.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40506.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40507.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40508.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40509.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40510.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40511.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40512.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40513.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40514.json | 4 +- CVE-2023/CVE-2023-405xx/CVE-2023-40515.json | 4 +- CVE-2023/CVE-2023-411xx/CVE-2023-41184.json | 4 +- CVE-2023/CVE-2023-412xx/CVE-2023-41215.json | 4 +- CVE-2023/CVE-2023-416xx/CVE-2023-41610.json | 21 + CVE-2023/CVE-2023-416xx/CVE-2023-41611.json | 21 + CVE-2023/CVE-2023-416xx/CVE-2023-41612.json | 21 + CVE-2023/CVE-2023-420xx/CVE-2023-42039.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42100.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42101.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42102.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42103.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42104.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42105.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42114.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42115.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42116.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42118.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42119.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42124.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42125.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42129.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42130.json | 4 +- CVE-2023/CVE-2023-421xx/CVE-2023-42131.json | 4 +- CVE-2023/CVE-2023-441xx/CVE-2023-44108.json | 24 +- CVE-2023/CVE-2023-444xx/CVE-2023-44410.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44415.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44416.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44417.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44433.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44437.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44438.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44439.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44440.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44441.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44443.json | 4 +- CVE-2023/CVE-2023-444xx/CVE-2023-44444.json | 4 +- CVE-2023/CVE-2023-455xx/CVE-2023-45510.json | 14 +- CVE-2023/CVE-2023-463xx/CVE-2023-46344.json | 6 +- CVE-2023/CVE-2023-471xx/CVE-2023-47105.json | 39 +- CVE-2023/CVE-2023-481xx/CVE-2023-48171.json | 58 +- CVE-2023/CVE-2023-492xx/CVE-2023-49203.json | 39 +- CVE-2023/CVE-2023-502xx/CVE-2023-50224.json | 4 +- CVE-2023/CVE-2023-502xx/CVE-2023-50225.json | 4 +- CVE-2023/CVE-2023-502xx/CVE-2023-50226.json | 4 +- CVE-2023/CVE-2023-502xx/CVE-2023-50227.json | 4 +- CVE-2023/CVE-2023-502xx/CVE-2023-50228.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51597.json | 4 +- CVE-2023/CVE-2023-515xx/CVE-2023-51599.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51600.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51601.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51602.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51603.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51604.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51605.json | 4 +- CVE-2023/CVE-2023-516xx/CVE-2023-51610.json | 4 +- CVE-2024/CVE-2024-204xx/CVE-2024-20430.json | 58 +- CVE-2024/CVE-2024-271xx/CVE-2024-27112.json | 59 +- CVE-2024/CVE-2024-271xx/CVE-2024-27113.json | 59 +- CVE-2024/CVE-2024-290xx/CVE-2024-29073.json | 12 +- CVE-2024/CVE-2024-340xx/CVE-2024-34057.json | 25 + CVE-2024/CVE-2024-343xx/CVE-2024-34399.json | 56 + CVE-2024/CVE-2024-355xx/CVE-2024-35515.json | 39 +- CVE-2024/CVE-2024-359xx/CVE-2024-35943.json | 6 +- CVE-2024/CVE-2024-382xx/CVE-2024-38222.json | 62 +- CVE-2024/CVE-2024-382xx/CVE-2024-38270.json | 313 ++++- CVE-2024/CVE-2024-384xx/CVE-2024-38483.json | 1190 ++++++++++++++++++- CVE-2024/CVE-2024-393xx/CVE-2024-39378.json | 61 +- CVE-2024/CVE-2024-414xx/CVE-2024-41475.json | 57 +- CVE-2024/CVE-2024-418xx/CVE-2024-41868.json | 51 +- CVE-2024/CVE-2024-424xx/CVE-2024-42485.json | 12 +- CVE-2024/CVE-2024-427xx/CVE-2024-42794.json | 43 +- CVE-2024/CVE-2024-441xx/CVE-2024-44127.json | 43 +- CVE-2024/CVE-2024-442xx/CVE-2024-44202.json | 43 +- CVE-2024/CVE-2024-444xx/CVE-2024-44459.json | 63 +- CVE-2024/CVE-2024-444xx/CVE-2024-44460.json | 63 +- CVE-2024/CVE-2024-445xx/CVE-2024-44542.json | 39 +- CVE-2024/CVE-2024-44xx/CVE-2024-4472.json | 98 +- CVE-2024/CVE-2024-455xx/CVE-2024-45523.json | 21 + CVE-2024/CVE-2024-456xx/CVE-2024-45601.json | 64 + CVE-2024/CVE-2024-457xx/CVE-2024-45787.json | 60 +- CVE-2024/CVE-2024-457xx/CVE-2024-45788.json | 58 +- CVE-2024/CVE-2024-457xx/CVE-2024-45789.json | 48 +- CVE-2024/CVE-2024-457xx/CVE-2024-45790.json | 48 +- CVE-2024/CVE-2024-460xx/CVE-2024-46086.json | 39 +- CVE-2024/CVE-2024-469xx/CVE-2024-46959.json | 21 + CVE-2024/CVE-2024-469xx/CVE-2024-46978.json | 64 + CVE-2024/CVE-2024-469xx/CVE-2024-46979.json | 68 ++ CVE-2024/CVE-2024-469xx/CVE-2024-46986.json | 68 ++ CVE-2024/CVE-2024-469xx/CVE-2024-46987.json | 72 ++ CVE-2024/CVE-2024-469xx/CVE-2024-46989.json | 60 + CVE-2024/CVE-2024-60xx/CVE-2024-6091.json | 54 +- CVE-2024/CVE-2024-66xx/CVE-2024-6678.json | 98 +- CVE-2024/CVE-2024-68xx/CVE-2024-6878.json | 24 +- CVE-2024/CVE-2024-76xx/CVE-2024-7609.json | 56 +- CVE-2024/CVE-2024-77xx/CVE-2024-7721.json | 59 +- CVE-2024/CVE-2024-77xx/CVE-2024-7727.json | 62 +- CVE-2024/CVE-2024-81xx/CVE-2024-8144.json | 8 +- CVE-2024/CVE-2024-82xx/CVE-2024-8287.json | 64 + CVE-2024/CVE-2024-83xx/CVE-2024-8306.json | 69 +- CVE-2024/CVE-2024-83xx/CVE-2024-8311.json | 65 +- CVE-2024/CVE-2024-85xx/CVE-2024-8517.json | 92 +- CVE-2024/CVE-2024-86xx/CVE-2024-8641.json | 98 +- CVE-2024/CVE-2024-87xx/CVE-2024-8708.json | 61 +- CVE-2024/CVE-2024-87xx/CVE-2024-8749.json | 46 +- README.md | 80 +- _state.csv | 638 +++++----- 274 files changed, 5224 insertions(+), 916 deletions(-) create mode 100644 CVE-2023/CVE-2023-416xx/CVE-2023-41610.json create mode 100644 CVE-2023/CVE-2023-416xx/CVE-2023-41611.json create mode 100644 CVE-2023/CVE-2023-416xx/CVE-2023-41612.json create mode 100644 CVE-2024/CVE-2024-340xx/CVE-2024-34057.json create mode 100644 CVE-2024/CVE-2024-343xx/CVE-2024-34399.json create mode 100644 CVE-2024/CVE-2024-455xx/CVE-2024-45523.json create mode 100644 CVE-2024/CVE-2024-456xx/CVE-2024-45601.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46959.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46978.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46979.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46986.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46987.json create mode 100644 CVE-2024/CVE-2024-469xx/CVE-2024-46989.json create mode 100644 CVE-2024/CVE-2024-82xx/CVE-2024-8287.json diff --git a/CVE-2013/CVE-2013-06xx/CVE-2013-0643.json b/CVE-2013/CVE-2013-06xx/CVE-2013-0643.json index a1d08793f69..3aa59a605eb 100644 --- a/CVE-2013/CVE-2013-06xx/CVE-2013-0643.json +++ b/CVE-2013/CVE-2013-06xx/CVE-2013-0643.json @@ -2,8 +2,8 @@ "id": "CVE-2013-0643", "sourceIdentifier": "psirt@adobe.com", "published": "2013-02-27T00:55:01.017", - "lastModified": "2024-09-18T01:00:01.007", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:35:01.410", + "vulnStatus": "Modified", "cveTags": [], "evaluatorImpact": "Per: http://www.adobe.com/support/security/bulletins/apsb13-08.html\r\n\r\n'Flash Player 11.6.602.168 and earlier versions for Windows \r\nFlash Player 11.6.602.167 and earlier versions for Macintosh\r\nFlash Player 11.2.202.270 and earlier for Linux'", "cisaExploitAdd": "2024-09-17", @@ -21,6 +21,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -57,6 +79,16 @@ "value": "CWE-264" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] } ], "configurations": [ diff --git a/CVE-2013/CVE-2013-06xx/CVE-2013-0648.json b/CVE-2013/CVE-2013-06xx/CVE-2013-0648.json index 1055119762b..56d55c45248 100644 --- a/CVE-2013/CVE-2013-06xx/CVE-2013-0648.json +++ b/CVE-2013/CVE-2013-06xx/CVE-2013-0648.json @@ -2,8 +2,8 @@ "id": "CVE-2013-0648", "sourceIdentifier": "psirt@adobe.com", "published": "2013-02-27T00:55:01.160", - "lastModified": "2024-09-18T01:00:01.007", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:35:02.327", + "vulnStatus": "Modified", "cveTags": [], "evaluatorImpact": "Per: http://www.adobe.com/support/security/bulletins/apsb13-08.html\r\n\r\n'Flash Player 11.6.602.168 and earlier versions for Windows \r\nFlash Player 11.6.602.167 and earlier versions for Macintosh\r\nFlash Player 11.2.202.270 and earlier for Linux'", "cisaExploitAdd": "2024-09-17", @@ -21,6 +21,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", diff --git a/CVE-2014/CVE-2014-04xx/CVE-2014-0497.json b/CVE-2014/CVE-2014-04xx/CVE-2014-0497.json index 210f36e879c..02b0ef8379e 100644 --- a/CVE-2014/CVE-2014-04xx/CVE-2014-0497.json +++ b/CVE-2014/CVE-2014-04xx/CVE-2014-0497.json @@ -2,8 +2,8 @@ "id": "CVE-2014-0497", "sourceIdentifier": "psirt@adobe.com", "published": "2014-02-05T05:15:29.897", - "lastModified": "2024-09-18T01:00:01.007", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:35:02.543", + "vulnStatus": "Modified", "cveTags": [], "cisaExploitAdd": "2024-09-17", "cisaActionDue": "2024-10-08", @@ -20,6 +20,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -56,6 +78,16 @@ "value": "CWE-189" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] } ], "configurations": [ diff --git a/CVE-2014/CVE-2014-05xx/CVE-2014-0502.json b/CVE-2014/CVE-2014-05xx/CVE-2014-0502.json index fd8b47261d3..a9dc057f0b3 100644 --- a/CVE-2014/CVE-2014-05xx/CVE-2014-0502.json +++ b/CVE-2014/CVE-2014-05xx/CVE-2014-0502.json @@ -2,8 +2,8 @@ "id": "CVE-2014-0502", "sourceIdentifier": "psirt@adobe.com", "published": "2014-02-21T05:07:00.017", - "lastModified": "2024-09-18T01:00:01.007", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:35:03.393", + "vulnStatus": "Modified", "cveTags": [], "cisaExploitAdd": "2024-09-17", "cisaActionDue": "2024-10-08", @@ -20,6 +20,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -56,6 +78,16 @@ "value": "CWE-399" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-415" + } + ] } ], "configurations": [ diff --git a/CVE-2019/CVE-2019-10xx/CVE-2019-1069.json b/CVE-2019/CVE-2019-10xx/CVE-2019-1069.json index cf11e30eff1..99b1d72ad8c 100644 --- a/CVE-2019/CVE-2019-10xx/CVE-2019-1069.json +++ b/CVE-2019/CVE-2019-10xx/CVE-2019-1069.json @@ -2,8 +2,8 @@ "id": "CVE-2019-1069", "sourceIdentifier": "secure@microsoft.com", "published": "2019-06-12T14:29:04.337", - "lastModified": "2020-08-24T17:37:01.140", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:35:04.250", + "vulnStatus": "Modified", "cveTags": [], "cisaExploitAdd": "2022-03-15", "cisaActionDue": "2022-04-05", @@ -20,6 +20,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "nvd@nist.gov", @@ -78,6 +100,16 @@ "value": "CWE-59" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] } ], "configurations": [ diff --git a/CVE-2021/CVE-2021-349xx/CVE-2021-34999.json b/CVE-2021/CVE-2021-349xx/CVE-2021-34999.json index 8416f68eea0..64748829608 100644 --- a/CVE-2021/CVE-2021-349xx/CVE-2021-34999.json +++ b/CVE-2021/CVE-2021-349xx/CVE-2021-34999.json @@ -2,13 +2,13 @@ "id": "CVE-2021-34999", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-07T23:15:13.750", - "lastModified": "2024-05-08T13:15:00.690", + "lastModified": "2024-09-18T19:15:18.903", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14540." + "value": "OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.\n. Was ZDI-CAN-14540." }, { "lang": "es", diff --git a/CVE-2021/CVE-2021-350xx/CVE-2021-35000.json b/CVE-2021/CVE-2021-350xx/CVE-2021-35000.json index bc6f37d3238..f30fb1d046c 100644 --- a/CVE-2021/CVE-2021-350xx/CVE-2021-35000.json +++ b/CVE-2021/CVE-2021-350xx/CVE-2021-35000.json @@ -2,13 +2,13 @@ "id": "CVE-2021-35000", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-07T23:15:13.937", - "lastModified": "2024-05-08T13:15:00.690", + "lastModified": "2024-09-18T19:15:19.030", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-16112." + "value": "OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.\n. Was ZDI-CAN-16112." }, { "lang": "es", diff --git a/CVE-2022/CVE-2022-228xx/CVE-2022-22834.json b/CVE-2022/CVE-2022-228xx/CVE-2022-22834.json index 3da72d3eb90..883fd124712 100644 --- a/CVE-2022/CVE-2022-228xx/CVE-2022-22834.json +++ b/CVE-2022/CVE-2022-228xx/CVE-2022-22834.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22834", "sourceIdentifier": "cve@mitre.org", "published": "2022-03-10T17:45:41.130", - "lastModified": "2022-09-03T03:51:56.070", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:15:19.130", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -117,6 +117,10 @@ "Product", "Vendor Advisory" ] + }, + { + "url": "https://www.overit.ai/product/nextgen-fsm/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-228xx/CVE-2022-22835.json b/CVE-2022/CVE-2022-228xx/CVE-2022-22835.json index 27865cff594..e290905fcdf 100644 --- a/CVE-2022/CVE-2022-228xx/CVE-2022-22835.json +++ b/CVE-2022/CVE-2022-228xx/CVE-2022-22835.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22835", "sourceIdentifier": "cve@mitre.org", "published": "2022-03-10T17:45:41.647", - "lastModified": "2022-09-03T03:55:46.813", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:15:19.247", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -117,6 +117,10 @@ "Product", "Vendor Advisory" ] + }, + { + "url": "https://www.overit.ai/product/nextgen-fsm/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27323.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27323.json index 32d0c2876ec..68c700ddb2e 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27323.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27323.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27323", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:08.463", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.327", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-18150." + "value": "Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-18150." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27324.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27324.json index ca48d1c2e30..247b7d61cee 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27324.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27324.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27324", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:08.673", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.447", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-18229." + "value": "Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-18229." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27325.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27325.json index 5de37a70b69..ad70de1fa3f 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27325.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27325.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27325", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:08.847", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.537", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-18253." + "value": "Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-18253." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27326.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27326.json index efe97dce404..9e502380ef4 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27326.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27326.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27326", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:09.023", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.627", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18933." + "value": "Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system.\n. Was ZDI-CAN-18933." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27332.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27332.json index 8fffb547862..aa7e0341365 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27332.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27332.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27332", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:10.103", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.710", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the logging functionality of the tdpServer program, which listens on UDP port 20002. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19898." + "value": "TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the logging functionality of the tdpServer program, which listens on UDP port 20002. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19898." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27333.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27333.json index 9b3230bfcc8..833805d1494 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27333.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27333.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27333", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:10.273", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.800", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of command 0x422 provided to the tmpServer service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19905." + "value": "TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of command 0x422 provided to the tmpServer service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19905." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27346.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27346.json index b0ee27eec7c..8cb03afadc3 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27346.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27346.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27346", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:12.623", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.883", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of firmware images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19703." + "value": "TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the parsing of firmware images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19703." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27359.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27359.json index 0093e3c7a09..890171fd788 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27359.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27359.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27359", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:13.833", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:19.970", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. Was ZDI-CAN-19664." + "value": "TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user.\n. Was ZDI-CAN-19664." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27364.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27364.json index 86ae06139f7..5af322884a6 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27364.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27364.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27364", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:14.710", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.070", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XLS files. The issue results from the lack of proper restrictions on macro-enabled documents. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19738." + "value": "Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XLS files. The issue results from the lack of proper restrictions on macro-enabled documents. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-19738." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27365.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27365.json index 378999ad5f6..0b1ebd92c9f 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27365.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27365.json @@ -2,13 +2,13 @@ "id": "CVE-2023-27365", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:14.880", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.230", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DOC files. The issue results from the lack of proper restrictions on macro-enabled documents. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19739." + "value": "Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DOC files. The issue results from the lack of proper restrictions on macro-enabled documents. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-19739." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28451.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28451.json index 49b5aa8695e..fdf83b1db81 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28451.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28451.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28451", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T15:15:13.900", - "lastModified": "2024-09-18T15:15:13.900", + "lastModified": "2024-09-18T19:35:05.387", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing DoS (denial of service) for normal resolution. The effects of an exploit would be widespread and highly impactful, because the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3.", diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28455.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28455.json index d242ee5db95..53d141d8a96 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28455.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28455.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28455", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T15:15:14.020", - "lastModified": "2024-09-18T15:15:14.020", + "lastModified": "2024-09-18T18:35:01.490", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue was discovered in Technitium through 11.0.2. The forwarding mode enables attackers to create a query loop using Technitium resolvers, launching amplification attacks and causing potential DoS." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-406" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3", diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28456.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28456.json index 2cdd4716ce6..9ae27d90fc7 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28456.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28456.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28456", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T15:15:14.083", - "lastModified": "2024-09-18T15:15:14.083", + "lastModified": "2024-09-18T18:35:02.367", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue was discovered in Technitium through 11.0.2. It enables attackers to launch amplification attacks (3 times more than other \"golden model\" software like BIND) and cause potential DoS." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-406" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3", diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28457.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28457.json index eecac73fe0d..c15c3aef647 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28457.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28457.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28457", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T15:15:14.143", - "lastModified": "2024-09-18T15:15:14.143", + "lastModified": "2024-09-18T18:35:03.190", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache poisoning attack and inject fake responses within 1 second, which is impactful." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32136.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32136.json index a99cf98cea8..d77dd5f4857 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32136.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32136.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32136", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:16.860", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.357", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18414." + "value": "D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:menu parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18414." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32137.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32137.json index ec04ca64672..5bfb48d2784 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32137.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32137.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32137", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:17.040", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.510", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-18415." + "value": "D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root.\n. Was ZDI-CAN-18415." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32138.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32138.json index 3567ac9ec72..34e8dc40e02 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32138.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32138.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32138", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:17.217", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.617", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18416." + "value": "D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18416." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32139.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32139.json index 0064f07e227..5d7c29c8baa 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32139.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32139.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32139", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:17.400", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.703", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18417." + "value": "D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18417." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32140.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32140.json index 920f97a7150..ebc08e4166c 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32140.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32140.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32140", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:17.567", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.780", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18418." + "value": "D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing the var:sys_Token parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18418." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32141.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32141.json index cf7179f43fa..247f2d262e2 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32141.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32141.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32141", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:17.730", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.870", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18419." + "value": "D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the getpage and errorpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18419." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32142.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32142.json index bf3266bd91d..6c8da8225f9 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32142.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32142.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32142", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:17.893", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:20.953", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18422." + "value": "D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. When parsing the var:page parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18422." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32143.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32143.json index 5d8b8bf8c7d..86dfddaf038 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32143.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32143.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32143", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:18.053", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.037", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18423." + "value": "D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18423." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32144.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32144.json index c085be6cfeb..cc75dc092c2 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32144.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32144.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32144", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:18.227", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.130", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18454." + "value": "D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18454." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32145.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32145.json index 3e367c5c18b..900bbb89d6c 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32145.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32145.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32145", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:18.390", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.213", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-18455." + "value": "D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of login requests to the web-based user interface. The firmware contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-18455." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32146.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32146.json index 151a8dcdd35..688e006be4e 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32146.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32146.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32146", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:18.553", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.320", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18746." + "value": "D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage parameters, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-18746." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32147.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32147.json index 39ba72a557e..7e318ab57ef 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32147.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32147.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32147", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:18.770", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.437", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the LocalIPAddress parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19544." + "value": "D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the LocalIPAddress parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19544." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32148.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32148.json index a6aaa6f8bb9..670883a9076 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32148.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32148.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32148", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:18.940", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.547", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A crafted XML element in the login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19545." + "value": "D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A crafted XML element in the login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-19545." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32149.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32149.json index 6a2583ea646..7edfd45fd63 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32149.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32149.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32149", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:19.113", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.660", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19546." + "value": "D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19546." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32150.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32150.json index 927f31ad5c0..d09bbd1d0c4 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32150.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32150.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32150", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:19.280", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.757", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DIR-2640 PrefixLen Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the PrefixLen parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19547." + "value": "D-Link DIR-2640 PrefixLen Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the PrefixLen parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19547." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32151.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32151.json index 08d46e0edcc..259b42f8c31 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32151.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32151.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32151", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:19.500", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.847", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DIR-2640 DestNetwork Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the DestNetwork parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19548." + "value": "D-Link DIR-2640 DestNetwork Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the DestNetwork parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19548." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32152.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32152.json index 9944c70c1ae..aa610b8aa71 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32152.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32152.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32152", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:19.670", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:21.937", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19549." + "value": "D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web management interface, which listens on TCP port 80 by default. A specially crafted login request can cause authentication to succeed without providing proper credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-19549." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32153.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32153.json index 831ad40e5c5..e635d572d5a 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32153.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32153.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32153", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:19.840", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.053", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the EmailFrom parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19550." + "value": "D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the EmailFrom parameter provided to the HNAP1 endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19550." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32154.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32154.json index f35fc715dce..05b387bb7dd 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32154.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32154.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32154", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:20.020", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.150", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19797." + "value": "Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19797." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32155.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32155.json index b942b76891c..8b325bb7856 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32155.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32155.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32155", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:20.187", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.247", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this vulnerability.\n\nThe specific flaw exists within the bcmdhd driver. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-20733." + "value": "Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this vulnerability.\n\nThe specific flaw exists within the bcmdhd driver. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.\n. Was ZDI-CAN-20733." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32156.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32156.json index b29452dee15..3b81935478e 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32156.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32156.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32156", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:20.353", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.330", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of firmware updates. The issue results from improper error-handling during the update process. An attacker can leverage this vulnerability to execute code in the context of Tesla's Gateway ECU. Was ZDI-CAN-20734." + "value": "Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of firmware updates. The issue results from improper error-handling during the update process. An attacker can leverage this vulnerability to execute code in the context of Tesla's Gateway ECU.\n. Was ZDI-CAN-20734." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32157.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32157.json index 3be49b69a3f..11fac105cb3 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32157.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32157.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32157", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:20.517", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.430", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the bsa_server process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of an unprivileged user in a sandboxed process. Was ZDI-CAN-20737." + "value": "Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the bsa_server process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of an unprivileged user in a sandboxed process.\n. Was ZDI-CAN-20737." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32167.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32167.json index 43697d28cf7..e92070feaf8 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32167.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32167.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32167", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:21.880", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.740", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability. This vulnerability allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the uploadMib function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create or delete files in the context of SYSTEM. Was ZDI-CAN-19529." + "value": "D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability. This vulnerability allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the uploadMib function. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create or delete files in the context of SYSTEM.\n. Was ZDI-CAN-19529." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32168.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32168.json index 1b17f5e64a1..97b2e61cbdb 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32168.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32168.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32168", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:22.060", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.827", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the showUser method. The issue results from the lack of proper authorization before accessing a privileged endpoint. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-19534." + "value": "D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the showUser method. The issue results from the lack of proper authorization before accessing a privileged endpoint. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.\n. Was ZDI-CAN-19534." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32169.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32169.json index a907639644f..9798df2c464 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32169.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32169.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32169", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:22.230", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.913", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TokenUtils class. The issue results from a hard-coded cryptographic key. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19659." + "value": "D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TokenUtils class. The issue results from a hard-coded cryptographic key. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-19659." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32173.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32173.json index fc203397cae..741985ad3ee 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32173.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32173.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32173", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:22.940", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:22.993", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. . Was ZDI-CAN-20576." + "value": "Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted into an XML configuration file. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the system. \n. Was ZDI-CAN-20576." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32174.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32174.json index 953cb5f986b..31c2df70052 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32174.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32174.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32174", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:23.107", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.087", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20577." + "value": "Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.\n\nThe specific flaw exists within the handling of NodeManagerOpcUa objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-20577." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32176.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32176.json index ae60e8c586f..8faefd385e8 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32176.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32176.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32176", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:23.457", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.183", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the SetPrivateConfig method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-19394." + "value": "VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the SetPrivateConfig method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-19394." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32177.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32177.json index 724f0119c43..00ded765695 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32177.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32177.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32177", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:23.660", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.270", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the DeleteHistoryFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-19395." + "value": "VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the DeleteHistoryFile method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-19395." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32178.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32178.json index 7b7ec0e3690..872d75c5352 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32178.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32178.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32178", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:23.830", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.360", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the TelFileTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-19396." + "value": "VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the TelFileTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-19396." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32179.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32179.json index d9f45591c63..ec2a85f80b3 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32179.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32179.json @@ -2,13 +2,13 @@ "id": "CVE-2023-32179", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:24.003", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.443", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the FPQuarTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-19397." + "value": "VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Antivirus Plus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the FPQuarTransfer method. By creating a symbolic link, an attacker can abuse the method to delete arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-19397." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34286.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34286.json index a4d170597dd..4a1d990a527 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34286.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34286.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34286", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:28.417", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.527", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17891." + "value": "Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17891." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34287.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34287.json index e2e497c2ff5..77b8f32b998 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34287.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34287.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34287", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:28.587", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.607", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17892." + "value": "Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17892." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34288.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34288.json index b2b11ccbbeb..1eb993173cb 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34288.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34288.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34288", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:28.753", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.693", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt XE File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17966." + "value": "Ashlar-Vellum Cobalt XE File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17966." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34289.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34289.json index d4600e94639..a809ae1efc4 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34289.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34289.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34289", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:28.953", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.773", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17985." + "value": "Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17985." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34290.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34290.json index f7c600d19ef..090ba5deb1c 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34290.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34290.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34290", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:29.130", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.850", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18007." + "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18007." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34291.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34291.json index fbd5f1a0a29..416051376cf 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34291.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34291.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34291", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:29.290", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.923", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18401." + "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18401." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34292.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34292.json index cf333b803cd..12b79a21d2f 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34292.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34292.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34292", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:29.470", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:23.997", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18552." + "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18552." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34293.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34293.json index ddbdbbaa05e..d614ab1b3c3 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34293.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34293.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34293", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:29.677", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.073", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18636." + "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18636." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34299.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34299.json index b50e98a523a..df8d3ac28fa 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34299.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34299.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34299", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:30.693", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.153", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17910." + "value": "Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17910." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34300.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34300.json index 37592518936..74bb0b8458f 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34300.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34300.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34300", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:30.863", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.230", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17948." + "value": "Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17948." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34301.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34301.json index 56b2b8324b5..b17c4698fde 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34301.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34301.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34301", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:31.030", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.310", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17909." + "value": "Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17909." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34302.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34302.json index eb95009f893..7a4b2a7858d 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34302.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34302.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34302", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:31.207", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.387", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17865." + "value": "Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17865." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34303.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34303.json index d838c6a6135..d01363df48b 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34303.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34303.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34303", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:31.383", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.480", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17987." + "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17987." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34304.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34304.json index f79f5bc48ca..99ff671bec2 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34304.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34304.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34304", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:31.553", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.587", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of IGS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18006." + "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of IGS files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18006." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34305.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34305.json index 7419dd04832..b180ec9f8c3 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34305.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34305.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34305", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:31.720", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.673", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18637." + "value": "Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B or X_T files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18637." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34306.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34306.json index e6270d87315..fdbf983e1d8 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34306.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34306.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34306", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:31.893", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.760", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18908." + "value": "Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18908." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34307.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34307.json index 31b3f6cb4f0..bb0d3b7150a 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34307.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34307.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34307", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:32.063", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.837", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18910." + "value": "Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18910." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34308.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34308.json index e7ab0731e51..198f4c82b33 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34308.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34308.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34308", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:32.230", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.920", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18913." + "value": "Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18913." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34309.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34309.json index 4f08f5d6c5b..39bdeef741f 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34309.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34309.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34309", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:32.393", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:24.997", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19876." + "value": "Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-19876." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34310.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34310.json index 8b788ee5dee..99ec9918c1c 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34310.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34310.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34310", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:32.577", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.080", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19878." + "value": "Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-19878." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34311.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34311.json index 42169f0dac6..6794cdf82cf 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34311.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34311.json @@ -2,13 +2,13 @@ "id": "CVE-2023-34311", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:32.753", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.160", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19879." + "value": "Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-19879." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35709.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35709.json index a9f13fde9a5..a7a3ec545bb 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35709.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35709.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35709", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:32.923", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.280", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19928." + "value": "Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-19928." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35710.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35710.json index 3864505f891..6868fbe8715 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35710.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35710.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35710", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:33.090", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.363", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19956." + "value": "Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-19956." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35711.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35711.json index 9611395ecf3..3022d96c85f 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35711.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35711.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35711", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:33.263", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.443", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20189." + "value": "Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20189." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35712.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35712.json index 3e1c648ff09..bc5501625b2 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35712.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35712.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35712", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:33.447", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.530", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20200." + "value": "Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20200." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35713.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35713.json index 76195a7b1e8..775fe2c3db9 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35713.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35713.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35713", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:33.610", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.610", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20201." + "value": "Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20201." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35714.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35714.json index f132ac37c26..a685746f90e 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35714.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35714.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35714", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:33.773", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.693", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of IGS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18005." + "value": "Ashlar-Vellum Cobalt IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of IGS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-18005." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35715.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35715.json index 602e1ce02da..d172e9919a6 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35715.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35715.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35715", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:33.947", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.787", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20408." + "value": "Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20408." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35716.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35716.json index 5394e61a495..2e6fe1d58df 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35716.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35716.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35716", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:34.120", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.880", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20417." + "value": "Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20417." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35717.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35717.json index 18640193734..94ad7eaa1cf 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35717.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35717.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35717", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:34.287", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:25.973", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the password recovery mechanism. The issue results from reliance upon the secrecy of the password derivation algorithm when generating a recovery password. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20484." + "value": "TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the password recovery mechanism. The issue results from reliance upon the secrecy of the password derivation algorithm when generating a recovery password. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-20484." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35718.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35718.json index dc5bc339537..1eff9d97084 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35718.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35718.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35718", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:34.457", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:26.060", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Change ID Password Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20061." + "value": "D-Link DAP-2622 DDP Change ID Password Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20061." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35724.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35724.json index 62f1ebb0632..e60db749994 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35724.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35724.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35724", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:35.313", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:26.150", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the CLI service, which listens on TCP port 23. The server program contains hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20050." + "value": "D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the CLI service, which listens on TCP port 23. The server program contains hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-20050." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35725.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35725.json index a36027bb00a..98a7f30f829 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35725.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35725.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35725", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:35.477", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:26.243", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20052." + "value": "D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20052." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35726.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35726.json index a62f10846dc..925e414d059 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35726.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35726.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35726", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:35.650", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:26.327", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP User Verification Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20053." + "value": "D-Link DAP-2622 DDP User Verification Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20053." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35727.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35727.json index 5ac017baad1..ba60fea3d2d 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35727.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35727.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35727", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:35.823", - "lastModified": "2024-05-03T12:50:34.250", + "lastModified": "2024-09-18T19:15:26.420", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Reboot Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20054." + "value": "D-Link DAP-2622 DDP Reboot Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20054." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35728.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35728.json index 7b9ebb0f016..5055f4a542a 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35728.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35728.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35728", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:35.983", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:26.597", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Reboot Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20055." + "value": "D-Link DAP-2622 DDP Reboot Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20055." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35729.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35729.json index 549bbbb0d1e..f7ec6ab4207 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35729.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35729.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35729", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:36.143", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:26.690", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Reset Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20056." + "value": "D-Link DAP-2622 DDP Reset Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20056." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35730.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35730.json index 7260261d6e0..1d35d3200f4 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35730.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35730.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35730", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:36.307", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:26.783", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Reset Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20057." + "value": "D-Link DAP-2622 DDP Reset Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20057." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35731.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35731.json index 631de5f57d9..02a908e4b8f 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35731.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35731.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35731", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:36.480", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:26.877", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Reset Factory Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20058." + "value": "D-Link DAP-2622 DDP Reset Factory Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20058." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35732.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35732.json index d9c0cb0c157..c7192694cf8 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35732.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35732.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35732", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:36.650", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:26.963", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Reset Factory Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20059." + "value": "D-Link DAP-2622 DDP Reset Factory Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20059." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35733.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35733.json index 35cb0343eef..e7906d70241 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35733.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35733.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35733", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:36.803", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.057", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20060." + "value": "D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20060." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35735.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35735.json index d22f889608c..5597d1a452f 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35735.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35735.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35735", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:37.133", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.140", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Change ID Password New Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20062." + "value": "D-Link DAP-2622 DDP Change ID Password New Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20062." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35736.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35736.json index 7508e4f2efe..0a4b1d57537 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35736.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35736.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35736", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:37.293", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.230", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Change ID Password New Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20063." + "value": "D-Link DAP-2622 DDP Change ID Password New Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20063." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35737.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35737.json index 4aa4cabcac3..0e6fc506fee 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35737.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35737.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35737", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:37.457", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.337", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Backup Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20064." + "value": "D-Link DAP-2622 DDP Configuration Backup Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20064." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35738.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35738.json index f87701ed0c9..ab1e983cb0b 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35738.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35738.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35738", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:37.657", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.423", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Backup Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20065." + "value": "D-Link DAP-2622 DDP Configuration Backup Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20065." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35739.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35739.json index 9021ca98690..5f25cbf2e7e 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35739.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35739.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35739", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:37.823", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.507", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Backup Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20066." + "value": "D-Link DAP-2622 DDP Configuration Backup Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20066." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35740.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35740.json index a6d7278a474..30ae3bed9d2 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35740.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35740.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35740", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:38.003", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.600", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Backup Server Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20067." + "value": "D-Link DAP-2622 DDP Configuration Backup Server Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20067." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35741.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35741.json index 5fb74a2dac4..04b4c9f17ed 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35741.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35741.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35741", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:38.160", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.700", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20068." + "value": "D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20068." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35742.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35742.json index ae008a2da5c..e4a3e11c3d1 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35742.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35742.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35742", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:38.327", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.803", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20069." + "value": "D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20069." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35744.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35744.json index 86ec4860636..3f38cd898e6 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35744.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35744.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35744", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:38.663", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:27.903", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20071." + "value": "D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20071." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35745.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35745.json index d5f78587da2..44c74901bf8 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35745.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35745.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35745", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:38.827", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.000", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Configuration Restore Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20073." + "value": "D-Link DAP-2622 DDP Configuration Restore Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20073." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35746.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35746.json index deac58d4d4c..1892557400d 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35746.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35746.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35746", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:39.000", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.100", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Firmware Upgrade Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20074." + "value": "D-Link DAP-2622 DDP Firmware Upgrade Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20074." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35747.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35747.json index 57f57f7fd01..8c23e67f86e 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35747.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35747.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35747", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:39.203", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.190", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Firmware Upgrade Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20075." + "value": "D-Link DAP-2622 DDP Firmware Upgrade Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20075." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35748.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35748.json index 9e4acce361c..4cfd5ca8dcf 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35748.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35748.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35748", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-07T23:15:15.947", - "lastModified": "2024-05-08T13:15:00.690", + "lastModified": "2024-09-18T19:15:28.280", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20076." + "value": "D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20076." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35749.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35749.json index a3068164fb2..a5582c1322e 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35749.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35749.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35749", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-07T23:15:16.120", - "lastModified": "2024-05-08T13:15:00.690", + "lastModified": "2024-09-18T19:15:28.383", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20077." + "value": "D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20077." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35750.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35750.json index a33e95554f4..0fc05fa5e8d 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35750.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35750.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35750", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:39.367", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.467", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-20078." + "value": "D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.\n. Was ZDI-CAN-20078." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35751.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35751.json index 94bc6d793cd..784573359b0 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35751.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35751.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35751", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:39.537", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.560", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20079." + "value": "D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20079." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35752.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35752.json index d5653130201..7c999b012e6 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35752.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35752.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35752", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:39.703", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.653", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set AG Profile Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20080." + "value": "D-Link DAP-2622 DDP Set AG Profile Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20080." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35753.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35753.json index 91f09dd87bc..bf5307bc562 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35753.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35753.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35753", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:39.867", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.730", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20081." + "value": "D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20081." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35754.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35754.json index 7e41f0edf5c..d36ced82659 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35754.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35754.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35754", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:40.037", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.800", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set AG Profile NMS URL Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20082." + "value": "D-Link DAP-2622 DDP Set AG Profile NMS URL Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20082." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35755.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35755.json index 5bde9a6145f..5a57cc69536 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35755.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35755.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35755", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:40.217", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.890", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Date-Time Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20083." + "value": "D-Link DAP-2622 DDP Set Date-Time Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20083." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35756.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35756.json index a1e85b68cec..37760333f78 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35756.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35756.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35756", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:40.390", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:28.970", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Date-Time Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20084." + "value": "D-Link DAP-2622 DDP Set Date-Time Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20084." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35757.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35757.json index 093f4dfdc83..6a8ad28948d 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35757.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35757.json @@ -2,13 +2,13 @@ "id": "CVE-2023-35757", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-07T23:15:16.290", - "lastModified": "2024-05-08T13:15:00.690", + "lastModified": "2024-09-18T19:15:29.047", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20085." + "value": "D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20085." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-365xx/CVE-2023-36539.json b/CVE-2023/CVE-2023-365xx/CVE-2023-36539.json index 6f0973a0824..a98ff27f4f3 100644 --- a/CVE-2023/CVE-2023-365xx/CVE-2023-36539.json +++ b/CVE-2023/CVE-2023-365xx/CVE-2023-36539.json @@ -2,13 +2,13 @@ "id": "CVE-2023-36539", "sourceIdentifier": "security@zoom.us", "published": "2023-06-30T03:15:09.747", - "lastModified": "2023-07-10T13:29:00.263", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:15:29.133", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "\nExposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.\n\n" + "value": "Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information." }, { "lang": "es", @@ -69,6 +69,20 @@ "value": "CWE-326" } ] + }, + { + "source": "security@zoom.us", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + }, + { + "lang": "en", + "value": "CWE-325" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36843.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36843.json index bc5c702e81b..b7ac9267312 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36843.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36843.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36843", "sourceIdentifier": "sirt@juniper.net", "published": "2023-10-12T23:15:11.053", - "lastModified": "2023-10-17T15:58:59.760", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T18:35:04.447", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -79,6 +79,16 @@ "value": "CWE-168" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-168" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37310.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37310.json index 060d0a88cf7..e701c299cf0 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37310.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37310.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37310", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:40.560", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:29.350", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Device Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20087." + "value": "D-Link DAP-2622 DDP Set Device Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20087." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37311.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37311.json index 444bd9fe07a..1ed6c6480f2 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37311.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37311.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37311", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:40.737", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:29.457", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20088." + "value": "D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20088." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37312.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37312.json index a37f6e0493c..307ce4b9b16 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37312.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37312.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37312", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:40.900", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:29.550", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20089." + "value": "D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20089." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37313.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37313.json index b130654b5b2..ccb2476d61f 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37313.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37313.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37313", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:41.063", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:29.647", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20090." + "value": "D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20090." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37314.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37314.json index 616fad93a36..6fb41249ef9 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37314.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37314.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37314", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:41.233", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:29.750", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv6 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20092." + "value": "D-Link DAP-2622 DDP Set IPv6 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20092." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37315.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37315.json index 39108cb7efd..3fd013a65ff 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37315.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37315.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37315", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:41.407", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:29.853", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv6 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20093." + "value": "D-Link DAP-2622 DDP Set IPv6 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20093." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37316.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37316.json index 78d4a6ab1e3..ef51dfbfa81 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37316.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37316.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37316", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:41.577", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:29.933", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv6 Address Default Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20094." + "value": "D-Link DAP-2622 DDP Set IPv6 Address Default Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20094." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37317.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37317.json index e86c40c2d5f..d0ea93f9dfe 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37317.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37317.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37317", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:41.750", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.013", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20095." + "value": "D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20095." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37318.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37318.json index 11f15011530..09e8e74af15 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37318.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37318.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37318", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:41.917", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.103", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv6 Address Secondary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20096." + "value": "D-Link DAP-2622 DDP Set IPv6 Address Secondary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20096." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37319.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37319.json index 4242bab1329..558c5851774 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37319.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37319.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37319", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:42.080", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.193", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20097." + "value": "D-Link DAP-2622 DDP Set IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20097." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37320.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37320.json index 49d001490a2..4080f432242 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37320.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37320.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37320", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:42.270", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.270", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set SSID List SSID Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20098." + "value": "D-Link DAP-2622 DDP Set SSID List SSID Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20098." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37321.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37321.json index 78e15c1f7af..7af503b3a94 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37321.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37321.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37321", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:42.437", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.363", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set SSID List RADIUS Secret Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20099." + "value": "D-Link DAP-2622 DDP Set SSID List RADIUS Secret Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20099." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37322.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37322.json index 8b14463147b..a83e2116be7 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37322.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37322.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37322", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:42.603", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.450", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20100." + "value": "D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20100." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37323.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37323.json index beb056d3519..73bcd61e9af 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37323.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37323.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37323", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:42.777", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.540", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20101." + "value": "D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20101." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37324.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37324.json index 9c3826aadcf..918cf679f80 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37324.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37324.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37324", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:42.937", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.620", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20102." + "value": "D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20102." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37325.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37325.json index dc93a852138..0519ae24b4c 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37325.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37325.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37325", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-07T23:15:16.497", - "lastModified": "2024-05-08T13:15:00.690", + "lastModified": "2024-09-18T19:15:30.727", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to manipulate wireless authentication settings. Was ZDI-CAN-20104." + "value": "D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to manipulate wireless authentication settings.\n. Was ZDI-CAN-20104." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37326.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37326.json index 148c7c8ed02..7fb03e38a78 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37326.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37326.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37326", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:43.100", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.840", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20103." + "value": "D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20103." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37328.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37328.json index 64b3edc7778..f0b9e4827f4 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37328.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37328.json @@ -2,13 +2,13 @@ "id": "CVE-2023-37328", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:43.450", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:30.930", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20994." + "value": "GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20994." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38096.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38096.json index 0c455702a05..3d9616749d1 100644 --- a/CVE-2023/CVE-2023-380xx/CVE-2023-38096.json +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38096.json @@ -2,13 +2,13 @@ "id": "CVE-2023-38096", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:52.070", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:31.103", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the MyHandlerInterceptor class. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19718." + "value": "NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the MyHandlerInterceptor class. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-19718." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38101.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38101.json index d65d4415e1c..9f73460f039 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38101.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38101.json @@ -2,13 +2,13 @@ "id": "CVE-2023-38101", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:52.977", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:31.407", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the SettingConfigController class. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19725." + "value": "NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the SettingConfigController class. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19725." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38120.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38120.json index ec1664d34be..2f3fb679b89 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38120.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38120.json @@ -2,13 +2,13 @@ "id": "CVE-2023-38120", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T02:15:56.207", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:31.567", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the ping command, which is available over JSON-RPC. A crafted host parameter can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20525." + "value": "Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the ping command, which is available over JSON-RPC. A crafted host parameter can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20525." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-394xx/CVE-2023-39473.json b/CVE-2023/CVE-2023-394xx/CVE-2023-39473.json index 25cb40d86ae..a1977b2c672 100644 --- a/CVE-2023/CVE-2023-394xx/CVE-2023-39473.json +++ b/CVE-2023/CVE-2023-394xx/CVE-2023-39473.json @@ -2,13 +2,13 @@ "id": "CVE-2023-39473", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:13.243", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:31.690", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the AbstractGatewayFunction class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17587." + "value": "Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the AbstractGatewayFunction class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-17587." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-394xx/CVE-2023-39474.json b/CVE-2023/CVE-2023-394xx/CVE-2023-39474.json index 039f69f4205..64e62325e74 100644 --- a/CVE-2023/CVE-2023-394xx/CVE-2023-39474.json +++ b/CVE-2023/CVE-2023-394xx/CVE-2023-39474.json @@ -2,13 +2,13 @@ "id": "CVE-2023-39474", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:13.403", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:31.827", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the downloadLaunchClientJar function. The issue results from the lack of validating a remote JAR file prior to loading it. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19915." + "value": "Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must connect to a malicious server.\n\nThe specific flaw exists within the downloadLaunchClientJar function. The issue results from the lack of validating a remote JAR file prior to loading it. An attacker can leverage this vulnerability to execute code in the context of the current user.\n. Was ZDI-CAN-19915." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40474.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40474.json index 538bc374f33..2e0042675b1 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40474.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40474.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40474", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:19.967", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:31.953", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21660." + "value": "GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21660." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40475.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40475.json index 357db2c48a7..326d7950072 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40475.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40475.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40475", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:20.137", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:32.043", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21661." + "value": "GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21661." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40476.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40476.json index 83e2ca789fd..aa2e521934e 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40476.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40476.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40476", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:20.303", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:32.137", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of H265 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21768." + "value": "GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of H265 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21768." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40492.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40492.json index 70c3e987a1e..8ef2edf3413 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40492.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40492.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40492", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:22.933", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:32.220", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the deleteCheckSession method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-19919." + "value": "LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the deleteCheckSession method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM.\n. Was ZDI-CAN-19919." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40493.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40493.json index f1b6c2c4f7e..ce3fd15c86b 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40493.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40493.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40493", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:23.120", - "lastModified": "2024-05-03T12:50:12.213", + "lastModified": "2024-09-18T19:15:32.303", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copySessionFolder command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19920." + "value": "LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copySessionFolder command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19920." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40494.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40494.json index 762a7e872e6..31e35995733 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40494.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40494.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40494", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:23.303", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:32.390", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the deleteFolder method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-19921." + "value": "LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the deleteFolder method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM.\n. Was ZDI-CAN-19921." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40495.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40495.json index 6d1846ebb84..42f75f5bc72 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40495.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40495.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40495", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:23.477", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:32.477", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the copyTemplateAll method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-19922." + "value": "LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the copyTemplateAll method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-19922." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40496.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40496.json index 7a254bddaa9..08f37cbe145 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40496.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40496.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40496", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:23.670", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:32.573", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor copyStickerContent Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyStickerContent command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-19923." + "value": "LG Simple Editor copyStickerContent Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyStickerContent command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-19923." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40497.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40497.json index 3d4b42036a8..0fbf0888356 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40497.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40497.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40497", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:23.853", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:32.663", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the saveXml command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19924." + "value": "LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the saveXml command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19924." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40498.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40498.json index 81b14123392..71947ad272f 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40498.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40498.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40498", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:24.027", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:32.760", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the cp command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19925." + "value": "LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the cp command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19925." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40499.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40499.json index 0936686d9e8..8a7145a8b5a 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40499.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40499.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40499", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:24.200", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:32.850", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the mkdir command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-19926." + "value": "LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the mkdir command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM.\n. Was ZDI-CAN-19926." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40500.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40500.json index bab793b8980..26987ba84db 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40500.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40500.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40500", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:24.400", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:32.940", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19944." + "value": "LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19944." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40501.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40501.json index e40f1a59f98..9cd30db3647 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40501.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40501.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40501", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:24.590", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.027", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19945." + "value": "LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19945." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40502.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40502.json index 46024b4f68e..cd4270583f7 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40502.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40502.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40502", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:24.760", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.120", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the cropImage command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-19951." + "value": "LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the cropImage command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM.\n. Was ZDI-CAN-19951." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40503.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40503.json index 2756861025e..897e77c02b5 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40503.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40503.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40503", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:24.930", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.210", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the saveXmlFile method. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-19952." + "value": "LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the saveXmlFile method. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-19952." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40504.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40504.json index 348456dda45..103f7da5fe6 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40504.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40504.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40504", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:25.110", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.313", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19953." + "value": "LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19953." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40505.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40505.json index 7ac32ddb2df..eec3c1ec627 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40505.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40505.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40505", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:25.287", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.397", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the createThumbnailByMovie method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19978." + "value": "LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the createThumbnailByMovie method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n. Was ZDI-CAN-19978." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40506.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40506.json index 6b581b19af7..f2b0a59cc24 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40506.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40506.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40506", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:25.470", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.487", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-20005." + "value": "LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-20005." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40507.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40507.json index fd98052c57c..792c315d5d4 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40507.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40507.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40507", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:25.643", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.577", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-20006." + "value": "LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the copyContent command. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-20006." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40508.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40508.json index f927130d54f..080e413a706 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40508.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40508.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40508", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:25.823", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.673", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the putCanvasDB method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-20010." + "value": "LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the putCanvasDB method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM.\n. Was ZDI-CAN-20010." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40509.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40509.json index 7ad5e3777f8..3980934b793 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40509.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40509.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40509", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:25.993", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.753", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the deleteCanvas method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-20011." + "value": "LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the deleteCanvas method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM.\n. Was ZDI-CAN-20011." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40510.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40510.json index f250beef172..0decc72187f 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40510.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40510.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40510", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:26.170", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.840", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the getServerSetting method. The issue results from the exposure of plaintext credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20012." + "value": "LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the getServerSetting method. The issue results from the exposure of plaintext credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-20012." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40511.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40511.json index e05dbf34493..5feeb20b74c 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40511.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40511.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40511", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:26.340", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:33.927", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the checkServer method. The issue results from the exposure of plaintext credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20013." + "value": "LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the checkServer method. The issue results from the exposure of plaintext credentials. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-20013." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40512.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40512.json index 7a080813bcf..f6d851cb9d7 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40512.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40512.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40512", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:26.517", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:34.020", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the getImageByFilename method in the PlayerController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-20014." + "value": "LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the getImageByFilename method in the PlayerController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-20014." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40513.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40513.json index 9cc1efa550f..af46a855bbd 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40513.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40513.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40513", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:26.690", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:34.113", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor UserManageController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the getImageByFilename method in the UserManageController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-20015." + "value": "LG Simple Editor UserManageController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the getImageByFilename method in the UserManageController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-20015." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40514.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40514.json index 3af3daf0651..e5816992c62 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40514.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40514.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40514", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:26.850", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:34.210", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor FileManagerController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the getImageByFilename method in the FileManagerController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-20016." + "value": "LG Simple Editor FileManagerController getImageByFilename Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the getImageByFilename method in the FileManagerController class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM.\n. Was ZDI-CAN-20016." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40515.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40515.json index 99d655b0042..3bf320bcc7b 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40515.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40515.json @@ -2,13 +2,13 @@ "id": "CVE-2023-40515", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:27.023", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:34.307", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the joinAddUser method. The issue results from improper input validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20048." + "value": "LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the joinAddUser method. The issue results from improper input validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.\n. Was ZDI-CAN-20048." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41184.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41184.json index fe193205277..9d522cb3b51 100644 --- a/CVE-2023/CVE-2023-411xx/CVE-2023-41184.json +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41184.json @@ -2,13 +2,13 @@ "id": "CVE-2023-41184", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:28.073", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:34.603", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link Tapo C210 ActiveCells Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Tapo C210 IP cameras. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the ActiveCells parameter of the CreateRules and ModifyRules APIs. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20589." + "value": "TP-Link Tapo C210 ActiveCells Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Tapo C210 IP cameras. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the handling of the ActiveCells parameter of the CreateRules and ModifyRules APIs. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20589." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-412xx/CVE-2023-41215.json b/CVE-2023/CVE-2023-412xx/CVE-2023-41215.json index a4961af6fbf..662125203d1 100644 --- a/CVE-2023/CVE-2023-412xx/CVE-2023-41215.json +++ b/CVE-2023/CVE-2023-412xx/CVE-2023-41215.json @@ -2,13 +2,13 @@ "id": "CVE-2023-41215", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:33.307", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:34.700", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set Date-Time Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20086." + "value": "D-Link DAP-2622 DDP Set Date-Time Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20086." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41610.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41610.json new file mode 100644 index 00000000000..d6a49a99cd3 --- /dev/null +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41610.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2023-41610", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-18T18:15:05.680", + "lastModified": "2024-09-18T18:15:05.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.trevorkems.com/operation-big-brother-iot-camera/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41611.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41611.json new file mode 100644 index 00000000000..54b1637125a --- /dev/null +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41611.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2023-41611", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-18T18:15:05.750", + "lastModified": "2024-09-18T18:15:05.750", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.trevorkems.com/operation-big-brother-iot-camera/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41612.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41612.json new file mode 100644 index 00000000000..b0d4967e726 --- /dev/null +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41612.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2023-41612", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-18T18:15:05.803", + "lastModified": "2024-09-18T18:15:05.803", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat on the Micro SD card." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.trevorkems.com/operation-big-brother-iot-camera/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-420xx/CVE-2023-42039.json b/CVE-2023/CVE-2023-420xx/CVE-2023-42039.json index 7048cb236d0..f4ec87feb94 100644 --- a/CVE-2023/CVE-2023-420xx/CVE-2023-42039.json +++ b/CVE-2023/CVE-2023-420xx/CVE-2023-42039.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42039", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:37.080", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.113", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21603." + "value": "Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21603." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42100.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42100.json index 99b3afbe21c..2e5aa6474a9 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42100.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42100.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42100", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:47.477", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.213", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21604." + "value": "Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.\n. Was ZDI-CAN-21604." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42101.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42101.json index 42f1c9b9d64..4aa1575f20a 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42101.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42101.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42101", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:47.643", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.303", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20418." + "value": "Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20418." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42102.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42102.json index 8d517e597d9..e35a7acbfe6 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42102.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42102.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42102", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:47.810", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.380", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20409." + "value": "Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20409." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42103.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42103.json index 0e7d36fb1fc..1da1f426caa 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42103.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42103.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42103", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:47.983", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.463", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20660." + "value": "Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20660." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42104.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42104.json index b0e9ff1e512..d6e7b7e7776 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42104.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42104.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42104", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:48.163", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.550", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20630." + "value": "Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20630." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42105.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42105.json index 51871631f54..b5295a86589 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42105.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42105.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42105", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:48.333", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.637", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20562." + "value": "Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of AR files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-20562." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42114.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42114.json index 2997823faa4..89cd52724b7 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42114.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42114.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42114", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:49.923", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.727", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-17433." + "value": "Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account.\n. Was ZDI-CAN-17433." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42115.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42115.json index 9a0de901f7b..b7a92a1b35c 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42115.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42115.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42115", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:50.123", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.810", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17434." + "value": "Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account.\n. Was ZDI-CAN-17434." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42116.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42116.json index 7450473aec3..1169c889f83 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42116.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42116.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42116", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:50.303", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.897", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17515." + "value": "Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account.\n. Was ZDI-CAN-17515." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42118.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42118.json index 73d3ec06064..851a3be6ef8 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42118.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42118.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42118", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:50.643", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:35.980", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17578." + "value": "Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the service account.\n. Was ZDI-CAN-17578." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42119.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42119.json index d32d7181152..1cde831a242 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42119.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42119.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42119", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:50.803", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:36.067", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-17643." + "value": "Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account.\n. Was ZDI-CAN-17643." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42124.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42124.json index 59d0e8cccad..075aa03b0c7 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42124.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42124.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42124", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:51.633", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:36.140", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity. Was ZDI-CAN-20178." + "value": "Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. The issue results from incorrect authorization. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code outside the sandbox at medium integrity.\n. Was ZDI-CAN-20178." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42125.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42125.json index 6ba7ae34c81..063ee41477c 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42125.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42125.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42125", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:51.797", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:36.230", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-20383." + "value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-20383." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42129.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42129.json index 2e3564b6695..243ba0bcc1a 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42129.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42129.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42129", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:52.577", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:36.390", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ShowTechDownloadView class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-17899." + "value": "A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the ShowTechDownloadView class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account.\n. Was ZDI-CAN-17899." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42130.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42130.json index 166bee143a8..e02a2b3e94a 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42130.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42130.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42130", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:52.750", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:36.470", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability. This vulnerability allows remote attackers to read and delete arbitrary files on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the FileMgmtExport class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to read and delete files in the context of the service account. Was ZDI-CAN-17905." + "value": "A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability. This vulnerability allows remote attackers to read and delete arbitrary files on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the FileMgmtExport class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to read and delete files in the context of the service account.\n. Was ZDI-CAN-17905." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-421xx/CVE-2023-42131.json b/CVE-2023/CVE-2023-421xx/CVE-2023-42131.json index 938d6695c20..650889256d4 100644 --- a/CVE-2023/CVE-2023-421xx/CVE-2023-42131.json +++ b/CVE-2023/CVE-2023-421xx/CVE-2023-42131.json @@ -2,13 +2,13 @@ "id": "CVE-2023-42131", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:52.920", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:36.553", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17827." + "value": "Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of X_B files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-17827." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-441xx/CVE-2023-44108.json b/CVE-2023/CVE-2023-441xx/CVE-2023-44108.json index 96e49f1e54d..4eff1f4cffb 100644 --- a/CVE-2023/CVE-2023-441xx/CVE-2023-44108.json +++ b/CVE-2023/CVE-2023-441xx/CVE-2023-44108.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44108", "sourceIdentifier": "psirt@huawei.com", "published": "2023-10-11T13:15:10.030", - "lastModified": "2023-10-15T01:44:06.033", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T18:35:05.453", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44410.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44410.json index cf37ede6844..75999afcc5d 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44410.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44410.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44410", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:54.290", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:36.707", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the showUsers method. The issue results from the lack of proper authorization before accessing a privileged endpoint. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-19535." + "value": "D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the showUsers method. The issue results from the lack of proper authorization before accessing a privileged endpoint. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.\n. Was ZDI-CAN-19535." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json index 6971a6f4f11..3905ea6324f 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44415", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:55.203", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:37.127", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19946." + "value": "D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-19946." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44416.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44416.json index 019148a06d1..15c84c53681 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44416.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44416.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44416", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:55.370", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:37.213", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20051." + "value": "D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20051." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44417.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44417.json index d2a5f229634..096ce8f2516 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44417.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44417.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44417", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:55.537", - "lastModified": "2024-05-03T12:49:24.027", + "lastModified": "2024-09-18T19:15:37.297", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20091." + "value": "D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20091." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44433.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44433.json index 2450f17944f..136d720304d 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44433.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44433.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44433", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:58.317", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:37.457", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21977." + "value": "Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.\n. Was ZDI-CAN-21977." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44437.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44437.json index 1bff0045d72..2f24d042935 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44437.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44437.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44437", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:59.060", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:37.760", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Cobalt Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21540." + "value": "Ashlar-Vellum Cobalt Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21540." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44438.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44438.json index da484f2e39a..e1177ca74c2 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44438.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44438.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44438", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:59.237", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:37.830", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Argon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21678." + "value": "Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Argon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21678." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44439.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44439.json index 829c2b496f2..e214d3b14fc 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44439.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44439.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44439", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:59.423", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:37.913", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Xenon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Xenon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21679." + "value": "Ashlar-Vellum Xenon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Xenon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21679." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44440.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44440.json index 6bbd745750b..104bcba1c6b 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44440.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44440.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44440", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:59.593", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:37.997", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21680." + "value": "Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Lithium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of various file types. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21680." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44441.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44441.json index b3818c9ed3e..0a63b752a7c 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44441.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44441.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44441", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:59.783", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:38.090", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22093." + "value": "GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-22093." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44443.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44443.json index 9c9c66bfacb..fca6cb77ded 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44443.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44443.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44443", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:00.137", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:38.167", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22096." + "value": "GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-22096." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44444.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44444.json index d231cce2318..99cd4b8834a 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44444.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44444.json @@ -2,13 +2,13 @@ "id": "CVE-2023-44444", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:00.357", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:38.250", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one error when calculating a location to write within a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22097." + "value": "GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one error when calculating a location to write within a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-22097." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45510.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45510.json index bb956467bb0..b61192a8f4b 100644 --- a/CVE-2023/CVE-2023-455xx/CVE-2023-45510.json +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45510.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45510", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-12T21:15:11.373", - "lastModified": "2023-10-18T13:00:07.247", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:35:08.307", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -49,6 +49,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-762" + } + ] } ], "configurations": [ diff --git a/CVE-2023/CVE-2023-463xx/CVE-2023-46344.json b/CVE-2023/CVE-2023-463xx/CVE-2023-46344.json index 1b14b3c5fc3..50004cf25a4 100644 --- a/CVE-2023/CVE-2023-463xx/CVE-2023-46344.json +++ b/CVE-2023/CVE-2023-463xx/CVE-2023-46344.json @@ -2,13 +2,13 @@ "id": "CVE-2023-46344", "sourceIdentifier": "cve@mitre.org", "published": "2024-02-02T02:15:16.537", - "lastModified": "2024-02-09T19:43:40.177", - "vulnStatus": "Analyzed", + "lastModified": "2024-09-18T19:15:38.530", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks." + "value": "A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks. NOTE: The vendor states that this vulnerability has been fixed in version 6.2.0-170." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47105.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47105.json index 3b0454b67c9..f2abf39f83f 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47105.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47105.json @@ -2,7 +2,7 @@ "id": "CVE-2023-47105", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T17:15:18.277", - "lastModified": "2024-09-18T17:15:18.277", + "lastModified": "2024-09-18T19:35:09.023", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], "references": [ { "url": "https://github.com/chaosblade-io/chaosblade/blob/0a07380c9899febb2b544132783b376b44226cca/exec/os/executor.go#L68", diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48171.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48171.json index d8d1ffbd641..032ebec041a 100644 --- a/CVE-2023/CVE-2023-481xx/CVE-2023-48171.json +++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48171.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48171", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T20:15:08.213", - "lastModified": "2024-08-13T19:35:01.050", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:54:08.080", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,10 +81,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:owasp:defectdojo:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.5.3.1", + "matchCriteriaId": "A57B9490-38A1-4F96-B1F3-9B69F9060C56" + } + ] + } + ] + } + ], "references": [ { "url": "https://gccybermonks.com/posts/defectdojo/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49203.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49203.json index 96ea195ea81..5f7e93e91d1 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49203.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49203.json @@ -2,7 +2,7 @@ "id": "CVE-2023-49203", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T15:15:14.513", - "lastModified": "2024-09-18T15:15:14.513", + "lastModified": "2024-09-18T19:35:09.870", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "Technitium 11.5.3 allows remote attackers to cause a denial of service (bandwidth amplification) because the DNSBomb manipulation causes accumulation of low-rate DNS queries such that there is a large-sized response in a burst of traffic." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-406" + } + ] + } + ], "references": [ { "url": "https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3.", diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50224.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50224.json index 34dd746d09d..796988f56f4 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50224.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50224.json @@ -2,13 +2,13 @@ "id": "CVE-2023-50224", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:10.833", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:38.687", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-19899." + "value": "TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.\n. Was ZDI-CAN-19899." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50225.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50225.json index 79e721559cf..873ce232484 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50225.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50225.json @@ -2,13 +2,13 @@ "id": "CVE-2023-50225", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:10.997", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:38.790", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the libcmm.so module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21819." + "value": "TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the libcmm.so module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-21819." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50226.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50226.json index 3b6bc9898fd..06e343f3169 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50226.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50226.json @@ -2,13 +2,13 @@ "id": "CVE-2023-50226", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:11.160", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:38.883", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-21227." + "value": "Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-21227." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50227.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50227.json index bcfbf0b59bb..d69e62c609c 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50227.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50227.json @@ -2,13 +2,13 @@ "id": "CVE-2023-50227", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:11.330", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:38.977", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the virtio-gpu virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the hypervisor. Was ZDI-CAN-21260." + "value": "Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the virtio-gpu virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the hypervisor.\n. Was ZDI-CAN-21260." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50228.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50228.json index b8e440f9ec6..3c9e00777e2 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50228.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50228.json @@ -2,13 +2,13 @@ "id": "CVE-2023-50228", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:11.507", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:39.070", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-21817." + "value": "Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-21817." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51597.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51597.json index a3fdcffa36d..f75ecc8c0a8 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51597.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51597.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51597", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:20.623", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:39.640", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21755." + "value": "Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.\n. Was ZDI-CAN-21755." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51599.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51599.json index a8112c68ab1..b5d89a4a23d 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51599.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51599.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51599", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:21.033", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:39.723", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Honeywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-18412." + "value": "Honeywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.\n. Was ZDI-CAN-18412." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51600.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51600.json index 8f55c74cfe8..69cb1ca290f 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51600.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51600.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51600", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:21.210", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:39.800", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process. Was ZDI-CAN-18456." + "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process.\n. Was ZDI-CAN-18456." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51601.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51601.json index 2686f7d7b53..9200d6a5b09 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51601.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51601.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51601", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:21.377", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:39.890", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of xml files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process. Was ZDI-CAN-18563." + "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of xml files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process.\n. Was ZDI-CAN-18563." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51602.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51602.json index 24a88d5aa8a..44742d56988 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51602.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51602.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51602", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:21.547", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:39.977", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process. Was ZDI-CAN-18591." + "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process.\n. Was ZDI-CAN-18591." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51603.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51603.json index 780c8b9bbd7..100aa55562f 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51603.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51603.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51603", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:21.720", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:40.057", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Honeywell Saia PG5 Controls Suite CAB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CAB files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-18592." + "value": "Honeywell Saia PG5 Controls Suite CAB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CAB files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.\n. Was ZDI-CAN-18592." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51604.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51604.json index 6ae3368af89..56eaf911f70 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51604.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51604.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51604", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:21.890", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:40.130", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process. Was ZDI-CAN-18593." + "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process.\n. Was ZDI-CAN-18593." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51605.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51605.json index 323e100808e..ab6eb890c74 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51605.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51605.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51605", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:22.057", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:40.210", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process. Was ZDI-CAN-18644." + "value": "Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XML files. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to access the URI and embed the contents back into the XML document for further processing. An attacker can leverage this vulnerability to disclose information in the context of the current process.\n. Was ZDI-CAN-18644." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51610.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51610.json index c6098b96986..2a441e1fa6d 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51610.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51610.json @@ -2,13 +2,13 @@ "id": "CVE-2023-51610", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:16:22.950", - "lastModified": "2024-05-03T12:48:41.067", + "lastModified": "2024-09-18T19:15:40.517", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21835." + "value": "Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.\n. Was ZDI-CAN-21835." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-204xx/CVE-2024-20430.json b/CVE-2024/CVE-2024-204xx/CVE-2024-20430.json index 39f1f2c0738..8a94885377f 100644 --- a/CVE-2024/CVE-2024-204xx/CVE-2024-20430.json +++ b/CVE-2024/CVE-2024-204xx/CVE-2024-20430.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20430", "sourceIdentifier": "ykramarz@cisco.com", "published": "2024-09-12T20:15:04.407", - "lastModified": "2024-09-12T21:34:55.633", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:56:05.510", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.9 + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -51,10 +81,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:meraki_systems_manager:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "1.0.98", + "versionEndExcluding": "4.2.0", + "matchCriteriaId": "BDCEB39F-E02D-4A04-BA4A-5E43E532CF64" + } + ] + } + ] + } + ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-agent-dll-hj-Ptn7PtKe", - "source": "ykramarz@cisco.com" + "source": "ykramarz@cisco.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27112.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27112.json index 7d70c23035a..21cfd46811d 100644 --- a/CVE-2024/CVE-2024-271xx/CVE-2024-27112.json +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27112.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27112", "sourceIdentifier": "csirt@divd.nl", "published": "2024-09-11T14:15:12.810", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:42:19.667", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,9 +59,41 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "csirt@divd.nl", "type": "Secondary", @@ -73,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.52.02", + "matchCriteriaId": "37301719-C761-4C67-9214-CA5AC8747913" + } + ] + } + ] + } + ], "references": [ { "url": "https://csirt.divd.nl/CVE-2024-27112", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-271xx/CVE-2024-27113.json b/CVE-2024/CVE-2024-271xx/CVE-2024-27113.json index a59580a207a..12df5e801c5 100644 --- a/CVE-2024/CVE-2024-271xx/CVE-2024-27113.json +++ b/CVE-2024/CVE-2024-271xx/CVE-2024-27113.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27113", "sourceIdentifier": "csirt@divd.nl", "published": "2024-09-11T14:15:12.947", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:43:00.140", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,9 +59,41 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + }, { "source": "csirt@divd.nl", "type": "Secondary", @@ -73,10 +105,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.52.02", + "matchCriteriaId": "37301719-C761-4C67-9214-CA5AC8747913" + } + ] + } + ] + } + ], "references": [ { "url": "https://csirt.divd.nl/CVE-2024-27113", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-290xx/CVE-2024-29073.json b/CVE-2024/CVE-2024-290xx/CVE-2024-29073.json index 97931979593..6f8e1dfd09c 100644 --- a/CVE-2024/CVE-2024-290xx/CVE-2024-29073.json +++ b/CVE-2024/CVE-2024-290xx/CVE-2024-29073.json @@ -2,7 +2,7 @@ "id": "CVE-2024-29073", "sourceIdentifier": "talos-cna@cisco.com", "published": "2024-07-22T15:15:02.943", - "lastModified": "2024-09-16T19:47:24.137", + "lastModified": "2024-09-18T18:31:42.290", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -60,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-829" + } + ] + }, { "source": "talos-cna@cisco.com", "type": "Secondary", diff --git a/CVE-2024/CVE-2024-340xx/CVE-2024-34057.json b/CVE-2024/CVE-2024-340xx/CVE-2024-34057.json new file mode 100644 index 00000000000..71ad2d155df --- /dev/null +++ b/CVE-2024/CVE-2024-340xx/CVE-2024-34057.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-34057", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-18T19:15:40.777", + "lastModified": "2024-09-18T19:15:40.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://trianglemicroworks.com/products/source-code-libraries/iec-61850-scl-pages/what%27s-new", + "source": "cve@mitre.org" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-256-16", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-343xx/CVE-2024-34399.json b/CVE-2024/CVE-2024-343xx/CVE-2024-34399.json new file mode 100644 index 00000000000..837ca2be7de --- /dev/null +++ b/CVE-2024/CVE-2024-343xx/CVE-2024-34399.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-34399", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-18T18:15:06.163", + "lastModified": "2024-09-18T19:35:11.240", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access any user account without using any password. NOTE: This vulnerability only affects products that are no longer supported by the maintainer and the impacted version for this vulnerability is 7.6.04 only." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://www.gruppotim.it/it/footer/red-team.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-355xx/CVE-2024-35515.json b/CVE-2024/CVE-2024-355xx/CVE-2024-35515.json index 24706b4a40e..1bdc929ed2b 100644 --- a/CVE-2024/CVE-2024-355xx/CVE-2024-35515.json +++ b/CVE-2024/CVE-2024-355xx/CVE-2024-35515.json @@ -2,7 +2,7 @@ "id": "CVE-2024-35515", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T15:15:14.843", - "lastModified": "2024-09-18T15:15:14.843", + "lastModified": "2024-09-18T18:35:08.403", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], "references": [ { "url": "https://github.com/piskvorky/sqlitedict/", diff --git a/CVE-2024/CVE-2024-359xx/CVE-2024-35943.json b/CVE-2024/CVE-2024-359xx/CVE-2024-35943.json index 4006d7746bd..69350629e86 100644 --- a/CVE-2024/CVE-2024-359xx/CVE-2024-35943.json +++ b/CVE-2024/CVE-2024-359xx/CVE-2024-35943.json @@ -2,7 +2,7 @@ "id": "CVE-2024-35943", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-05-19T11:15:49.953", - "lastModified": "2024-05-20T13:00:04.957", + "lastModified": "2024-09-18T18:15:06.230", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -25,6 +25,10 @@ "url": "https://git.kernel.org/stable/c/5d7f58ee08434a33340f75ac7ac5071eea9673b3", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, + { + "url": "https://git.kernel.org/stable/c/bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, { "url": "https://git.kernel.org/stable/c/ce666cecc09c0f92d5f86d89d8068ecfcf723a7e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" diff --git a/CVE-2024/CVE-2024-382xx/CVE-2024-38222.json b/CVE-2024/CVE-2024-382xx/CVE-2024-38222.json index 9c253288e60..f3b2df0c128 100644 --- a/CVE-2024/CVE-2024-382xx/CVE-2024-38222.json +++ b/CVE-2024/CVE-2024-382xx/CVE-2024-38222.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38222", "sourceIdentifier": "secure@microsoft.com", "published": "2024-09-12T03:15:02.983", - "lastModified": "2024-09-12T12:35:54.013", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:01:22.527", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,7 +18,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -36,13 +36,43 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, "weaknesses": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*", + "versionEndExcluding": "128.0.2739.42", + "matchCriteriaId": "5B3C4915-21C5-4DB1-8791-EB3AEB04A654" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38222", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-382xx/CVE-2024-38270.json b/CVE-2024/CVE-2024-382xx/CVE-2024-38270.json index b3879397f27..a39236dfd05 100644 --- a/CVE-2024/CVE-2024-382xx/CVE-2024-38270.json +++ b/CVE-2024/CVE-2024-382xx/CVE-2024-38270.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38270", "sourceIdentifier": "security@zyxel.com.tw", "published": "2024-09-10T02:15:09.780", - "lastModified": "2024-09-10T12:09:50.377", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-18T18:23:40.977", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@zyxel.com.tw", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, + { + "source": "security@zyxel.com.tw", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", @@ -51,10 +71,295 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-48hpv2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(abtq.1\\)c0", + "matchCriteriaId": "ACACFF77-1C3D-4DBA-A179-500B5602ED46" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-48hpv2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BC74C679-6D22-47E4-AE8A-2647B1AA4276" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(aahn.1\\)c0", + "matchCriteriaId": "7F2E6F4E-9DA0-4AFB-B4A3-7C3E611DA2FA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CFB7D4BF-7D17-48D3-990D-4BADAC8BD868" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-24hpv2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(abtp.1\\)c0", + "matchCriteriaId": "B3539C1D-6C16-4DFB-A601-F5346071F4D7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-24hpv2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "512D9A91-8DA7-47F1-AC77-AF743F99BFF3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-24ep_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(abto.1\\)c0", + "matchCriteriaId": "FF16626B-7BBE-4BFF-A60E-02B0B1243217" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-24ep:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B22AA8B1-11E2-408F-A1F6-0F8AF32AB131" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.80\\(aahk.1\\)c0", + "matchCriteriaId": "F8AE67A4-4CCE-4E95-840D-CB6F4F6FB00F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A6456AD6-8A1D-4D3D-AC1A-ABE442242B1B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.80\\(aahl.1\\)c0", + "matchCriteriaId": "441A359C-A00E-4B96-A321-F769259871B7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F4F55299-70D5-4CE1-A1EC-D79B469B94F7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(aahj.1\\)c0", + "matchCriteriaId": "A657FCE5-BA80-4E22-934A-3B632A9200D7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5078F7A5-D03B-4D3A-9C19-57DFF4D6BF7A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(aazi.1\\)c0", + "matchCriteriaId": "4503BD65-51A5-4626-9076-021E6F7DF0B8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "89201505-07AF-4F9C-9304-46F2707DB9B4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(aahi.1\\)c0", + "matchCriteriaId": "96F5E646-4DFD-4476-9D8B-9A8919C1F261" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "27602862-EFB7-402B-994E-254A0B210820" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.80\\(aahh.1\\)c0", + "matchCriteriaId": "87482A53-9933-4A0B-9831-F16AF9CBFB46" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*", + "matchCriteriaId": "51D33F50-B5A4-4AEF-972C-7FF089C21D52" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-insufficient-entropy-vulnerability-for-web-authentication-tokens-generation-in-gs1900-series-switches-09-10-2024", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json index 657bd846b8a..3b3ffb632bb 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38483", "sourceIdentifier": "security_alert@emc.com", "published": "2024-08-14T10:15:06.623", - "lastModified": "2024-08-14T13:00:37.107", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:19:24.453", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,1162 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5290_2-in-1_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.35.0", + "matchCriteriaId": "661F6328-0605-4612-B12A-9B1B49595943" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5290_2-in-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DEB2E9C0-3EF7-4910-82A2-558AE08DC55C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:precision_3420_tower_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.32.0", + "matchCriteriaId": "4477EA85-2B1F-4C08-B46B-5115BAB2A6D8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:precision_3420:-:*:*:*:*:*:*:*", + "matchCriteriaId": "652F2878-A44A-4EA7-A8C0-AA19404789F6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:precision_3620_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.32.0", + "matchCriteriaId": "947F2995-C201-4F06-BC13-C290473D9C17" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:precision_3620_tower:-:*:*:*:*:*:*:*", + "matchCriteriaId": "88922FD3-80E6-4D3C-A7EB-4F5DBCB26B8C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:wyse_7040_thin_client_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.26.0", + "matchCriteriaId": "33EE6034-4A66-4C20-A2A1-BC0FEFA2C7B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:wyse_7040_thin_client:-:*:*:*:*:*:*:*", + "matchCriteriaId": "05EA389F-39B8-4E4E-8FF6-96C05185C630" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:precision_7720_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.37.0", + "matchCriteriaId": "F750D9F4-526C-4612-BBB8-BB95C28B9F7A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:precision_7720:-:*:*:*:*:*:*:*", + "matchCriteriaId": "41B4E127-666D-4F61-9F5B-F8D3E8645054" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:precision_7520_firmware:1.37.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8A25CEEB-9985-4502-86A2-3B5084731069" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:precision_7520:-:*:*:*:*:*:*:*", + "matchCriteriaId": "73DD5C64-A10A-42F9-8F31-EF27A85E2A89" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:precision_5530_2-in-1_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.32.8", + "matchCriteriaId": "2B20FF8D-01BE-45C3-8976-249FCE5CC391" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:precision_5530_2-in-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "30622F6E-2F6D-482B-AA1E-65DA4A4B1679" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:precision_5520_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.39.0", + "matchCriteriaId": "82A92CDF-DD58-448B-9FD2-4EDF099313EA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CBBFE522-7630-4BED-9B2C-2AC12CA693DE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:precision_3520_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.37.0", + "matchCriteriaId": "9080D075-5AF2-4873-BD98-FC7B1709FC0E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:precision_3520:-:*:*:*:*:*:*:*", + "matchCriteriaId": "52677DF4-9C49-45DA-AECA-CDE168A77B27" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:optiplex_7450_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.34.0", + "matchCriteriaId": "B5ABAF4D-1EA1-45CD-AD6F-942A41EAAB46" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:optiplex_7450_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94C009D0-F008-441F-B19F-586FDB1E5777" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:optiplex_5050_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.31.0", + "matchCriteriaId": "5A0965D6-4A54-447D-A6CE-73319E738F97" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:optiplex_5050:-:*:*:*:*:*:*:*", + "matchCriteriaId": "93A865CE-6BEF-4741-8DD2-A3B555B9D9A4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:optiplex_3050_all-in-one_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.34.0", + "matchCriteriaId": "578EE09B-6255-4B61-9D83-FF03F9F71FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:optiplex_3050_all-in-one:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3748AEA1-5784-452D-8CD4-10E9CC125CA6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:optiplex_3050_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.31.0", + "matchCriteriaId": "4AF6A43D-3F2E-4D46-AE45-9E3A4BC841E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:optiplex_3050:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BE8D8EDD-C74F-4FA1-ACA0-6983CF786CEA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7490_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.39.0", + "matchCriteriaId": "D1C98064-2505-46B2-B349-D42E6BD26C85" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7490:-:*:*:*:*:*:*:*", + "matchCriteriaId": "26AD9A87-7D62-4566-A1B8-E843176E2E38" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7480_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.38.0", + "matchCriteriaId": "480C2419-B897-47C3-B6BC-3D7938BDF27E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7480:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CA90466D-6AE9-4030-ACFF-033E75A39CBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7424_rugged_extreme_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.34.0", + "matchCriteriaId": "1CA8AAEE-69E1-408C-9F2F-7999E2E8779E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7424_rugged_extreme:-:*:*:*:*:*:*:*", + "matchCriteriaId": "63EBA970-A46B-48B9-BA12-5169E4BBC426" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7414_rugged_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.47.0", + "matchCriteriaId": "4E1AA154-ACF8-402C-999C-F10C1387B1BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7414_rugged:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CB5C03BB-936C-43A1-8D12-6BA0157BEAD9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7390_2-in-1_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.36.0", + "matchCriteriaId": "821AADB7-901D-48AC-B1FE-364D3368DE51" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7390_2-in-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C127AF83-FC01-4774-9ADC-7DFA02C8237B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7390_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.39.0", + "matchCriteriaId": "959042CE-4E25-473E-8B27-AA534572B960" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7390:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D8C3716-4E1C-4D32-BC94-81D7FB838FFC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7380_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.38.0", + "matchCriteriaId": "1BA5D751-A907-438F-A997-F1A10991A958" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7380:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A1786B67-E621-4B2B-848A-B0F442719E94" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7290_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.39.0", + "matchCriteriaId": "E56B554F-2B36-4D0D-BD0C-EC2AEFE28BF9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7290:-:*:*:*:*:*:*:*", + "matchCriteriaId": "359A2878-C996-4FD2-9AB6-B33531E2F630" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7285_2-in-1_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.27.0", + "matchCriteriaId": "F03501FB-5818-47B3-A5F5-5B532A7EFC53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7285_2-in-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A7AF527-DE61-4AE7-9052-4E202FBFB7C1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7280_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.38.0", + "matchCriteriaId": "F9F33558-6452-4F77-85BC-231A3F7A70D8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7280:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2D5D3133-9388-49CF-A85D-2247A4DD9C4C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_7212_rugged_extreme_tablet_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.51.0", + "matchCriteriaId": "E989E870-EDA4-4A02-83E3-1D5E40AB6777" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_7212_rugged_extreme_tablet:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D63A20A1-663E-4DF6-AEEF-CCD48418B4F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5590_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.36.0", + "matchCriteriaId": "DD8F3563-A9AC-46C0-89E3-BA95D65189D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5590:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5AC395D9-DA6C-45B5-85E5-7906FE487EBE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5580_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.37.0", + "matchCriteriaId": "25E44814-14EA-4E06-A140-462B0743FCC1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5580:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB98E18A-D2C1-4522-A814-A1AA2C26F86D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5490_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.36.0", + "matchCriteriaId": "242106D1-DF09-4F0E-A6BA-2D4CF2CADCC0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5490:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D53A797-D418-49C3-9FE6-C53C7ACF7982" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5488_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.37.0", + "matchCriteriaId": "B4E8A181-97DC-47EF-899C-FFC3565B7A64" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5488:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3501A531-C8ED-4139-8AEC-48DABD80B006" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5480_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.37.0", + "matchCriteriaId": "1C0E99B2-999D-46D5-AA3C-0057C4817F5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5480:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B3453B1A-9C28-4007-94FF-FF3C52D65B39" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5424_rugged_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.34.0", + "matchCriteriaId": "55DDBB33-CC2D-444D-88F3-644B369C414F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5424_rugged:-:*:*:*:*:*:*:*", + "matchCriteriaId": "645EA89D-26A8-410C-B98C-5D70A28D01B8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5420_rugged_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.34.0", + "matchCriteriaId": "3F9FCD94-5B2B-4FD0-A0B7-4AA68D5DABDE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5420_rugged:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81DF3C33-F288-4644-BC7E-76943DC4B1E7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5414_rugged_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.47.0", + "matchCriteriaId": "76FDCE1E-8E07-4C95-B40A-43A5B67C879B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5414_rugged:-:*:*:*:*:*:*:*", + "matchCriteriaId": "620BBA51-B03B-451C-A8B6-F656EB6B1502" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5400_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.32.0", + "matchCriteriaId": "8434B9AB-D007-4852-A795-062DB108DA79" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5400:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA6BB99C-65CE-43D8-8034-F9844285747E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5290_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.36.0", + "matchCriteriaId": "DA7A84D3-B3AD-4F97-A5E4-57BB8F713AC0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5290:-:*:*:*:*:*:*:*", + "matchCriteriaId": "62EA01E4-0ADF-4863-9AE3-A9995581201E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5288_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.37.0", + "matchCriteriaId": "65EF6C8D-6C82-41E7-A657-7C55F6FAC7AB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5288:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B91BC7B8-1B63-4EE2-B855-93677363124C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_5280_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.37.0", + "matchCriteriaId": "030B1989-4F6F-43D5-9229-2B0573289A65" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_5280:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3CD444B0-06AC-4115-9BD1-F65BF4E0D73E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_3390_2-in-1_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.32.0", + "matchCriteriaId": "1791EBA4-E35B-40FB-9688-E395377848EF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_3390_2-in-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "07C65D0B-F6FC-4034-9C48-A620550A6B49" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_3300_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.29.0", + "matchCriteriaId": "1DC513D7-0F80-43F5-A00B-4C03DF6FAEC7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_3300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BEECB432-D5CF-4F26-905A-21B45BA4B9F3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_13_3380_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.28.0", + "matchCriteriaId": "434E8356-B3DD-43EB-9C6D-763E2CD06CA0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_13_3380:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5C283E8D-9A59-41AA-B6DC-A31E35E88396" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:latitude_12_rugged_extreme_7214_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.47.0", + "matchCriteriaId": "87451DA2-BBD9-43A9-BE8A-3A7B9BEE69F4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:latitude_12_rugged_extreme_7214:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DCD30F80-7517-4255-872F-558ABC9C3CE9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:embedded_box_pc_5000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.26.0", + "matchCriteriaId": "87059558-59EC-4F19-A54A-2BD73B82570A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dell:embedded_box_pc_5000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7B2BE27-F109-4B11-8E8B-732A1AE3CC2F" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000225776/dsa-2024-260", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39378.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39378.json index 852c9e6ea01..92cb2d1fd4f 100644 --- a/CVE-2024/CVE-2024-393xx/CVE-2024-39378.json +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39378.json @@ -2,8 +2,8 @@ "id": "CVE-2024-39378", "sourceIdentifier": "psirt@adobe.com", "published": "2024-09-11T16:15:05.797", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:16:39.390", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -40,6 +40,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "psirt@adobe.com", "type": "Secondary", @@ -51,10 +61,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:audition:*:*:*:*:*:*:*:*", + "versionEndIncluding": "23.6.6", + "matchCriteriaId": "5CBAE22C-02E5-41ED-A190-327306B1D4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:audition:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0", + "versionEndIncluding": "24.4.1", + "matchCriteriaId": "2FBF911A-92E4-4C5D-B88B-D0322C133524" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/audition/apsb24-54.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-414xx/CVE-2024-41475.json b/CVE-2024/CVE-2024-414xx/CVE-2024-41475.json index 61ba046d165..eebc1f0c6f3 100644 --- a/CVE-2024/CVE-2024-414xx/CVE-2024-41475.json +++ b/CVE-2024/CVE-2024-414xx/CVE-2024-41475.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41475", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T17:15:17.257", - "lastModified": "2024-08-13T15:35:13.560", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:51:25.513", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-346" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -51,10 +81,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sir:gnuboard:6.0.7:*:*:*:*:*:*:*", + "matchCriteriaId": "56DFB50B-F209-4234-AEE3-AFFB300F1136" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.github.com/AkiaCode/7c878b1699931314246d6589d86b1e89", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41868.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41868.json index ce972ebac70..279f8db70ff 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41868.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41868.json @@ -2,8 +2,8 @@ "id": "CVE-2024-41868", "sourceIdentifier": "psirt@adobe.com", "published": "2024-09-11T16:15:06.140", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:13:45.177", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:audition:*:*:*:*:*:*:*:*", + "versionEndIncluding": "23.6.6", + "matchCriteriaId": "5CBAE22C-02E5-41ED-A190-327306B1D4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:audition:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0", + "versionEndIncluding": "24.4.1", + "matchCriteriaId": "2FBF911A-92E4-4C5D-B88B-D0322C133524" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/audition/apsb24-54.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42485.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42485.json index 3de027f652c..db772de2ae5 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42485.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42485.json @@ -2,7 +2,7 @@ "id": "CVE-2024-42485", "sourceIdentifier": "security-advisories@github.com", "published": "2024-08-12T16:15:16.453", - "lastModified": "2024-09-16T19:40:46.550", + "lastModified": "2024-09-18T18:31:40.427", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -60,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", diff --git a/CVE-2024/CVE-2024-427xx/CVE-2024-42794.json b/CVE-2024/CVE-2024-427xx/CVE-2024-42794.json index 37a72a57903..0529785e5c5 100644 --- a/CVE-2024/CVE-2024-427xx/CVE-2024-42794.json +++ b/CVE-2024/CVE-2024-427xx/CVE-2024-42794.json @@ -2,16 +2,55 @@ "id": "CVE-2024-42794", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-16T20:15:46.770", - "lastModified": "2024-09-16T20:15:46.770", + "lastModified": "2024-09-18T19:35:12.550", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax.php?action=save_user." + }, + { + "lang": "es", + "value": "Kashipara Music Management System v1.0 es vulnerable a un control de acceso incorrecto a trav\u00e9s de /music/ajax.php?action=save_user." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Music%20Management%20System%20v1.0/Broken%20Access%20Control%20-%20Save%20User%20%26%20Account%20Takeover.pdf", diff --git a/CVE-2024/CVE-2024-441xx/CVE-2024-44127.json b/CVE-2024/CVE-2024-441xx/CVE-2024-44127.json index 45bae4e2858..99e37cfeef0 100644 --- a/CVE-2024/CVE-2024-441xx/CVE-2024-44127.json +++ b/CVE-2024/CVE-2024-441xx/CVE-2024-44127.json @@ -2,16 +2,55 @@ "id": "CVE-2024-44127", "sourceIdentifier": "product-security@apple.com", "published": "2024-09-17T00:15:49.990", - "lastModified": "2024-09-17T00:15:49.990", + "lastModified": "2024-09-18T18:35:10.113", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. Private Browsing tabs may be accessed without authentication." + }, + { + "lang": "es", + "value": "Este problema se solucion\u00f3 mediante una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en iOS 17.7 y iPadOS 17.7, iOS 18 y iPadOS 18. Se puede acceder a las pesta\u00f1as de Navegaci\u00f3n privada sin autenticaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/121246", diff --git a/CVE-2024/CVE-2024-442xx/CVE-2024-44202.json b/CVE-2024/CVE-2024-442xx/CVE-2024-44202.json index aee600176f0..7b50bb91192 100644 --- a/CVE-2024/CVE-2024-442xx/CVE-2024-44202.json +++ b/CVE-2024/CVE-2024-442xx/CVE-2024-44202.json @@ -2,16 +2,55 @@ "id": "CVE-2024-44202", "sourceIdentifier": "product-security@apple.com", "published": "2024-09-17T00:15:52.383", - "lastModified": "2024-09-17T00:15:52.383", + "lastModified": "2024-09-18T18:35:11.417", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authentication issue was addressed with improved state management. This issue is fixed in iOS 18 and iPadOS 18. Private Browsing tabs may be accessed without authentication." + }, + { + "lang": "es", + "value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en iOS 18 y iPadOS 18. Se puede acceder a las pesta\u00f1as de Navegaci\u00f3n privada sin autenticaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/121250", diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44459.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44459.json index ed1a0689452..469dcfa2340 100644 --- a/CVE-2024/CVE-2024-444xx/CVE-2024-44459.json +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44459.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44459", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-12T20:15:04.887", - "lastModified": "2024-09-12T21:34:55.633", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:53:58.983", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,11 +15,66 @@ "value": "Un problema de asignaci\u00f3n de memoria en vernemq v2.0.1 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s del consumo excesivo de memoria." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:octavolabs:vernemq:2.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "22B2EB43-7E75-4A17-84E0-3BD94DE08FD1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Vernemq_crash.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-444xx/CVE-2024-44460.json b/CVE-2024/CVE-2024-444xx/CVE-2024-44460.json index 9839e909c3e..817cbb8434f 100644 --- a/CVE-2024/CVE-2024-444xx/CVE-2024-44460.json +++ b/CVE-2024/CVE-2024-444xx/CVE-2024-44460.json @@ -2,8 +2,8 @@ "id": "CVE-2024-44460", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-12T20:15:04.940", - "lastModified": "2024-09-12T21:34:55.633", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:53:01.570", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,11 +15,66 @@ "value": "Un tama\u00f1o de lectura no v\u00e1lido en Nanomq v0.21.9 permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:emqx:nanomq:0.21.9:*:*:*:*:*:*:*", + "matchCriteriaId": "BCD18267-005A-4BDA-8BA4-F72238FF455F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Nanomq_invalid_read.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-445xx/CVE-2024-44542.json b/CVE-2024/CVE-2024-445xx/CVE-2024-44542.json index 3685551b8b5..7655fdec7bc 100644 --- a/CVE-2024/CVE-2024-445xx/CVE-2024-44542.json +++ b/CVE-2024/CVE-2024-445xx/CVE-2024-44542.json @@ -2,7 +2,7 @@ "id": "CVE-2024-44542", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T15:15:16.137", - "lastModified": "2024-09-18T15:15:16.137", + "lastModified": "2024-09-18T19:35:13.340", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via the /todesk.com/news.html parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], "references": [ { "url": "https://github.com/alphandbelt/CVE-2024-44542/tree/main", diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4472.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4472.json index 810ca292690..81c91c22059 100644 --- a/CVE-2024/CVE-2024-44xx/CVE-2024-4472.json +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4472.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4472", "sourceIdentifier": "cve@gitlab.com", "published": "2024-09-12T19:15:04.233", - "lastModified": "2024-09-12T21:34:55.633", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:16:35.900", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -51,14 +81,74 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "16.5.0", + "versionEndExcluding": "17.1.7", + "matchCriteriaId": "B17D27F3-8232-494B-93F7-C90CD00B5DA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.5.0", + "versionEndExcluding": "17.1.7", + "matchCriteriaId": "D05C0358-FAB5-49D6-8C19-4EC5B143F015" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.5", + "matchCriteriaId": "9DE9BFF3-C056-4146-A762-E34D60E10EDE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.5", + "matchCriteriaId": "1F428DA1-FB1C-4B14-A1E1-65177E7F4B10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "17.3.0", + "versionEndExcluding": "17.3.2", + "matchCriteriaId": "D2F29B41-64CF-4CEF-8EDF-BBDBA2FFE8C1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.3.0", + "versionEndExcluding": "17.3.2", + "matchCriteriaId": "145E52CC-F503-446E-A760-1C01753DA938" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/460289", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://hackerone.com/reports/2477062", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-455xx/CVE-2024-45523.json b/CVE-2024/CVE-2024-455xx/CVE-2024-45523.json new file mode 100644 index 00000000000..537f2ea9592 --- /dev/null +++ b/CVE-2024/CVE-2024-455xx/CVE-2024-45523.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-45523", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-18T18:15:06.420", + "lastModified": "2024-09-18T18:15:06.420", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38241. An unauthenticated attacker can cause a resource leak by issuing multiple failed login attempts through API SOAP." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.bravurasecurity.com/cve-2024-45523-resource-leak-in-api-after-a-failed-login-attempt", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-456xx/CVE-2024-45601.json b/CVE-2024/CVE-2024-456xx/CVE-2024-45601.json new file mode 100644 index 00000000000..4dbc1970c18 --- /dev/null +++ b/CVE-2024/CVE-2024-456xx/CVE-2024-45601.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-45601", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-18T18:15:06.473", + "lastModified": "2024-09-18T18:15:06.473", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validation in a specific endpoint. This could have allowed an attacker to access files not intended to be served. Users are strongly advised to update to the latest version of Mesop immediately. The latest version includes a fix for this vulnerability. At time of publication 0.12.4 is the most recently available version of Mesop." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/google/mesop/commit/17fb769d6a91f0a8cbccfab18f64977b158a6a31", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/google/mesop/security/advisories/GHSA-pmv9-3xqp-8w42", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45787.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45787.json index 497ef6340a1..19d20ad38a2 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45787.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45787.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45787", "sourceIdentifier": "vdisclose@cert-in.org.in", "published": "2024-09-11T12:15:02.123", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:15:07.650", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,12 +59,44 @@ "baseSeverity": "HIGH" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } ] }, "weaknesses": [ { - "source": "vdisclose@cert-in.org.in", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "vdisclose@cert-in.org.in", + "type": "Secondary", "description": [ { "lang": "en", @@ -73,10 +105,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:reedos:aim-star:2.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B863974A-47F2-4A3A-9614-26F30737B0FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291", - "source": "vdisclose@cert-in.org.in" + "source": "vdisclose@cert-in.org.in", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45788.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45788.json index d6e0ec0fa79..e6980fa436b 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45788.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45788.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45788", "sourceIdentifier": "vdisclose@cert-in.org.in", "published": "2024-09-11T12:15:02.230", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:57:10.203", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,9 +59,41 @@ "baseSeverity": "HIGH" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "vdisclose@cert-in.org.in", "type": "Secondary", @@ -73,10 +105,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:reedos:aim-star:2.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B863974A-47F2-4A3A-9614-26F30737B0FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291", - "source": "vdisclose@cert-in.org.in" + "source": "vdisclose@cert-in.org.in", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45789.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45789.json index 193db5f4455..9d9b7e717bd 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45789.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45789.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45789", "sourceIdentifier": "vdisclose@cert-in.org.in", "published": "2024-09-11T12:15:02.343", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:55:58.287", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,6 +59,28 @@ "baseSeverity": "MEDIUM" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } ] }, "weaknesses": [ @@ -73,10 +95,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:reedos:aim-star:2.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B863974A-47F2-4A3A-9614-26F30737B0FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291", - "source": "vdisclose@cert-in.org.in" + "source": "vdisclose@cert-in.org.in", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45790.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45790.json index 6ab16fd6eed..50807f7ff6f 100644 --- a/CVE-2024/CVE-2024-457xx/CVE-2024-45790.json +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45790.json @@ -2,8 +2,8 @@ "id": "CVE-2024-45790", "sourceIdentifier": "vdisclose@cert-in.org.in", "published": "2024-09-11T13:15:03.290", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:38:04.393", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,6 +59,28 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "weaknesses": [ @@ -73,10 +95,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:reedos:aim-star:2.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B863974A-47F2-4A3A-9614-26F30737B0FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291", - "source": "vdisclose@cert-in.org.in" + "source": "vdisclose@cert-in.org.in", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-460xx/CVE-2024-46086.json b/CVE-2024/CVE-2024-460xx/CVE-2024-46086.json index 3c89ec2da0e..9d6a55cc6a2 100644 --- a/CVE-2024/CVE-2024-460xx/CVE-2024-46086.json +++ b/CVE-2024/CVE-2024-460xx/CVE-2024-46086.json @@ -2,7 +2,7 @@ "id": "CVE-2024-46086", "sourceIdentifier": "cve@mitre.org", "published": "2024-09-18T16:15:06.160", - "lastModified": "2024-09-18T16:15:06.160", + "lastModified": "2024-09-18T18:35:13.440", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/delete/123" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], "references": [ { "url": "https://github.com/PG2Stom/cms/tree/main/12/readme.md", diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46959.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46959.json new file mode 100644 index 00000000000..2434bafcc9f --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46959.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-46959", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-18T18:15:06.730", + "lastModified": "2024-09-18T18:15:06.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "runofast Indoor Security Camera for Baby Monitor has a default password of password for the root account. This allows access to the /stream1 URI via the rtsp:// protocol to receive the video and audio stream." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://werewolves.world/blog/09072024", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46978.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46978.json new file mode 100644 index 00000000000..dae14ad15d0 --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46978.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-46978", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-18T18:15:06.800", + "lastModified": "2024-09-18T18:15:06.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible for any user knowing the ID of a notification filter preference of another user, to enable/disable it or even delete it. The impact is that the target user might start loosing notifications on some pages because of this. This vulnerability is present in XWiki since 13.2-rc-1. This vulnerability has been patched in XWiki 14.10.21, 15.5.5, 15.10.1, 16.0-rc-1. The patch consists in checking properly the rights of the user before performing any action on the filters. Users are advised to upgrade. It's possible to fix manually the vulnerability by editing the document `XWiki.Notifications.Code.NotificationPreferenceService` to apply the changes performed in commit e8acc9d8e6af7dfbfe70716ded431642ae4a6dd4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-648" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/e8acc9d8e6af7dfbfe70716ded431642ae4a6dd4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-r95w-889q-x2gx", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-20337", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46979.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46979.json new file mode 100644 index 00000000000..11c9b723734 --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46979.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-46979", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-18T18:15:07.020", + "lastModified": "2024-09-18T18:15:07.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to get access to notification filters of any user by using a URL such as `xwiki/bin/get/XWiki/Notifications/Code/NotificationFilterPreferenceLivetableResults?outputSyntax=plain&type=custom&user=`. This vulnerability impacts all versions of XWiki since 13.2-rc-1. The filters do not provide much information (they mainly contain references which are public data in XWiki), though some info could be used in combination with other vulnerabilities. This vulnerability has been patched in XWiki 14.10.21, 15.5.5, 15.10.1, 16.0RC1. The patch consists in checking the rights of the user when sending the data. Users are advised to upgrade. It's possible to workaround the vulnerability by applying manually the patch: it's possible for an administrator to edit directly the document `XWiki.Notifications.Code.NotificationFilterPreferenceLivetableResults` to apply the same changes as in the patch. See commit c8c6545f9bde6f5aade994aa5b5903a67b5c2582." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + }, + { + "lang": "en", + "value": "CWE-359" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/c8c6545f9bde6f5aade994aa5b5903a67b5c2582", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-pg4m-3gp6-hw4w", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-20336", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46986.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46986.json new file mode 100644 index 00000000000..7dea57b9e84 --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46986.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-46986", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-18T18:15:07.223", + "lastModified": "2024-09-18T18:15:07.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on (depending on the permissions of the underlying filesystem). E.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://codeql.github.com/codeql-query-help/ruby/rb-path-injection", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/owen2345/camaleon-cms/security/advisories/GHSA-wmjg-vqhv-q5p5", + "source": "security-advisories@github.com" + }, + { + "url": "https://owasp.org/www-community/attacks/Path_Traversal", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.reddit.com/r/rails/comments/1exwtdm/camaleon_cms_281_has_been_released", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46987.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46987.json new file mode 100644 index 00000000000..6a88c47ef95 --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46987.json @@ -0,0 +1,72 @@ +{ + "id": "CVE-2024-46987", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-18T18:15:07.440", + "lastModified": "2024-09-18T18:15:07.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible via MediaController's download_private_file method allows authenticated users to download any file on the web server Camaleon CMS is running on (depending on the file permissions). This issue may lead to Information Disclosure. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + }, + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://codeql.github.com/codeql-query-help/ruby/rb-path-injection", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/owen2345/camaleon-cms/security/advisories/GHSA-cp65-5m9r-vc2c", + "source": "security-advisories@github.com" + }, + { + "url": "https://owasp.org/www-community/attacks/Path_Traversal", + "source": "security-advisories@github.com" + }, + { + "url": "https://www.reddit.com/r/rails/comments/1exwtdm/camaleon_cms_281_has_been_released", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-469xx/CVE-2024-46989.json b/CVE-2024/CVE-2024-469xx/CVE-2024-46989.json new file mode 100644 index 00000000000..def1553bff7 --- /dev/null +++ b/CVE-2024/CVE-2024-469xx/CVE-2024-46989.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-46989", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-09-18T18:15:07.650", + "lastModified": "2024-09-18T18:15:07.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Multiple caveats over the same indirect subject type on the same relation can result in no permission being returned when permission is expected. If the resource has multiple groups, and each group is caveated, it is possible for the returned permission to be \"no permission\" when permission is expected. Permission is returned as NO_PERMISSION when PERMISSION is expected on the CheckPermission API. This issue has been addressed in release version 1.35.3. Users are advised to upgrade. Users unable to upgrade should not use caveats or avoid the use of caveats on an indirect subject type with multiple entries." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/authzed/spicedb/commit/d4ef8e1dbce1eafaf25847f4c0f09738820f5bf2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/authzed/spicedb/security/advisories/GHSA-jhg6-6qrx-38mr", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-60xx/CVE-2024-6091.json b/CVE-2024/CVE-2024-60xx/CVE-2024-6091.json index 03a5f2200e7..0d081e3eab5 100644 --- a/CVE-2024/CVE-2024-60xx/CVE-2024-6091.json +++ b/CVE-2024/CVE-2024-60xx/CVE-2024-6091.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6091", "sourceIdentifier": "security@huntr.dev", "published": "2024-09-11T13:15:03.440", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:41:31.247", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -51,14 +73,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:agpt:autogpt:0.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "2D661C6E-61E1-4F20-BFBB-C0DBA3A62D9F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/significant-gravitas/autogpt/commit/ef691359b774a1f9f80cf4f5ace9821967b718ed", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.com/bounties/8a742c13-bb5e-4bc9-8b86-049d8a386050", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6678.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6678.json index 2b460b8274e..dea14231397 100644 --- a/CVE-2024/CVE-2024-66xx/CVE-2024-6678.json +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6678.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6678", "sourceIdentifier": "cve@gitlab.com", "published": "2024-09-12T19:15:04.453", - "lastModified": "2024-09-12T21:34:55.633", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:14:14.837", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-290" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -51,14 +81,74 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "8.14.0", + "versionEndExcluding": "17.1.7", + "matchCriteriaId": "24A0DD44-0B65-4BD6-9C61-A9E1AD3626CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "8.14.0", + "versionEndExcluding": "17.1.7", + "matchCriteriaId": "DE92E4E8-63E0-481B-8826-B8E853C99BA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.5", + "matchCriteriaId": "9DE9BFF3-C056-4146-A762-E34D60E10EDE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.5", + "matchCriteriaId": "1F428DA1-FB1C-4B14-A1E1-65177E7F4B10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "17.3.0", + "versionEndExcluding": "17.3.2", + "matchCriteriaId": "D2F29B41-64CF-4CEF-8EDF-BBDBA2FFE8C1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.3.0", + "versionEndExcluding": "17.3.2", + "matchCriteriaId": "145E52CC-F503-446E-A760-1C01753DA938" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/471923", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://hackerone.com/reports/2595495", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-68xx/CVE-2024-6878.json b/CVE-2024/CVE-2024-68xx/CVE-2024-6878.json index c7ebb04e075..b8beedcb3b6 100644 --- a/CVE-2024/CVE-2024-68xx/CVE-2024-6878.json +++ b/CVE-2024/CVE-2024-68xx/CVE-2024-6878.json @@ -2,7 +2,7 @@ "id": "CVE-2024-6878", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-09-18T15:15:18.970", - "lastModified": "2024-09-18T15:15:18.970", + "lastModified": "2024-09-18T18:35:14.400", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -55,6 +55,28 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-76xx/CVE-2024-7609.json b/CVE-2024/CVE-2024-76xx/CVE-2024-7609.json index ed983a14496..807ea469a5b 100644 --- a/CVE-2024/CVE-2024-76xx/CVE-2024-7609.json +++ b/CVE-2024/CVE-2024-76xx/CVE-2024-7609.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7609", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-09-11T12:15:02.690", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:33:09.633", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,6 +59,28 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } ] }, "weaknesses": [ @@ -73,10 +95,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vidco:voc_tester:*:*:*:*:*:*:*:*", + "versionEndExcluding": "12.34.8", + "matchCriteriaId": "44A61EE6-FFFB-474A-ADA1-AE364B70C979" + } + ] + } + ] + } + ], "references": [ + { + "url": "https://github.com/advisories/GHSA-6mh6-642h-83x7", + "source": "nvd@nist.gov", + "tags": [ + "Third Party Advisory" + ] + }, { "url": "https://https://www.usom.gov.tr/bildirim/tr-24-1447", - "source": "iletisim@usom.gov.tr" + "source": "iletisim@usom.gov.tr", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7721.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7721.json index dc179ac6bf7..23613a28db6 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7721.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7721.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7721", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-11T05:15:03.180", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:01:01.893", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,7 +18,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -36,6 +36,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, @@ -51,18 +71,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.5.35", + "matchCriteriaId": "551DBCE2-9953-489E-B3E6-F4223F0C516F" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/Ajax.php#L79", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3148088/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc3f308-d1e1-430b-bccd-168c0972fe7c?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7727.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7727.json index dfd9ff57c4b..836c32b0cce 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7727.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7727.json @@ -2,8 +2,8 @@ "id": "CVE-2024-7727", "sourceIdentifier": "security@wordfence.com", "published": "2024-09-11T05:15:03.400", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:07:55.450", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -51,22 +71,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.5.33", + "matchCriteriaId": "FFAF0844-26DD-4340-9C12-5B986A4497DF" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/Ajax.php#L5", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/html5-video-player/trunk/inc/Model/ImportData.php#L4", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3139559/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/908df18e-7178-4d40-becb-86e1a714a7da?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-81xx/CVE-2024-8144.json b/CVE-2024/CVE-2024-81xx/CVE-2024-8144.json index 9d6759c8b4d..27ea1adb09e 100644 --- a/CVE-2024/CVE-2024-81xx/CVE-2024-8144.json +++ b/CVE-2024/CVE-2024-81xx/CVE-2024-8144.json @@ -2,7 +2,7 @@ "id": "CVE-2024-8144", "sourceIdentifier": "cna@vuldb.com", "published": "2024-08-25T04:15:03.867", - "lastModified": "2024-09-18T15:31:17.277", + "lastModified": "2024-09-18T18:24:46.730", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ @@ -149,8 +149,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:classcms_project:classcms:4.8:*:*:*:*:*:*:*", - "matchCriteriaId": "16D59786-4318-4A39-B6C4-259F55D54644" + "criteria": "cpe:2.3:a:classcms:classcms:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "F38F3BF5-7976-4920-91A8-2484D82B42B0" } ] } @@ -177,7 +177,7 @@ "url": "https://vuldb.com/?id.275725", "source": "cna@vuldb.com", "tags": [ - "Third Party Advisory" + "Permissions Required" ] }, { diff --git a/CVE-2024/CVE-2024-82xx/CVE-2024-8287.json b/CVE-2024/CVE-2024-82xx/CVE-2024-8287.json new file mode 100644 index 00000000000..7f0236b5e61 --- /dev/null +++ b/CVE-2024/CVE-2024-82xx/CVE-2024-8287.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8287", + "sourceIdentifier": "security@ubuntu.com", + "published": "2024-09-18T19:15:41.073", + "lastModified": "2024-09-18T19:15:41.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://bugs.launchpad.net/anbox-cloud/+bug/2077570", + "source": "security@ubuntu.com" + }, + { + "url": "https://discourse.ubuntu.com/t/anbox-cloud-1-23-1-has-been-released/48141", + "source": "security@ubuntu.com" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-8287", + "source": "security@ubuntu.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8306.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8306.json index 495bcac6724..754874f661e 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8306.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8306.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8306", "sourceIdentifier": "cybersecurity@se.com", "published": "2024-09-11T15:15:18.827", - "lastModified": "2024-09-11T16:26:11.920", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:51:14.850", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "cybersecurity@se.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "cybersecurity@se.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,41 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3", + "matchCriteriaId": "F4501EC7-939C-4E71-A5D3-3F1112D39190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:vijeo_designer:6.3:-:*:*:*:*:*:*", + "matchCriteriaId": "204A592B-1B28-43FC-878F-559BDF5A7944" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:vijeo_designer_embedded_in_ecostruxure_machine_expert:*:*:*:*:*:*:*:*", + "matchCriteriaId": "99EBBD6F-0C97-493A-B708-60DD27733247" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-254-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-254-01.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8311.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8311.json index da0e22c9cf0..bd4b15d3506 100644 --- a/CVE-2024/CVE-2024-83xx/CVE-2024-8311.json +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8311.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8311", "sourceIdentifier": "cve@gitlab.com", "published": "2024-09-12T19:15:04.683", - "lastModified": "2024-09-12T21:34:55.633", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:12:52.810", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -51,10 +81,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.5", + "matchCriteriaId": "1F428DA1-FB1C-4B14-A1E1-65177E7F4B10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.3.0", + "versionEndExcluding": "17.3.2", + "matchCriteriaId": "145E52CC-F503-446E-A760-1C01753DA938" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/479315", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-85xx/CVE-2024-8517.json b/CVE-2024/CVE-2024-85xx/CVE-2024-8517.json index d910d071d6b..91e72b818e4 100644 --- a/CVE-2024/CVE-2024-85xx/CVE-2024-8517.json +++ b/CVE-2024/CVE-2024-85xx/CVE-2024-8517.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8517", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2024-09-06T16:15:03.793", - "lastModified": "2024-09-09T16:15:03.053", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:05:03.553", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "disclosure@vulncheck.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "disclosure@vulncheck.com", "type": "Secondary", @@ -51,22 +81,72 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.1.18", + "matchCriteriaId": "E48335D1-94D2-4A75-960D-804C92C246BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2.0", + "versionEndIncluding": "4.2.15", + "matchCriteriaId": "B05B0286-ED29-4860-A5A7-FF196A65F066" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spip:spip:4.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "ACBB7226-E320-4997-A541-B3EA402C643F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spip:spip:4.3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "425F3BC4-EB81-4BB8-96DB-D26C0154C11B" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-2-SPIP-4-2-16-SPIP-4-1-18.html", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_2_a_big_upload/", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vozec.fr/researchs/spip-preauth-rce-2024-big-upload/", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vulncheck.com/advisories/spip-upload-rce", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-86xx/CVE-2024-8641.json b/CVE-2024/CVE-2024-86xx/CVE-2024-8641.json index e6ef821fd5a..f595d15a48f 100644 --- a/CVE-2024/CVE-2024-86xx/CVE-2024-8641.json +++ b/CVE-2024/CVE-2024-86xx/CVE-2024-8641.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8641", "sourceIdentifier": "cve@gitlab.com", "published": "2024-09-12T19:15:04.887", - "lastModified": "2024-09-12T21:34:55.633", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T19:12:18.930", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -40,6 +60,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -51,14 +81,74 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "13.7.0", + "versionEndExcluding": "17.1.7", + "matchCriteriaId": "3A6EEE69-C698-4188-A6A8-E0382DC7E40D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "13.7.0", + "versionEndExcluding": "17.1.7", + "matchCriteriaId": "D28AADDC-2FAE-45AA-93D0-037EE1DF33E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.5", + "matchCriteriaId": "9DE9BFF3-C056-4146-A762-E34D60E10EDE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.5", + "matchCriteriaId": "1F428DA1-FB1C-4B14-A1E1-65177E7F4B10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "17.3.0", + "versionEndExcluding": "17.3.2", + "matchCriteriaId": "D2F29B41-64CF-4CEF-8EDF-BBDBA2FFE8C1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "17.3.0", + "versionEndExcluding": "17.3.2", + "matchCriteriaId": "145E52CC-F503-446E-A760-1C01753DA938" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/471954", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://hackerone.com/reports/2595495", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8708.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8708.json index 3628f5fda59..6666bff6d9b 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8708.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8708.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8708", "sourceIdentifier": "cna@vuldb.com", "published": "2024-09-12T02:15:03.870", - "lastModified": "2024-09-12T12:35:54.013", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-09-18T19:11:28.080", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -61,6 +61,26 @@ } ], "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -120,22 +140,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mayurik:best_house_rental_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A7D6CEC7-5EE1-4052-B0E2-093C40418760" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.277217", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.277217", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?submit.404864", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8749.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8749.json index 105764ba663..f99be3c906b 100644 --- a/CVE-2024/CVE-2024-87xx/CVE-2024-8749.json +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8749.json @@ -2,8 +2,8 @@ "id": "CVE-2024-8749", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2024-09-12T12:15:53.060", - "lastModified": "2024-09-12T12:35:54.013", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-09-18T18:53:54.860", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -51,10 +71,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:i-doit:i-doit:28:*:*:*:pro:*:*:*", + "matchCriteriaId": "85C33B1A-464B-4A24-8100-6FB8D2128D41" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-synetics-idoit-pro", - "source": "cve-coordination@incibe.es" + "source": "cve-coordination@incibe.es", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 1f960b23358..c693b9de943 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-18T18:00:18.842448+00:00 +2024-09-18T20:00:19.699246+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-18T17:53:47.860000+00:00 +2024-09-18T19:57:10.203000+00:00 ``` ### Last Data Feed Release @@ -33,50 +33,58 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -263387 +263401 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `14` -- [CVE-2022-25777](CVE-2022/CVE-2022-257xx/CVE-2022-25777.json) (`2024-09-18T16:15:04.980`) -- [CVE-2023-47105](CVE-2023/CVE-2023-471xx/CVE-2023-47105.json) (`2024-09-18T17:15:18.277`) -- [CVE-2024-45298](CVE-2024/CVE-2024-452xx/CVE-2024-45298.json) (`2024-09-18T17:15:18.570`) -- [CVE-2024-45813](CVE-2024/CVE-2024-458xx/CVE-2024-45813.json) (`2024-09-18T17:15:19.163`) -- [CVE-2024-46086](CVE-2024/CVE-2024-460xx/CVE-2024-46086.json) (`2024-09-18T16:15:06.160`) -- [CVE-2024-46990](CVE-2024/CVE-2024-469xx/CVE-2024-46990.json) (`2024-09-18T17:15:19.687`) +- [CVE-2023-41610](CVE-2023/CVE-2023-416xx/CVE-2023-41610.json) (`2024-09-18T18:15:05.680`) +- [CVE-2023-41611](CVE-2023/CVE-2023-416xx/CVE-2023-41611.json) (`2024-09-18T18:15:05.750`) +- [CVE-2023-41612](CVE-2023/CVE-2023-416xx/CVE-2023-41612.json) (`2024-09-18T18:15:05.803`) +- [CVE-2024-34057](CVE-2024/CVE-2024-340xx/CVE-2024-34057.json) (`2024-09-18T19:15:40.777`) +- [CVE-2024-34399](CVE-2024/CVE-2024-343xx/CVE-2024-34399.json) (`2024-09-18T18:15:06.163`) +- [CVE-2024-45523](CVE-2024/CVE-2024-455xx/CVE-2024-45523.json) (`2024-09-18T18:15:06.420`) +- [CVE-2024-45601](CVE-2024/CVE-2024-456xx/CVE-2024-45601.json) (`2024-09-18T18:15:06.473`) +- [CVE-2024-46959](CVE-2024/CVE-2024-469xx/CVE-2024-46959.json) (`2024-09-18T18:15:06.730`) +- [CVE-2024-46978](CVE-2024/CVE-2024-469xx/CVE-2024-46978.json) (`2024-09-18T18:15:06.800`) +- [CVE-2024-46979](CVE-2024/CVE-2024-469xx/CVE-2024-46979.json) (`2024-09-18T18:15:07.020`) +- [CVE-2024-46986](CVE-2024/CVE-2024-469xx/CVE-2024-46986.json) (`2024-09-18T18:15:07.223`) +- [CVE-2024-46987](CVE-2024/CVE-2024-469xx/CVE-2024-46987.json) (`2024-09-18T18:15:07.440`) +- [CVE-2024-46989](CVE-2024/CVE-2024-469xx/CVE-2024-46989.json) (`2024-09-18T18:15:07.650`) +- [CVE-2024-8287](CVE-2024/CVE-2024-82xx/CVE-2024-8287.json) (`2024-09-18T19:15:41.073`) ### CVEs modified in the last Commit -Recently modified CVEs: `50` +Recently modified CVEs: `258` -- [CVE-2024-42404](CVE-2024/CVE-2024-424xx/CVE-2024-42404.json) (`2024-09-18T16:35:08.267`) -- [CVE-2024-42795](CVE-2024/CVE-2024-427xx/CVE-2024-42795.json) (`2024-09-18T16:35:09.097`) -- [CVE-2024-42796](CVE-2024/CVE-2024-427xx/CVE-2024-42796.json) (`2024-09-18T16:35:09.880`) -- [CVE-2024-42798](CVE-2024/CVE-2024-427xx/CVE-2024-42798.json) (`2024-09-18T16:35:10.637`) -- [CVE-2024-43116](CVE-2024/CVE-2024-431xx/CVE-2024-43116.json) (`2024-09-18T16:22:14.880`) -- [CVE-2024-43117](CVE-2024/CVE-2024-431xx/CVE-2024-43117.json) (`2024-09-18T16:15:04.373`) -- [CVE-2024-43230](CVE-2024/CVE-2024-432xx/CVE-2024-43230.json) (`2024-09-18T16:10:30.317`) -- [CVE-2024-43327](CVE-2024/CVE-2024-433xx/CVE-2024-43327.json) (`2024-09-18T17:07:45.553`) -- [CVE-2024-43967](CVE-2024/CVE-2024-439xx/CVE-2024-43967.json) (`2024-09-18T17:00:57.497`) -- [CVE-2024-44103](CVE-2024/CVE-2024-441xx/CVE-2024-44103.json) (`2024-09-18T17:18:39.040`) -- [CVE-2024-44104](CVE-2024/CVE-2024-441xx/CVE-2024-44104.json) (`2024-09-18T17:33:06.413`) -- [CVE-2024-44105](CVE-2024/CVE-2024-441xx/CVE-2024-44105.json) (`2024-09-18T17:48:11.193`) -- [CVE-2024-44106](CVE-2024/CVE-2024-441xx/CVE-2024-44106.json) (`2024-09-18T17:50:40.660`) -- [CVE-2024-44107](CVE-2024/CVE-2024-441xx/CVE-2024-44107.json) (`2024-09-18T17:52:50.990`) -- [CVE-2024-45041](CVE-2024/CVE-2024-450xx/CVE-2024-45041.json) (`2024-09-18T17:31:53.903`) -- [CVE-2024-45413](CVE-2024/CVE-2024-454xx/CVE-2024-45413.json) (`2024-09-18T16:35:11.470`) -- [CVE-2024-45414](CVE-2024/CVE-2024-454xx/CVE-2024-45414.json) (`2024-09-18T16:35:12.227`) -- [CVE-2024-45415](CVE-2024/CVE-2024-454xx/CVE-2024-45415.json) (`2024-09-18T16:35:12.983`) -- [CVE-2024-45416](CVE-2024/CVE-2024-454xx/CVE-2024-45416.json) (`2024-09-18T16:35:13.743`) -- [CVE-2024-45679](CVE-2024/CVE-2024-456xx/CVE-2024-45679.json) (`2024-09-18T16:35:14.530`) -- [CVE-2024-47001](CVE-2024/CVE-2024-470xx/CVE-2024-47001.json) (`2024-09-18T16:35:16.540`) -- [CVE-2024-8012](CVE-2024/CVE-2024-80xx/CVE-2024-8012.json) (`2024-09-18T17:53:47.860`) -- [CVE-2024-8611](CVE-2024/CVE-2024-86xx/CVE-2024-8611.json) (`2024-09-18T17:24:34.163`) -- [CVE-2024-8904](CVE-2024/CVE-2024-89xx/CVE-2024-8904.json) (`2024-09-18T16:35:17.877`) -- [CVE-2024-8905](CVE-2024/CVE-2024-89xx/CVE-2024-8905.json) (`2024-09-18T16:35:18.640`) +- [CVE-2024-42794](CVE-2024/CVE-2024-427xx/CVE-2024-42794.json) (`2024-09-18T19:35:12.550`) +- [CVE-2024-44127](CVE-2024/CVE-2024-441xx/CVE-2024-44127.json) (`2024-09-18T18:35:10.113`) +- [CVE-2024-44202](CVE-2024/CVE-2024-442xx/CVE-2024-44202.json) (`2024-09-18T18:35:11.417`) +- [CVE-2024-44459](CVE-2024/CVE-2024-444xx/CVE-2024-44459.json) (`2024-09-18T18:53:58.983`) +- [CVE-2024-44460](CVE-2024/CVE-2024-444xx/CVE-2024-44460.json) (`2024-09-18T18:53:01.570`) +- [CVE-2024-44542](CVE-2024/CVE-2024-445xx/CVE-2024-44542.json) (`2024-09-18T19:35:13.340`) +- [CVE-2024-4472](CVE-2024/CVE-2024-44xx/CVE-2024-4472.json) (`2024-09-18T19:16:35.900`) +- [CVE-2024-45787](CVE-2024/CVE-2024-457xx/CVE-2024-45787.json) (`2024-09-18T18:15:07.650`) +- [CVE-2024-45788](CVE-2024/CVE-2024-457xx/CVE-2024-45788.json) (`2024-09-18T19:57:10.203`) +- [CVE-2024-45789](CVE-2024/CVE-2024-457xx/CVE-2024-45789.json) (`2024-09-18T19:55:58.287`) +- [CVE-2024-45790](CVE-2024/CVE-2024-457xx/CVE-2024-45790.json) (`2024-09-18T18:38:04.393`) +- [CVE-2024-46086](CVE-2024/CVE-2024-460xx/CVE-2024-46086.json) (`2024-09-18T18:35:13.440`) +- [CVE-2024-6091](CVE-2024/CVE-2024-60xx/CVE-2024-6091.json) (`2024-09-18T18:41:31.247`) +- [CVE-2024-6678](CVE-2024/CVE-2024-66xx/CVE-2024-6678.json) (`2024-09-18T19:14:14.837`) +- [CVE-2024-6878](CVE-2024/CVE-2024-68xx/CVE-2024-6878.json) (`2024-09-18T18:35:14.400`) +- [CVE-2024-7609](CVE-2024/CVE-2024-76xx/CVE-2024-7609.json) (`2024-09-18T18:33:09.633`) +- [CVE-2024-7721](CVE-2024/CVE-2024-77xx/CVE-2024-7721.json) (`2024-09-18T18:01:01.893`) +- [CVE-2024-7727](CVE-2024/CVE-2024-77xx/CVE-2024-7727.json) (`2024-09-18T18:07:55.450`) +- [CVE-2024-8144](CVE-2024/CVE-2024-81xx/CVE-2024-8144.json) (`2024-09-18T18:24:46.730`) +- [CVE-2024-8306](CVE-2024/CVE-2024-83xx/CVE-2024-8306.json) (`2024-09-18T19:51:14.850`) +- [CVE-2024-8311](CVE-2024/CVE-2024-83xx/CVE-2024-8311.json) (`2024-09-18T19:12:52.810`) +- [CVE-2024-8517](CVE-2024/CVE-2024-85xx/CVE-2024-8517.json) (`2024-09-18T18:05:03.553`) +- [CVE-2024-8641](CVE-2024/CVE-2024-86xx/CVE-2024-8641.json) (`2024-09-18T19:12:18.930`) +- [CVE-2024-8708](CVE-2024/CVE-2024-87xx/CVE-2024-8708.json) (`2024-09-18T19:11:28.080`) +- [CVE-2024-8749](CVE-2024/CVE-2024-87xx/CVE-2024-8749.json) (`2024-09-18T18:53:54.860`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 0b1ebe49c13..f1940194252 100644 --- a/_state.csv +++ b/_state.csv @@ -58299,12 +58299,12 @@ CVE-2013-0639,0,0,b31be035ceb64b0d082ddfacc740a4210652cc5e7e0dde51ddff1158c160dc CVE-2013-0640,0,0,124b8bb226f7e9d6096b31adba4a0e431bfd4cafe81871fe0024db93f6d5836d,2024-07-16T17:36:16.623000 CVE-2013-0641,0,0,8b435cbf77af4b23b70d0392c35e373c862cd1b7676f3d77a9653fe18e07ad76,2024-07-16T17:36:05.960000 CVE-2013-0642,0,0,bfadc58d9042f0563f6f464599e9d26f03ce9f43f5f43c002304603f48da66a2,2018-12-06T19:47:16.903000 -CVE-2013-0643,0,0,c28c769559241598b22ad1c92fb6509a69f1a0484816aa8917ea9420514a91b2,2024-09-18T01:00:01.007000 +CVE-2013-0643,0,1,729305f657b64058679da68ad515dc2a54231958b32050c68b1c86f5c900050c,2024-09-18T19:35:01.410000 CVE-2013-0644,0,0,79820981c348e4e64b9198c5d6054f480e970cc8d8c247ee3d548bff6c82ac85,2018-12-06T19:48:02.123000 CVE-2013-0645,0,0,6125d0f7d22b366190241b77a7b5922adc7339604421994dce13d534098c6aea,2018-12-06T19:48:36.513000 CVE-2013-0646,0,0,c06c944b7c73de3e62d948a2b222d45721d45f6414f5e68a92e11e952ff01974,2014-03-26T04:44:11.977000 CVE-2013-0647,0,0,eef38ab0e06ece5be29234416a43368cf2dc4818ff0481da512aa8e96cfa7923,2018-12-06T19:50:48.563000 -CVE-2013-0648,0,0,8828d469ac8bbe4cb822484bdf93e03de32060a7c5fbbcd14b0992163017c4e9,2024-09-18T01:00:01.007000 +CVE-2013-0648,0,1,6b0666a3ff66920f1be6ded6a96213840168c4e3336527f9bfefe5c13da1df25,2024-09-18T19:35:02.327000 CVE-2013-0649,0,0,08f618eda7f64799433610eda3b01050cfd3e669aa064372e20a16c5d61237e1,2018-12-06T19:50:14.467000 CVE-2013-0650,0,0,05a6fa43599436cf52455a9e658850893592583b2a41594c4c9c1629f1ff4728,2014-03-26T04:44:15.773000 CVE-2013-0651,0,0,f49ccbeee68ba586b35032f2fc9fbd62aa3c838e205fd987ab565ea2bea44c76,2013-01-30T05:00:00 @@ -64974,12 +64974,12 @@ CVE-2014-0493,0,0,5980f8ce7bccecebd2e70dd6b857cb4b656971c59fbacbb63249cc45b51f75 CVE-2014-0494,0,0,8b294b47a486336cd6b4db3f06f91abe3b0268360260099a12dc8b5ebb59c596,2017-08-29T01:34:11.030000 CVE-2014-0495,0,0,671e97412a74358a5c6e50a3bb0dbb2b494498ae12e83fc145a13daedb649abf,2018-12-13T15:50:35.977000 CVE-2014-0496,0,0,943eee2f6677ecbddd894736d06d754908e933d15ae4ea4f9cfea3e0ddbbf17b,2018-12-13T15:50:55.103000 -CVE-2014-0497,0,0,40c2e1918860f2c6e23ec1cb0a7fdcea65061bb2949c2e19a7b1006ed5ee1d69,2024-09-18T01:00:01.007000 +CVE-2014-0497,0,1,d6e32f9fc77d829dbf50e0c69e55537733d441acc9da96160dfc9a69312dffe9,2024-09-18T19:35:02.543000 CVE-2014-0498,0,0,1618f11598fb67e87357bcde2d1122794a71c785ac05d06e2d56fd17028571fc,2018-12-13T15:54:15.917000 CVE-2014-0499,0,0,0361066feb81eae85003bd40e34d63a55b78a3c7f0bdfd41851c555d91004b71,2018-12-13T15:54:47.153000 CVE-2014-0500,0,0,97edfd619058dc26ad56cf33391d9dc91362a50dec1d0dbc02abb7edf993b617,2018-01-03T02:29:03.130000 CVE-2014-0501,0,0,4025edf733331396525b490cf3d77ea02dc26b06228603a4b61385c7de6588f2,2018-01-03T02:29:03.210000 -CVE-2014-0502,0,0,8dbec4a56f6017d53481e9e1202f13f8b35932ef6b701a6699f7a4b23eb4c125,2024-09-18T01:00:01.007000 +CVE-2014-0502,0,1,0aec5223f09074d52a34e1c752542c3e472ac2f8b486fe6bc9d439bb474a1256,2024-09-18T19:35:03.393000 CVE-2014-0503,0,0,c67bf98b7682ef5050d13c43497f2af42e7aa350e509586400ddb6191e666325,2018-12-13T16:00:37.443000 CVE-2014-0504,0,0,e6a68e9a83d1aff357dde03fe34200e26c34033a1843fb3b1a467a539bb2000a,2018-12-13T16:00:23.630000 CVE-2014-0505,0,0,9cf82e807986acb6181ee7efa5d77d0a8127ac7e93c1c91848a81dbe58937cd2,2014-03-14T17:07:42.850000 @@ -128928,7 +128928,7 @@ CVE-2019-10686,0,0,071dffbfdea10181bb98b77b81173ea1ee44c0bf3f27125b70455662edc40 CVE-2019-10687,0,0,4d2aa4f6c0463103aef2503f43b6f1e6753450b125b2eb1b959d173389b0f8e1,2019-08-27T15:51:11.620000 CVE-2019-10688,0,0,139389dbc249e8cae439573037005e32285d24298cd9752f9767fbd85f7cada6,2019-06-17T16:15:11.653000 CVE-2019-10689,0,0,3a6ff66e02d9a27391650c9b85af3797719e726b15e08ea64568eab01a8deea0,2019-06-27T17:26:21.897000 -CVE-2019-1069,0,0,047e8de07a19aad90fa858335b53937a776fc9dd6e531f06f25289e8695f168e,2020-08-24T17:37:01.140000 +CVE-2019-1069,0,1,1dde59bc61cd7fc8ed90278619866c19547de636b4ba84a81da56ad49bb2980c,2024-09-18T19:35:04.250000 CVE-2019-10691,0,0,e8e0d767bb2f3b5e08db6f24e350ea086b46abac68877bbd2cba7819c236f317,2023-11-07T03:02:32.480000 CVE-2019-10692,0,0,8adff711cac0bb2de2edadfdf1000b35b700fb5b209d412cad8743610b43de23,2023-05-23T20:30:59.777000 CVE-2019-10694,0,0,9582148ff7994145825de46f0455936b126d6116ce2adec095540a2cc82c30a9,2022-01-24T16:46:01.133000 @@ -175554,7 +175554,7 @@ CVE-2021-31555,0,0,7de5df80bc06456a2bd06cb1ed2fa6bf25b8a0e66ee1e2ceff5a7504cc2b9 CVE-2021-31556,0,0,93b949700d04612fa67f7aa21454bcfa0dedb54b45feb534dfde6a346bbdbf4e,2023-11-07T03:34:58.647000 CVE-2021-31558,0,0,ceed4d2a05c41f9fdd58ce2921315e67a6e46f1c89b4c2da0bce257ffbc7f901,2021-12-28T14:54:32.527000 CVE-2021-31559,0,0,c056101e3a724e5296c3096cffa3217710e8d3f22622b1fbc675682800b56fdf,2022-10-25T16:42:38.307000 -CVE-2021-3156,0,1,756a4c61ba757c306e336a56d1a3eabd3a978cd9871d60b7e3550598effb17de,2024-09-18T17:15:13.843000 +CVE-2021-3156,0,0,756a4c61ba757c306e336a56d1a3eabd3a978cd9871d60b7e3550598effb17de,2024-09-18T17:15:13.843000 CVE-2021-31562,0,0,ac50e4387893ec363455949ced3c17ca407e9a27f3f2c3f523390c3482b094df,2022-01-28T15:55:53.923000 CVE-2021-31566,0,0,801f1236a607222712dc7741b61bbdda3061d826b7fd22f878d0c5c45a130a15,2024-03-27T16:04:30.260000 CVE-2021-31567,0,0,0da3da305c7b1718259a905dc09c36fc318ae57a531df276f807be7858b88fad,2022-02-03T17:09:44.553000 @@ -178191,9 +178191,9 @@ CVE-2021-34995,0,0,d2bf2f67c77fe081652a70376c0a83538507d9b9442ea71a1b7f92805499d CVE-2021-34996,0,0,9fe4c83f7cf6a10ae6a796242d2b484d91e6671e99e41ea31b6d4ea2fd69efbe,2022-01-22T03:54:01.530000 CVE-2021-34997,0,0,8a171e90f4f5f1beffa289015e30f85a7d653bce83a8d1e41aee9d32c39cd5f8,2022-01-22T03:51:16.197000 CVE-2021-34998,0,0,425552d3b0e29e21d78589fad955b1de258becde51a030cada3e1719ff233f96,2022-01-20T18:30:33.707000 -CVE-2021-34999,0,0,67b20b5c20805da7312b4988fd2f8dfa81f5f33ac87c1a16cff6dc00f71371f3,2024-05-08T13:15:00.690000 +CVE-2021-34999,0,1,f8bbc13e2268a5eccac2f54f82c7ed6bd2d6d6e549cfebfe1f7ca5e86fb3ad2b,2024-09-18T19:15:18.903000 CVE-2021-3500,0,0,20a6d326f8fa37491aa09d2512e4c19c2d9cc4fefc4969b6a62de0f4ccdf564d,2022-03-09T21:41:13.120000 -CVE-2021-35000,0,0,cc6bf679c1c89673825af8b722e11415ba498630490c50c8a8efe1c314b09158,2024-05-08T13:15:00.690000 +CVE-2021-35000,0,1,0d8d7aee5d145f877a9bf621f533c64205a8052aab8dc68848d85af71349e876,2024-09-18T19:15:19.030000 CVE-2021-35001,0,0,3a4747836278599f73cdfc08b52c36c5a6ca54d42af0539c88e07bc144477ca4,2024-05-08T13:15:00.690000 CVE-2021-35002,0,0,ca971b3533d6c11a998557197d7c75671e978c5d943b828184e880a7c6f86864,2024-05-08T13:15:00.690000 CVE-2021-35003,0,0,b6f64fac46b29660ba8f75eef6f86687ea71f216aa6fcb1d6a4783835f0170c5,2022-01-27T18:31:58.600000 @@ -185165,7 +185165,7 @@ CVE-2021-44386,0,0,c7a8e786c9ce5934fc402773c471d2a12262151e8fc565444fc2144ac181f CVE-2021-44387,0,0,fabc139e1f85cfa88528c19fca0f1bc78eb0fe30fe316bdfaa7f89835abfac5f,2022-10-25T17:43:35.947000 CVE-2021-44388,0,0,3dcfd88f5acdaf90a435be2f8258f09ae02ea037b0a541345e60e2924e1ecb14,2022-10-25T17:43:28.293000 CVE-2021-44389,0,0,eab304468bce6b27476ecc311a2d45e089d60148a6143553219ed0a865fd93f0,2022-10-25T17:43:23.320000 -CVE-2021-4439,0,1,7496e4c229713a1108169323523b60c6f81ce22d5aa6968a0e27470dbbd3ded0,2024-09-18T16:34:18.960000 +CVE-2021-4439,0,0,7496e4c229713a1108169323523b60c6f81ce22d5aa6968a0e27470dbbd3ded0,2024-09-18T16:34:18.960000 CVE-2021-44390,0,0,66390a2bd3a7fe49801e32199ec52e7a2aefb72b4413e531f48a71660b19bcab,2022-10-25T17:43:18.373000 CVE-2021-44391,0,0,5b977c68bde6a7b9ce717e629efa137c50bc8bdf7ace5dcd740bb98570d1f8ce,2022-10-25T17:43:13.387000 CVE-2021-44392,0,0,df0247b73a347802891c2a1a6ad5403f865c16563cfef3bcb1fb92386b0bcdfd,2022-10-25T17:43:02.037000 @@ -187485,10 +187485,10 @@ CVE-2021-47613,0,0,642703d9671fc407abe219c3770e567651dc20dc07d591d5ba5177a9d5d4e CVE-2021-47614,0,0,ef802c1c34c90a0409b0849796fe5ab3fdfe8e1064cf9d9b5bcc370d68a7918d,2024-08-27T16:14:06.177000 CVE-2021-47615,0,0,3bc3df92b69fdab3bdde99978f3d8804c002c34343decddd85839db0c37e920e,2024-06-20T12:43:25.663000 CVE-2021-47616,0,0,df02274307ce6160ecca6b3896e04e852b158704d05111c568a6cd060f1afb3e,2024-08-27T16:13:59.120000 -CVE-2021-47617,0,1,f701c4b9ceb190096ace90035e3ee735a9ba3198d4f5aae57c90972417326e44,2024-09-18T17:46:30.413000 +CVE-2021-47617,0,0,f701c4b9ceb190096ace90035e3ee735a9ba3198d4f5aae57c90972417326e44,2024-09-18T17:46:30.413000 CVE-2021-47618,0,0,2a314532463f641de5a1abcd70cc0a94c3a5563bdb37f6cd3ebfada5f84160e6,2024-06-20T12:43:25.663000 -CVE-2021-47619,0,1,038ae55e86cea289a2c13d6822057614864308e714603d25972607093ce9572c,2024-09-18T17:08:45.593000 -CVE-2021-47620,0,1,eb4d580227848fa1a691113178ce258643d92e4b77639d956836ec159d2f88f5,2024-09-18T17:07:27.603000 +CVE-2021-47619,0,0,038ae55e86cea289a2c13d6822057614864308e714603d25972607093ce9572c,2024-09-18T17:08:45.593000 +CVE-2021-47620,0,0,eb4d580227848fa1a691113178ce258643d92e4b77639d956836ec159d2f88f5,2024-09-18T17:07:27.603000 CVE-2021-47621,0,0,e2a12dc01cb26b616b467be0797cdc4becade42dc6473a1cfae1a845981be942,2024-08-19T17:35:03.327000 CVE-2021-47622,0,0,1d63636624695cdf93325419218fd644932a974f7e674106d3329295d563b92a,2024-08-21T17:31:30.087000 CVE-2021-47623,0,0,51281b2f0091c3f4d7a64df3b524258b3de520fa994b2caf678cd311e53f80eb,2024-07-16T13:43:58.773000 @@ -192107,8 +192107,8 @@ CVE-2022-22828,0,0,4142aa4cb654f8865a327e5fa878c77dd2cdf643a707bb78bfcba3aa361f7 CVE-2022-22831,0,0,e63daf81f7891287e89e9fe86987723fe884a9ebb5a7afb1923d241ce9c859f3,2022-02-11T04:13:30.967000 CVE-2022-22832,0,0,693892fafa13772f39ba757237e2dc1d309384c9c159d213ac94b25f71f659b8,2023-08-08T14:21:49.707000 CVE-2022-22833,0,0,71cd187a2272e0d81b105dba5df5368d4eed75f713c8829a39f9af890cfa20d5,2022-02-10T16:19:53.487000 -CVE-2022-22834,0,0,d2cb9b05825d8efb647e3f21e886eb20de6f9ca2f2d7053b5503500d5d34f492,2022-09-03T03:51:56.070000 -CVE-2022-22835,0,0,dec25e81d1abe6d081865b7d9b6893a0e4339980235cc252bb178f7fb550c077,2022-09-03T03:55:46.813000 +CVE-2022-22834,0,1,386652208f606cbfa3e8d7714ce9230f82fe0b6e6e0e5be1959ee7ddeb6f96d3,2024-09-18T19:15:19.130000 +CVE-2022-22835,0,1,c09be6174ced4b0b84c78fc5bbf00aaa50b41d8f20172d03a5b3d90423e3ed30,2024-09-18T19:15:19.247000 CVE-2022-22836,0,0,c081b62f7866f97397f1e522a9134f3dbbc7d9cc293ea415a9d32d77d4fdee33,2022-01-19T16:15:07.663000 CVE-2022-2284,0,0,f6cf987d0f29386aeeca758ecd7cff61dc9948540f6bfcdbf3f349bee7c84b6d,2023-11-07T03:46:24.320000 CVE-2022-22844,0,0,8ada24d76e901751ca2a97c696a46cd44fa69b37765c3d00c89391a1f109156b,2022-11-16T19:07:38.983000 @@ -194669,7 +194669,7 @@ CVE-2022-25772,0,0,95d681186a9c51133bf3638b33bba1dd8f63cdc4f434660afa0e726ca2c43 CVE-2022-25774,0,0,d128421aa7601ab16044dac15490c25c6c2e690412ad3801950f706eb5056b33,2024-09-18T15:15:13.253000 CVE-2022-25775,0,0,2d1d71ffaee7c477f923babb3051dba7e000633b4437cb8d189bac24751d255c,2024-09-18T15:15:13.440000 CVE-2022-25776,0,0,9fbe8029aae3d5b21da2ffbfb3fcbb3c0b1cccf869457ebde978fe0e2ec23da5,2024-09-18T15:15:13.620000 -CVE-2022-25777,1,1,49e0e38926654b75fb3f04a59e2899d0c331df0eddbdcebb6c3062ad4ede895e,2024-09-18T16:15:04.980000 +CVE-2022-25777,0,0,49e0e38926654b75fb3f04a59e2899d0c331df0eddbdcebb6c3062ad4ede895e,2024-09-18T16:15:04.980000 CVE-2022-25778,0,0,d33a6c464736dc83925f8894577efd1831139b6d537692d92f0faae224736b0b,2022-05-11T18:44:34.810000 CVE-2022-25779,0,0,4cc25f73bf46ee90d0c51c55921c8d5948f913da4b37f33496b30f1a0b932974,2022-05-11T18:46:38.337000 CVE-2022-2578,0,0,b5c8c05b6b5124894234e43a50f3c3ee7f866a667a1b26bbcfea5883e5cf23dd,2022-08-05T15:57:17.487000 @@ -212254,19 +212254,19 @@ CVE-2022-48714,0,0,d3e55637265824378aa3c7bae71a7fa48c76755872399adfb8504da466ec1 CVE-2022-48715,0,0,f18f19ec8c35a04457834d24c1dea742a22a4a63333ab01494f99ae0f13cdfc2,2024-06-20T12:43:25.663000 CVE-2022-48716,0,0,1288d286656db17c43b8e3c9f6eb25225ae1da1a6ef842eb6115eda843ed17f2,2024-07-03T01:39:11.570000 CVE-2022-48717,0,0,86a2a3ebc53327241887d545f56bda97dca42955623d95429ba56e19538b7f24,2024-06-20T12:43:25.663000 -CVE-2022-48718,0,1,7640e71d116145a3f3baf171d8d00574222355d0ce42a26218a607f2bdb73992,2024-09-18T16:59:04.887000 -CVE-2022-48719,0,1,316edab43602fc55750f273da69e714df52365401eb5ac657e2fe8a4bcfe1f73,2024-09-18T16:58:08.113000 +CVE-2022-48718,0,0,7640e71d116145a3f3baf171d8d00574222355d0ce42a26218a607f2bdb73992,2024-09-18T16:59:04.887000 +CVE-2022-48719,0,0,316edab43602fc55750f273da69e714df52365401eb5ac657e2fe8a4bcfe1f73,2024-09-18T16:58:08.113000 CVE-2022-4872,0,0,9a9357361bb7ab0b9cd8fd203b7948e3be5bc59908cc06b6955da5855c1684a0,2023-11-07T03:59:09.100000 CVE-2022-48720,0,0,90eecdc30f7ea6aa4c33f904804e5a2a970f90cd660766e7e51c0e99d0d283dc,2024-06-20T12:43:25.663000 CVE-2022-48721,0,0,050d67aa22d23f52c6bfdf27fb0dc60c5583d1190669a1dd29e753c31f9f5371,2024-06-20T12:43:25.663000 CVE-2022-48722,0,0,ea737430afb48ab135cc3263437bb0afa8bac793959b1846321b80c9fbaa56b9,2024-06-20T12:43:25.663000 -CVE-2022-48723,0,1,31cdc2db64a35923c1a712c4774ac8edcb2377a04366b4a6056b99d2c47c0aca,2024-09-18T17:46:50.220000 -CVE-2022-48724,0,1,7b6cf7dc90513be1fa438fe83b37531e293362add72b90daae0676b2be96e5bc,2024-09-18T16:19:25.430000 -CVE-2022-48725,0,1,133e21ffa0572c196cd2e5655d8a14e74ebedf557d8de3be913efb6c476781f8,2024-09-18T16:10:22.077000 -CVE-2022-48726,0,1,f0c473cd5b90d99544fd8497f3d5a186d1f94df3a66471f05e08b5c89f94da9f,2024-09-18T16:09:15.723000 +CVE-2022-48723,0,0,31cdc2db64a35923c1a712c4774ac8edcb2377a04366b4a6056b99d2c47c0aca,2024-09-18T17:46:50.220000 +CVE-2022-48724,0,0,7b6cf7dc90513be1fa438fe83b37531e293362add72b90daae0676b2be96e5bc,2024-09-18T16:19:25.430000 +CVE-2022-48725,0,0,133e21ffa0572c196cd2e5655d8a14e74ebedf557d8de3be913efb6c476781f8,2024-09-18T16:10:22.077000 +CVE-2022-48726,0,0,f0c473cd5b90d99544fd8497f3d5a186d1f94df3a66471f05e08b5c89f94da9f,2024-09-18T16:09:15.723000 CVE-2022-48727,0,0,f49ef1fb21fb3a5154a951dedd828fe63b6b99b0d08022a9c1020655344e026f,2024-06-20T12:43:25.663000 -CVE-2022-48728,0,1,4a8f54abce7793b55609eeea23d6695dfc0efb1124e2970f715dffaecbf7ce80,2024-09-18T16:07:21.097000 -CVE-2022-48729,0,1,2ec8bbf1a94ac413f484d3017e3caf03362964faaf54596abc7c0a0fcb29209f,2024-09-18T16:06:21.790000 +CVE-2022-48728,0,0,4a8f54abce7793b55609eeea23d6695dfc0efb1124e2970f715dffaecbf7ce80,2024-09-18T16:07:21.097000 +CVE-2022-48729,0,0,2ec8bbf1a94ac413f484d3017e3caf03362964faaf54596abc7c0a0fcb29209f,2024-09-18T16:06:21.790000 CVE-2022-4873,0,0,9266192fd5e17bc961f9039902c555ad69216beb20dfd48249e4f37501df9445,2023-11-07T03:59:09.310000 CVE-2022-48730,0,0,927e7fae9500f7d1d76c595495e5d68ddde80a2da0a22ed9d01a96f4a588ddf8,2024-06-20T12:43:25.663000 CVE-2022-48731,0,0,f2137fdaa4becb4ed0190377e8df6f4b116a98b0fb57b5a4ce7886128d2a2fb4,2024-06-20T12:43:25.663000 @@ -212288,12 +212288,12 @@ CVE-2022-48745,0,0,41db11ed51a619f18bf8566d3a9646fcce3f1ca7e8c8d1b8f24a053db7635 CVE-2022-48746,0,0,e0fa12e9f2d5b9a8bc1db423dcc6c83d2f1745d072ea799cb50d0201d1a5ab3d,2024-06-20T12:43:25.663000 CVE-2022-48747,0,0,aa1cb9efcca7c13891b9cc3d8cd2d307d24734d06b6fc90bb25e227010e2f6e5,2024-07-03T01:39:13.487000 CVE-2022-48748,0,0,8ceaaf6df6e057efbae67972ff0fd4ea5b5ca2de3f69a0edbfbd5849c7be6738,2024-07-03T01:39:14.287000 -CVE-2022-48749,0,1,a342016d18ed2373bdc88047bdeebb213977ad81378c82786c0d196af2420260,2024-09-18T16:05:04.623000 +CVE-2022-48749,0,0,a342016d18ed2373bdc88047bdeebb213977ad81378c82786c0d196af2420260,2024-09-18T16:05:04.623000 CVE-2022-4875,0,0,0248cb7e88a64eaf1154285e30f722a7ce5832425ab7216a34bbdccf82920b19,2024-05-17T02:17:00.353000 -CVE-2022-48750,0,1,55afd22040c9a204644583104b9b0ba5a5b6f53a98ecd72808a82376e1affbba,2024-09-18T16:04:21.597000 +CVE-2022-48750,0,0,55afd22040c9a204644583104b9b0ba5a5b6f53a98ecd72808a82376e1affbba,2024-09-18T16:04:21.597000 CVE-2022-48751,0,0,be32087ff7da3afc8bbd26738891fe8c820998963c64317e4b1afedf242a7fee,2024-06-20T12:43:25.663000 CVE-2022-48752,0,0,38cf75d35e9d1cb0a011fd7ff84616d4bbbc7cc6cd1186a506f033bb40c015f3,2024-06-20T12:43:25.663000 -CVE-2022-48753,0,1,fee8018edcf35100134efb8c5bdeee9c5abc917f17d652dbef1321e8083108a6,2024-09-18T16:03:25.617000 +CVE-2022-48753,0,0,fee8018edcf35100134efb8c5bdeee9c5abc917f17d652dbef1321e8083108a6,2024-09-18T16:03:25.617000 CVE-2022-48754,0,0,5e2ca936305382512d4f653834ab56313ed29fa4ae7f0616f9271b8d0d1471f0,2024-07-03T01:39:15.380000 CVE-2022-48755,0,0,30010b42de97147ea0203eebb224554207374f1ac961584225a137f3aa742eee,2024-06-20T12:43:25.663000 CVE-2022-48756,0,0,ba335ca06870d086c208a4b61d6e4ff2c3db981eb9732fbe19a2518767ecf69b,2024-09-18T15:59:50.983000 @@ -220417,18 +220417,18 @@ CVE-2023-2732,0,0,5a7e059d8013c6900032218995b585a27370cf947b5b0052332bea7619d90c CVE-2023-27320,0,0,271df67780038a21171c8424b21fcdbe117838ec6cf97970e3cb4b9f8c6b6732,2023-11-07T04:09:54.090000 CVE-2023-27321,0,0,2139ec57b72afa7970933b27918e8b73e8117ea2f243bd8b7d351f839155bd19,2024-05-08T13:15:00.690000 CVE-2023-27322,0,0,eb9d6dde7ff1917f54594852cc926b3c825d42192e800a03e7f2bfaf618ca26c,2024-05-03T12:50:34.250000 -CVE-2023-27323,0,0,78737f72882f9e9e1bfd580de2bd974f4c76255922018f0e1fe05970eace1bb6,2024-05-03T12:50:34.250000 -CVE-2023-27324,0,0,b439046d719b16aca968483ec67ddd9458189be60badd756bc5eea4f509680bd,2024-05-03T12:50:34.250000 -CVE-2023-27325,0,0,6f2c1a293f907dfaac23876e461c7b29e4e5570430e144f2d14c9bbd4d17d7fe,2024-05-03T12:50:34.250000 -CVE-2023-27326,0,0,593417b1abb3716058df27434a42f1193958d983dd1b96191673381a899e4149,2024-05-03T12:50:34.250000 +CVE-2023-27323,0,1,93c3ae9fa60b6df81f91ce5aedd1fd1d9eb084f347ba4377bd8a6338fcb8fdcc,2024-09-18T19:15:19.327000 +CVE-2023-27324,0,1,ca3eabc6cb082aa202b4760774e1b2e1e0c69a8117fcea406a39b7c9f62b7472,2024-09-18T19:15:19.447000 +CVE-2023-27325,0,1,0104dfe20cb9047e0dbe2b02b8129c4e2edc9ee0ca6d26b046cf011421c3d17f,2024-09-18T19:15:19.537000 +CVE-2023-27326,0,1,ae8a582f6727a5e8a835aeef2917e148b4bbc5f957ff53bc2f1e148ddc446011,2024-09-18T19:15:19.627000 CVE-2023-27327,0,0,887820da21bc9561b09ae8dc76ec6996402ec4422aee6f0e8c23aa20324b9b1b,2024-05-03T12:50:34.250000 CVE-2023-27328,0,0,28ec9b5f29108066090d57260bc841a34a25ba89d276c8cb4cab006aa29bda38,2024-05-03T12:50:34.250000 CVE-2023-27329,0,0,d25c76da27615b558c11fbae4c6f5f511b47ad8e1d19bec28df449ce7c030b41,2024-05-03T12:50:34.250000 CVE-2023-2733,0,0,711c86ebf3d35ed8ec43c7cda5c3e2903422835f297087c03a7383bdf2616150,2023-11-07T04:13:13.803000 CVE-2023-27330,0,0,209293e60918ed56e5e0e4eed477cee938fc949f832b695b95354681e2df3584,2024-05-03T12:50:34.250000 CVE-2023-27331,0,0,6a33a3da4b9e46206b5a98cd3a94c3a5918e017f583fc8817d445fa686bd6be0,2024-05-03T12:50:34.250000 -CVE-2023-27332,0,0,902bdd31bb01d0ee063a311e3617effdd92f507c3cea1c237af431cbcbbd55a5,2024-05-03T12:50:34.250000 -CVE-2023-27333,0,0,c4154af15d299253cedbf596f9651151c65180875e5654afddbbf0c9b94f8954,2024-05-03T12:50:34.250000 +CVE-2023-27332,0,1,1358b19e53d79d194fe6c59fc69d0f9721fff946a2c4b3855671fb769d60546c,2024-09-18T19:15:19.710000 +CVE-2023-27333,0,1,0a3f250eb02766602b223b73ff28955210ac4a11b18d9a7521492184f261d37b,2024-09-18T19:15:19.800000 CVE-2023-27334,0,0,aea3339181b9e82ff893388a6d3438a4a5851ce5509b34fdb288d6a6bdee9f3d,2024-05-03T12:50:34.250000 CVE-2023-27335,0,0,d5823d0f6bef345aed276202ed833ad5391b498cfd812b55656fe8190466deb2,2024-05-03T12:50:34.250000 CVE-2023-27336,0,0,8752122b18fc5eee437bc8aa93cc947c4f731cac93b931744745dfb827b88558,2024-05-03T12:50:34.250000 @@ -220442,7 +220442,7 @@ CVE-2023-27342,0,0,58af7cd25cf5b15fbe5f3c3734d0c53d0a2cc23e4a0e52f725d75621e913c CVE-2023-27343,0,0,44d78ac0f9cd44c7f8d1251ca8362e37c642e32f75ece551750450ea1c7a0455,2024-05-03T12:50:34.250000 CVE-2023-27344,0,0,5a279c38c10f734e896a8b16903ed8f149e296e5cee10b6a6316705d649f03dd,2024-05-03T12:50:34.250000 CVE-2023-27345,0,0,bbd40c321764f7a02c35fddf0112b9f05abffd2d45672f67d4c187460052bf59,2024-05-03T12:50:34.250000 -CVE-2023-27346,0,0,54766d050e604067c38a58cfd45aba77640625b23b9cadc2d9ad32a00b5faebe,2024-05-03T12:50:34.250000 +CVE-2023-27346,0,1,ffaaefea963fb122974f82e04499c433e55d8dc9dea179fa25668e00f228f914,2024-09-18T19:15:19.883000 CVE-2023-27347,0,0,43377d5bc4efcd750a90cc5a1916482398e83e307225626053eec8970f1c74a8,2024-05-03T12:50:34.250000 CVE-2023-27348,0,0,34e28a2c6a642aad1694c619bbdf08dfc0a51d4c0b0b15e001c71b147e802a98,2024-05-03T12:50:34.250000 CVE-2023-27349,0,0,bcd49e11765388f373af6d2522ef23caca83bc646181de4d6d5c2e97b52ea398,2024-06-10T17:16:11.427000 @@ -220456,14 +220456,14 @@ CVE-2023-27355,0,0,d074e996c1dca2a4669d159733b9cc2fa091bbef3066d5629c7179fae9dad CVE-2023-27356,0,0,2215114663e850d54f9a458a23f2c9b8a2e6bc65381ed15db3098e37663c56c9,2024-05-03T12:50:34.250000 CVE-2023-27357,0,0,863d6f5b723b0d1063ea9b8642cc6ac0a8d7c05e74f30cf7207e6e5531b832d3,2024-05-03T12:50:34.250000 CVE-2023-27358,0,0,f3393f73f77e2bd771570857bdc8f67056f9355b105a354efcf88da1592a97de,2024-05-03T12:50:34.250000 -CVE-2023-27359,0,0,cad542e07156eef17e4321c41275e3c74b69f7c0070f1e12220837a1125a7fe1,2024-05-03T12:50:34.250000 +CVE-2023-27359,0,1,fed2dca4f44468b88a9d6f527b16897b9f829471ab28e0ecdd50e12eb61ff79e,2024-09-18T19:15:19.970000 CVE-2023-2736,0,0,20699f1ceaabd33c83a2226aedb589f401c8533092bd3fa564dd88a5fc3f3ed1,2023-11-07T04:13:14.233000 CVE-2023-27360,0,0,99c2a55b8b6311cce3be27cb827c43e0a7ed01435c1bd0a9519d7696e7740032,2024-05-03T12:50:34.250000 CVE-2023-27361,0,0,ee68eec1acf92741165965e5d4380bb378ab100924077d0342facbe7e22c1539,2024-05-03T12:50:34.250000 CVE-2023-27362,0,0,c8cccc4b837df2793dccd96324478c7015ca200e58a3989e84c783d97737a217,2024-05-03T12:50:34.250000 CVE-2023-27363,0,0,ae70c8ac57eef076b9eb56fbd771f19c572c91c8ae980ce042f9d5f400daca6b,2024-05-03T12:50:34.250000 -CVE-2023-27364,0,0,e9b79f937b0bc8390f3b6538b2f318df663b3122a8b63b8e30f3b184fdeae207,2024-05-03T12:50:34.250000 -CVE-2023-27365,0,0,06b3c550d2df3efdb179539ed36bf597a596fa5898cd256e21a49e2baba393ca,2024-05-03T12:50:34.250000 +CVE-2023-27364,0,1,57d85e7ed196df564a7893ac7bb8ccec2e94b404de97161cb6c6598e616543bc,2024-09-18T19:15:20.070000 +CVE-2023-27365,0,1,156d7f20024e0e5456d5ba3964b7ffd8c78659e9203dbfb8085537d8e94f08bd,2024-09-18T19:15:20.230000 CVE-2023-27366,0,0,b8c91d67276fd9341a2bef1a194e0db89c86b42906e5cfa239787f9ef5dd0f89,2024-05-03T12:50:34.250000 CVE-2023-27367,0,0,48d4e1a6d24b8240cf3539ee0b22498bdc25ee5783031dc5149a293585ab9ee5,2024-05-03T12:50:34.250000 CVE-2023-27368,0,0,ef422aad2cb0a045cc32815f5169f7595cd6d8db913fc1f500b6191ca83d9379,2024-05-03T12:50:34.250000 @@ -221443,11 +221443,11 @@ CVE-2023-28447,0,0,6367186976f27827261c19bd8919f6ea82651685bddf6890d58adc5cfc17d CVE-2023-28448,0,0,ebc63ef0aa5992d3b1b222c457f8387f360915a33d538a72c217fd6a5a4cb59f,2023-11-07T04:10:37.130000 CVE-2023-2845,0,0,0fa9122be7638e783829920da4cebd575a75f9f5dbfa9888210728f2e9226a90,2023-05-30T21:57:09.587000 CVE-2023-28450,0,0,5c2253d4a287fe441625ee366deb367c57e306635c3cd3c5dc9109a263b491de,2023-11-07T04:10:37.277000 -CVE-2023-28451,0,0,170966e5e173d4e65f372992311e8581a69664e2757bb13f7362729781a9ce18,2024-09-18T15:15:13.900000 +CVE-2023-28451,0,1,8279752440516283e0f82d3f1f34143381833496695a0469053a512c113a55c1,2024-09-18T19:35:05.387000 CVE-2023-28452,0,0,75ad47e85685d8552bee5909bb140451cfae4a0b1e8874a03a2dc5e39b6b73ec,2024-09-18T15:15:13.957000 -CVE-2023-28455,0,0,ccfc9fec366d02b520fd6a525e39b67a89882c218eac90da8171f00b7cf8aae8,2024-09-18T15:15:14.020000 -CVE-2023-28456,0,0,16af9b073234d9431a66dff2494f29e4e5942374fcaebea8a3e86268bc8de8ea,2024-09-18T15:15:14.083000 -CVE-2023-28457,0,0,7c664c02f976855c7c8bb4e46f66badc003fbae5b354bb1525ddecad4d08db9e,2024-09-18T15:15:14.143000 +CVE-2023-28455,0,1,5d9dc0a1e3dd3761dc39c0ec499b0abfdf50462b1bd728dd33a43154387daed7,2024-09-18T18:35:01.490000 +CVE-2023-28456,0,1,30ac109970f777d2caa1aef3f1690c9199451186ec48919800655341b8ed7274,2024-09-18T18:35:02.367000 +CVE-2023-28457,0,1,779c00b1fb09fef4ef22b12b7a5b0586e5eb976cb589856710c590af55b54c99,2024-09-18T18:35:03.190000 CVE-2023-28458,0,0,ef73a1fa781dc427433a4344f064cf2c5d295719475229911a534302acd48e97,2023-05-04T12:38:48.727000 CVE-2023-28459,0,0,ff6d9b0d2a61636a2216f5ca3eebb22b60bf4cdf2177e93c8efd3097129af8b8,2023-05-04T12:38:31.430000 CVE-2023-2846,0,0,9aab683976373505e029cb617089a2ec5cce34a049b1b52d471de12eae663bf2,2023-07-10T18:51:01.550000 @@ -224162,30 +224162,30 @@ CVE-2023-32132,0,0,987ed4921c4cf92f85b9eaf3202611ddaba53511cc7c75b17bb03b45a848a CVE-2023-32133,0,0,def643b3ded9b4f4fdbf85182c723a2d34de9c71fd799c6b56f2440e08f9e1bf,2024-05-03T12:50:34.250000 CVE-2023-32134,0,0,d919654fdc10e05f3f63b6aa51eadd50763a393f7136d5b8e7d8ba4c6d5be3f5,2024-05-03T12:50:34.250000 CVE-2023-32135,0,0,e5dcd2727e7b1305a97f5ace0bb99ba6077a7317c3b564eee5a02a8ad1b5e5f1,2024-05-03T12:50:34.250000 -CVE-2023-32136,0,0,5060f866da0b43d7231b549cc37373cdb5605e022b253309b6b4439402839d4e,2024-05-03T12:50:34.250000 -CVE-2023-32137,0,0,88c9c6dbdd70591bdb3b0d8da309b9ffa85a45d74ffbc362ca4b092230fc3811,2024-05-03T12:50:34.250000 -CVE-2023-32138,0,0,d9c4190586c40880f4b801082ea15e74e1ec810e6bc5bd2b47fd80b73a4d8882,2024-05-03T12:50:34.250000 -CVE-2023-32139,0,0,a289a51dc20c7a262d6fdb21259c3c23f2a0ae40d5b3fbe4c522f9187f056025,2024-05-03T12:50:34.250000 +CVE-2023-32136,0,1,a065aa41ed24bd69044103cfd155ca0f8682e5e8982f41cbabef4ccea869fd26,2024-09-18T19:15:20.357000 +CVE-2023-32137,0,1,ee695a94acc18dd380e9d927a72e2bcb35f206db11180ac7f580397da574d83e,2024-09-18T19:15:20.510000 +CVE-2023-32138,0,1,d837da76052cc5d27e382a085afdaf9fa51b9557771e277c2799c68b74eba1e5,2024-09-18T19:15:20.617000 +CVE-2023-32139,0,1,d2bd425acd9d190b52a3277c29b1947c9cb13586ae32348c67f508a2dc226270,2024-09-18T19:15:20.703000 CVE-2023-3214,0,0,6cad473ae73ee9d40d7ee28184bfec2ba8878843a1c2e83b835acfa2691e9176,2024-01-31T17:15:12.020000 -CVE-2023-32140,0,0,df150efef344a67f186e08c9513623445ccc7027abfbd503a3f18bee03d4dfb8,2024-05-03T12:50:34.250000 -CVE-2023-32141,0,0,401d8448b3623c146fcadecb7eb68b7513faf72a3cd8ace1562f06d212c196aa,2024-05-03T12:50:34.250000 -CVE-2023-32142,0,0,fa18a6a2539eeb64f6acc9d0a831877ce0206a613d16b6b64eda77076ca8e8df,2024-05-03T12:50:34.250000 -CVE-2023-32143,0,0,6e5109ce011e4b91bd12eedee7806f6c1db16e5ce37077488a5f7d3b59245a64,2024-05-03T12:50:34.250000 -CVE-2023-32144,0,0,6da24204ffd5a2ab126dba3fa22ae36185ba8b6fdd2a1d667e09831552e7ae62,2024-05-03T12:50:34.250000 -CVE-2023-32145,0,0,50d22a06b680dafe74aad9aecfecb658309d5da4ef842845222ca1f89482467a,2024-05-03T12:50:34.250000 -CVE-2023-32146,0,0,2d5ecb9762d5fd42f52c997435d29d01bb2a2e753ce70e65764a689489aac017,2024-05-03T12:50:34.250000 -CVE-2023-32147,0,0,d29e0e55d44767563a5ffd577591ff4c30614d93c09a2cda00c8773682b6c1df,2024-05-03T12:50:34.250000 -CVE-2023-32148,0,0,d1fdcf9205b1395ee6933606e2f0bd9badf1c0c7b4cd8bacf264127e969ef924,2024-05-03T12:50:34.250000 -CVE-2023-32149,0,0,6e355caea7dbf77096e63335a8cfe2981656642b4dd9f9de17c596aaaf84b7b8,2024-05-03T12:50:34.250000 +CVE-2023-32140,0,1,1e85f7c1b9e343ea9daa356bcde879b9f64ba10032ab44a3ede9a97273fd5426,2024-09-18T19:15:20.780000 +CVE-2023-32141,0,1,f30ae165a97db988fbd5795906fdcbc9e82415cce2c1025bac439bd6f52a10b7,2024-09-18T19:15:20.870000 +CVE-2023-32142,0,1,6af8cddbd6acb8bedcd2d4c11dba86b98c224bdba4a46c46b4ee286191383cb5,2024-09-18T19:15:20.953000 +CVE-2023-32143,0,1,773b3fd91e731dc47653be692802242640384c85ba1cfbdb3f3fbed3172a16e6,2024-09-18T19:15:21.037000 +CVE-2023-32144,0,1,cb00023f3561fe4e3cc7647c2f63687b21a34424000b861bbdf9f1198a342c79,2024-09-18T19:15:21.130000 +CVE-2023-32145,0,1,b3f36d1b00638905f4df27ec28478103964848e8f6f035bbcfbcc02adf77d80e,2024-09-18T19:15:21.213000 +CVE-2023-32146,0,1,b84f5cb141eb0aa9fbfdba5b987e6b14f07957f3e093c21b5a33a073e3eb0f97,2024-09-18T19:15:21.320000 +CVE-2023-32147,0,1,5faceabd1c4635246a4a31bee04fa609f6f42323ebc343830a992de0ca46b13c,2024-09-18T19:15:21.437000 +CVE-2023-32148,0,1,7e8832c53782668b1ee89015eda37345244f56c4ce3daac0e51d21c960056e96,2024-09-18T19:15:21.547000 +CVE-2023-32149,0,1,8e1b9c4a1d70fe5d747ea28820e591ee32d334a04b7a00611d6f5d218fc0a1ea,2024-09-18T19:15:21.660000 CVE-2023-3215,0,0,5f69143cbcade001333da96f67947945aefa22ac5ee2f5d9b36af7acc488902a,2024-01-31T17:15:12.093000 -CVE-2023-32150,0,0,15b8521e512b697dad3ef1569911bfb67f0516e926abffcec9d85b35265cc4db,2024-05-03T12:50:34.250000 -CVE-2023-32151,0,0,94731dc3eb6e851c76bbcbc9c6a9f1faf8100cde80d5855335b38c4735fc7f97,2024-05-03T12:50:34.250000 -CVE-2023-32152,0,0,290c6efc7b199c61365771d681802490614e637761491a7ea8c1610c69afa4f3,2024-05-03T12:50:34.250000 -CVE-2023-32153,0,0,da395eb72599e4e0abf0f375241c53ad823536c391b449a248f2662856312419,2024-05-03T12:50:34.250000 -CVE-2023-32154,0,0,3cac1e258725c54db8982755fe95662b096dfb6da1594d349de29392d93b83ee,2024-05-03T12:50:34.250000 -CVE-2023-32155,0,0,c98af9bd9ad8faf6d9becbd11fa97d7a3092de363cc1d31a2964b6794f9db947,2024-05-03T12:50:34.250000 -CVE-2023-32156,0,0,2054f3c76a644a153bae147a88d968c0867511899ec418b7f29e5f7406d01d25,2024-05-03T12:50:34.250000 -CVE-2023-32157,0,0,2f07e104bf1a16e10bea67e6d68ddd3ce4605fa67b8a27bf5d3b4f8772f92550,2024-05-03T12:50:34.250000 +CVE-2023-32150,0,1,0cfeb8c2b36c9644c1be7e25b0565e64ae4f297e2d13d858dc096b85dae5a85e,2024-09-18T19:15:21.757000 +CVE-2023-32151,0,1,acde8c4553180a221ee3c915a0de3bca5e939343da5461d93bc0b2dbd575fd37,2024-09-18T19:15:21.847000 +CVE-2023-32152,0,1,f18d52af9dc8e54747ffc7dbd0df95045f33d84e1a5fc9ddd276c57e57405759,2024-09-18T19:15:21.937000 +CVE-2023-32153,0,1,1c39d580f0fde2642e557d9ef8662f2632e7b5ff09a059d545943cbc7e9b2a1a,2024-09-18T19:15:22.053000 +CVE-2023-32154,0,1,3ce89896d056acad31759a23768c8c4b374df1da896361d54e460e1aa9a41e91,2024-09-18T19:15:22.150000 +CVE-2023-32155,0,1,8bed095fc02043e27934d03bd861ac27c92ca32ab4109884689efc3d6be46cfc,2024-09-18T19:15:22.247000 +CVE-2023-32156,0,1,2ac071df1e08a305e9826b7963010fc913cbc772a0538c4ce25e871952e96859,2024-09-18T19:15:22.330000 +CVE-2023-32157,0,1,966adbfa89e8c9104502e770432e7a328fbd1131a5c536f177261cb235b18d09,2024-09-18T19:15:22.430000 CVE-2023-32158,0,0,f3f7f25ce5637e888ff88d6ad27c8bd3d1790aa354135f2c249fbbb6bd0b8b9e,2024-05-03T12:50:34.250000 CVE-2023-32159,0,0,9e9ea830aab56d8d98aa956c6704ec4774028336d7bd4f641dc70e4b111c9a94,2024-05-03T12:50:34.250000 CVE-2023-3216,0,0,aa68e86860dd7f28e3fcdff19dfc8b774aac390aca66ff22a2bc4fafafdea42c,2024-01-31T17:15:12.160000 @@ -224196,20 +224196,20 @@ CVE-2023-32163,0,0,e33c90ee910ac9d1f9c3e779699816746e209931f919f653b1d7a2c29f690 CVE-2023-32164,0,0,db5c09ec10ffe7c285ac3dc6bead4f50cfb572216e5d3daca2b33eb7e2d84cc3,2024-05-03T12:50:34.250000 CVE-2023-32165,0,0,b3f38027e03a64894128fef4f5f5de61f695c9bdc0b52f439bc13ec43d2417ee,2024-05-03T12:50:34.250000 CVE-2023-32166,0,0,32b2e8c20f7b63a1f392acc7483d46ce979ebb30614cdb252dd0a211de4ff88f,2024-05-03T12:50:34.250000 -CVE-2023-32167,0,0,9c5500242ad5117bb57eec7a6c2dbbba07b863878f1fe47b1578e24ea5adb243,2024-05-03T12:50:34.250000 -CVE-2023-32168,0,0,4ca11aca5593ff0d901a63ad14707905d4ee50deadb6f009aed027ef9ecb124a,2024-05-03T12:50:34.250000 -CVE-2023-32169,0,0,772a7c7cb6fc8aff70b2d6ebd28f2ac110e140c9c2a138b8d2d576632cccfbba,2024-05-03T12:50:34.250000 +CVE-2023-32167,0,1,0f3c6631b8b2118cfa1dce8a080a715ca0108ab430dd981746ea9a74d076c9a2,2024-09-18T19:15:22.740000 +CVE-2023-32168,0,1,c6d4c0306bddf47f11c6e7196f0bd2e78e58c3ee951b2759c81f95c973ee4e4e,2024-09-18T19:15:22.827000 +CVE-2023-32169,0,1,080f1596b789ef38eb37f947e13dc3e2aaa8964f64b1b4c3f721f5686c3ca372,2024-09-18T19:15:22.913000 CVE-2023-3217,0,0,a42b711b8f3d3e21ce82c7a09a16e80954c6b86fe9067b5a6b271e4357398906,2024-01-31T17:15:12.227000 CVE-2023-32170,0,0,0037e4ad02d13b783e0e4a035c92428a225d618b4b4fb428736f8058f5d71fd4,2024-05-03T12:50:34.250000 CVE-2023-32171,0,0,a5f72a14b1bd2ad2323d69c9bc09ba3896d32f39ade6ff9d6e44e5e97cded247,2024-05-03T12:50:34.250000 CVE-2023-32172,0,0,d6d783d179f374bf6714c6519b82d9e013d3ee05fbdbb6a7c7028b98ae55d558,2024-05-03T12:50:34.250000 -CVE-2023-32173,0,0,88e0431d08942895f048b6fb9902b7bdd6b6a7b1b261c286b3cd2d6ecc31f1c7,2024-05-03T12:50:34.250000 -CVE-2023-32174,0,0,fd96b53da7942eef4577d79d9e76a0aefb3ebeb0ad41a1b8968a30fb7cf25284,2024-05-03T12:50:34.250000 +CVE-2023-32173,0,1,658db02acc93e52fef0468004cd816de1e3037ee47dd23c22117a7bb124ca1c8,2024-09-18T19:15:22.993000 +CVE-2023-32174,0,1,778c72ce39f0ecd9b5902c6c805816204d8e618af5c72901f3ed712fd15e41f4,2024-09-18T19:15:23.087000 CVE-2023-32175,0,0,daf56080ea0fa8b5fe9d41fe9ec282544d571713cbaae52cb5a979d28fc7c5ba,2024-05-03T12:50:34.250000 -CVE-2023-32176,0,0,607065719c2c7f44e04542577ad9ea69fab34274f609c90ce0cd8b0254d4e5fd,2024-05-03T12:50:34.250000 -CVE-2023-32177,0,0,a595da123f6f821b67a42400594968a605e2fe8713135b44d828795ad155a8b1,2024-05-03T12:50:34.250000 -CVE-2023-32178,0,0,bbd99cb4c0e0e2f7cc87413880a37249c3fc2f1cb14f38775e74fe382f5adc3e,2024-05-03T12:50:34.250000 -CVE-2023-32179,0,0,242af70ce0e830dc217279071987e6c28103191cf7aef3280363fd673d3653f7,2024-05-03T12:50:34.250000 +CVE-2023-32176,0,1,f75eb603863c2de240dd9c5f3e5dac65b747341fc84410919821bba2afb99f8b,2024-09-18T19:15:23.183000 +CVE-2023-32177,0,1,fde56e99979148e90205f65895c0464251e18295cb05c9083047ccc073534c67,2024-09-18T19:15:23.270000 +CVE-2023-32178,0,1,f9680b6bda46edbc537d2e77c6f9e93045b8fdfda933c0946fc36bb5e335a7b6,2024-09-18T19:15:23.360000 +CVE-2023-32179,0,1,a5f09f392a207ca449f3f6cbae785853fdbf7c58f92ed2b6d7515d09355b2343,2024-09-18T19:15:23.443000 CVE-2023-3218,0,0,f5aaf6cddaa6ea9ac4e9a85540521ebe12df2af9a932488b39ea3fecf2cd79d6,2023-06-21T17:57:01.300000 CVE-2023-32181,0,0,5c5aa80824c179b9425aca2a59a415855b2b27513f9050a24ff4bb72a84d91d7,2023-06-08T18:29:24.157000 CVE-2023-32182,0,0,aed83356d1f8c3e1cec489cf4b18b1bc4ed6ae5d91ff34b8ee2b317164157b2c,2023-09-25T16:32:30.803000 @@ -225997,34 +225997,34 @@ CVE-2023-34282,0,0,7a5af4960c5d4def5d5cc328502cb569f73c7c5d0153f29c07e8ce65dcf05 CVE-2023-34283,0,0,77be97f75fcdd53717ed4737250cb26106dd37e2c6743ed28851334ed34289c3,2024-05-03T12:50:34.250000 CVE-2023-34284,0,0,69eb0848a3c4b35953dac0750011c9d2d57df076def592914688a83ae04939bf,2024-05-03T12:50:34.250000 CVE-2023-34285,0,0,d8db980a56579e77b68a0e1842c9fb6fdb8e52a4032e6b7c1bbc1f9dfd6408a0,2024-05-03T12:50:34.250000 -CVE-2023-34286,0,0,b2dbfa8aaa79a43124a27af7d57809005e52d9c4abe66e32086e535faaf5095a,2024-05-03T12:50:34.250000 -CVE-2023-34287,0,0,a55980ef9cfe412ec8af94c498be30569e1ba031e672d54cf1221a6b53e8c093,2024-05-03T12:50:34.250000 -CVE-2023-34288,0,0,a70912cb8b7721cb0fc91454fea6f1dc0286e9c18ade686fc91f1f1a0f6f532c,2024-05-03T12:50:34.250000 -CVE-2023-34289,0,0,0d669c6361bed255db91fe08037d24ae8ef4a11acf212d4ab42592af3b948e7f,2024-05-03T12:50:34.250000 -CVE-2023-34290,0,0,59bbf64fd8f31379e2bcdd2b317350f6b0a21c1be91b2e7d3be9d7c65045cf4f,2024-05-03T12:50:34.250000 -CVE-2023-34291,0,0,bfc31c7988d1a7705bdd4433ba8424ee12738fa982a3fa815c04a4e4326a7df8,2024-05-03T12:50:34.250000 -CVE-2023-34292,0,0,ca2452ff692cae415f66f987a9b597b0070c1c4cec206ccb0cb2c64091f8daa5,2024-05-03T12:50:34.250000 -CVE-2023-34293,0,0,13e2c8d505c1893e396f7dfc7a72088b4a016ed1f8e1448d27ab7aae90e84eca,2024-05-03T12:50:34.250000 +CVE-2023-34286,0,1,34a47811968eafbe3eae4fbbdfd3a435a0901633ee49d66428189a0d71f491c6,2024-09-18T19:15:23.527000 +CVE-2023-34287,0,1,29c3b50ab4081d168e8be76d9c141c998d3058c6c94f99b17bf24fa691974f6f,2024-09-18T19:15:23.607000 +CVE-2023-34288,0,1,a1f9c9db8f0d18caca1761806b3173e3dff624e51a74dd34d15db183b4558131,2024-09-18T19:15:23.693000 +CVE-2023-34289,0,1,785a5df75b8886c25fc94e0da0eedf0ef0815d1f9ebde2772cc3cdb08fdc4a92,2024-09-18T19:15:23.773000 +CVE-2023-34290,0,1,e722de05b314a7e544ff84916395944c76f648ca5c0562a1ea44e280342c6b8e,2024-09-18T19:15:23.850000 +CVE-2023-34291,0,1,cae1aee1729f95e16fd2c34fa9108fa900c172856b22e21c1979c4f72e56e44f,2024-09-18T19:15:23.923000 +CVE-2023-34292,0,1,90c0b936885e9abec060526890bdf0ed8a53d73a723f15608803658d70ab1aab,2024-09-18T19:15:23.997000 +CVE-2023-34293,0,1,4831e2b01504fab4b78b6d01d0c134d9722135faef39944b0448406b4cc31307,2024-09-18T19:15:24.073000 CVE-2023-34294,0,0,a47d581b848337ce8e9e3ade8a44289a95157fa2b472c3f0aa2f95d44b20498f,2024-05-03T12:50:34.250000 CVE-2023-34295,0,0,25853c51ab8a1e9eb390d7e3a66f578a2e6506d3da2250e768333613cf6996aa,2024-05-03T12:50:34.250000 CVE-2023-34296,0,0,d156f2e7794832afdd9bcc3bb2fc5f4648f8f8db58ede3310224f5a0a4ed819d,2024-05-03T12:50:34.250000 CVE-2023-34297,0,0,99f5b100fa1597d35df7fd8c6b1d7e9a4cb366c0f748ddf7f3c5eabb31978cf3,2024-05-03T12:50:34.250000 CVE-2023-34298,0,0,d85862f4ab3815a187e0a643442aef3568dc95b113e5d678e2fefeb477d226eb,2024-05-03T12:50:34.250000 -CVE-2023-34299,0,0,38191045019a230f1f18096dd32bd961a7ca8c9610ef68d5bb95c047ddbbb790,2024-05-03T12:50:34.250000 +CVE-2023-34299,0,1,f051229c820158df5a712da03e07f56e887a5b4b898074e8b958cc14c736c841,2024-09-18T19:15:24.153000 CVE-2023-3430,0,0,9a4e18968ebc78921d1c0ae6d1f0e4fc9ff3b0c18f4aa104844e2ecca677bac8,2023-12-22T18:44:22.440000 -CVE-2023-34300,0,0,f928180dbfb187fb2081d8c235eebd0e24fcaec69f4f605f6346ddbab1c86fe1,2024-05-03T12:50:34.250000 -CVE-2023-34301,0,0,40ab442313ccf45fbf3eef170bfa2e8adda277590792793605edbf9efe1d9872,2024-05-03T12:50:34.250000 -CVE-2023-34302,0,0,ee79f8d8aece0fd1e43159f7a9fd1be48b04907d6a9ac35bdb511dd95fa232c9,2024-05-03T12:50:34.250000 -CVE-2023-34303,0,0,ccd8504ba30d7e965bd7d2011f71094d6807b5478484d98d5f9f62627388fdbd,2024-05-03T12:50:34.250000 -CVE-2023-34304,0,0,0aad6159129570a206c5642d94c07c4aa143488e29789f4d5f9c9fccdaaa8dd7,2024-05-03T12:50:34.250000 -CVE-2023-34305,0,0,967644e29cf2b739379ce011b61298def9b93281ef7585c56e298f0c0a44cb50,2024-05-03T12:50:34.250000 -CVE-2023-34306,0,0,2aa0d17a1bc4b66791ee00b9ffc3ef25246d5858b8eaa394392ff27942b057e9,2024-05-03T12:50:34.250000 -CVE-2023-34307,0,0,ded9c8bb63498acd96aab5d38231498b2620c31ea9300494626296fbdfa6d88b,2024-05-03T12:50:34.250000 -CVE-2023-34308,0,0,a1e2d1be372f67b9ca855098da519a24f6e593489e827f39b678c894dfa83987,2024-05-03T12:50:34.250000 -CVE-2023-34309,0,0,535f41a23015ad1163b58886ecdb0c4fdd96c582f565a9b618aaae0f1055d142,2024-05-03T12:50:34.250000 +CVE-2023-34300,0,1,282c70c94b208e7dddc947a03d85074b6da86956b526ac6bbf48bcef8d36e3b8,2024-09-18T19:15:24.230000 +CVE-2023-34301,0,1,390712f272346e8d5276b11e539e92d6a2428f5d3e12e6c4f6af0954ad7eb715,2024-09-18T19:15:24.310000 +CVE-2023-34302,0,1,13995de8342ea7cfb8b622cbef65355c4aee26274e72ff0ed2fc75fdc07c37b0,2024-09-18T19:15:24.387000 +CVE-2023-34303,0,1,0a07acdcda2b123a5660c7eb4eb93057fb747a6659320e897003f968f575d2b6,2024-09-18T19:15:24.480000 +CVE-2023-34304,0,1,4886dc2999ffcfe376770c5045f02d5b21a6d14a382fd7446159297d2f79df34,2024-09-18T19:15:24.587000 +CVE-2023-34305,0,1,a1f2c694643a898d62e45bbb7cf6bf3d43e1341f7f17c6737f8976106c9e2660,2024-09-18T19:15:24.673000 +CVE-2023-34306,0,1,a93dc56b753cabd56fa81a86b46ec24d6335bada12db992cd966aab5a74267d6,2024-09-18T19:15:24.760000 +CVE-2023-34307,0,1,575b9c98517ae6b59742c968589a36ed68d18162e6e5b14231357acbd27b9420,2024-09-18T19:15:24.837000 +CVE-2023-34308,0,1,6b0524e479b28a7fe3dcf2dc6c1bfb01a55a4034a2e1d5aac35f3ad1558f6046,2024-09-18T19:15:24.920000 +CVE-2023-34309,0,1,27448a0df3f95a062102a0536012d6473171479dc47588f8452ffcf4958dcefe,2024-09-18T19:15:24.997000 CVE-2023-3431,0,0,e4b02ed9374fdf20b22ba6d8747be56348c156bc3fc04cc8e36e85a54d96927b,2024-02-01T01:21:58.477000 -CVE-2023-34310,0,0,157cdd5a60462ebe1a6ec4adf20f2c37dda1e6cb96c133baf912ebc0efa23b1b,2024-05-03T12:50:34.250000 -CVE-2023-34311,0,0,708e656fec8c833c6e1bb69b0fbc17dccd50cd93442fd41aa8e33b5a1e0338fc,2024-05-03T12:50:34.250000 +CVE-2023-34310,0,1,6eb3a5521952d1b86c243223ee405ff6f5a26843fe440c54022fce1bd9d2c4c1,2024-09-18T19:15:25.080000 +CVE-2023-34311,0,1,344557db1a28c3b67f09b0442a4090c3c82a80ab06526366b1a1e7e7618495e1,2024-09-18T19:15:25.160000 CVE-2023-34312,0,0,13b2b3fc8e5c46ae6e494816e7c787ee08f4e7643b84284f1d7184a2e154a7ce,2023-06-08T16:45:47.183000 CVE-2023-34314,0,0,ff50216f961974d5e6e7291926d11c916d1df12298aeb38d15f48d53e0849686,2023-11-21T19:57:15.237000 CVE-2023-34315,0,0,8ddaf4b043034ccc461295e50863d63584bacfa75823b6a33ae1935935f76d1b,2024-02-14T15:01:51.137000 @@ -226788,60 +226788,60 @@ CVE-2023-35702,0,0,b1c9002ddac6d19bf7758b93a856d626ed44dfd0e2ed16a42876e5f7d2f1b CVE-2023-35703,0,0,11fffe06f8e68ac46a0e209a4679871877013a3c0cda535c9191212f6374fd09,2024-04-09T21:15:08.797000 CVE-2023-35704,0,0,98dced696ab10c656ca10a89b390f891cd047daa46060fda8ff302c0ffcd95dc,2024-04-09T21:15:08.890000 CVE-2023-35708,0,0,0ca51702405180d1eb5a1f86954a7203177028046068430b120eb3f78ade0a42,2023-06-20T15:08:24.433000 -CVE-2023-35709,0,0,c46b1aa0b4bf28407994a5a718f550ce918761005c9e7f1f020d2fc5bc57c3e1,2024-05-03T12:50:34.250000 +CVE-2023-35709,0,1,9041ef5ef223db58ce4327ef8a228461bce2334a95f6ea2938902097b4e4cb68,2024-09-18T19:15:25.280000 CVE-2023-3571,0,0,cb3aed95d710bc7c2250c60e29cb0f7fc49e223803e608f5ece7273ab08e9de3,2023-08-25T07:15:08.840000 -CVE-2023-35710,0,0,40207ca4a706e0f82560b7cc20fbfe45663bfce839fd884bea5fabdba2422a47,2024-05-03T12:50:34.250000 -CVE-2023-35711,0,0,211e1ded55cfb69a5d309a7ae0d1a4fcb518b443003efd0a8b8c970f0793dee1,2024-05-03T12:50:34.250000 -CVE-2023-35712,0,0,e47e3ff6969bae6a3aa262159d07b0d449c1d1d2ba2f1d567c8621cc7d169feb,2024-05-03T12:50:34.250000 -CVE-2023-35713,0,0,b95251a40fe37a2a4d670bc3c53928dfb1740cecfbfa2bedae18ac6b66eb0518,2024-05-03T12:50:34.250000 -CVE-2023-35714,0,0,2329ccff34892b55bb25b2c50e34f0c41d366fa9037ab356b1717ade2e5a72cf,2024-05-03T12:50:34.250000 -CVE-2023-35715,0,0,4f3c4b3c0cb3234c02a313847075128bdd17d4f4d7381c5ab44ed16268c9e6a9,2024-05-03T12:50:34.250000 -CVE-2023-35716,0,0,adaca7aca85ff983d7b7d46bc8bd148bd89c79a5c8243af22f12246a1d5b897d,2024-05-03T12:50:34.250000 -CVE-2023-35717,0,0,87e78493bcece8fac8c5dc76fc8e4b300a4428f6f93983a22dc8ef01fe6134f8,2024-05-03T12:50:34.250000 -CVE-2023-35718,0,0,d0e4858f078942c48f017ed4bc2908d1034680ab50fc48dd695ca59abe899e5b,2024-05-03T12:50:34.250000 +CVE-2023-35710,0,1,e3b5de7a5f4406976341a18a1742b9cd288ff64f174480e93698ec60b19de33c,2024-09-18T19:15:25.363000 +CVE-2023-35711,0,1,c97faf736fb1837f55044e2733389aa8d5c6171e0f8eb367f15f2e09c1640bf5,2024-09-18T19:15:25.443000 +CVE-2023-35712,0,1,aeee8f4a4fd62366e85f697b6c3db605b6670456fda619d01e6308dedfff3002,2024-09-18T19:15:25.530000 +CVE-2023-35713,0,1,5ecfb6efa3f914d09c82d9daa919d9f2046bfed9b86ad4f068a8bdfc34c9751d,2024-09-18T19:15:25.610000 +CVE-2023-35714,0,1,eeb94b93f19b045df8ab95d7486cde49a63163f83cee64449cd3866c1d02123c,2024-09-18T19:15:25.693000 +CVE-2023-35715,0,1,a893963bd2acde31718c237ecf5fa8fdf64341229b4e506325415f1a0158ec51,2024-09-18T19:15:25.787000 +CVE-2023-35716,0,1,50b8245ecbfcf20c362a52f76af8da491012474e38ebd3ea51f1c2805f883ffb,2024-09-18T19:15:25.880000 +CVE-2023-35717,0,1,00380dd2f354e825800c2cf310599d0ffdd56f8ecb0894eebd36f55a421db920,2024-09-18T19:15:25.973000 +CVE-2023-35718,0,1,3a6058cef2cb651ccb41a1d987bd2db41a786f1fbc26c5415da6888237d83e17,2024-09-18T19:15:26.060000 CVE-2023-35719,0,0,ccd25b6218167c469b05bc3bd0c299a91baa4e3bcb2deb9144ffd1d8a12bb67c,2023-09-11T20:15:08.767000 CVE-2023-3572,0,0,4324181eacd5913f807a10cab53b294fca2045c5675a8696028a5353a5c55854,2023-09-08T09:15:07.390000 CVE-2023-35720,0,0,6fe096ff5fc85c69bcd5857265038a5746f12c3584452ef82d34c27cf3382054,2024-05-03T12:50:34.250000 CVE-2023-35721,0,0,6a61d04dbf5d0c4dadc0ca5881d14fa1afa8008b16a56ff22a82f84baced3e63,2024-05-03T12:50:34.250000 CVE-2023-35722,0,0,4a6ed28ce4b33dd1b7ed97079ba5b4abf6ab8ac193c23a007d36b32819093da0,2024-05-03T12:50:34.250000 CVE-2023-35723,0,0,df9e71f7adef6dc6d04b3adbd2fbf36b2702a3a5867fa0e2add0f99b156a0e63,2024-05-03T12:50:34.250000 -CVE-2023-35724,0,0,2c8a79b1f76fc5f2ac8bbec596ece26d9cee0a1a4ddf5d864028769c1b691c5b,2024-05-03T12:50:34.250000 -CVE-2023-35725,0,0,efcfa75056abd1f9218d823e32a33b26895be916386fe2249f4a88ef95b7170c,2024-05-03T12:50:34.250000 -CVE-2023-35726,0,0,9716c3850e3b8394779bc4d78b94844467de9d5e1db0bc12768b89361dd3c8be,2024-05-03T12:50:34.250000 -CVE-2023-35727,0,0,9be216c8f2ef0db1a9dfd80228a0992b5db9e448844889c4bf376e5be0173c0d,2024-05-03T12:50:34.250000 -CVE-2023-35728,0,0,11143f8a97697d01258eefb8f36a4620d590c616b3f2dcde9c120f083424142e,2024-05-03T12:50:12.213000 -CVE-2023-35729,0,0,5869d6c11084906de5d5d4235610624a629076f8b2ac22c428fbc898af50d587,2024-05-03T12:50:12.213000 +CVE-2023-35724,0,1,20ef9d23f8161e5d24220dfc4a18ce995ce8ac9fe106e2ca21ca73b396594233,2024-09-18T19:15:26.150000 +CVE-2023-35725,0,1,9c44cfad6b386d05bffb922d893d2b8ac99cf84c74eeeb8b59b2156d01be9d58,2024-09-18T19:15:26.243000 +CVE-2023-35726,0,1,e69f89f39258080b8a841de22600b6687491d3c84fd71d7252562b284d43d50b,2024-09-18T19:15:26.327000 +CVE-2023-35727,0,1,acb9764e38277f1dc97c115e353bf42fc437a42b6bcc4917fa2f4432d7867e49,2024-09-18T19:15:26.420000 +CVE-2023-35728,0,1,fc1bc5585dde21bb74baf9adb3110c99d6c8014150a4b7437f08b9601b8f44ed,2024-09-18T19:15:26.597000 +CVE-2023-35729,0,1,b5734cb9389d36267de328a4818591fff9de5dc96a869dd46394071dce677125,2024-09-18T19:15:26.690000 CVE-2023-3573,0,0,6fdfd50fa002490262b26dbee78643e4dc4d4f9b5b331ec02d3ba123fdfbe881,2023-08-25T07:15:08.990000 -CVE-2023-35730,0,0,a83b01e18dcc5be98d20552b054d3a5f9161889aa7900a1cb8798580effba6dc,2024-05-03T12:50:12.213000 -CVE-2023-35731,0,0,4168bf142f2b0a67239407201e6ebbf1f0f7b526d5906009bc85873d41007f0c,2024-05-03T12:50:12.213000 -CVE-2023-35732,0,0,d59740f8c82f660e651a53eda496510a134ca3edf793f7a929b3f6e72b95c780,2024-05-03T12:50:12.213000 -CVE-2023-35733,0,0,98da76bd93531559451c7f81cd8445e7567d34023343e994948d3473bb0bc9f0,2024-05-03T12:50:12.213000 +CVE-2023-35730,0,1,04737d0c08621aabacb13965a0baf76c3fb63b8d4d989f90db29d8bb2b7eed1f,2024-09-18T19:15:26.783000 +CVE-2023-35731,0,1,4cd569c42bbb8840500d75c1e7790cd56857d551b6a9a1fc8cfc9fc019369ab6,2024-09-18T19:15:26.877000 +CVE-2023-35732,0,1,2946d69d93dba6712f7b039740b1858b088f604648efac80f3930e7f0f43f71c,2024-09-18T19:15:26.963000 +CVE-2023-35733,0,1,607b5d4c5a9332dcfd5d12b13564d07bb3a75f9ffb278a42ac82297e5d49aa56,2024-09-18T19:15:27.057000 CVE-2023-35734,0,0,e98607fb21e8bf377e7c359d6a56cf084d0698da701b1efe308f4492edf429b4,2024-05-03T12:50:12.213000 -CVE-2023-35735,0,0,684016e338f7a2a8c1c740375e4de9ad572064e8fdaf740a3b75774fa3717ac1,2024-05-03T12:50:12.213000 -CVE-2023-35736,0,0,c6bf3b2326774f033343525ed0d9401c1657ebef0ec0d5f360d471eb3add396b,2024-05-03T12:50:12.213000 -CVE-2023-35737,0,0,e9c32310442418e4284c97e87261caa2ac56f9422524ff9487f6b8dbe5765fe9,2024-05-03T12:50:12.213000 -CVE-2023-35738,0,0,501f9a06599a17f1a7077beaedcadbe40b29ddffddb347c3cae4f1b79144b102,2024-05-03T12:50:12.213000 -CVE-2023-35739,0,0,0f3fe93f52e54f9dfd340c24a93a38a8816a152b338e5fd498fc379e0d3e1e64,2024-05-03T12:50:12.213000 +CVE-2023-35735,0,1,09b66770e07833b7b5870fef40c6dd42b36969835c621c27e018988967cdc764,2024-09-18T19:15:27.140000 +CVE-2023-35736,0,1,62d26a0eca91c5f66569df9eb053488b1037a112f1497f32bdbbe4c0656ec371,2024-09-18T19:15:27.230000 +CVE-2023-35737,0,1,391ac917502521dcea5c63bd0acbdfaf9dcad341ab11b78470bc578a11da4cbf,2024-09-18T19:15:27.337000 +CVE-2023-35738,0,1,46575f7257e20e830940f623c054bba5c6af3b57bb201cd0a2d54e58c715e67e,2024-09-18T19:15:27.423000 +CVE-2023-35739,0,1,d713088510041b60c848d515c1103e4276e06ffb05e3ae40703cc9068c84bf17,2024-09-18T19:15:27.507000 CVE-2023-3574,0,0,71995104036322f81f99de93ff4d443065d1e1071e6b44fd5628edfb66acfe61,2023-07-19T15:58:24.693000 -CVE-2023-35740,0,0,51f10f7722df9cea509c24bde45da6d001dca1ae792b47b053fd9281635df7fb,2024-05-03T12:50:12.213000 -CVE-2023-35741,0,0,cd0b37aacbcdafaa9701f2ce07d18c09ab67d540ac46f31b91d27ae16a1616c7,2024-05-03T12:50:12.213000 -CVE-2023-35742,0,0,6afbde2bbd2a7d5203e34155c631a3a1cae7322e659c454508cae357a0548fa3,2024-05-03T12:50:12.213000 +CVE-2023-35740,0,1,27fb8c94915b7f4827540cc8f93ebe6977871b143b2b47593bc3528fbb71404a,2024-09-18T19:15:27.600000 +CVE-2023-35741,0,1,1501253487888f302c67d3ba7d86bcdeb84acee43335b449fe653e4e60810e27,2024-09-18T19:15:27.700000 +CVE-2023-35742,0,1,2a4c424c3c3df08cdad223feb96b96fe6a1f81c3f9e5f9211bf4940e9845f5fc,2024-09-18T19:15:27.803000 CVE-2023-35743,0,0,846106e108930f86924ba9ba0b2b50f3dd0b4c12ca3b73fb3fa64ed9fa418bb1,2024-05-09T23:15:06.167000 -CVE-2023-35744,0,0,4fb14b11c85a6b93298c2eb5433a6357204912ae85789f9485e7781b421f62da,2024-05-03T12:50:12.213000 -CVE-2023-35745,0,0,1ab2f2a42903694f1bca31b4917fc54bc2d9306aae276a5e40dc67696399cdff,2024-05-03T12:50:12.213000 -CVE-2023-35746,0,0,163a7e8cf66c352c90c2942d9cdaec551da788e6917e3c7c0ebf7fe542058895,2024-05-03T12:50:12.213000 -CVE-2023-35747,0,0,9d301578877be164ec49d6b5d8e34f43add47ce953d89c8ca2ef7590b0909c6f,2024-05-03T12:50:12.213000 -CVE-2023-35748,0,0,94ec8f1284f6d166b0e2bbe81ff0436bd53a1c16b611fa1d0444015b62259fa8,2024-05-08T13:15:00.690000 -CVE-2023-35749,0,0,dc13014422a401adbeb2b47ba36ad48315cc03f4bd8bd9b3d764f6a849b399d8,2024-05-08T13:15:00.690000 +CVE-2023-35744,0,1,9c2d2c31de1a0783fecfc0d1dde2eafa4271a9530bd9019ac76ad6ef585cb0ed,2024-09-18T19:15:27.903000 +CVE-2023-35745,0,1,77883ddb96ed019ce0e425499c8ee278d0371db0badaafbc9f4d6f23c324d7e9,2024-09-18T19:15:28 +CVE-2023-35746,0,1,340376437dfd34b862ef4d6f35233e54186885de9e809b41eea3aecd550e9314,2024-09-18T19:15:28.100000 +CVE-2023-35747,0,1,700a08de2288d2b93adc839e6e3513d1097ba7c76c3b231dbaccab74d6627534,2024-09-18T19:15:28.190000 +CVE-2023-35748,0,1,7255786649e8872cc006c7fadfd91cc5eacd7643d4915656c28ee2b3bcbf1bb2,2024-09-18T19:15:28.280000 +CVE-2023-35749,0,1,1c0bce3d0fb21299299b390280f9a825a559906b043f748831923dd3fbf03fa5,2024-09-18T19:15:28.383000 CVE-2023-3575,0,0,d62567e827e67d620174b2bd9162729ea9f7aa002ef2f6c0a8ae2d9bddfd8cff,2023-11-07T04:19:05.260000 -CVE-2023-35750,0,0,7ab4c328963c161c3cb0b25bfa4f6c227cc08b811e99e3a14994bd5f087a538d,2024-05-03T12:50:12.213000 -CVE-2023-35751,0,0,aafaaebc1687c8e6dd9d8f1287496a31609a5beea417229e48e1d5a7842c8139,2024-05-03T12:50:12.213000 -CVE-2023-35752,0,0,8ea53ef4be9b21d8beeed256646ea30dccc048c3f5d6ab2a5fd6e5f6506974b1,2024-05-03T12:50:12.213000 -CVE-2023-35753,0,0,0f8331d799b1f83eb033f57cb075e6d884c4312c3a75fe93d3fd9489bcadcbf9,2024-05-03T12:50:12.213000 -CVE-2023-35754,0,0,7ab15d6093937acce43561febd13b167fc74134b6eb627dae5a14146e6a46d81,2024-05-03T12:50:12.213000 -CVE-2023-35755,0,0,e1f17c748909f4d01d764fd7885f04db141c0fcf4a2980f003d3efccef1d8f1c,2024-05-03T12:50:12.213000 -CVE-2023-35756,0,0,4f68e862c118fc2cbc87ac3f51430f658fe10075e742a61844b05bd60a924e3e,2024-05-03T12:50:12.213000 -CVE-2023-35757,0,0,0e8463fc2c81bc4580cb4e502ef99de97d681981a85a135f7fe4d04c1930a4c6,2024-05-08T13:15:00.690000 +CVE-2023-35750,0,1,4aea2349ee30549e795bef5821be054f0042354acfc8ca18e4f06be7588a305b,2024-09-18T19:15:28.467000 +CVE-2023-35751,0,1,39d31870a45546bee594014df30c6223e801586fea3b581c84b839b632b2aec3,2024-09-18T19:15:28.560000 +CVE-2023-35752,0,1,d377484a89dc604bd744f253a1bd4b7db383cb133df86ee846772ba51acc3d25,2024-09-18T19:15:28.653000 +CVE-2023-35753,0,1,2cf626eb65c8affb3620e47d002092b00a3ed90fccedf62ea82f62eeb52a067f,2024-09-18T19:15:28.730000 +CVE-2023-35754,0,1,ce179375d4bf9cf9e2b79116f6c721a72541b918ebdf6c4b3abca2ef73801055,2024-09-18T19:15:28.800000 +CVE-2023-35755,0,1,f5a663eebea7ad0e6ee3ecca75830e1d6e42f7192a1a96d1a677a0cf3ce8e624,2024-09-18T19:15:28.890000 +CVE-2023-35756,0,1,6a6591bc94b9175b35fc6901a44291b67d4bb42a7d5d60bc32877bf972eb4b1b,2024-09-18T19:15:28.970000 +CVE-2023-35757,0,1,76ed7066df3a5832f7a65ba4274d8b33f5a42c4a05714b2a60acbcc596255520,2024-09-18T19:15:29.047000 CVE-2023-35759,0,0,fa203c42b6b48021e6e150911dd3b26101ac7cf6f6ca08d43fe51256742e16fe,2024-02-05T17:15:08.490000 CVE-2023-3576,0,0,267e9ee7d065cd5eddbc2f91d5bcdedfb06936864c6b93500e7620103f7bf36f,2024-09-16T13:15:06.033000 CVE-2023-35762,0,0,381848968217a298c613610e76a7efe58c3e68544c5fddd3446e0f5c4456f0d3,2023-11-29T20:52:44.790000 @@ -227431,7 +227431,7 @@ CVE-2023-36535,0,0,67b7dcf82c19974a887af94e14d304d1126dc66b1a6c22bfc06e1f0fb59ab CVE-2023-36536,0,0,0ee1547dcb523dc14ed9ebc847b60fd04a4995159e536e4c1d07969953d80c80,2023-07-19T00:27:45.237000 CVE-2023-36537,0,0,697af02b7a8f933baeba04b6f60621383a0be4407a59219400377119d4594f23,2023-07-19T00:25:25.517000 CVE-2023-36538,0,0,00226399b1df7e922c2f186aa8a23b1e50f742272d35a8875a7def5b7adcf087,2023-07-19T00:24:36.927000 -CVE-2023-36539,0,0,446ee0dbca3942f312145f818a1db2595b13820cc3b11cbb82fa174604e6b94c,2023-07-10T13:29:00.263000 +CVE-2023-36539,0,1,4e965c290bb96df6ee863b2be075f02bab55edcaa147fa532567387b1a47d23b,2024-09-18T19:15:29.133000 CVE-2023-3654,0,0,6c06260a9bd1d9a2cdc503513447bb73861a43e7934488e4e3446dc4edd9202f,2023-12-28T15:20:38.820000 CVE-2023-36540,0,0,861829e58d088a63800ef680947cf6bf4ffcc9ac0a2838a1ec4824b32dbb6ba3,2023-08-11T14:22:03.803000 CVE-2023-36541,0,0,e55bb5471251c6a0e5cef8bf84e95d30a7b47790bdd7d06319560aaf7fc21fae,2023-08-11T14:09:26.950000 @@ -227719,7 +227719,7 @@ CVE-2023-3684,0,0,c20641c60c5cda11d594dc9c8d1214421459ecf713b59b8b23fcc4ae287b26 CVE-2023-36840,0,0,9a77280dab6d9ce1e5c56496a107eb09a1b712d724fc39ace49004af01c0b42e,2023-07-27T14:32:28.927000 CVE-2023-36841,0,0,6624648e64809fd73d690abd631e7036dd86fb5cc49e2cd3bc79dca969cffae6,2023-10-17T16:03:01.293000 CVE-2023-36842,0,0,41548d105fa64f528eebf3e5f5f4c003cb9438268e3f68584784662166f07200,2024-01-18T20:15:59.797000 -CVE-2023-36843,0,0,69fd2b2f3d12d046e8f335ed6d51ab3d5fe505b75e938de7a1e412659d620d63,2023-10-17T15:58:59.760000 +CVE-2023-36843,0,1,42afd9b9350ef494c6fe2035ded64d7df8942c4f26ee6e2c83440da6363d662d,2024-09-18T18:35:04.447000 CVE-2023-36844,0,0,22695cc8d184a93d1b9d8ca5a9bc9947cb0bb20f78854694c0500629ee208234,2024-06-27T18:20:24.230000 CVE-2023-36845,0,0,67e5cecb1223b7bde45f0007140411e34de422637817960baae40a8a50b95fb3,2024-06-27T14:42:46.553000 CVE-2023-36846,0,0,16c9797195a7f60215c7faf82455affdc4099a0aed3cf0b4d1ef0a4278ba4445,2024-06-27T18:29:30.343000 @@ -227946,8 +227946,8 @@ CVE-2023-37229,0,0,0bf9ee820ee2e4bae8a90eb97071f74d16b3541ed4020bba6ca4e1b6978a8 CVE-2023-37230,0,0,16174e82af28a8c8963476ae3fb392aa6acdeee683bd62908e45c74a0ebfcfa6,2024-09-10T17:35:06.247000 CVE-2023-37231,0,0,757cf6f1665639ceecb704c0774fd206eedf5d3bd12cf5ae4032e15afcc04854,2024-09-10T17:35:07.017000 CVE-2023-37232,0,0,9bbc1589348f85aa082942bf7fa6ae735252fd46b1bd07a607ac32b8b94abb97,2024-09-18T15:55:43.113000 -CVE-2023-37233,0,1,255b420d42e0ea95c75fa873cdfc752a4caaa6059c742b38d452988c30760f93,2024-09-18T16:10:23.187000 -CVE-2023-37234,0,1,e11780f5438cafc52856a9c5ca2622f3b4e2e3fa3f837a68eb5e6fb9854bde46,2024-09-18T16:05:50.257000 +CVE-2023-37233,0,0,255b420d42e0ea95c75fa873cdfc752a4caaa6059c742b38d452988c30760f93,2024-09-18T16:10:23.187000 +CVE-2023-37234,0,0,e11780f5438cafc52856a9c5ca2622f3b4e2e3fa3f837a68eb5e6fb9854bde46,2024-09-18T16:05:50.257000 CVE-2023-37237,0,0,29a5f3af5199aad5af4f0fdd6511141f4d2b435f709fd260dd5041911ad086ec,2023-07-07T16:00:14.390000 CVE-2023-37238,0,0,8c5d217b62a8efe0c30f15bea3a5d6293d9c6e0abe28ac04e3704ef99c34ccb0,2023-07-12T22:51:22.043000 CVE-2023-37239,0,0,2a2a4e372334e66e5f41ce012a4e3ce6edee956c498345781b72b50751b6e2f3,2023-07-12T18:57:30.653000 @@ -228026,26 +228026,26 @@ CVE-2023-37306,0,0,a137ccf81a2426ce3e669310414e5ce34298fcb3060956966892870ea3756 CVE-2023-37307,0,0,6a1f6f8a24f43981736cd3629320f2d224949abce9865ac34fd8d473a05c15cf,2024-02-05T17:15:08.680000 CVE-2023-37308,0,0,d694f878ba017cb7c0296fd17ac004501db0c50a58f9b4fed315fef7aa61149e,2023-07-12T20:43:30.607000 CVE-2023-3731,0,0,b2091938e00299cad699cc6bdc6787df1b8038bdc403d6ede2724ae8a9b47b54,2023-08-15T16:04:16.260000 -CVE-2023-37310,0,0,18b14810629aea5524989a070667958596c847df2ed7776b4f65bb504fe6fcdb,2024-05-03T12:50:12.213000 -CVE-2023-37311,0,0,40e81d795e8996fa50c4556b400b33ed2855acefdf53b0d6e98c7c7dd5ccf051,2024-05-03T12:50:12.213000 -CVE-2023-37312,0,0,2899f881310ca7aba608f34035572e5cec87f4f2202ed9f6879356dca72b33b8,2024-05-03T12:50:12.213000 -CVE-2023-37313,0,0,b3a26f0b4bf9fd237b020b16b9715b7e5b59ec9e78ff30c2d4acd684141d2152,2024-05-03T12:50:12.213000 -CVE-2023-37314,0,0,e414e608059acfd88593e903d9bd2f19d009affe386da1501fab80ee53730128,2024-05-03T12:50:12.213000 -CVE-2023-37315,0,0,38b4a2853a11f38fc2f8f17b12104c062220d0bac3e9b3c5c109f6bbe470996d,2024-05-03T12:50:12.213000 -CVE-2023-37316,0,0,42b1cb6f686d1cd7d10a505c616217c283e6f32265c9f75bd5b1dc0bf28f1410,2024-05-03T12:50:12.213000 -CVE-2023-37317,0,0,9d6ec6d01431cf9c512c822af705aefa55dfc18cfeafc499f24e6abbe408be5f,2024-05-03T12:50:12.213000 -CVE-2023-37318,0,0,fea47c6475c891111732b012132b326c92997821e9bd8edeb9435c3da434982f,2024-05-03T12:50:12.213000 -CVE-2023-37319,0,0,b31896c3e50cf7c4d5c99faea11c347e73ff6efaffcdb11e5baeb8dbfdf356fd,2024-05-03T12:50:12.213000 +CVE-2023-37310,0,1,7dd4828885d3a25a996ba790991a1ee625c9d786f6e1395c2f856e0381af8042,2024-09-18T19:15:29.350000 +CVE-2023-37311,0,1,54edd20163a7afee6eb0178128773401ee7e1ed60c351fb24cde66fada15f90b,2024-09-18T19:15:29.457000 +CVE-2023-37312,0,1,e9904c38e8b06d42c35992efb900beb67d43fb53aa4e14650a9cd15a302c8f24,2024-09-18T19:15:29.550000 +CVE-2023-37313,0,1,f5cdf1989ea8a63cebf81e5c0c097acc0feb3f8210fa7db5196cb00ef36e96c8,2024-09-18T19:15:29.647000 +CVE-2023-37314,0,1,a5a747aac393029ce6759f1d9b6475f4d64e7bf4e1d099f6601df9b928c13d8d,2024-09-18T19:15:29.750000 +CVE-2023-37315,0,1,74e9783cb69aced603bdada2e0ffff5d941a6f789eded14ea286df4759c02654,2024-09-18T19:15:29.853000 +CVE-2023-37316,0,1,01e0612639f29935492762fa94a81f556ec03d555b041bd2ee03274517733b4b,2024-09-18T19:15:29.933000 +CVE-2023-37317,0,1,d141b16660be37167d99b90100900965e810a019b3f899ef50d2bee1406f3a81,2024-09-18T19:15:30.013000 +CVE-2023-37318,0,1,6eba84d5ce10d0f2a92b02790f78073056902031d17ef641c19f856a8c46ac92,2024-09-18T19:15:30.103000 +CVE-2023-37319,0,1,827cc83ded1d84db707b95f7d1b6fef7aebb8f80520772a917ebcf160df5b838,2024-09-18T19:15:30.193000 CVE-2023-3732,0,0,7813ac53f1acb8d4c2dd6864fc4c5e66bdc5634f79379688803a1645d752e55c,2024-01-31T17:15:12.800000 -CVE-2023-37320,0,0,0c514a730164c89b027185a7d9a4664d6012e1c782adf59de692632b91e2c50a,2024-05-03T12:50:12.213000 -CVE-2023-37321,0,0,5e268eb741328f241f08836901fa8234087e2bc824950f9c5a4a5cb1a8014952,2024-05-03T12:50:12.213000 -CVE-2023-37322,0,0,064de44e2a86ae6f673c621c675e854c3925d30e517a2d0685db6142ed1e2b02,2024-05-03T12:50:12.213000 -CVE-2023-37323,0,0,d5da22896176d95df18b16215691a3c77dc6e786a49411146c2a642e72488b4c,2024-05-03T12:50:12.213000 -CVE-2023-37324,0,0,3064bf7031620e161404624362317e3efb05706dc968d30b4bfd14680a14d1e9,2024-05-03T12:50:12.213000 -CVE-2023-37325,0,0,942353371b89137d71c83763cdafe72112d21cab1f985e41b8c145f2241af787,2024-05-08T13:15:00.690000 -CVE-2023-37326,0,0,a8653156d476e3a8fd68e224b9eb7e08d65525a17058b2e0995d86b5f4c22a12,2024-05-03T12:50:12.213000 +CVE-2023-37320,0,1,a5465ee69cecdd45884ab2866e4e38a9c7db92044e6450ecf53d9bcc9d1935f9,2024-09-18T19:15:30.270000 +CVE-2023-37321,0,1,5bd50befadf221b709463b78b4d4b9321f19086630780b5041d1e2b4e0570313,2024-09-18T19:15:30.363000 +CVE-2023-37322,0,1,b206c9fde29b9af36aa446d01899260ede4f828542df17c3dd7996d78c2162f8,2024-09-18T19:15:30.450000 +CVE-2023-37323,0,1,99f16ced8d46b966f7180505e8bfaacbbc55f48c82facf5fc9db6383771be7b3,2024-09-18T19:15:30.540000 +CVE-2023-37324,0,1,6f16224533dbc9ecf9084f63f267a93558ddfa669181bfaca8de570eb98c0f34,2024-09-18T19:15:30.620000 +CVE-2023-37325,0,1,b00c7983dc181d702ad8c329b9c7720e9dc4e639bf5aae30e86d0abb081e40d3,2024-09-18T19:15:30.727000 +CVE-2023-37326,0,1,00de024522015a0e86556c72af0b5d554fd4d6180b8a1d6ae73db5a0869a4523,2024-09-18T19:15:30.840000 CVE-2023-37327,0,0,df86e8ee395dccf1e3ab5ad4b002351e74225a614501614647337dd3c2b11427,2024-05-03T12:50:12.213000 -CVE-2023-37328,0,0,4518f5de62e1b612acd4de6584152cfcdb44191ad6bce8d2e937ad1d61f4ef66,2024-05-03T12:50:12.213000 +CVE-2023-37328,0,1,73d36a35831b76155ab4d09e31b3987e22920a6a9590d37b2a85f1c8c673456a,2024-09-18T19:15:30.930000 CVE-2023-37329,0,0,44a50dec2c2503ccb9cbe2a8efcaaaad99cab8bbe3dfe5c7679372020f7983ec,2024-05-03T12:50:12.213000 CVE-2023-3733,0,0,2c9564f375cb9f65b65eca599206d320131c0ba26745987496c1368744018621,2024-01-31T17:15:12.870000 CVE-2023-37330,0,0,154f0203eed8fc86090ceba8644dd3dff4268f27f5a9388cea7e8e1122f66e32,2024-05-03T12:50:12.213000 @@ -228658,13 +228658,13 @@ CVE-2023-38092,0,0,e519fe35dd37f78165bb6390403f2f6a7efbbed89a3a00fc3b863ddea5804 CVE-2023-38093,0,0,42e5a8c47df2c1b58ef3f4a2cdf73aa26ef48b19ef76538c38e2eb7d8f597b64,2024-05-03T12:50:12.213000 CVE-2023-38094,0,0,29e20ac4a69bc560303bcc674c46383ccc0d0d59223dda37f92a17d470d7c355,2024-05-03T12:50:12.213000 CVE-2023-38095,0,0,9ebf2c5420c9fe39ae4a635a13ca3e44323279e73cceaa8875162be808efb65d,2024-05-03T12:50:12.213000 -CVE-2023-38096,0,0,5ca8595da0726e968d55d205c27fdfb298921a079fd8630669e73a4f40a6d8ac,2024-05-03T12:50:12.213000 +CVE-2023-38096,0,1,5a45031570c48f57bce12600b08943fa73883fc01e9cebf2425b57087f23fa66,2024-09-18T19:15:31.103000 CVE-2023-38097,0,0,0e69e660ca4778b723e40821ff0f63ceed7b35d1f51b6af0b44dba85eb29a897,2024-05-09T23:15:06.277000 CVE-2023-38098,0,0,32b0a1cc56a795d97103b3992528c4c732455af47c9cccdf78ec11b712fc47d1,2024-05-03T12:50:12.213000 CVE-2023-38099,0,0,c3b34b3a2d34c060e2c7c6e88a582d24ad9ef677ea460ee251a858bb01bed8ec,2024-05-03T12:50:12.213000 CVE-2023-3810,0,0,eee9805daf42e2e38f3a80e45249d4fa6512c8f298ca804d27023e95c4fa0fcd,2024-05-17T02:27:50.277000 CVE-2023-38100,0,0,9a2d74b3444edc1afc5740e33229eeab9f711e4aa8c1bed7fa8df90e7ad8c409,2024-05-03T12:50:12.213000 -CVE-2023-38101,0,0,b0e4929205dbbb6079c7119e003bbd46d069e993e7255740c7182822a69eed39,2024-05-03T12:50:12.213000 +CVE-2023-38101,0,1,d1e74f6b412676861c51d15a923db0bb703062afd63274d1b336c9972d3bb7ae,2024-09-18T19:15:31.407000 CVE-2023-38102,0,0,c86e682640ddc223634be52d061784a635a93a2833afb728f833813d3b86e6a7,2024-05-03T12:50:12.213000 CVE-2023-38103,0,0,cdb9b0c65ce95b25f474c97420bab546b2773599dd37ee344a6a54428ec2b619,2024-05-03T12:50:12.213000 CVE-2023-38104,0,0,c00f507ffcf35554a600fdc8e53b1ab4e5e00aeae15e8e2d494606322c2bffe9,2024-05-03T12:50:12.213000 @@ -228685,7 +228685,7 @@ CVE-2023-38117,0,0,3387469ff4ffa9671e1fd213ccfec089d6f870d57d8dbdf2ba39a537fcc00 CVE-2023-38118,0,0,20188f4ba8e047d2c98b170abfe06e21a869f030b0bc736ef37f4768057774a1,2024-05-03T12:50:12.213000 CVE-2023-38119,0,0,b2a4517e77ae3e20cd1ac353f479e4bfabaeb58a81d7ae932998d9ae735167f6,2024-05-03T12:50:12.213000 CVE-2023-3812,0,0,5bbe9b79acf14da79a533b89ae121b6a808f465555554f71901dba300f703837,2024-04-25T13:15:51.013000 -CVE-2023-38120,0,0,982496d2f71747226fe1f51fbe2597be783090df61a4f5dc9229b01731184275,2024-05-03T12:50:12.213000 +CVE-2023-38120,0,1,bb32aee8cb71f1471770610eeb2693076870bd8553b76db2756c5b112a551df9,2024-09-18T19:15:31.567000 CVE-2023-38121,0,0,bbb0c83ea034bf305253b72c90d65b454d3916cdf176ca2bba678c1241b6d7c1,2024-05-03T12:50:12.213000 CVE-2023-38122,0,0,222603b4f6d75c5b2906dbcc77f6b328fe7eb403b4509b6022dcfd627909bccb,2024-05-03T12:50:12.213000 CVE-2023-38123,0,0,03cd1a76b0bc8fabb8510b4844d79908f5bba445d2dea3ccbf83a4835373475d,2024-05-03T12:50:12.213000 @@ -229839,8 +229839,8 @@ CVE-2023-39469,0,0,c19479af65fc230347ab7c5b1fd708a70ae639512aac970984d6c634a5085 CVE-2023-3947,0,0,10c72e929535b76afd00fb98b6a3b3d08856db229fc8f4b299f0298003c27bdb,2023-11-07T04:20:01.277000 CVE-2023-39471,0,0,86ff32b01a6194a3d301fcaacf59dfccf0a91955ab3bfbf5e3b6b1969b9f00a0,2024-05-03T12:50:12.213000 CVE-2023-39472,0,0,523390805851d8931afa42c5fa03b1ccc8af9824cf239f24fa9515549f378e00,2024-05-09T23:15:06.357000 -CVE-2023-39473,0,0,611593654b242ed7097b0055d7265177e4b5a84eed8ac09ee831ec70f4469ce9,2024-05-03T12:50:12.213000 -CVE-2023-39474,0,0,72c017e7b8cd2d6816fa38ba0f145a0f36959f1fd9a75d8652ba542e25552b9d,2024-05-03T12:50:12.213000 +CVE-2023-39473,0,1,565ee89812a264a2af3a1ed38605d8d2a9470abdc93b71f73881abc6095d7a9e,2024-09-18T19:15:31.690000 +CVE-2023-39474,0,1,2a617d6a71aa11acf5c1303815e1dad327f2d9cfc29d6935a0577cb200749408,2024-09-18T19:15:31.827000 CVE-2023-39475,0,0,eae8d92c0d78736eecc32951ce902ee7f1b11321d7c158b85ecc2c544498872b,2024-05-03T12:50:12.213000 CVE-2023-39476,0,0,377b07f69ca8be2b7ce65857ee86a0a49e80ae0d2c1ecae31857eba9e81d3679,2024-05-03T12:50:12.213000 CVE-2023-39477,0,0,47ce6db5fc7e3e8e81502a7ba9ae57acedfc9b944c7eb9ea39353cfd039ad546,2024-05-03T12:50:12.213000 @@ -230603,9 +230603,9 @@ CVE-2023-40470,0,0,afada78b6007b2ba33bbf78e11be4d28f3cd22e160c8e61f962a7cebd7f52 CVE-2023-40471,0,0,becbb43c9e1a564fe69963a88bb1087ad0f2669a388b9f3e94466c56f3f010c0,2024-05-03T12:50:12.213000 CVE-2023-40472,0,0,63bad795c4e37646c5a06e5ac3ca24cbaa679ad10a3550f3f51a2397791e5a38,2024-05-03T12:50:12.213000 CVE-2023-40473,0,0,a7a2fbc8dffbb3c3af045bc9cb1df8a4d15f323c045d8f4dcc71f9615278d384,2024-05-03T12:50:12.213000 -CVE-2023-40474,0,0,37b0d0a5556902f341d256a0b65bb294a02e3b80bc3f7be743dbfbb701d572c5,2024-05-03T12:50:12.213000 -CVE-2023-40475,0,0,2b1419f977fe2467e0add07bf40f7b2ebcece48cc090af15349956a04aa02f3d,2024-05-03T12:50:12.213000 -CVE-2023-40476,0,0,b3124740e98a9e22a60857290b8cb2f21e9cf2d7445834c0c8fbb3082b7a4f1e,2024-05-03T12:50:12.213000 +CVE-2023-40474,0,1,db577e142d5dcba98fa741395a9288ffed54bf88b8436ec5b6a4a5055e5d3532,2024-09-18T19:15:31.953000 +CVE-2023-40475,0,1,11efaf9e8378830a54ee10fb914b8bfe32096d9a24b760888dd466ea07581df3,2024-09-18T19:15:32.043000 +CVE-2023-40476,0,1,990cdb29579a0a42e2b0b90e1ff61c936b2215b9b38d595acb2c3b495a94d8ca,2024-09-18T19:15:32.137000 CVE-2023-40477,0,0,bf7bd805408bb9938532327c097b39611135aa4263d48f1c31bff5599ca5f6ac,2024-05-03T12:50:12.213000 CVE-2023-40478,0,0,3813fa4ea718093279009f433811c990f4f34dc459cf82b9e9ca779ceeaac098,2024-05-03T12:50:12.213000 CVE-2023-40479,0,0,1a7d396842ef92259b6deb8297ef0b077b3ee7a9e535f945f97aa32494822be5,2024-05-03T12:50:12.213000 @@ -230623,32 +230623,32 @@ CVE-2023-40489,0,0,1b0fbddedbe1eba7f8d6447733accff90acbe5dd7ba43100381753fde6895 CVE-2023-4049,0,0,dd3841fc5981ecf6c1893cf4a52cf480f0db80acf80379cfd5e71dde4c51c976,2023-08-09T21:15:11.627000 CVE-2023-40490,0,0,ffaaae63bf9476dd245ea2b1b05c4848a3a394ccd4a27d35c8f297f8972060bd,2024-05-08T13:15:00.690000 CVE-2023-40491,0,0,b8e05583b64f200d6827277cb79eb1645eff3ae05aceebc727f6edfbc6ef10b6,2024-05-03T12:50:12.213000 -CVE-2023-40492,0,0,d05c6582e724876254f5bed7256603745d298e1c0f2daac448ab690088c9a685,2024-05-03T12:50:12.213000 -CVE-2023-40493,0,0,181dde97289557f2decb2b1aac37dfe11c3cabfcde13aac40a9ed075ea101ce2,2024-05-03T12:50:12.213000 -CVE-2023-40494,0,0,59bb9175a6d3b011581a9b5ca6417adb984e66a9715b013b998aedd57185a3a1,2024-05-03T12:49:24.027000 -CVE-2023-40495,0,0,1ea08ecd690bf3bb8d6daa0c675de482642acd56ff54c770b46853f2551e815d,2024-05-03T12:49:24.027000 -CVE-2023-40496,0,0,e04fa45c515d609061a1fa743ea4256a408dda623331f506b79b04302af708a4,2024-05-03T12:49:24.027000 -CVE-2023-40497,0,0,17a8d8ecc9e463efecb28c4a36c05dd5b3e8182de0551b9ed312cbd875da8965,2024-05-03T12:49:24.027000 -CVE-2023-40498,0,0,cd168d4a20cca0a47f7d50476707dbb9fc1ee54baf560349c38e194bd185bd54,2024-05-03T12:49:24.027000 -CVE-2023-40499,0,0,9d132bc4f97cea15346dc4e840e74ccf69f126b377b22cc0765a8c58939bcfd7,2024-05-03T12:49:24.027000 +CVE-2023-40492,0,1,1383c09bc601f5cf41687f9e41f3cacd69fa75e8c3adff5771234a8f76fd1ebd,2024-09-18T19:15:32.220000 +CVE-2023-40493,0,1,0fa369061a251bbf315016fa131fd6f521d043b681ba87097a42a92c7b125150,2024-09-18T19:15:32.303000 +CVE-2023-40494,0,1,3a17d89146a8968b9f7cf8ffbc0e52730f10c2c2c856d355058982d928eb5f3c,2024-09-18T19:15:32.390000 +CVE-2023-40495,0,1,8a760e8d329cf01e47aeede7a7c5899326d909a64e3943cdc833e01e68084e96,2024-09-18T19:15:32.477000 +CVE-2023-40496,0,1,e07b3584ba620f5ac82b33a51d47f4b6db5cf29141bafd245a2386c9d2ab75cb,2024-09-18T19:15:32.573000 +CVE-2023-40497,0,1,211e4ceb10f8230341965f4d26f72576b2d46d3ec80dd86afcce4098919f69d1,2024-09-18T19:15:32.663000 +CVE-2023-40498,0,1,8c3c3c412caa7f09cefe68786071ba42775e538c386156372798f30f0cab15c8,2024-09-18T19:15:32.760000 +CVE-2023-40499,0,1,0151b97ea369bd7b25160c6403930085e47cba4319f95af956184d9e8aa08a9d,2024-09-18T19:15:32.850000 CVE-2023-4050,0,0,e46271bc483ab7a7e4d033e62ad111fa8e191a7d7b4525c05b9e6d295af75480,2023-08-09T21:15:11.723000 -CVE-2023-40500,0,0,56f372d630e45bdcbacc576197924dd7a81eed9a0deae1c3db54f4fb4230e477,2024-05-03T12:49:24.027000 -CVE-2023-40501,0,0,0ed84aebb96f6cbd9b118408cd9e52c315e3c11c12f3c79d119c9a8b27205d9b,2024-05-03T12:49:24.027000 -CVE-2023-40502,0,0,4ffacd5a28ea2505550b50ee378c24ff5d553901aef8d1b7b4b025fc929dcc93,2024-05-03T12:49:24.027000 -CVE-2023-40503,0,0,c3552e0d11a7f4a464976b61e96eeb465a86ec9f0942d7bde48fde3a5b874707,2024-05-03T12:49:24.027000 -CVE-2023-40504,0,0,c8cb580718a60a7a56dfaeeaac40f72a99e3f3855f5ff1c1596c8bacbe68fcb0,2024-05-03T12:49:24.027000 -CVE-2023-40505,0,0,c3566307ad20a2db2aa4e7feb882a5995e8fe4a1925ff0f24c72f7f8a72401c1,2024-05-03T12:49:24.027000 -CVE-2023-40506,0,0,461afb170f159a5a7ca100da1a06d634043e054bde60dd223599940c9ee53f60,2024-05-03T12:49:24.027000 -CVE-2023-40507,0,0,2495c02e1981ca9ffaf20d05d3c2bda069d2f37e83a9a7317199255fc96aa03c,2024-05-03T12:49:24.027000 -CVE-2023-40508,0,0,19d30575e30eb36ee34cbe019f62363839ba62560af4d485c7d37bf40ae0ef46,2024-05-03T12:49:24.027000 -CVE-2023-40509,0,0,a0f9092c4d74d9a1a174aa4740e8ea0763429c4d23ac0e0186e00cb9b498c3f8,2024-05-03T12:49:24.027000 +CVE-2023-40500,0,1,6b5126d7090bd2a93d6b8168862762a9bba0dbb3617e7be38b2c00a08a0ea09c,2024-09-18T19:15:32.940000 +CVE-2023-40501,0,1,75baeb6c816bb63e7c384e6d546c6c81be287293711c9c31008508f55ef7b53c,2024-09-18T19:15:33.027000 +CVE-2023-40502,0,1,ca47a92f877be96f466f860045142e5579f904e7059a363872bff431c798df94,2024-09-18T19:15:33.120000 +CVE-2023-40503,0,1,a098b24baf6062f9341ed004a16aed8a27cbfb3f5efd0d5b450c68652e125677,2024-09-18T19:15:33.210000 +CVE-2023-40504,0,1,2c9cc1906be29952c5f771508f95be90027cfbd5cbf23eea2c565c7134d5426f,2024-09-18T19:15:33.313000 +CVE-2023-40505,0,1,fb5eff30847b77d4c268b586e60b76b474768732c71971d295c27268d5a9a90e,2024-09-18T19:15:33.397000 +CVE-2023-40506,0,1,69c7a7829bdf281799a0e7546c51ccdba43ccdf96553bab829a11167519c82b2,2024-09-18T19:15:33.487000 +CVE-2023-40507,0,1,fca87e5ca53d6a8853ee11973d3b8a8927088a5636d3a8b06cfab0d867e3c6ce,2024-09-18T19:15:33.577000 +CVE-2023-40508,0,1,927d24e21bd8563f587ad2a83b24b6fb79dc4e6b56389cd043f78f1a7b0d15a0,2024-09-18T19:15:33.673000 +CVE-2023-40509,0,1,e974317685eba0eb26ffb804b282c041d94713e961d254f3bfc72cce3440977c,2024-09-18T19:15:33.753000 CVE-2023-4051,0,0,59e3fe0742c0f633c6a80399d08de614e07ea1c32d81c9507411a370b67f493c,2023-09-11T09:15:08.707000 -CVE-2023-40510,0,0,cbccefa52bd26f23f3bfc8df28c2503b13cf77196c023cc17aa41ea162e017ed,2024-05-03T12:49:24.027000 -CVE-2023-40511,0,0,bb3f5e06a6ce872fea54a3af158fa4c2fa0cb5476c2226655598d96c3607c52a,2024-05-03T12:49:24.027000 -CVE-2023-40512,0,0,0e7c879944b0ed5be5be03d6da137aec87064df8d7a85ffc9937c72a41801ad6,2024-05-03T12:49:24.027000 -CVE-2023-40513,0,0,fcecccaa134e78d8f433e1c051da4090d6d0247219e011963f2bf4bf8e359c8a,2024-05-03T12:49:24.027000 -CVE-2023-40514,0,0,62b5037d96b24b5b951758c679bc41cb679dd86a384aa4de9803c3143f5958f2,2024-05-03T12:49:24.027000 -CVE-2023-40515,0,0,fb53b2b6eec53794c14282ed83a4b7e73a73aebf5730e585a0469f340c25a4c9,2024-05-03T12:49:24.027000 +CVE-2023-40510,0,1,63c035b2645024dbc85e53e36419470bbce568a0233ae45a6efe8c6dc5e974b0,2024-09-18T19:15:33.840000 +CVE-2023-40511,0,1,82e4fbdfb4cbe0011086853b7ad66bd1c91b1bd869aa7f252ccb3b2f26aad6e6,2024-09-18T19:15:33.927000 +CVE-2023-40512,0,1,c7f530a89afefae5cc709674849e9b824126fba2da88916637e74d4ec35996a5,2024-09-18T19:15:34.020000 +CVE-2023-40513,0,1,4bf60d19632a49311dd31f10189877ea1d93cc95e7b4274fea4e11ed6edcf79b,2024-09-18T19:15:34.113000 +CVE-2023-40514,0,1,e3fd772c2155958944e54c9727b806c254c1bc004b3279337673daaf4285b9f7,2024-09-18T19:15:34.210000 +CVE-2023-40515,0,1,d189f8fad6fb10db4250e4d421f4eab8bd71cc449d76442c7c8b966da573c9cc,2024-09-18T19:15:34.307000 CVE-2023-40516,0,0,0c48b122983dbb2b42e6d53f7c5d757613deb67bdf410b82b8ff1c01d02ebef3,2024-05-03T12:49:24.027000 CVE-2023-40517,0,0,3886dc7c0cd380886d2973a8e80cdd83a5809e9e010fb0dbb51f840288f8fdaf,2024-05-03T12:49:24.027000 CVE-2023-40518,0,0,d0dd84823e06f8cbe6fe8760ef2b1468dec3103991622a76cb0d5fa183c10c14,2023-08-22T01:16:07.403000 @@ -231166,7 +231166,7 @@ CVE-2023-41180,0,0,1b43d9ebf796521501b25c4d1df423a5fa172bc47aa4e768647fe9d643730 CVE-2023-41181,0,0,ce8d7f4f3537484fb37642fb235ff955f751e8845ab8f79a0432507c247ddc49,2024-05-03T12:49:24.027000 CVE-2023-41182,0,0,8cc32f9e84cc87207df5392b97432a951d916f93d6b74e3ac8d18feadc6a8f15,2024-05-03T12:49:24.027000 CVE-2023-41183,0,0,353725880ea96d94cf1b361c88f64cda813f08fe445afe58afc878d3fe279ef3,2024-05-03T12:49:24.027000 -CVE-2023-41184,0,0,83ef186de3af0c00b2db74b52e2db96d91bae7ad1f8a712c974906a4d0e2a59c,2024-05-03T12:49:24.027000 +CVE-2023-41184,0,1,33d22472ec458824f506cf0ad6542209c8e19e3e85b5e7ec35ac0b209ca6976a,2024-09-18T19:15:34.603000 CVE-2023-41185,0,0,476effc4357f7be67d0b92c5d7245946dfa98076bf1dea13220db5c34e8b4a9f,2024-05-03T12:49:24.027000 CVE-2023-41186,0,0,818f29a1f5cf96a8517d75358f648ff0db48dcca0b1cfff4069a33a68b1799db,2024-05-03T12:49:24.027000 CVE-2023-41187,0,0,07cc8fe43cc32555f96b7c02ecc064ab09869b6e5dbbb8026d76cf793c330464,2024-05-03T12:49:24.027000 @@ -231200,7 +231200,7 @@ CVE-2023-41211,0,0,57fe78f42559817206efb86ff646da0920de4a91f6dc5e075584c686f1e41 CVE-2023-41212,0,0,5bf5cbd39081cb021e5e87ca9e30b17821c9276f4fb62140e79b5cfc809f5829,2024-05-03T12:49:24.027000 CVE-2023-41213,0,0,54a355acbb1a63f87662694878a3532e7ecfbcc60c9b4b0d95fff0187a2c1332,2024-05-03T12:49:24.027000 CVE-2023-41214,0,0,7c8c0958b3a2f116d418407c17572b6686fceebe2654ed2c089acb34a368a4fe,2024-05-03T12:49:24.027000 -CVE-2023-41215,0,0,496012146687fd2d228246cba444deb2f27e5612faf6142c08fc4838c699edea,2024-05-03T12:49:24.027000 +CVE-2023-41215,0,1,83a1cb2fbd0a045e90a6aa1beef568bc3d65674584f5aedee26eb4159a434a0d,2024-09-18T19:15:34.700000 CVE-2023-41216,0,0,bd88d7b6905c58225c48eea8441abfc771196c69e2249d4e5c45f0a0fe082499,2024-05-03T12:49:24.027000 CVE-2023-41217,0,0,23f1053f7ee4ee4fe6d2dbd46fd1b47e02a2ea01611f0a26c1b62bca8cf457f3,2024-05-03T12:49:24.027000 CVE-2023-41218,0,0,5a0c17c8f716650662d3aa9e731572820df3efe569449fc50a41474fa3e307ac,2024-05-03T12:49:24.027000 @@ -231442,6 +231442,9 @@ CVE-2023-41603,0,0,7eae02bcb404653f8cf9e28340ec8a561b47a402fdb727d540cee5e43f7a6 CVE-2023-41605,0,0,c09977e342b3399cb054a02d7c15a161158f613f02f666ee1f6dfa3b4009a9cb,2023-11-07T04:21:00.217000 CVE-2023-41609,0,0,3bd4e736f9f83dbe7ac5c6a636f09e590cb9ec36b1af4f2b64690d67593848e4,2023-09-14T17:58:35.633000 CVE-2023-4161,0,0,7df03f1cfebd5d12fb7dd64830212873f12e24a1c77995358c2ceb34fcbbcca9,2023-11-07T04:22:12.317000 +CVE-2023-41610,1,1,ba4568ef675402779fbf681e85482d258bb240ced1cbd148ed665f38524240eb,2024-09-18T18:15:05.680000 +CVE-2023-41611,1,1,ef3eb69758db1d9b28c7123b9952141b7f86bac3088be654c4225e15336606c4,2024-09-18T18:15:05.750000 +CVE-2023-41612,1,1,77598d5263c6c419dc4441eae8cb7f6904d208d828905d2cbf9e1bd7873a6842,2024-09-18T18:15:05.803000 CVE-2023-41613,0,0,14a8003db8756e22aa6e34184a53a524c8848112d2658b820d2d53e6d4a30f92,2023-12-07T21:08:08.163000 CVE-2023-41614,0,0,800f55cf7fcdb99df81dd721b47d50fd8bdb42500fe162978ce716d3e60ac044,2024-01-21T02:14:33.077000 CVE-2023-41615,0,0,9e3b6cba4b67acfbe6486851fe7daec432b9c66a87b8a1c79ccef36619967361,2023-12-28T16:23:14.277000 @@ -231816,7 +231819,7 @@ CVE-2023-42035,0,0,1676449ea8d74e3b95178103df9bdbb3e449aa9b2faad3eace4ad202fd753 CVE-2023-42036,0,0,388dd671785b0898c72d687ff3020b82d6badbb1602df7fd10bee17d4f6eae44,2024-05-03T12:49:24.027000 CVE-2023-42037,0,0,c1d2ad218abe27b8af317c2024b248d8304b3ca8c02225652af9ecbeb45504ca,2024-05-03T12:49:24.027000 CVE-2023-42038,0,0,583be5dc765dd8d6c69d763754011e41460181eb257b0f3b1a6bd289af0857c7,2024-05-03T12:49:24.027000 -CVE-2023-42039,0,0,768365d9335e5f6599c0210d6d82fe2885db1062c26a639263346557f11d1fe4,2024-05-03T12:49:24.027000 +CVE-2023-42039,0,1,271d494fcd7b0539af3fff7843a5fe9f841f8b32234349d30cac003ad18f4a60,2024-09-18T19:15:35.113000 CVE-2023-4204,0,0,7719117f9ca1effd02737231fbfb21b03eba1f53133348b1dbf76f2d2b49945c,2023-08-24T15:50:59.857000 CVE-2023-42040,0,0,13548a05d61db1e3f97aff252ac0a2f57fa2cdb1cd29896db6161b551be55401,2024-05-03T12:49:24.027000 CVE-2023-42041,0,0,850d6ba472c9a0118295bc42864b625e7779587d5ead2c2a90ad352db477672e,2024-05-03T12:49:24.027000 @@ -231883,12 +231886,12 @@ CVE-2023-42096,0,0,240d9db32f24ab1626a41509d67389bf60e923fcf3b5e4dc6382dfa72b81c CVE-2023-42097,0,0,239070b6f2e4736c331b6f929dcedf2cf50e4ed709d7225293b44ac8d5520fd7,2024-05-23T20:26:16.510000 CVE-2023-42098,0,0,12d1697438d4f79167c34644cd3fad25c7ba3c099f7890039498de4ed1478fa4,2024-05-03T12:49:24.027000 CVE-2023-42099,0,0,0d5b18cbe3f1840f59e70d0f8a8af049d7f86ee1690ad96c9416ac4ddc27f1da,2024-05-03T12:49:24.027000 -CVE-2023-42100,0,0,9bfff134184055ee4a2adc8ae09f9558ca6ae2d04637af05a3dbcd113830ce2c,2024-05-03T12:49:24.027000 -CVE-2023-42101,0,0,264da2f43d07e29c7503bf42fac359ec173362ae059b86c86f3f4c9a73ff91a8,2024-05-03T12:49:24.027000 -CVE-2023-42102,0,0,9de84d76cb7e6f2f3e89a1387484b41dca89ce6c7928a4d6b91307f4e2e7948d,2024-05-03T12:49:24.027000 -CVE-2023-42103,0,0,dabb4e1397c3867518759a781b5d02ee258a3af4315648f0200aa2a7ae4109fa,2024-05-03T12:49:24.027000 -CVE-2023-42104,0,0,1cb78ef6f45269359675af493a4599ed202b76ae38274d5c42445e7bb8a0bf42,2024-05-03T12:49:24.027000 -CVE-2023-42105,0,0,091fe461205de7101fb24ddef99423d9267b9ee374df4e7b2862d109bb038760,2024-05-03T12:49:24.027000 +CVE-2023-42100,0,1,f307f7601f13f6f3115c996e977e3258ab68fc3106f9029073af685eb3624556,2024-09-18T19:15:35.213000 +CVE-2023-42101,0,1,1ae544409f73594f8275c7eebc09456ce4d29c5359256fe50054a19730769729,2024-09-18T19:15:35.303000 +CVE-2023-42102,0,1,5b1b789b34daf386d7766bd0f7cd49c5e2dc134e8e49a39e9e50b5df67a59cb1,2024-09-18T19:15:35.380000 +CVE-2023-42103,0,1,35a5e29e42021c84f779670e2a307af87c70338508a12af8248c9244426831e0,2024-09-18T19:15:35.463000 +CVE-2023-42104,0,1,772934ccf415b1764d36043b4aa1478defedf796848f2e8b9a45bd14a1be2998,2024-09-18T19:15:35.550000 +CVE-2023-42105,0,1,98b8e57e1ca35f51d4f2f8c6a35a3a2cc3470d5e1dea8adaaaad80fcac754e15,2024-09-18T19:15:35.637000 CVE-2023-42106,0,0,04119732d8e9cabe6bf0270dac3d3ed32bfe30a0fba33d596b1a7bd65599f2db,2024-05-03T12:49:24.027000 CVE-2023-42107,0,0,a4adbaaeab3fefca6245959e839e2b67be11a518b16c07b1ebf3f23829399e55,2024-05-03T12:49:24.027000 CVE-2023-42108,0,0,18e7b31bdcaea0a7da9f0b7482270042258b9a24fc3ccb610a882c24a3878383,2024-05-03T12:49:24.027000 @@ -231898,26 +231901,26 @@ CVE-2023-42110,0,0,fe297725a6b457386e3e1219b4e84eca5fa5c8d7873be61568c00950c3e73 CVE-2023-42111,0,0,9de2b9991998b0aab77d9be306f08eaab3879d8a480818c36d810baddf0bf36e,2024-05-03T12:49:24.027000 CVE-2023-42112,0,0,60b430bfd4c7527b55f39e38a78e3d4afcdc6c5ef1dafa2b4c60d257e6a5e0d5,2024-05-03T12:49:24.027000 CVE-2023-42113,0,0,b260ac5ddabd1b6c4425c750706ec2858373ebb31621750560c47220d0d00758,2024-05-03T12:49:24.027000 -CVE-2023-42114,0,0,d5b556e9153103c7b00700349812331f0ec04bd3169a0ff6330477f28aab09d9,2024-05-03T12:49:24.027000 -CVE-2023-42115,0,0,1badbd4dafe675359ce849496c2ca0208f9bd34c42a413307d59fac8003e158b,2024-05-03T12:49:24.027000 -CVE-2023-42116,0,0,856fc603b19564af1023015632379267a149e800d26f32a5b4f7f4f47974acd7,2024-05-03T12:49:24.027000 +CVE-2023-42114,0,1,5d10f54535c7a9aed94be8ea47d0332594c02d1537de50b83b95ca596fbdc07b,2024-09-18T19:15:35.727000 +CVE-2023-42115,0,1,2f9aab1a3800744ac43b02277379c97dbd2aa3ab94d808a284ee9b6515b116c2,2024-09-18T19:15:35.810000 +CVE-2023-42116,0,1,bed668dc4467534fb59e2f8f447f6d4dee72d33d72b1a134a27c961d59e1a670,2024-09-18T19:15:35.897000 CVE-2023-42117,0,0,2da6af4a5c35058c03e35a6578d141e2e187e5c39e2bf99748fd5ae858eb2456,2024-05-03T12:49:24.027000 -CVE-2023-42118,0,0,5eeaffc7301fae7e6e154f36a18b518c9ed9fe4480e069035c04a597ab8f5f53,2024-05-03T12:49:24.027000 -CVE-2023-42119,0,0,723ede3db6079808998f211fbe1c2948bad8ab52ee0e17f0fbfa8c62adcd5946,2024-05-03T12:49:24.027000 +CVE-2023-42118,0,1,fc18840556f201f608837c057d77f6a44c1a7b1da108a2e7f584b9f8e8b35c97,2024-09-18T19:15:35.980000 +CVE-2023-42119,0,1,70963007733723fbeb8cb6953850d1f32b753a860c969e3a304edf143c330c2b,2024-09-18T19:15:36.067000 CVE-2023-4212,0,0,0c8c0c7e0056dfd3185745d5d5e1fea570091e16b0a105efb15b90ae03043c73,2023-11-07T04:22:20.527000 CVE-2023-42120,0,0,e02c61eca4fd2515fa2f4071b8a4c30f0720af688165bf6bd543aa3199ff5ff9,2024-05-03T12:49:24.027000 CVE-2023-42121,0,0,ddaa980e9deb0c676905ed2da062393ad0b8b5331f0283911e88d3ebaf917455,2024-05-03T12:49:24.027000 CVE-2023-42122,0,0,4fd7a2e752cb3735a2c052d7c9da76f0cbe7e7acfc7d5338e6bfed4b3e74577d,2024-05-03T12:49:24.027000 CVE-2023-42123,0,0,4e6f797dd903e24095a0e6eab4a162a0d8ff4df874aeeaa02c3ff4ebbc7c90a6,2024-05-03T12:49:24.027000 -CVE-2023-42124,0,0,78a7c29008d9171c691cd632d849d4bbdc4fd5e150e667c72d96bcd869d3310d,2024-05-03T12:49:24.027000 -CVE-2023-42125,0,0,d2fe18a76f5cd99d9b9bb0b02ef2ddd9bf5384d3ec7d0b437060c3c70111c105,2024-05-03T12:49:24.027000 +CVE-2023-42124,0,1,c26481eb9748f0b84c024436e26b5ec5b29fbc9d170f50645d050d3d8026a9af,2024-09-18T19:15:36.140000 +CVE-2023-42125,0,1,95832236ff31e3497180be0586aea5581642bba49ed698c23db0e44f55f84cd0,2024-09-18T19:15:36.230000 CVE-2023-42126,0,0,c7a56a5e438ec9bc93ed09117ae02ccd27728dbb25b02d4b1f31d80f7cb54e85,2024-05-03T12:49:24.027000 CVE-2023-42127,0,0,ea40140a5df968823b686f9e326ac904be5a355c302b958a14ac293e512e87d2,2024-05-03T12:49:24.027000 CVE-2023-42128,0,0,8428526f58062db7f00a0440a6241ef9235ebb6eaa366367c7566561ff650987,2024-05-03T12:49:24.027000 -CVE-2023-42129,0,0,393c1d7aa5ac0b2645b08370e81c3956382f7ec163b976ac8e5a6bda14ddd10f,2024-05-03T12:49:24.027000 +CVE-2023-42129,0,1,71b4cd545b6bdd8768364959a4642fd9993f5a1679e4749f6a6c24dbca9c92b2,2024-09-18T19:15:36.390000 CVE-2023-4213,0,0,21c428add2eda2eb8d9843e8f25c420113e0faf0f2737e683526268653817304,2023-11-07T04:22:20.617000 -CVE-2023-42130,0,0,fe5018e3f552419e260c2af570996f8c7416ddee2325534f78b01b1fdbd7f70f,2024-05-03T12:49:24.027000 -CVE-2023-42131,0,0,851b0c124bc0c10cb159c0138777bec4de337691c5d3a48b15d0a3333078d3a3,2024-05-03T12:49:24.027000 +CVE-2023-42130,0,1,0241b38800c234ec8e4a2ff16f40e83d68c56ec86a9b4257cd78b46e40a43fab,2024-09-18T19:15:36.470000 +CVE-2023-42131,0,1,4e0f01a335565af1d2caffbcb3515b0a5bc3abdb5520eb1e67adabde374601fe,2024-09-18T19:15:36.553000 CVE-2023-42132,0,0,b3614605e58c2ad6bb3381e3dd9a9ae21953bc0309c61010e3af35ddfe93114f,2023-10-03T20:56:24.067000 CVE-2023-42134,0,0,4ee57071d16fbebb2fd73b2c73a537f320f9d80ad77a4c87162327571d527be7,2024-01-19T16:14:39.460000 CVE-2023-42135,0,0,821bba39ae16d97a24fd2a276b98c40666b66d2f666e958c2c85468b96464bbb,2024-01-19T15:47:29.607000 @@ -233185,7 +233188,7 @@ CVE-2023-4409,0,0,b72041b7f9cdfeef3718fabf187518ca48bca6924a33bd70ada5c1504adb23 CVE-2023-44090,0,0,47c75449add0b7fa37849b999ed6e0e6a64eb722b158a9f4459f02eb302bcd2e,2024-03-20T13:00:16.367000 CVE-2023-44091,0,0,b03d92935285487dd076e8aadcfbe0c313379212aa4e98b4cdcf457770b8f294,2024-03-20T13:00:16.367000 CVE-2023-44092,0,0,aa6e6f00f8a3f49239128f4a154a6bec06baf6c601d319d2e607057c67bb62f3,2024-03-20T13:00:16.367000 -CVE-2023-44093,0,1,e6da90eaebeb20364420a7cc2f5826477bc43f97ab85f7cdf1d00f3dc4eafb81,2024-09-18T16:35:02.680000 +CVE-2023-44093,0,0,e6da90eaebeb20364420a7cc2f5826477bc43f97ab85f7cdf1d00f3dc4eafb81,2024-09-18T16:35:02.680000 CVE-2023-44094,0,0,2e86b5f5609b87be9f2024ac48f911303bc99dfc7d7b51a18450901077de9b3e,2023-10-17T20:15:37.950000 CVE-2023-44095,0,0,20cd361979a28419df77e65a9d79a673c474997897db21263296b74b0b7b429c,2023-10-18T19:56:03.400000 CVE-2023-44096,0,0,376479ad73f7acdbf488fb24d5d155cb6eaa77c417dfeb1a01ffe235128cbbed,2023-10-16T16:44:13.867000 @@ -233199,9 +233202,9 @@ CVE-2023-44102,0,0,cb2c868cef22e209bfc7e8d44d79d4722862c6534c56fc66469929f763337 CVE-2023-44103,0,0,36561301bd440c63608dff916e3e1c64b9e4381f5d67ed6d05df42070870c437,2023-10-16T14:09:47.430000 CVE-2023-44104,0,0,741ba87bf07130e8062c2028b84be5fff78da6b429799f8e51783319789c4a54,2023-10-16T14:12:54.343000 CVE-2023-44105,0,0,48f70b07e55100e2c888adbd99b3bca701ceb55c7df33fd1d42bf5b1ee2317fe,2023-10-13T20:05:12.087000 -CVE-2023-44106,0,1,6213f30ff4b50712e15cd496746091d5f8c742003a5f8ddf4cabe372228cf928,2024-09-18T16:35:04.117000 +CVE-2023-44106,0,0,6213f30ff4b50712e15cd496746091d5f8c742003a5f8ddf4cabe372228cf928,2024-09-18T16:35:04.117000 CVE-2023-44107,0,0,539be1c7479f708064fe24db4c75d1cfe383994d92e0303441ac804c74817aa4,2023-10-15T01:38:58.053000 -CVE-2023-44108,0,0,4d0e8048b91bebdd1711ad1e3a3e93e8b14e509db45311931d92fbfe7ac430a5,2023-10-15T01:44:06.033000 +CVE-2023-44108,0,1,5a948c8ca76e440df4cdc020e2b4eb4ec13380f9e09b22dcb981bb2c111a09b6,2024-09-18T18:35:05.453000 CVE-2023-44109,0,0,7c8fba7c91631df7d6a54ae11b9d62d838ed25609d02c64b3e08c5c02ad588df,2024-02-01T01:09:11.587000 CVE-2023-4411,0,0,6e725a6355592906aa726b75cfa40dd898dfaa8ce2088ab50158f3f470f0279a,2024-05-17T02:31:32.400000 CVE-2023-44110,0,0,6da985b2f0aa8cfb90e8416c0becac5ed4cfc8fa06677e5f03d25c0397429276,2023-10-14T02:19:27.097000 @@ -233490,14 +233493,14 @@ CVE-2023-44407,0,0,b36fc6bb09434af4ac80d1d8d66f80cf51a6b6d76342d3d8ccfe2a302f8c1 CVE-2023-44408,0,0,3aa45856cb88cc8bd75cb3f64cb0b26210b09a1b3ad47f1de91843dac03edaee,2024-05-03T12:49:24.027000 CVE-2023-44409,0,0,994bc5a655d9eaf83957c3c8263c94f2cdaf77a64e58be6e954c3bbbb0f8e225,2024-05-03T12:49:24.027000 CVE-2023-4441,0,0,1ca47be4b77ef78ae35bd3559fed4433681b74710d2bfc6d758fb8e6ebd02e6e,2024-05-17T02:31:34.107000 -CVE-2023-44410,0,0,c8ef7e9d4f923e4950251dbf45521d5eed0ac625103a6ca178ea937398ef94d1,2024-05-03T12:49:24.027000 +CVE-2023-44410,0,1,ee72d2a5956b32872a545687e2bb7a415fbfc0bce279a4fba4b052a05f5b2daf,2024-09-18T19:15:36.707000 CVE-2023-44411,0,0,6f83379a221eb1ba238fb8ea8da0e5060cbb41813f40982815314a31900d9904,2024-05-03T12:49:24.027000 CVE-2023-44412,0,0,bb9f09947c544d37d22f51a58123aee9d3402d35f62344568f44766cff46d228,2024-05-03T12:49:24.027000 CVE-2023-44413,0,0,590640770070ab7d1a3e233d5dad7eca38771706242bf6fa43491c31b7489220,2024-05-03T12:49:24.027000 CVE-2023-44414,0,0,32d3169b89fe2bd3bbbda6df91e87bbe268c4cb4c9639e5d2725633a4fcc0e0b,2024-05-03T12:49:24.027000 -CVE-2023-44415,0,0,da6f836028ffde09a3c6dc79572853a4ceafb404fa2c66727340092b78c5d2d4,2024-05-03T12:49:24.027000 -CVE-2023-44416,0,0,747d4fb61ea4d5b8aacdb5195682270b1be1b466043ba924c630000bd14b8d32,2024-05-03T12:49:24.027000 -CVE-2023-44417,0,0,4d8fb08a24bf53d7eec8c5fdb9222a25622ba59eadf861987fd3ce3c076512ac,2024-05-03T12:49:24.027000 +CVE-2023-44415,0,1,533809dd3eebe3251c73544ebb9b44db5da0a9b5c905906949d3e0ab62a11740,2024-09-18T19:15:37.127000 +CVE-2023-44416,0,1,e268204686b10efa14933801a579c769819456e296c7f9c37233b547788c31fb,2024-09-18T19:15:37.213000 +CVE-2023-44417,0,1,1de8e152fef50c9f192e1ca1a93cad402f1f889fe6be8c8f75945f2fba8a5c1b,2024-09-18T19:15:37.297000 CVE-2023-44418,0,0,997e8b5ab162a933a87e14fe13090aaab61bdf89f5869ac3cb11ce0cd9b2bdac,2024-05-03T12:49:24.027000 CVE-2023-44419,0,0,62fec62b3389f59b0fc31bbcc17404ca76a281493d06be3e41ead775d0dac28c,2024-05-03T12:49:24.027000 CVE-2023-4442,0,0,af2d76652d142dbe2dacd2b68fde802dc758b6270fe8cee33a753b0747ee9a0b,2024-05-17T02:31:34.240000 @@ -233515,19 +233518,19 @@ CVE-2023-4443,0,0,89f5f3c292c9ff00a426d186928805fffedaa3c447fe7bd33c75ef443e0e53 CVE-2023-44430,0,0,ebe5b6bba0e30c19033660181be3fe5b2d0584e850f7c3fe5be54301a361006d,2024-05-03T12:48:41.067000 CVE-2023-44431,0,0,6377ae441f6d7fed4fbcdcc9cb4f5a5b48af976d22878ac22140ca9cbd2a2923,2024-05-03T12:48:41.067000 CVE-2023-44432,0,0,105e25ff2c4965b7cbfc97252e784873dfeebe3c044fd90a896089c40dfc457d,2024-05-03T12:48:41.067000 -CVE-2023-44433,0,0,decf74d2449fd6718cfe653d9db12c5b20b1f102b9a95651877159c9e69400ad,2024-05-03T12:48:41.067000 +CVE-2023-44433,0,1,3d7ea0863de2c00189548726ae0e662adb111e26b04f9c6d20299186327a917c,2024-09-18T19:15:37.457000 CVE-2023-44434,0,0,477958949b76c116ef7c4aaf22fa7d9688480d6917630938dc9bfce6053b3294,2024-05-03T12:48:41.067000 CVE-2023-44435,0,0,2976fbb969ff867ddeee2df3611322aa1321e23995d45d96bae798268b865f5a,2024-05-03T12:48:41.067000 CVE-2023-44436,0,0,a9a24fd22b8af01cd8515e1b574c243aa6cd4f8a54fd96b28e18a82168843580,2024-05-03T12:48:41.067000 -CVE-2023-44437,0,0,c22e9a488f341f2e26463b0259d098ce9cd8a0308ca7a08c1e01cd37e3c1b7dc,2024-05-03T12:48:41.067000 -CVE-2023-44438,0,0,51faf3929d52b66188cecec12d9329f31a917fae30c14c305bba52dbdc8f35a7,2024-05-03T12:48:41.067000 -CVE-2023-44439,0,0,713289262669a778995099241900833145cdd99908d35e8da1e2c831692cc4a6,2024-05-03T12:48:41.067000 +CVE-2023-44437,0,1,e432b58398b958e218136ffe82752138a954526c8cc4a0ff9311739db8180788,2024-09-18T19:15:37.760000 +CVE-2023-44438,0,1,57609ea1eb52bc905572c5b9be5d5942d65df762c27e059016b8ea279c9284df,2024-09-18T19:15:37.830000 +CVE-2023-44439,0,1,de49ea22e7f6371a8b19c50c18151b5e3ef79a90f2d97e749ad57c7c77cd353a,2024-09-18T19:15:37.913000 CVE-2023-4444,0,0,6eb77bb80c88e0d83b1a595a93e76e244c8e9122840bc0f53e84497524310346,2024-05-17T02:31:34.443000 -CVE-2023-44440,0,0,1d0a8e84d5ca04d42cd8d50075e52d496702b155ecbb2310414da82b15b1d973,2024-05-03T12:48:41.067000 -CVE-2023-44441,0,0,2281668836d0b8a70f9462da24baa2fd8986cd4bfe5a8dd7c840f95cdb7cd548,2024-05-03T12:48:41.067000 +CVE-2023-44440,0,1,15464ae96a3c8f1c0501b411f10ff07ae45a1bf42da6c17636029287c90a43f3,2024-09-18T19:15:37.997000 +CVE-2023-44441,0,1,8a9f270bb9d77d3b0b654fb6bc7548d773bc13da7b38701b3435a11d2f1fb68e,2024-09-18T19:15:38.090000 CVE-2023-44442,0,0,6e04c2beb60cb375fdac9de1db0ac90b40b2206f98ed5480f2ba8a209af4d4ce,2024-05-03T12:48:41.067000 -CVE-2023-44443,0,0,972fe04f7fbff0936574ccaa1c9c591934b2d1a93fbd1cb6cf4735155079b588,2024-05-03T12:48:41.067000 -CVE-2023-44444,0,0,cc1b8db6492e6681336a4df22574541313d6ebe622b4eda3d6dd5f6f3e810146,2024-05-03T12:48:41.067000 +CVE-2023-44443,0,1,77c9cac9bd5a5df11bc9bc9be8b07bbb23560b19fa3697ea69bbd2883b7acbfe,2024-09-18T19:15:38.167000 +CVE-2023-44444,0,1,79e1b99a05e9e3860db2b5e3bfa11ed799a043f32c5f71503555e78f581f258b,2024-09-18T19:15:38.250000 CVE-2023-44445,0,0,3979ce68dd8a1dbd0dc6d2f33536cb907b2b3759c812679cc5975486365540c8,2024-05-03T12:48:41.067000 CVE-2023-44446,0,0,a9ae985dedfdc0d3a6559e324052eb0c015efaa24851e3f7b4fc4714624efb2e,2024-05-03T12:48:41.067000 CVE-2023-44447,0,0,d8f2c2b83b7347e8237a0fbdec913af490fb51c1ee9360f4e0f47d2c8d84372d,2024-05-03T12:48:41.067000 @@ -234047,7 +234050,7 @@ CVE-2023-45499,0,0,b94fc4cbe7e8f6581972fdd4001072956251f5adba1e96dae5bcc67d96a89 CVE-2023-4550,0,0,3875d2ef928bb2ce7bc2731ff3fd246e8c140e8ac5064f7af0ae86a5a345a2a6,2024-02-05T18:30:53.983000 CVE-2023-45503,0,0,0bcc6bee1985b91dfb34ba4df83762a6c6977dcacd78e3459a513da67f8664ae,2024-08-01T13:44:57.620000 CVE-2023-4551,0,0,30c450811df944077c61b850656a1ad83903b648c76a118de39bc5f11543f4ad,2024-02-05T22:02:02.550000 -CVE-2023-45510,0,0,f2546ff9b0af948c39cb4f7f24ea5054e847f018bad13673f9c1f34423bc8ea0,2023-10-18T13:00:07.247000 +CVE-2023-45510,0,1,95ec13089e5a8f1f6f38bec4a800643c30de82e9ef02421078bf52c52538a7d0,2024-09-18T19:35:08.307000 CVE-2023-45511,0,0,3dfbbc8b2cba8609d5ecabe922fd4ad7109660263a629d88090eb6b2af13ba93,2023-10-18T12:59:41.747000 CVE-2023-4552,0,0,f0537603c3e5921898d4c4486b214591cfc8340feaf410d7a71774714a6fb778,2024-02-05T21:59:35.087000 CVE-2023-4553,0,0,7f7b3a1004c52632b83f35e4ed5b600ac3f6bf55e8037452043bd49f8b38d638,2024-02-05T21:56:14.073000 @@ -234684,7 +234687,7 @@ CVE-2023-46331,0,0,04cd61dfd10963dca9fbcf837dea9f8020c410bf57e5d2798677244025b8b CVE-2023-46332,0,0,6c9559cbc141af18bf835d306eccb7709cce74f80bbd9e0fbef45908546c332c,2023-10-30T19:49:15.050000 CVE-2023-4634,0,0,bf7d08858f3a3f582f40dbe02868443761c24fab9208b3b2fbb736c9abe1e825,2023-11-07T04:22:48.157000 CVE-2023-46343,0,0,ef8e988e646ba4c0215f7ee2afd0886d674afe5087c355e7ed7e301ff8dcfb19,2024-01-29T22:51:18.303000 -CVE-2023-46344,0,0,d220686f5812e86f851f9e8ac5b2a1c2731e01d336f029775cf009e454d69f78,2024-02-09T19:43:40.177000 +CVE-2023-46344,0,1,5736d8cfde20b73327fbebdc77ca1b8d417cdd5df4a924540b1648e975c6f2d5,2024-09-18T19:15:38.530000 CVE-2023-46345,0,0,55ca20c0ef63e29c15c36f7e62c2585d7978da71058f53bfa1bdd49f3888824d,2023-11-03T18:08:37.197000 CVE-2023-46346,0,0,daecd27fc8f2fd4c198e7949e808230ee5fb479c940371b1e54b87fb00266a9c,2024-09-11T20:35:08.777000 CVE-2023-46347,0,0,95e0239e93985a03781fe39c8d15effed111f0245b336d3e67ccfa775cce5af5,2024-09-11T21:35:05.457000 @@ -235247,7 +235250,7 @@ CVE-2023-47100,0,0,ff970e0bbee0da60d74f669b9fb5cb216763ce026187e12f8579e05200812 CVE-2023-47101,0,0,8e6edd25cda6a591046fe983528e0a18fc64caa5bb33128c51155cd1de08a87e,2024-09-09T21:35:04.033000 CVE-2023-47102,0,0,bb32c5cb2274f695bb77b1dcabc1de081035b480bea1daa5bd9c69bcfd55cd77,2024-09-05T15:35:18.967000 CVE-2023-47104,0,0,a37a236519348a3781a21a1de0f9441014abbe03c8d36d3b50f8a015a7854ef5,2024-09-09T21:35:05.027000 -CVE-2023-47105,1,1,ed4d429e6fc34c3e324554afa56e02385162776339c8a283c4c19e5411e48ae3,2024-09-18T17:15:18.277000 +CVE-2023-47105,0,1,5cf15f1266a0b31eb246a6910002d8705e4ec03226bb3c929ea366f22d33975f,2024-09-18T19:35:09.023000 CVE-2023-47106,0,0,274f9f8003b54fe6ff33410b194e51c238d7f0e1d1e6019e27d3ee23d36974d3,2023-12-07T21:01:57.647000 CVE-2023-47107,0,0,62b3eb30757fd38e881b6505c45a9191d7dd7c665bbdd43f636c7f315820da31,2023-11-16T14:27:03.320000 CVE-2023-47108,0,0,e1878aaf9ec42eaeb46d72dc6612bfb6a1c8ce4d93ded369cdc526dd853945a6,2023-11-20T19:34:26.493000 @@ -235901,7 +235904,7 @@ CVE-2023-4816,0,0,90b20067076355462cea63668d7d1f70b5bce794b9c85a4b5247192748c982 CVE-2023-48161,0,0,5f227f88224a25f0981451dc3f6576e18f3ab0aeb112343704f86ed43d2a330d,2023-11-29T18:48:53.683000 CVE-2023-48166,0,0,64c113268e4ebd6cc8fb3ea7fc24c3bce04e60808f1e16bf9f7c84cc706bd030,2024-01-22T19:21:48.260000 CVE-2023-4817,0,0,66b9317b8b341b3c6f85e7870e90748e4d6a86dfea30b64fc5b4019933f60d15,2023-10-05T00:55:56.257000 -CVE-2023-48171,0,0,89a2853931c612ef03e79651b11a0fb6ea3b51c8473c6885930059c475d95ee2,2024-08-13T19:35:01.050000 +CVE-2023-48171,0,1,6326cb8d81d428a9f4381270fc2ce963d0ad0058312b77c3d694b3258e3a7cbb,2024-09-18T18:54:08.080000 CVE-2023-48172,0,0,0e78c6c737f4aa94c295f39e3b2f6c04b05dd97deb3b6a7475ffc20424f8ee86,2023-12-09T04:46:27.490000 CVE-2023-48176,0,0,5229479ea70d793012d98b28f5832b18c29ca0585926ac2e2e1991c088531620,2023-11-30T20:21:54.850000 CVE-2023-4818,0,0,c99fef0e43e54a7e397a1f19b3703f45e3876ee2d790b03b384938f06570625f,2024-01-19T16:35:49.683000 @@ -236779,7 +236782,7 @@ CVE-2023-49195,0,0,239193d980cfd4324773344b0a932e91919adfb3eac7f01f4cac2dbd41501 CVE-2023-49197,0,0,87fee8cafa9bc5eebe7f1b14f5bce64e09cfb3c60a34a1183c07dca6faf91be6,2023-12-21T17:26:04.913000 CVE-2023-49198,0,0,ac19da202070e70cbe33e0e7f0d8ec06a1ef23f683cbf1d8c569adca8420cbd3,2024-08-23T16:56:50.683000 CVE-2023-4920,0,0,750757ff4ce213882eeb3b1cbdf16aac49f85b0688b4847bcc0bc2036d6471f3,2023-11-07T04:23:10.193000 -CVE-2023-49203,0,0,5d66f4e0a7f6892566206caf2d40cd3786f36a7125124f48fe8018bd3fa054d9,2024-09-18T15:15:14.513000 +CVE-2023-49203,0,1,88a31a8718672d5a37324674732d432a3eef562259f0dbe7bf88ecdcaee1d5e1,2024-09-18T19:35:09.870000 CVE-2023-49208,0,0,2a9e047f121c5391d797b355b9800029d03397ffa5606d306303c89458886565,2023-11-30T20:47:45.190000 CVE-2023-4921,0,0,f6caa99aaa8bd9b77f1b8ba6041c425c337fb5660ab8fed5a711e5fb5a689b43,2024-08-26T16:06:55.377000 CVE-2023-49210,0,0,9b911dd5ab2028f37c1c50f777fb24f7d718b5c731a8746dbf32546fd1c0fe16,2024-08-02T22:16:01.363000 @@ -237455,11 +237458,11 @@ CVE-2023-50220,0,0,eb1f5b7dfda9456f9d12421c5e8b0fd32c643bbf074b2258e53882e8d246f CVE-2023-50221,0,0,ce9a635e995721a911cfc1612acdd6b85cf8da288fca53e57b9ef939da54efe9,2024-05-03T12:48:41.067000 CVE-2023-50222,0,0,1ec691fbfff7f09858a0396efd88fa8cd7450fdb996f88d6f0c0571e5cb4aabf,2024-05-03T12:48:41.067000 CVE-2023-50223,0,0,df3beff6b8b1c0265cb24c60eec719a88dd3a1c1d6ccdf4893ef3075c16893c1,2024-05-03T12:48:41.067000 -CVE-2023-50224,0,0,6fa105e133ce8550e90d75bf0de0bb27afe037357b1162a69bf74fabc7d9db0a,2024-05-03T12:48:41.067000 -CVE-2023-50225,0,0,6574b46cf8bcdb805d5fd6171b3554376a726206cf12c4d69e79716ef2c2c22d,2024-05-03T12:48:41.067000 -CVE-2023-50226,0,0,fa8f3c6763a5108b0105e63b981d25056fdc9cdd332dc330fd43aa62a180133f,2024-05-03T12:48:41.067000 -CVE-2023-50227,0,0,7a63e53951eab86f732f35c3d4e0c0769f2344dee80b9ae1d3ecde49cccc26af,2024-05-03T12:48:41.067000 -CVE-2023-50228,0,0,0e09d74c4810f3288e44b30054cd8c333eabf6a27a5e5f00de50957a8d6d66ef,2024-05-03T12:48:41.067000 +CVE-2023-50224,0,1,5cbf669a3da45745591ea7c4a961af77500a79ec62e43dec94ba6e551c2cbd93,2024-09-18T19:15:38.687000 +CVE-2023-50225,0,1,3f4f78d44ce5ae737dc3f84ca6094d2f4cf80d5e9920f82b9c91817646455572,2024-09-18T19:15:38.790000 +CVE-2023-50226,0,1,2b8543db0879ff5dd47eee5ec690c7b980a372dd07c357dcfdf856f04809a4cd,2024-09-18T19:15:38.883000 +CVE-2023-50227,0,1,7d363f208a8ccf8621b0f8bb3ccb26a158b5e36da338163b25700887dd33d07c,2024-09-18T19:15:38.977000 +CVE-2023-50228,0,1,b079a2dd7a5787bc621ffee0d19f3a66ed452faca38ad02bfedf232303fc7fe5,2024-09-18T19:15:39.070000 CVE-2023-50229,0,0,57b17f12fe429b822806764d096c7fecf4ee7747d5f7dc3e907aafdbf6c278cb,2024-05-03T12:48:41.067000 CVE-2023-5023,0,0,f9e4a3ea538caca82b77a5139206ad2edfc032e9c31d3a8541c96368958e8176,2024-05-17T02:32:47.040000 CVE-2023-50230,0,0,10277def6477c1d9ed4ac1fc0cd6fe10b6eed2677935b9b91d58b5e8b82a9487,2024-05-03T12:48:41.067000 @@ -238305,22 +238308,22 @@ CVE-2023-51593,0,0,e71dbfdd1d7b5664f4adf92998fdef8cd1a00c417c65bc4c213c82334c40f CVE-2023-51594,0,0,2f9ffe4fdf4fa61a5b5dd2c6312feba4a43794a0942f8d93f3ec9fe262febd14,2024-05-03T12:48:41.067000 CVE-2023-51595,0,0,7889d6d3f94706dcdb25d03d6cc41dcc50a859722232a3187cb70dd00af629e1,2024-05-03T12:48:41.067000 CVE-2023-51596,0,0,8c6160ce5e83347d11ace47bbfc03981910add88206f8ddf1387cbae8f606d3c,2024-05-03T12:48:41.067000 -CVE-2023-51597,0,0,d955c074ea1bd63a379d718e613d6aa6d683a277a660df25178dfdf98ca8e20a,2024-05-03T12:48:41.067000 +CVE-2023-51597,0,1,a53cc913029ef9a6df3a294a031766ca3e6bceedfe5c82d49fa71043366e9657,2024-09-18T19:15:39.640000 CVE-2023-51598,0,0,05ababb52001a1aaca4a1baf45af5ef86e9ac856f47ff87ad6ec093e39fe558a,2024-05-03T12:48:41.067000 -CVE-2023-51599,0,0,19eaf327cead46a7b9fb9866df8146bb1ccb152a93ad059ef6a104065d9aec60,2024-05-03T12:48:41.067000 +CVE-2023-51599,0,1,f6de9388176caba905e4375995b2c7ed41b7bc87f153262f0aa125579d21f9c5,2024-09-18T19:15:39.723000 CVE-2023-5160,0,0,e3140c346afbe2db8a5bd0c0972e6c94faa653c78696d916f6e5338cb07b4d3c,2023-10-04T12:18:36.543000 -CVE-2023-51600,0,0,5f192ca44395f3a26a0b98830bb79c46ee88d19d3f8838889a6534bc26abd27d,2024-05-03T12:48:41.067000 -CVE-2023-51601,0,0,87dc5204c47b0ef12e40d9a7acccc0ddcf2fa8a6f5ffd96bd81c63553aa1c73b,2024-05-03T12:48:41.067000 -CVE-2023-51602,0,0,b426872fd050b3eda70eb75a232b1d46c6f4bd5e6e542a104229dfbc0476350e,2024-05-03T12:48:41.067000 -CVE-2023-51603,0,0,2cb07f37857a18dcd3b5318703ee095fe2de6a8de05e16f57a63f62e88db0716,2024-05-03T12:48:41.067000 -CVE-2023-51604,0,0,73962abf2427191e9eb887bb623cfadcb0ef54403d613edb2b77be950f31022f,2024-05-03T12:48:41.067000 -CVE-2023-51605,0,0,362c3f7b8b0fb0c363cf4ec1e3995cb67919ad3bf8c16a9bc1f5b519e63cf0e9,2024-05-03T12:48:41.067000 +CVE-2023-51600,0,1,a16c7056962bd412f2731b86c32241325faf825e71fa4daf64f723afc70b45cb,2024-09-18T19:15:39.800000 +CVE-2023-51601,0,1,a132d55823c6523a2d157368dbfdfc2cd65e6e8199e8abc2e254190384952f87,2024-09-18T19:15:39.890000 +CVE-2023-51602,0,1,612e1d2e01d78e986f750f6940fd30480a7a467da35e9b4bb868f02926048224,2024-09-18T19:15:39.977000 +CVE-2023-51603,0,1,a95c823cfdcdef9f7cea2d43a091febb506bc23488262cf987f8edd49a6fb792,2024-09-18T19:15:40.057000 +CVE-2023-51604,0,1,983dc694da3a31b9fa9f3b603fd74b5c514f90add15543c2c8dfe07f60a5d194,2024-09-18T19:15:40.130000 +CVE-2023-51605,0,1,d1e76942475a36e447303e2d0dcd670788e055f3d690286249eafbe49f611351,2024-09-18T19:15:40.210000 CVE-2023-51606,0,0,e532628d59390864e877fca054d2c246a588807f8d5cb88548f0f4421d7292eb,2024-05-09T23:15:06.427000 CVE-2023-51607,0,0,a95cdf6f8320eb65e6a2ce27cad4cb5573c9235367c6fcf593633eef4bbdcf4e,2024-05-03T12:48:41.067000 CVE-2023-51608,0,0,6d43655fdcdd3ba94f5da7433ae1b413f82e8a1bcd8be69fd0cbed01296e5791,2024-05-03T12:48:41.067000 CVE-2023-51609,0,0,acf1859d7ea2d4e3d006ccb5b2aa39ba55bfd26538851d4c8c8303800943c9cb,2024-05-03T12:48:41.067000 CVE-2023-5161,0,0,54d57d98bc24ce673ce185f8db8385951ab5c099ea08d75b47219a1ada967f5c,2023-11-07T04:23:34.217000 -CVE-2023-51610,0,0,cf078fa3f1b0e04cbbca06f7f176cfa0f02240f08c265a58bb6690e3fef83e87,2024-05-03T12:48:41.067000 +CVE-2023-51610,0,1,f6fbb4fa4f462d37842170b4ae9d42bef08e33bf28abf73e11d435d73b1367c8,2024-09-18T19:15:40.517000 CVE-2023-51611,0,0,86b9ce3eaf5bb17ab2ddd11cefc4563208b6c30e764a746a5dc695a36b8a4e58,2024-05-03T12:48:41.067000 CVE-2023-51612,0,0,ea5662e82a12149baea659e83b27fef3f60e97d21160cc1b1b1a0b032c4da17c,2024-05-03T12:48:41.067000 CVE-2023-51613,0,0,b188414efc908391ba591a52dcd05ad4726c6c2e7fc678c7e92f955dbaf56dea,2024-05-03T12:48:41.067000 @@ -243257,7 +243260,7 @@ CVE-2024-20419,0,0,0795f6e87845f9b46dc3400495c49fb48a047d8ed4e9d1842a04ff7724f0a CVE-2024-2042,0,0,148bfce3b5f48e2144e9167826ed5f6f120e539bf15296a435b2ce580e8b1f74,2024-03-17T22:38:29.433000 CVE-2024-20429,0,0,f467ae3dedce5a1f38518317999bbc8fc79bc2960eb95679505ee1fcb992ae20,2024-07-18T12:28:43.707000 CVE-2024-2043,0,0,7a3896d230f6f1ae602a08f92e2eaaa644b5893021849dee8a675eb9b7c81e88,2024-05-02T18:00:37.360000 -CVE-2024-20430,0,0,05bf2afb1a0c8eba960891871261fdbc177b03f48a188d86b849cabe3185170e,2024-09-12T21:34:55.633000 +CVE-2024-20430,0,1,10fa05ef1e262e03d3ec6f9856a4fd60e476d60000f282e33b3976f1a0227974,2024-09-18T18:56:05.510000 CVE-2024-20435,0,0,bea0a896db86de220514ce1618de53b05523503910f680b3361f4c8bb8734dd9,2024-07-18T12:28:43.707000 CVE-2024-20439,0,0,d6b5bcbae917ca310708f2b3bf5f6e48a7ee01ce537e933ecbd837bca81ceec5,2024-09-13T19:35:32.477000 CVE-2024-2044,0,0,20580816ecbcb2d456bf5030911ad2dbba893322604e54631bb30d65d5e1ff74,2024-08-01T13:49:39.293000 @@ -248035,8 +248038,8 @@ CVE-2024-27108,0,0,493dc170d19befc3ab21d1472262747c78736b241c238bf3cc9e1fd81e388 CVE-2024-27109,0,0,d3f8df7e2e16d6aee5f99946bcfb2fb0ff8c289ba8999eb65f0360c55dca0187,2024-05-14T19:17:55.627000 CVE-2024-2711,0,0,50ffd1863952a28cb20d757a1f3a8a646342dad98b8dd38660e5f27155377268,2024-05-17T02:38:26.583000 CVE-2024-27110,0,0,cbd5f20a9295447075c0d9ddae39d8a0518f51482cf9653676931acac4a2af17,2024-05-14T19:17:55.627000 -CVE-2024-27112,0,0,2a24fbfabad40cd65c56d3dcfde84d42e1a7a2960d75a79fabe252e7300360be,2024-09-11T16:26:11.920000 -CVE-2024-27113,0,0,fd23ddd61d30230a6d9cd531dc90e151b25aeece32893284bb3ad5614551a47e,2024-09-11T16:26:11.920000 +CVE-2024-27112,0,1,949ff051b5b5b42334dedac4266e7cb5bb1fd372f26b1ecf9673d6f4e13002d4,2024-09-18T18:42:19.667000 +CVE-2024-27113,0,1,9a87257f07469ccbc6eb220db12603693116f59686a7d4d3f002aa60edbf9379,2024-09-18T18:43:00.140000 CVE-2024-27114,0,0,3e1fae20c9adad815745a794b2932d5ca31de37ce5dbae672cdbb468f3bcdcfb,2024-09-12T14:35:12.397000 CVE-2024-27115,0,0,56e7ca0654a096cd1677b2160e3f94ba06fdae2b71789ca72fd8df0bfd7c75ae,2024-09-11T16:26:11.920000 CVE-2024-2712,0,0,12d5f119117cab5321059a19687d0b6e7d22fe860cd65815723e1f9810583e44,2024-06-27T19:15:13.167000 @@ -249423,7 +249426,7 @@ CVE-2024-2907,0,0,d38c3c5afe0996ef7d2afec58183dacb85dd11333a5da96f4ee973a2358a84 CVE-2024-29070,0,0,7e70b47539b534ac42449ef773f3a05c674c51a40e15b8addbcf7c05c21a85a1,2024-08-01T13:49:24.570000 CVE-2024-29071,0,0,06a4c013d7966a06671f5afa3de9f823a9a7634e70711b0ea0f16d92c424f917,2024-03-25T13:47:14.087000 CVE-2024-29072,0,0,50e2db556663c43fd665c3ae801a5bd36f73f0e7479a230bf4ff9553f9fcd995,2024-06-10T18:15:30.110000 -CVE-2024-29073,0,0,df9a131494708ed1fd215e0fba4941e8ea443149ac4f971c81e7fce1b66a154b,2024-09-16T19:47:24.137000 +CVE-2024-29073,0,1,c7a1ecc52b2710f20eb4ca399da6fabfc271c86a39117df7ecabe6454fad279f,2024-09-18T18:31:42.290000 CVE-2024-29074,0,0,dae045c5f696de776b77da3987f8405651ce1bf4fa99e4d5313acc43e5165076,2024-04-02T12:50:42.233000 CVE-2024-29078,0,0,a4fab3b35091f8fd08881f2bf49d899dc5478faeb8df15472b3560684c1a5420,2024-05-28T12:39:28.377000 CVE-2024-2908,0,0,3845fc124bc9f710736d5363f9b086190df4e2925cb4e5b4a7eb9455fd55b3c6,2024-07-03T01:53:38.703000 @@ -252945,6 +252948,7 @@ CVE-2024-3405,0,0,1a36e7936640d8ee3b950dcf5e1524049898a441fb6f4e16f7e747a8431e73 CVE-2024-34050,0,0,44c48f4071fada74be495a02e6832030ef2b56f478d8d3c41b6b32ec804128b6,2024-08-01T13:52:14.410000 CVE-2024-34051,0,0,a8120ee635d56801294cebdedb69db5ed1626c2ec52a245c57ea4ea12a675bfb,2024-08-20T16:35:10.510000 CVE-2024-34055,0,0,7427a319dd0c198f833560a21a2edb42d0df57c5ad7676dbca6086efaa896fb1,2024-06-14T06:15:11.650000 +CVE-2024-34057,1,1,a62f75fa316f7a87338298fde4a6f1af7e380133b3c0048947c7b96ae3a0f313,2024-09-18T19:15:40.777000 CVE-2024-34058,0,0,cfbb8590d55f48cefc143414c8f3d439d56763f898de84d852e391cab57a6cc6,2024-07-03T01:59:19.210000 CVE-2024-3406,0,0,43419e68856488b4b180d817f6df1b0507098cc5d23fc41e4c9ff5a45a3194f6,2024-08-12T19:35:11.330000 CVE-2024-34060,0,0,2c26fe7958cdb41774953e3a2b34d9d42eff17a3a4c0aa9130168786a97a1825,2024-05-24T01:15:30.977000 @@ -253186,6 +253190,7 @@ CVE-2024-34392,0,0,95f700dedff586182f66d1ca5e7da764d337c16226845e0ee1ec7b84b40d6 CVE-2024-34393,0,0,9d61a4306d036e5052fc5d8b364b63a626c2cc9af434ed24e38ecec71df608d5,2024-05-03T12:50:34.250000 CVE-2024-34394,0,0,9d971c1ec9518d2a1ce0c68b603eddff6cf55abad02bc9ebdbbffcbdf77796e3,2024-05-03T12:50:34.250000 CVE-2024-34397,0,0,16b5c41784e4f3ba325a2b1735509d7fce68bb2c9a1b2765d2c61257921c1fa2,2024-06-10T18:15:34.863000 +CVE-2024-34399,1,1,c520724abdd9728fa82d7b1bf030315fdf7490cb3ec788229b32264ba692a73b,2024-09-18T19:35:11.240000 CVE-2024-3440,0,0,534ad01cc4d99b7aec93fa9eb5959ed4cc5d68a1c33a8c467ae485dbc87a6451,2024-05-17T02:39:56.370000 CVE-2024-34400,0,0,1bca49bc8c0dee071844795fcbc00247b784cd5c7eae97a5694b29753f6686dd,2024-06-26T12:44:29.693000 CVE-2024-34401,0,0,27b9367da2f161e981b1286c7a0adf44c7e4e274412f5e7a72f3e98a3426afa2,2024-05-03T12:50:34.250000 @@ -253888,7 +253893,7 @@ CVE-2024-3551,0,0,66b014d685e7b98f0edafdd7cdd0ca69eb0c14e102cb460567e00480c77071 CVE-2024-35510,0,0,caaffeb522a9243cb4a1bb41637eced11d63455c55d5f889189d39467161eb6a,2024-07-03T02:01:46.810000 CVE-2024-35511,0,0,0925e571054fff897af51a6c91c2579c2749b26c74104183a16b37d4fa6c6517,2024-07-03T02:01:47.583000 CVE-2024-35512,0,0,b896e4527afcecfdf8ee8b9a5d8645a7997efcebb8181c42302f1215247b04ab,2024-08-22T21:35:05.483000 -CVE-2024-35515,0,0,9a5b085b0e8562065965ac0ac128d7b82a96100a6af3e3ce88a5ba2a2f78dbfd,2024-09-18T15:15:14.843000 +CVE-2024-35515,0,1,cdc9359a842ad64a9193b3c4c3a3196b69458c7bf981dda18419934c17c92bbb,2024-09-18T18:35:08.403000 CVE-2024-3552,0,0,b573d704f72bfadd96d903b41988b7617b9a930535c0b223b9c260b4778dcd0d,2024-07-02T14:45:34.543000 CVE-2024-35526,0,0,45f791392c66ed8c499767ccc3e4221d8293b29407aac62d7317c3cd0f64f171,2024-06-26T12:44:29.693000 CVE-2024-35527,0,0,72600462defbad3d94b9b914561cd106abcd4f14940c552d4d0bd67292ce0acb,2024-08-12T19:35:08.817000 @@ -254277,7 +254282,7 @@ CVE-2024-3594,0,0,1fcc427f6e76d134c9c043bc92e809df42d05397e52529d77504b8d09b2dcb CVE-2024-35940,0,0,b08ae3e28ce1cc9b26d64d6b775e601cf3596ae7d2a997a66815bb5af70dc7d0,2024-06-25T22:15:33.483000 CVE-2024-35941,0,0,ba407971e3e616405717173ba5f7515a688bcbca7a950312e8dced7df30c0709,2024-06-04T13:15:52.613000 CVE-2024-35942,0,0,40f224f064e6a898e187afe75823a7f4788f4ce15930d6d1573d2f084d68cfd5,2024-05-20T13:00:04.957000 -CVE-2024-35943,0,0,ac422d6b4570b2e2136feb5424a2caba772e4a7a0a1cfbe27b77279e91568a85,2024-05-20T13:00:04.957000 +CVE-2024-35943,0,1,b04e983e56e1c9d7081132a05bf0f0262e78b88cb4f2fd9952b8a83736f04e20,2024-09-18T18:15:06.230000 CVE-2024-35944,0,0,0b8fa1460b20d6ae41d4689dcd9629878bd9a25ab0d2ab9ccb19600028fdb51f,2024-06-27T12:15:26.637000 CVE-2024-35945,0,0,0185bd4cabd6e0a379e9ebc2bedca4e6c5d5d2c2f77ee4a77ecd1c628a97c866,2024-05-20T13:00:04.957000 CVE-2024-35946,0,0,00f10c1a184b3e4406a5f235832a88832bc9c4296d0f1672f7ba0e34dcfe4d40,2024-05-20T13:00:04.957000 @@ -255867,7 +255872,7 @@ CVE-2024-38218,0,0,d8154113c709876f61605539852c344572b202f6d86619699565b8c3f572b CVE-2024-38219,0,0,34502e067fd7412232e3cff9d01123fa667f329fff13204df696956cac257c32,2024-08-29T14:45:17.383000 CVE-2024-3822,0,0,51b0f82a9028abb2f3a6ab312236a4c8392000a211092257ada320c541b18cc9,2024-05-15T16:40:19.330000 CVE-2024-38220,0,0,a9016c861c2695b31a1ce105f60c8a7497ab86c35f7fba294238a213f50a54ec,2024-09-17T16:59:37.167000 -CVE-2024-38222,0,0,546082c5b79596cf91835be1f1261e7e773f97fddb9c4b3f28252402882ca020,2024-09-12T12:35:54.013000 +CVE-2024-38222,0,1,a5db0f4814eda956702b6863c4d614a7079e45a1c9850c93f259b800f2bd30ac,2024-09-18T19:01:22.527000 CVE-2024-38223,0,0,bc14ce3f021016f5d7fdf26984192d7afd912fddeb21523c067e8db2fe7a06a5,2024-08-15T20:18:28.240000 CVE-2024-38225,0,0,a8f1d15f2be1c40a6f29c5f7c1fea9920ae59300774a3c9a21af35434dbe2539,2024-09-17T16:58:39.197000 CVE-2024-38226,0,0,4bf5fa6111be97c9b6ca9705aef4b23890b24164017bf51690e04459d4fe4310,2024-09-12T01:00:01.133000 @@ -255908,7 +255913,7 @@ CVE-2024-3826,0,0,121760e16d238bf81106004c4251c8d93e688e0e085277d4609f0e75162701 CVE-2024-38260,0,0,73cef9e77ce89bf4b93fa7a1c854f856e4e4e75ffa70f23f415d57a3b75d2431,2024-09-13T14:53:26.410000 CVE-2024-38263,0,0,f46aea6861be934017dd7285d8a02938dbd0902e0b8a60fe9326066622646e6c,2024-09-13T14:55:01.400000 CVE-2024-3827,0,0,fe9452c74994fbdb1f4a1edea576f588d513e300bcd491a382890605454b836b,2024-08-02T12:59:43.990000 -CVE-2024-38270,0,0,a7e3c9f02d0f7e453ff34e04c4a859b0797321d763a9d9fdcbf2be7383df41e4,2024-09-10T12:09:50.377000 +CVE-2024-38270,0,1,1961d440f3358bfa7071d7e107f3bab1b4b617abe6229812924e38655d765076,2024-09-18T18:23:40.977000 CVE-2024-38271,0,0,a55d517f1e451a20db301f87d88d99f6d0173df1fa03dd913b12a59d024f897d,2024-07-29T22:15:04.757000 CVE-2024-38272,0,0,0d362d9df49b138200ab4f12d59df7df286d43127ca17e43b2d79b45065d1568,2024-07-29T22:15:04.883000 CVE-2024-38273,0,0,98139fcc5d27706ddcb6f85d322a9c3ffe167225916ac0c861ab393656c9d382,2024-06-27T03:15:50.130000 @@ -256048,7 +256053,7 @@ CVE-2024-3848,0,0,3a1e7dbb50cc54ecdbcc89881c429869965f00f9d2e1eb9f088acc297fe892 CVE-2024-38480,0,0,04c4f9e75ecb94da8a57533882d0899c4c9616c45f6d4f0fa40fb0af2c036f64,2024-07-01T12:37:24.220000 CVE-2024-38481,0,0,a84ef873be05988cbfb5d94abd02b4ab54b65ea0e48ede31f1ebc6095538ede7,2024-08-02T13:54:44.360000 CVE-2024-38482,0,0,9abc0a21b4d338765e493606e519fec01088c089d21089e2acce085b7e1d0261,2024-09-05T16:04:53.577000 -CVE-2024-38483,0,0,d89f0c1af2745eaf3307200f5493e8a825a53b577d01487f0db0b0e51a7359ef,2024-08-14T13:00:37.107000 +CVE-2024-38483,0,1,51f88f94318796eba13a7aef4a0099bdc9ac91b78081d907e8da9e4b8d885fde,2024-09-18T19:19:24.453000 CVE-2024-38486,0,0,759a85c3cd19a22621949202d96ae07221ae7065917761b1d1e0f7c3aa0b9ef3,2024-09-13T20:36:08.597000 CVE-2024-38489,0,0,93d5075288eb71dc5e05de45f3028a8abf40e549af9e7f74c8d90c91ab2994de,2024-08-02T13:54:55.697000 CVE-2024-3849,0,0,5306fee696144db88733a07d80a07ecf85ac2a8ec15f60e756615ae8c2f2566c,2024-05-02T18:00:37.360000 @@ -256590,7 +256595,7 @@ CVE-2024-39374,0,0,1c85587299a2e49a1d50d1e204ff31d15b82942479962a6e767f3200acaf8 CVE-2024-39375,0,0,31332bf05b45d0877e0bebd823a0b8990f670564be1a4f26de0abecda30c158b,2024-09-17T18:32:55.790000 CVE-2024-39376,0,0,094b2854b24d67516e532564da0172680d99cf6023e4bba311dd29dab7b73993,2024-09-17T18:32:09.573000 CVE-2024-39377,0,0,d4093cc8449ac626af4e28129374a68e222c3073f7317d50d080ec3d09ca6cf2,2024-09-16T10:30:03.333000 -CVE-2024-39378,0,0,3b61d992513510d880f3841406cf286a1cca8ad174b6153ccc78fa173926cd3a,2024-09-11T16:26:11.920000 +CVE-2024-39378,0,1,78d548832ec8eaca862f31d0849369d8a35a80bd3fe2e2677ab3e2744e35edc4,2024-09-18T19:16:39.390000 CVE-2024-39379,0,0,65a229a7fb72dfe0e8ba40eff3f97a8fa1b1131d67038b157cf08f97d8d0be43,2024-09-16T12:15:02.870000 CVE-2024-3938,0,0,9f6aecdfa53fe6eb1c4aca56683969fdb193b03c1b9229add1400e00af205f88,2024-08-13T14:09:14.087000 CVE-2024-39380,0,0,1910572fe42c7147873be8861011fe1658b3f4e08e9e17ecea7358ec80d109ff,2024-09-13T16:55:04.930000 @@ -256802,7 +256807,7 @@ CVE-2024-39622,0,0,5e7d7bcbe4d60960bcc7d0a35a948631371ae2277c1c9eb9831f372ee1fb9 CVE-2024-39624,0,0,61c5c17120773e760fbae9a7958d22954be8f7c181114c13133411959f35ed43,2024-08-02T12:59:43.990000 CVE-2024-39626,0,0,1b1d91def172e0cc6e757efcafa7943028f614721770775c3d1407b25fc30784,2024-09-17T15:07:49.433000 CVE-2024-39627,0,0,07e13c8e7805345d34bba365100ff9d8fb4b41c5994c06908b9aa5fcd6462ce6,2024-09-11T17:35:37.523000 -CVE-2024-39628,0,1,21626311e4f7b272abd1ea9e299b3f571edb31807e706badf26ecd129be6fd97,2024-09-18T16:59:33.293000 +CVE-2024-39628,0,0,21626311e4f7b272abd1ea9e299b3f571edb31807e706badf26ecd129be6fd97,2024-09-18T16:59:33.293000 CVE-2024-39629,0,0,69d55baba09f40a0592a3b91cd4c35fb4ccff70560751062aa75ee5152b4ad51,2024-09-11T17:35:06.743000 CVE-2024-3963,0,0,51376b7b644c18cc44faec2c04d1e94caccf8dc59a8984cdfb5fb430015f77f8,2024-08-01T13:56:47.180000 CVE-2024-39630,0,0,b9a415bc4650f8f2437ab21ad7881d5052dc8b427d419e2888cd7dd33acceea7,2024-08-02T12:59:43.990000 @@ -256813,11 +256818,11 @@ CVE-2024-39636,0,0,356132dd8c4585470fbd20a2862e8961fed4fe21f88d52a87134f7776cb4d CVE-2024-39637,0,0,c9cd93cf93f9c41475771220e56072736d7ef7107ab49d4cf3bf3069940988e9,2024-08-02T12:59:43.990000 CVE-2024-39638,0,0,cf36aae6a91cc72ba13b071b9e149e2fa798a9f572f58ede9d761408ecfcdde9,2024-09-13T21:00:44.173000 CVE-2024-3964,0,0,9f7a9dcb99a6b1dda9d890f7e0a024c114babf4cc61dfd04fd66f31288d98320,2024-08-01T13:56:47.440000 -CVE-2024-39641,0,1,ca72e5c4e3f4eb62161dc132924c5912f001d38eb9b77d0e12deb21361b22d88,2024-09-18T16:57:25.417000 +CVE-2024-39641,0,0,ca72e5c4e3f4eb62161dc132924c5912f001d38eb9b77d0e12deb21361b22d88,2024-09-18T16:57:25.417000 CVE-2024-39642,0,0,a5907a7ba9601cb47d5213c09a225012a1c028d8945a3fe4fa6d61abfa537ebb,2024-08-13T12:58:25.437000 CVE-2024-39643,0,0,1dded6874da74e5afbb63537b6a34aae6868db25023597eaaaf8ae23d994ee0d,2024-09-11T17:33:14.787000 CVE-2024-39644,0,0,c5dc47fbf8d1981e87e457a3ee41781a683fa403d50a7465ba17272c13e17f0d,2024-09-11T17:31:27.760000 -CVE-2024-39645,0,1,d170ecd8e413b5eeda4dbeb25d9b709e95c517b112d5e6fc26c8b8ee1c85901c,2024-09-18T16:46:57.470000 +CVE-2024-39645,0,0,d170ecd8e413b5eeda4dbeb25d9b709e95c517b112d5e6fc26c8b8ee1c85901c,2024-09-18T16:46:57.470000 CVE-2024-39646,0,0,ebb1a6c9a40f2bab7c106d16a488a2c959fc892d9540eb6de01a5701473447cf,2024-09-11T17:31:00.847000 CVE-2024-39647,0,0,76302d6bbf2afe03f0e6f6bafa6326bb4eb55afa326a015b16287c96fa3fb250,2024-09-11T17:30:17.807000 CVE-2024-39648,0,0,ab9faea09f5f33bcf9880e5ab21b0ae5b90092067a818bd60c5199b0cda605b7,2024-08-02T12:59:43.990000 @@ -256828,7 +256833,7 @@ CVE-2024-39652,0,0,f0c2e1305e128fc4254bcfdadc56a769f26cdafb9e9828cd6a3d3d5cb0f0b CVE-2024-39653,0,0,0026393f263db329d590d78b1320546a7038443749754db62f750d848ebdd5ca,2024-09-13T21:03:21.327000 CVE-2024-39655,0,0,e8990ae109997ce183e7ec6503e4dae3b8dd97111e423903b7d9d645e6d064e4,2024-08-02T12:59:43.990000 CVE-2024-39656,0,0,41595071b9c98d363bce33f052284f93eb7b68d4fe24b85d68eae6cad1c3cf98,2024-08-02T12:59:43.990000 -CVE-2024-39657,0,1,c6d102523d8502c5965e9c05065be9a6968ad4f166e3ac731a39908b2a4154bb,2024-09-18T16:25:32.703000 +CVE-2024-39657,0,0,c6d102523d8502c5965e9c05065be9a6968ad4f166e3ac731a39908b2a4154bb,2024-09-18T16:25:32.703000 CVE-2024-39658,0,0,59024863d94402504392beec22150a3bf1bdca7d2eb9671b61535a10b50beb2c,2024-09-13T21:04:24.760000 CVE-2024-39659,0,0,a80d18e493149233fc317020eaf978d1056512cfa7b08cba1fd89af8c4735b0a,2024-08-02T12:59:43.990000 CVE-2024-3966,0,0,f4286335c18162e5dbc573cbc605017489ac12efad77a1ff38ff47be3739d726,2024-07-29T16:52:33.533000 @@ -257791,7 +257796,7 @@ CVE-2024-41465,0,0,f323d3ff7dfebe22b9a686e1b54d79f6e139e7ff43c0da4ee794ccc9ea305 CVE-2024-41466,0,0,cab2b0ce626d04e7a0d17b559b41b44cbb63464fd58881e5118e54554df587f2,2024-08-01T13:58:49.187000 CVE-2024-41468,0,0,723917e91ffa0b2faf983099b56bc2d3f0cf2685feaca850f60e0aa2cedc4e5d,2024-08-02T21:09:28.420000 CVE-2024-41473,0,0,425ac543ae035b27f256c6d74a172a9469ff894b2097490bb556616203f6fd87,2024-08-02T21:09:40.267000 -CVE-2024-41475,0,0,8d4e76d5f6b9c6b2651f3cfd5d0066dacec1028bf396f99ea2880314b899072f,2024-08-13T15:35:13.560000 +CVE-2024-41475,0,1,326aa9ae99f2d3cacd9cfb833a226b4aaaca3cd94ad3b4bd731d89a43dcc00c6,2024-09-18T18:51:25.513000 CVE-2024-41476,0,0,26099666983cee17e217b645c9716c9d3b86ecc7c84f6c043b975ac373edb2b1,2024-08-12T14:35:13.627000 CVE-2024-4148,0,0,71d4cc4cd9749254e9c2938609496cfae5673c1a094b971881b54b705d48028f,2024-06-03T14:46:24.250000 CVE-2024-41481,0,0,c147890df622632e17fb447f6a188c3cc30b5351b710684282e2b6d4b3a225db,2024-08-13T14:51:33.017000 @@ -257995,7 +258000,7 @@ CVE-2024-41864,0,0,59e830b96a597bc93dcda9cbef385e1fdf95773045c5f29bc0bb9381e7cb3 CVE-2024-41865,0,0,f8ad10055028d3dfea657c3bbd8eb5b04fbd0fb8a1dcfeb71cfad07c3751149a,2024-08-19T18:44:04.163000 CVE-2024-41866,0,0,b06a8427315afa6008377ed5627aeeeb7bf41e3428063742d7f1fa0c27e9a784,2024-08-19T18:44:22.577000 CVE-2024-41867,0,0,0b44a5cfeee3dcc50283505e9313394317205be34bd484508e6768cab06aa764,2024-09-16T13:15:10.550000 -CVE-2024-41868,0,0,9ed35570b699495dabec3e139e5a3960675f66b313ebafc76293b6d08d7965ae,2024-09-11T16:26:11.920000 +CVE-2024-41868,0,1,474264e4381c67d192296dcca9e302a0bd9824b3109f4a89fdd2c65ae7fab6b0,2024-09-18T19:13:45.177000 CVE-2024-41869,0,0,2f407549a1d394a9da8aa6ea98d54c4d268ef6c6e721f436fdcf391b141a4e5a,2024-09-13T14:06:04.777000 CVE-2024-4187,0,0,59e73639acf686e0c0fe315911f8a7728baeee66452eb3299dce70437688c22e,2024-08-15T14:45:27.797000 CVE-2024-41870,0,0,9b01b7c9f042396dbf79af8b93d8f9ed4d9baaa67ad3cdd01d33224e4d103bd0,2024-09-16T10:32:09.480000 @@ -258035,7 +258040,7 @@ CVE-2024-41924,0,0,06cc2d8c551d8fd39f4e2ff31447bb4070ddde2d992cf8f0c8cb1b0035280 CVE-2024-41926,0,0,d7564816d433232552fda23a5f10a79963d6c502f628c4841f8484c17aa4f54f,2024-09-04T16:55:35.570000 CVE-2024-41927,0,0,f4ba4a6c9a9886f976121a9d30837f6ba4dc4ccf9fc0f7a56ac6b8acaf04eb66,2024-09-04T13:05:36.067000 CVE-2024-41928,0,0,fac45a5eba953351f64e8420aefaa828221c1e8b109e75da05d07c8ee7a8c443,2024-09-06T17:35:13.400000 -CVE-2024-41929,0,1,f66edb594830fee28d517259603e349f287170e8380c3a0dd626c454c5a95631,2024-09-18T16:35:07.527000 +CVE-2024-41929,0,0,f66edb594830fee28d517259603e349f287170e8380c3a0dd626c454c5a95631,2024-09-18T16:35:07.527000 CVE-2024-4193,0,0,4d4f4fcde78b01b33e30a077c434c1714d01a9ac9cd58d916bc86b963b6ddbd7,2024-05-14T16:11:39.510000 CVE-2024-41936,0,0,d330b2a32a604797fc4eb94f395ba3140911090caf0d19e4d7603d421735298b,2024-08-20T16:26:54.663000 CVE-2024-41937,0,0,17d01be9af92612ee6b4d89126a811836507d3fbf35417e172928be42551212a,2024-08-23T16:21:21.893000 @@ -258416,7 +258421,7 @@ CVE-2024-42398,0,0,ecec97745a6273f6b5e5720bfa1d0ff4b8e46532c92273931272e35e326b7 CVE-2024-42399,0,0,b2d8d291d138c04491424e6796bb04940f5bfb5f03fc0a00b681faa84689b158,2024-08-23T15:06:13.350000 CVE-2024-4240,0,0,c278b752586c1bf53091999087140c7ddb924945ab9e2c19f82d090171b2b4e6,2024-06-04T19:20:33.263000 CVE-2024-42400,0,0,bada445f5210525c2b124a846736c128f6bdefeabff1b80f8c8c07a166ac65a5,2024-08-23T15:06:00 -CVE-2024-42404,0,1,c3d405c66f64f609aeb5baff872af9267b9c990f0513561cef9ea13fa0b12c83,2024-09-18T16:35:08.267000 +CVE-2024-42404,0,0,c3d405c66f64f609aeb5baff872af9267b9c990f0513561cef9ea13fa0b12c83,2024-09-18T16:35:08.267000 CVE-2024-42408,0,0,4d58de4373d6b44540fc0d8799a258082f4b72e8c10ed3de4134395815aaf808,2024-08-29T14:22:45.603000 CVE-2024-4241,0,0,1e8cfaace7e8ae3194846b1351a77e14aef6cd3a07b429e780198fa55ccad7c3,2024-05-17T02:40:19.957000 CVE-2024-42411,0,0,3fcf900cd705b45045cb94d8edb3d48eeb6b58809490fd9c74760d8ca62aa9ff,2024-08-23T16:04:26.227000 @@ -258470,7 +258475,7 @@ CVE-2024-42481,0,0,bb2cf56d81f4b3957e811309b0e25f7e840ea63b246cb112cebdacd160d69 CVE-2024-42482,0,0,6933258a52375c3b137d3fe2b107a7c4fce4701cdc571bf3cf8a57baf64f7b39,2024-09-17T12:20:58.323000 CVE-2024-42483,0,0,fe60875b356ed47b4c6969177858f27fe2229b0e022b2d6df7b2edc99c608212,2024-09-12T18:14:03.913000 CVE-2024-42484,0,0,a1d071a36aea45bef6715a21ed0f1766066470b11470c144bede3c9c755cd118,2024-09-12T18:14:03.913000 -CVE-2024-42485,0,0,951600bc28e879c36e395aabae110020022cff5402a0050bcd9662833410b49b,2024-09-16T19:40:46.550000 +CVE-2024-42485,0,1,9c52a237d351fcf0752a53847291432cd122014665f3d16b6c4975bcf35af6a7,2024-09-18T18:31:40.427000 CVE-2024-42486,0,0,a989fdd89a78984e53108438ae1d4599e890f4b44bbe2719c613b74d6b8f2b23,2024-08-19T13:00:23.117000 CVE-2024-42487,0,0,2efeb3a744823d93cb77dca921c5d1e1876bd604d6d9b9e3d12e2ec5d005b3d2,2024-08-19T13:00:23.117000 CVE-2024-42488,0,0,d4b28d6f7587a9892f3e1f2f60f322ad605b2174a3099ed0ae0224cdeca7655d,2024-08-19T13:00:23.117000 @@ -258652,10 +258657,10 @@ CVE-2024-42790,0,0,62118f0a801ee0dae7272364dcdda1568011ac510014c09979b48bfde8c76 CVE-2024-42791,0,0,873fa7cb6896c8581c416ecabe3256bd4629f0e8a1bc57f85a270c46751d9e00,2024-08-26T19:35:30.910000 CVE-2024-42792,0,0,3d5171455e36c62db86c3f1d03eab38bfdac82c0ed4f595e590432a1180621b9,2024-09-05T18:35:24.220000 CVE-2024-42793,0,0,c34b0c01a33da3f3b96951729540996987faac6763a3b4211067000d740419d1,2024-08-30T15:56:51.510000 -CVE-2024-42794,0,0,4471ffaa94a53e2c1d0bf1c485dce30ffce070e4aeb3674c8eb03f6213838ad4,2024-09-16T20:15:46.770000 -CVE-2024-42795,0,1,1d997e9d14176ef254b42c361912cf5551190a9f849a5555e9c4177c4c0cc790,2024-09-18T16:35:09.097000 -CVE-2024-42796,0,1,16f5cd05439d1b237921448aa907dc570179b25700b07d315993f5965c2c174a,2024-09-18T16:35:09.880000 -CVE-2024-42798,0,1,768baaf558340f9c8a5ae318b32d8a63bdf51ca24716c46c177a94e6fed69da4,2024-09-18T16:35:10.637000 +CVE-2024-42794,0,1,1df1638ff4dabbfe989ee926f8729ef1517b50da93188e5a13b8b93f31eb97b2,2024-09-18T19:35:12.550000 +CVE-2024-42795,0,0,1d997e9d14176ef254b42c361912cf5551190a9f849a5555e9c4177c4c0cc790,2024-09-18T16:35:09.097000 +CVE-2024-42796,0,0,16f5cd05439d1b237921448aa907dc570179b25700b07d315993f5965c2c174a,2024-09-18T16:35:09.880000 +CVE-2024-42798,0,0,768baaf558340f9c8a5ae318b32d8a63bdf51ca24716c46c177a94e6fed69da4,2024-09-18T16:35:10.637000 CVE-2024-4280,0,0,f46c38f13eff52b4d020fb374e18f92e6528a4bade2042627b2165ccf7b62772,2024-05-14T16:11:39.510000 CVE-2024-4281,0,0,cb48c26c252b1c83fb4810210335ce05e1fcbd94e5804419418b4f73b9d5c028,2024-05-08T13:15:00.690000 CVE-2024-42812,0,0,d754a1b3fa22845b1ec28a5e3b423343f3a09420e9ed62b3cb19e2fa117c33b2,2024-08-20T15:44:20.567000 @@ -258769,8 +258774,8 @@ CVE-2024-43111,0,0,45754d9244b10ae48023a8465600f12d5ca692d4146e1c9ba1d4a0e6fcd07 CVE-2024-43112,0,0,72269ebdb7b810fe860916d34468320e2e91d1a609ed10c8290e69cc95ee1d45,2024-08-29T16:51:55.937000 CVE-2024-43113,0,0,7e6f0ba01b475bb6cfca73e8eda2423288e38b8146984d081803bef7596c3140,2024-08-29T16:51:33.367000 CVE-2024-43114,0,0,00a7e03d6d46ea413486af76a04e2163909eb9aea862c173dd501cac60ab9e3d,2024-09-11T19:11:11.257000 -CVE-2024-43116,0,1,cc0346e2fffb3d2e9e7819fd9105c9b799a7ef170e103991490ffc5ef5ca8367,2024-09-18T16:22:14.880000 -CVE-2024-43117,0,1,745d28d8f65b32535ad91ee9bfd0009d1fb808a4a68c830aa6c4c6c97d69d777,2024-09-18T16:15:04.373000 +CVE-2024-43116,0,0,cc0346e2fffb3d2e9e7819fd9105c9b799a7ef170e103991490ffc5ef5ca8367,2024-09-18T16:22:14.880000 +CVE-2024-43117,0,0,745d28d8f65b32535ad91ee9bfd0009d1fb808a4a68c830aa6c4c6c97d69d777,2024-09-18T16:15:04.373000 CVE-2024-4312,0,0,82451935a132459ec3a52babe511fed0dc0447cacf13fc78eab91e8a5c0d303b,2024-05-14T16:11:39.510000 CVE-2024-43121,0,0,884448e43dc9ae9d5a0252fdc685aaca71ba0c463694388bbaecb1cd420cb155,2024-08-13T12:58:25.437000 CVE-2024-43123,0,0,c02677ef8b7b9e2229cb24b37119fdc9650c80bd850d720e8d21ae9a3d07a645,2024-08-13T12:58:25.437000 @@ -258836,7 +258841,7 @@ CVE-2024-43225,0,0,785bc4278a6946ee9d6c10021191a3cce1fc98e617438c82e5e4e3f2e0cd0 CVE-2024-43226,0,0,a338b4ee27e9fc08682f17c2b31584264a82f90f5a7fca9fd60ce6764ef33c2e,2024-08-13T12:58:25.437000 CVE-2024-43227,0,0,ad1f6a93845342802a80b9924c653d05f8aded241d8c4fe476abc24eaae6fcd1,2024-08-13T12:58:25.437000 CVE-2024-4323,0,0,8795dbc0ef00377d638f97794032c86e045103be19a16a47714b9d0a60088551,2024-05-20T13:00:04.957000 -CVE-2024-43230,0,1,6e32073c9e6e9999512638555ce6fd7c64bd9478a9ea47e2925b530a1a97b393,2024-09-18T16:10:30.317000 +CVE-2024-43230,0,0,6e32073c9e6e9999512638555ce6fd7c64bd9478a9ea47e2925b530a1a97b393,2024-09-18T16:10:30.317000 CVE-2024-43231,0,0,576ae207e6ba8489a6ff51c30718ab9a1cd372eb2df3fcba4d400349b580379a,2024-08-13T12:58:25.437000 CVE-2024-43232,0,0,c4f0a290d3d0b6195154848d04103c9516440693673d84bd0355907b0f850350,2024-08-19T18:36:07.297000 CVE-2024-43233,0,0,1b4af7770e832b42b8de9434c8175a113ca03ccd398ae87b3d3135806048f23d,2024-08-13T12:58:25.437000 @@ -258918,7 +258923,7 @@ CVE-2024-43322,0,0,e2ca647ab771c590c5e49dd4792b17cb2a82d2c1efaab05806782389dbebd CVE-2024-43324,0,0,3fca11ef3a0d0aca94e1720b1500c02c9dcd66fee91e5ec95a4010a171418c83,2024-09-17T20:04:28.360000 CVE-2024-43325,0,0,c7e71f31efef4adfd7b652340fa8f95169ea702400525766f98d28f2dbed3aec,2024-09-12T21:28:20.137000 CVE-2024-43326,0,0,4b4201c18581215a5b56fb12e75b3d09f6bbdb92546d9bf78577651d9ba94f8c,2024-08-20T15:44:20.567000 -CVE-2024-43327,0,1,8c996e6da0b19402c98e43e1219ae705f2e7b89a77f2de30ee9e74c1e4aa4a90,2024-09-18T17:07:45.553000 +CVE-2024-43327,0,0,8c996e6da0b19402c98e43e1219ae705f2e7b89a77f2de30ee9e74c1e4aa4a90,2024-09-18T17:07:45.553000 CVE-2024-43328,0,0,45b76704130d3d162b10a10d0e1610ea82761ed70e22ff8c701dd47566965f65,2024-08-20T15:44:20.567000 CVE-2024-43329,0,0,2d889991c7054adfc3510a6f2a36341cd1187c790fca1d7653a4d88b7b6182fe,2024-09-17T19:59:39.933000 CVE-2024-4333,0,0,640575820e0b30891814a5a9385bc808a4cb1fa6f8846116192c877d2f9953e9,2024-05-14T19:17:55.627000 @@ -259254,7 +259259,7 @@ CVE-2024-43963,0,0,8cafba6a4e67df3e09626ea7dfefbf7e4a0c7f737e6ec03304fa7b4223f26 CVE-2024-43964,0,0,a296e79bf666a02822318fa0afa97e1b25cabc20d3cd08936c2b6152e8d8f9a3,2024-09-03T18:30:23.437000 CVE-2024-43965,0,0,878d660798d5f5ce29d081268f89e41be6b018fcbed5e4625677b64fd6bbb9af,2024-09-04T16:02:57.427000 CVE-2024-43966,0,0,2901acb1eb63b7a55cb46d133ca8742f966f34bb1db4feb1259a3cd63030f204,2024-09-13T16:01:42.997000 -CVE-2024-43967,0,1,efb5ab215f4087a53f8dcd252d52ef141005b5764a5e2b6c3ee9faa1675f0e1c,2024-09-18T17:00:57.497000 +CVE-2024-43967,0,0,efb5ab215f4087a53f8dcd252d52ef141005b5764a5e2b6c3ee9faa1675f0e1c,2024-09-18T17:00:57.497000 CVE-2024-43969,0,0,e26f311e05eb6990dcc6348fd6e980e4dcceb0042db2094a3923d85c868f6220,2024-09-17T23:15:18.253000 CVE-2024-4397,0,0,e58140e99ddfaf8bde684cb5f7b842244f11804dcdfb8070d80437acbcb292f3,2024-05-14T16:11:39.510000 CVE-2024-43970,0,0,c88394c37ec2dcfe0730bc24e755f0a41287abbc542ba8a5971f52b1fece2bd4,2024-09-18T00:15:06.683000 @@ -259322,11 +259327,11 @@ CVE-2024-44094,0,0,745c42fe2d315a5bcee63bacf45ed85a137f90126e69b7519e917691efb99 CVE-2024-44095,0,0,e0006363027abcd9487b2555f5c10f6b2763af7e9102189a399193814a56d2b1,2024-09-18T13:34:31.617000 CVE-2024-44096,0,0,d8c4df36682fa8ff2c29981f1e88279da6a08cd48c4fd6b3719d80ee95e04fe2,2024-09-18T13:33:37.863000 CVE-2024-4410,0,0,ca43b98286a78ab63b5139b50b93fc074ee9aec4c16e78097aa3514c43622322,2024-07-29T14:12:08.783000 -CVE-2024-44103,0,1,709653e0e681c50169d2a31a1ca4fa07ba0b9e103bee0789c715365497e0794a,2024-09-18T17:18:39.040000 -CVE-2024-44104,0,1,929a3e88a508b197778cb9d698752e7d95d2a1fd6ba54e089d4187ada17accb8,2024-09-18T17:33:06.413000 -CVE-2024-44105,0,1,6ace8c54c3fc6c9b1684fd8d42f178f1cce19bf6d08f58b02fdc3857633db641,2024-09-18T17:48:11.193000 -CVE-2024-44106,0,1,e983d995182598f38184dac72eed7851e8d11230fc7bd4aeffd6778b0b4524e5,2024-09-18T17:50:40.660000 -CVE-2024-44107,0,1,6f5162177bce60f39767687033803f63e81f183af4eb4e7c061e6f2de6ca1db7,2024-09-18T17:52:50.990000 +CVE-2024-44103,0,0,709653e0e681c50169d2a31a1ca4fa07ba0b9e103bee0789c715365497e0794a,2024-09-18T17:18:39.040000 +CVE-2024-44104,0,0,929a3e88a508b197778cb9d698752e7d95d2a1fd6ba54e089d4187ada17accb8,2024-09-18T17:33:06.413000 +CVE-2024-44105,0,0,6ace8c54c3fc6c9b1684fd8d42f178f1cce19bf6d08f58b02fdc3857633db641,2024-09-18T17:48:11.193000 +CVE-2024-44106,0,0,e983d995182598f38184dac72eed7851e8d11230fc7bd4aeffd6778b0b4524e5,2024-09-18T17:50:40.660000 +CVE-2024-44107,0,0,6f5162177bce60f39767687033803f63e81f183af4eb4e7c061e6f2de6ca1db7,2024-09-18T17:52:50.990000 CVE-2024-4411,0,0,9d1b27ccac7555d95c6be5f4488ca4d9772a0570efc26fe6a3f3d131fd0aea06,2024-05-14T16:11:39.510000 CVE-2024-44112,0,0,0b8bf5761fae1061c83dd7332f5b3027481f791877934ad1d55322c5110d025b,2024-09-16T14:19:24.917000 CVE-2024-44113,0,0,74d2cd3604829033f201ba9d0769b1dcbd2b028e1d8a51bacee7bb51b45ebac7,2024-09-10T12:09:50.377000 @@ -259338,7 +259343,7 @@ CVE-2024-44120,0,0,e512bb8c5b42763893890ed03b7785da148b231d68bd53abc475cbbb6b528 CVE-2024-44121,0,0,bad946f7ab72ac1b9d199f1a920dd1390631dbfc9489b17da06c05da204a16aa,2024-09-10T12:09:50.377000 CVE-2024-44124,0,0,582bf1991eaeb84a403f740f2048a2dc33fe01e4444fcaf40e4ae1bca0174b14,2024-09-17T00:15:49.890000 CVE-2024-44125,0,0,0782f07f14d07ce33765c50e5505da563e36b58c0af4d323c377c793bc2fc014,2024-09-17T00:15:49.940000 -CVE-2024-44127,0,0,5037f5e7e5f18f3bb98af6eee8c02a55a4ce3a7b2b3158357a3428681dfdf337,2024-09-17T00:15:49.990000 +CVE-2024-44127,0,1,9b4adb64cc0b1c4c0ca02afb9b62601aa20276049e081be1443efbf14fff669b,2024-09-18T18:35:10.113000 CVE-2024-44128,0,0,dc55bdb4f3e37660f0bb1e03ff07a6a7e719bd0fb28a4018c639865348a12921,2024-09-17T00:15:50.040000 CVE-2024-44129,0,0,80d6bfe9f589639c6b37cf4bc9d9a0337225f91fda36e2734cbcf804c1050466,2024-09-17T00:15:50.090000 CVE-2024-4413,0,0,63e6df043fde5eb9cf937a1f1c34414009dec10f116b4c7a5421dbd8a403038d,2024-05-14T16:11:39.510000 @@ -259389,7 +259394,7 @@ CVE-2024-44190,0,0,5fc50793f6fbb8377939f391b9fb761b7a197e54c1d6ea3812cdb8d636f53 CVE-2024-44191,0,0,53b7014de415d3b1773ef562597aff276a8beb3fc9f0c13fc42b9da618a8732e,2024-09-17T00:15:52.263000 CVE-2024-44198,0,0,3d9588a2bc6599f5b42b8a9556a1b68361f6fc7641e3a38064d06288ef91abd3,2024-09-17T00:15:52.320000 CVE-2024-4420,0,0,02a774e6911ba5e1ba33187a3301eb3f9ee3d8fd212c89cee791dd002410f381,2024-05-21T12:37:59.687000 -CVE-2024-44202,0,0,7eb114020936d29c36a0ed9a58f2c3cf479b9e3bb18acf7257bc57a95e608b71,2024-09-17T00:15:52.383000 +CVE-2024-44202,0,1,d0875e0bc9390a2dbcec6063a5494436d3d1a19861104c8559a233908b0870ac,2024-09-18T18:35:11.417000 CVE-2024-4422,0,0,19c238465441950f6a856008185dbc8a7b4e94407f1040ce4816040c86860490,2024-05-30T13:15:41.297000 CVE-2024-4423,0,0,0715bc9caf3e0b170ca2968c721bdd1e236908d8891315bb75fdf772bdc9c875,2024-07-03T02:07:32.943000 CVE-2024-4424,0,0,f0ec85c26b242f03f1dda01796c703344a9d3cb93681b5b37fa83e955b9558c1,2024-05-14T16:11:39.510000 @@ -259435,9 +259440,9 @@ CVE-2024-44430,0,0,8dbed207b30dda337ab5a47dac910dd3a5a0d86355eb69a9a4785128c1256 CVE-2024-4444,0,0,b8ab3a280e1fea7a38298a9a71737680ed9a07734ba58de04ed034a8b48f0be8,2024-05-14T16:11:39.510000 CVE-2024-44445,0,0,08a4fdca954368472940c8c2524ceb7cd04674f0407b4762b892d4168753ab1b,2024-09-16T20:15:47.020000 CVE-2024-4445,0,0,bc137eb49d08335d8d2b32a3f413016c50b301d09f6a742095c80df385aba82a,2024-05-14T19:17:55.627000 -CVE-2024-44459,0,0,646e015846a31dd77dd1ad9e5c770b3f779de913d0dc0cf137943e30d1b641ad,2024-09-12T21:34:55.633000 +CVE-2024-44459,0,1,670effdef227992b8cdc08c87f459a8275f3c158e3a1277b6a93f5606e8e0581,2024-09-18T18:53:58.983000 CVE-2024-4446,0,0,1f8054153546c06c7cecced2dcd2c53333dc96b1e8806f72a87d7ba3a2b74b3c,2024-05-14T16:11:39.510000 -CVE-2024-44460,0,0,fbd5a939dde38e74c669c90cc614733aaf595ff24738eb187f06efd8ee1cd029,2024-09-12T21:34:55.633000 +CVE-2024-44460,0,1,5cc3484d00846c45842503c633c92191695db0385d1d8af82be7c8f801c87eae,2024-09-18T18:53:01.570000 CVE-2024-44466,0,0,f5ed0b6ccc017232d0fea898288c97015df1d6c389df0fc3546cdd60356c13ad,2024-09-13T16:32:15.977000 CVE-2024-4447,0,0,6d3e3c1756d4e08bcee828a8b84f5006760edf12deb78fbda02ebad4895c5e50,2024-07-26T14:15:03.287000 CVE-2024-4448,0,0,ff015519e7eac6c0276d907449baafc4f7a351376bd8c68f68eb22730cad6ec7,2024-05-14T16:11:39.510000 @@ -259448,7 +259453,7 @@ CVE-2024-4452,0,0,8393f4e948f53b2fbde25aaf7f55c55c1f0989c48fbd4a40cb4c1f768b7a8d CVE-2024-4453,0,0,bc1bfc8908fbb505485206b11e5cc2278d2416192493c6c78b1ac2e39a46d4c3,2024-06-10T17:16:33.460000 CVE-2024-4454,0,0,ef12942a51bdcd592bf2170096c1c09a451df07ea3cdb4fb15fcced864f88fa2,2024-05-24T01:15:30.977000 CVE-2024-44541,0,0,3a1e561d6510cb46fc3025d4e567327c4a8fc313204436661e66190b9e443f5d,2024-09-12T12:35:54.013000 -CVE-2024-44542,0,0,f93229d37283118781232129d8f9c882e16cd0c21ad787838ba28665ebb68239,2024-09-18T15:15:16.137000 +CVE-2024-44542,0,1,a553c2b7fd622cdc93ad84053aa6dd98f9e9bab6bcb72936b19f14b1355cf096,2024-09-18T19:35:13.340000 CVE-2024-44549,0,0,95d002d4c0f2cba16cd184ab62e810c42d47abc2b51570dfaaedb60ad257bca3,2024-08-27T14:28:55.157000 CVE-2024-4455,0,0,266cd4e6dd8917294ad9c9f8fba8b2f0acb52688c86d3ca408cceaa482353b44,2024-05-24T13:03:05.093000 CVE-2024-44550,0,0,9f267ccbfa739b7dd965bc2964320acade2cb81782d1bf956b8f3a920e81fa22,2024-08-27T14:29:02.370000 @@ -259493,7 +259498,7 @@ CVE-2024-4470,0,0,3c0fcce343f2a1d09f74dfb9be1570b18bd3555368134445c358e736dab037 CVE-2024-4471,0,0,44899070168831f8c9dbf9959b26f4abead5dc804569bf5f22dbe3807408cb0d,2024-05-24T01:15:30.977000 CVE-2024-44716,0,0,063e41b42ec84a26fe3901d267f8097e94d2443a9dc25f00cc37c917e4db50e7,2024-09-03T18:32:45.427000 CVE-2024-44717,0,0,4633d8ec58d1349f11ca257535d78e1a19dae6e8b84c1661ccc3922a9791eefb,2024-09-03T18:32:54.357000 -CVE-2024-4472,0,0,a5fe819d1101c25613fa035472baa67d16dfc0f36e66b75e0c2fcfd41a7ef7a6,2024-09-12T21:34:55.633000 +CVE-2024-4472,0,1,6cbabb06deec22e45817e31231db7dceeae03b03c30644b1dc19b42bb497afd7,2024-09-18T19:16:35.900000 CVE-2024-44720,0,0,e894e5332c5c78bad58a1288bc3b6ee8ae8fc965f5b0fa6f951cea543a693125,2024-09-09T18:30:12.050000 CVE-2024-44721,0,0,a910c1ba0daaf6f3e4018010fd60cfb380ed0b7e216262e5aef7924cb54f9296,2024-09-09T18:35:10.070000 CVE-2024-44724,0,0,8275388c9a55c7b39cc91e96ee195961c5f04dd9487a0f8921294249f06340df,2024-09-10T12:09:50.377000 @@ -259681,7 +259686,7 @@ CVE-2024-45038,0,0,9bc86932f350806c3a4bfe09c65e8bf9ee10a426832d16050cb88cd3f58d1 CVE-2024-45039,0,0,de4a003efa5d5cc4fff1702d34e9342efe96cd22e4f37086455d2a3139d95387,2024-09-06T16:46:26.830000 CVE-2024-4504,0,0,db7504bed7bbf326ed6569d421c20101dbf56fa9ab20eccbe7468f7c026f345b,2024-06-04T19:20:39.947000 CVE-2024-45040,0,0,a463c1b68aa3e0a6cac5952f8376f49671ce87f0c4707125eaab268596a57de6,2024-09-06T16:46:26.830000 -CVE-2024-45041,0,1,1e2da4c1302b38fb57fb38280037032da391876c3275a0d8eb8672700cab0b97,2024-09-18T17:31:53.903000 +CVE-2024-45041,0,0,1e2da4c1302b38fb57fb38280037032da391876c3275a0d8eb8672700cab0b97,2024-09-18T17:31:53.903000 CVE-2024-45043,0,0,813b7117a1d59d56cbce89ce53b65dfc1ca707523a63233a1be8257ae8cc6c73,2024-08-29T13:25:27.537000 CVE-2024-45044,0,0,2ed42d19dae2f6825c5977ea48282a4184680e7c5fcc5191852ec831d989e86c,2024-09-10T15:50:47.237000 CVE-2024-45045,0,0,c746f1c0e6db0596dc093f08d310bbebe72a6c977f5bda8337efa37c3e8dcc04,2024-09-03T15:13:16.580000 @@ -259799,7 +259804,7 @@ CVE-2024-4529,0,0,5fbb4c14219ef7d51954458b7780a68dbee769876e9489db6e9ba34bd68834 CVE-2024-45294,0,0,571ccadaa63af3685b6ee82cf020ce004878004e5a04088787ea6924189ffc78,2024-09-06T17:15:16.977000 CVE-2024-45295,0,0,9cbcd7c9c4357757a60245b46b7ad7987cdeaebea00bcdcc3890fa90524c0282,2024-09-06T17:15:17.053000 CVE-2024-45296,0,0,49181c4036a3982c1d4d8e879ccd14076733bcb79f94fe42ac7b08410afb4b40,2024-09-10T12:09:50.377000 -CVE-2024-45298,1,1,6778b5969d1a96041077fbe293ccb84a0a03abbad60216232d94385551983c96,2024-09-18T17:15:18.570000 +CVE-2024-45298,0,0,6778b5969d1a96041077fbe293ccb84a0a03abbad60216232d94385551983c96,2024-09-18T17:15:18.570000 CVE-2024-45299,0,0,1dc20bab2e5804f3b833440e86d8fa4e2d640a2a31779b302ea51c7be7ad4d71,2024-09-06T16:46:26.830000 CVE-2024-4530,0,0,6b78f15ba2a60e96a20ff176cd49d228ee37f0e30a4b3e696092a717f8a23e27,2024-05-28T12:39:28.377000 CVE-2024-45300,0,0,371ea055cbd370f2315f57d501b2d8bde7fe9993dc271953659e5b000db99936,2024-09-06T16:46:26.830000 @@ -259852,10 +259857,10 @@ CVE-2024-45409,0,0,e8a57f681223d5d4d86ed3700b6bbf47ebb91cc7ae4b5cd7db2b29b0bb144 CVE-2024-4541,0,0,3195b1a81526d9da93cf28b1e1f763238ece2897561011f493b9a3c77f12398c,2024-06-20T12:44:01.637000 CVE-2024-45411,0,0,73f9cc9a45fb9019dfacefd1c32caeadc6f839e3ee71584e1458f0e26c536208,2024-09-10T12:09:50.377000 CVE-2024-45412,0,0,68bd5e75f1c3c7017abcc752fdd96b826ed1ef4251ed03428fdbd5051759e5da,2024-09-10T17:43:14.410000 -CVE-2024-45413,0,1,3cc285414744f60efccd03699e55ff34dac4157bc03bfc377bc6534ddca8a4f3,2024-09-18T16:35:11.470000 -CVE-2024-45414,0,1,ea9e5d910110decb98e2bd5c89cc9f29dc679ec390f973c1296ad46e2bbe0d8f,2024-09-18T16:35:12.227000 -CVE-2024-45415,0,1,a6fabe6bf38a72092e23cb8ceb357418f175cf0c07979f8a62bb321584367184,2024-09-18T16:35:12.983000 -CVE-2024-45416,0,1,714211c19307b08eb58a343ae24c2a0b4c29773c82270b525ccb56dae3192098,2024-09-18T16:35:13.743000 +CVE-2024-45413,0,0,3cc285414744f60efccd03699e55ff34dac4157bc03bfc377bc6534ddca8a4f3,2024-09-18T16:35:11.470000 +CVE-2024-45414,0,0,ea9e5d910110decb98e2bd5c89cc9f29dc679ec390f973c1296ad46e2bbe0d8f,2024-09-18T16:35:12.227000 +CVE-2024-45415,0,0,a6fabe6bf38a72092e23cb8ceb357418f175cf0c07979f8a62bb321584367184,2024-09-18T16:35:12.983000 +CVE-2024-45416,0,0,714211c19307b08eb58a343ae24c2a0b4c29773c82270b525ccb56dae3192098,2024-09-18T16:35:13.743000 CVE-2024-4542,0,0,188546ca483f93e7131261a5bd57b93b03491de5e62247759ac8c05b93c8f51b,2024-05-16T14:15:08.980000 CVE-2024-45429,0,0,cb79d4cb1119eef526a53ffe42933f2c5d8ecfb1b3eb67e65dd167ddf505fc2d,2024-09-13T20:48:05.387000 CVE-2024-4543,0,0,cda17786b919b03cc3eee3c735d905916723b9b88a929a8c3a419843d78bdd6c,2024-07-03T18:23:54.237000 @@ -259901,6 +259906,7 @@ CVE-2024-45509,0,0,2da4a07b41eb99a3059398ff74aeb7ba3be7995744fd94f415c5c3e9d41f0 CVE-2024-4551,0,0,5eadeaa2a7f21f0b3297f45277617c137a52e984170b931f9145e745d378c040,2024-06-17T12:42:04.623000 CVE-2024-4552,0,0,a910e848f992d4848b5a9057809234cfe8833a167abb01396097dc34db4ca3d3,2024-06-04T16:57:41.053000 CVE-2024-45522,0,0,cfbe5f5b4866198ecf4773ddc4ec07a576ac517554c3c987f558bc88648f0e9a,2024-09-05T14:29:32.737000 +CVE-2024-45523,1,1,d2d3bae02a02902a3375d895e0fe04a284e76cde0872dfa56d2568a06724d559,2024-09-18T18:15:06.420000 CVE-2024-45527,0,0,0ed4b7876171a991bf7220f1ee96f2007c9fed522b397370892e632e0f15c024,2024-09-03T15:35:13.673000 CVE-2024-45528,0,0,b726a60695697377572ea54be1902b1c537e8da89a7623e441b7aa9130d0fc17,2024-09-03T15:35:14.480000 CVE-2024-4553,0,0,a1e8f5bd1acd4a97b93bbbe85c146f94099965137fad1ebd49acd106c4b8e00a,2024-05-21T12:37:59.687000 @@ -259923,6 +259929,7 @@ CVE-2024-45595,0,0,ede23268a540135a5b850bb94c6f703a5aa5e0c31883aaf264822fc090a91 CVE-2024-45596,0,0,6e565b4a7c9ad9fc7c8e22389ae667ed11775275e4e8d0d4bae0af105f45843b,2024-09-11T16:26:11.920000 CVE-2024-45597,0,0,0fad881157bfd299e8512a05afe15ba28f7513c6a1c09923d6036dedef269a28,2024-09-11T16:26:11.920000 CVE-2024-4560,0,0,3d2b06b4cd5ab2760bd3f364e15c96b4f7456a14baec47a1cd857fe992686648,2024-05-14T16:11:39.510000 +CVE-2024-45601,1,1,68a61c7fb218a1533d3e7ba7c27d30ed89f1e5c575368ebb4614ebef9094a8ef,2024-09-18T18:15:06.473000 CVE-2024-45604,0,0,df9309ebee69f4ec700bb7840ba1cc6f02080f3fc26293d013bd69264df2338d,2024-09-17T20:15:04.893000 CVE-2024-45605,0,0,e087e48cc4df76249173d7a618d4b2cb5065b1483d2a45b39541842585093271,2024-09-17T20:15:05.120000 CVE-2024-45606,0,0,8b315609968854b688a141eba7c889d1bac462088775a65d9695e6d2d8c00cf9,2024-09-17T20:15:05.393000 @@ -259947,7 +259954,7 @@ CVE-2024-4565,0,0,15260fda70e8733111d52b1dae1a14ee33f22d1739a2e8de851c031d5bec2f CVE-2024-4566,0,0,c4354a4e62a03c97286174a61ad4d2f3843d01589ace1532dbd5a5f84743d16c,2024-05-21T12:37:59.687000 CVE-2024-4567,0,0,55b6508070b71672e22c57660afab28e7ebc1a40a37655965c41825cdc3bc17a,2024-05-14T16:11:39.510000 CVE-2024-45678,0,0,a1fda46a16546e5971e32d47cf6c55c6e5adf9e7e7bc6498d2c3cdc35ca99a2c,2024-09-12T20:07:09.640000 -CVE-2024-45679,0,1,24fe5e8b07957bef72ba6b8d0da3520fbc3692507139f06d451cd33c077c5a94,2024-09-18T16:35:14.530000 +CVE-2024-45679,0,0,24fe5e8b07957bef72ba6b8d0da3520fbc3692507139f06d451cd33c077c5a94,2024-09-18T16:35:14.530000 CVE-2024-4568,0,0,950b62937f2f303cb16f164d002be64527131317e5dfff26daecb96b6bec4236,2024-05-07T13:39:32.710000 CVE-2024-45682,0,0,0a3a96f00baaac84815943dcdccfa17287729c7fa491cf17cf5846701260505e,2024-09-17T18:15:04.893000 CVE-2024-4569,0,0,2e4b27b05be8561bd3f260b3ccf0eed0d11ea74483878f5df5227737faa1c038,2024-06-28T13:10:05.153000 @@ -259969,11 +259976,11 @@ CVE-2024-4577,0,0,b55cac970df35b2daf21f1bc20cfa9dd0965f08c49eae1007fc9a139f99809 CVE-2024-45771,0,0,754a0f27219aa2eb6179ec627ac31099e8e2882043a643cfa7921ddb03dbb66f,2024-09-09T15:35:11.567000 CVE-2024-4578,0,0,de2bf1ab8b65cf8119579f63d8e64a9383c9519828d1fae8ddac21d6dcb5605a,2024-06-27T19:25:12.067000 CVE-2024-45786,0,0,f6f4b14db34c840bf869306258f09f3ad6d72c029c61c0a729eb34fa7eab1282,2024-09-11T16:26:11.920000 -CVE-2024-45787,0,0,96156bedf6a644db083bb4193b7d43b1eb523dcfe783716833b4c9386ce55b06,2024-09-11T16:26:11.920000 -CVE-2024-45788,0,0,daa60ade5ad6724906b695b39b7d4272172d663ec92a618ac35885111e547c7b,2024-09-11T16:26:11.920000 -CVE-2024-45789,0,0,b2f5339b5496dd25163390b8a29b58e033c7d1af7551480b4227c42eccad9983,2024-09-11T16:26:11.920000 +CVE-2024-45787,0,1,46f8564066b3f70e712610c0aca9059d9bda6862d53c941af56b2ef72737a51d,2024-09-18T18:15:07.650000 +CVE-2024-45788,0,1,7ba304e58f1e132a77e708ed9119516e49dd167750ae6faec1e1736fde9ea7d4,2024-09-18T19:57:10.203000 +CVE-2024-45789,0,1,85b2a3e63aad506ab70a8ae8f934d73422c76c344971f05123a4397c0e8661da,2024-09-18T19:55:58.287000 CVE-2024-4579,0,0,b44e5adee861e75c9f2de9111724b513cf79b7a7dcd7134192d107fac1782253,2024-05-14T15:44:07.607000 -CVE-2024-45790,0,0,040e6e6bbab853b34e097efc16fe42692911306e0ad4b6a188d15199a5fc0245,2024-09-11T16:26:11.920000 +CVE-2024-45790,0,1,339d5c59c4b08184225ef02e77057a5607db1e407fbacc8325ce6de4811d4a59,2024-09-18T18:38:04.393000 CVE-2024-45798,0,0,94f407ae281a9d4823e1a5397fb4b399a0b2d14a0927b86ba424f621d9f9aea8,2024-09-17T19:15:28.457000 CVE-2024-45799,0,0,91b14fc0a289ed6c6b5949d54ca5f9a30d3a246868e50c15953ec10acdc5dd5b,2024-09-16T19:16:10.880000 CVE-2024-4580,0,0,975d7d3fa65fc4746aeff6882996f0991cc57002c73b964b5a97c9777b6d66f5,2024-05-16T13:03:05.353000 @@ -259984,7 +259991,7 @@ CVE-2024-45804,0,0,9c3150fd449f47d5e8da1aa073c6ed29687a211817f4370f22049a4ad2a93 CVE-2024-4581,0,0,87f8fe03f507957c50ab3e12c65c26f01a42761aed681f779ccb3bf731c25cc4,2024-06-04T16:57:41.053000 CVE-2024-45811,0,0,f0df0a439acb31f6186bb710f50e08de1db9507a40924c9c8e01331981994a78,2024-09-17T20:15:05.800000 CVE-2024-45812,0,0,5296a33ded9dac212f5f77eaf6bb8e39d45694864c0a4631f697e8131e868b30,2024-09-17T20:15:06.037000 -CVE-2024-45813,1,1,0eadbef1de308ef8515c0af27022620f76b7b1a7b20031c5ee8c246824fc0e60,2024-09-18T17:15:19.163000 +CVE-2024-45813,0,0,0eadbef1de308ef8515c0af27022620f76b7b1a7b20031c5ee8c246824fc0e60,2024-09-18T17:15:19.163000 CVE-2024-45815,0,0,6121c6708e592c490155dce1fe575882728b0a6c1af42d4541c312ae5b01ce7e,2024-09-17T21:15:12.320000 CVE-2024-45816,0,0,bd13ff224f761096d12293be0d33d1aab90974326ea62d89cf84a16485cf8833,2024-09-17T21:15:12.553000 CVE-2024-4582,0,0,44a298c10fdfe0ab8acf9c943d89720dd7bed9fa14549ad9833d5c0a75c14780,2024-06-04T19:20:42.750000 @@ -260040,7 +260047,7 @@ CVE-2024-4606,0,0,f985d30934b7c1f8930bf2267fb972a68a7301f3b4fab17a99fda7060e053c CVE-2024-4607,0,0,26d7fb8a60d9724fbac67d9d15e472fd268b8645ac384c2f62b0c7323928361f,2024-09-10T15:03:24.710000 CVE-2024-4608,0,0,6b948b515db267f779f431dbe386ca01ccd7f50a9fc569455bb84149dca96357,2024-07-24T17:59:54.607000 CVE-2024-46085,0,0,4bcdae61af1b4709b2602a60bed18e8d14f66a9e47eac90a75adf8f8594192f4,2024-09-17T18:35:01.317000 -CVE-2024-46086,1,1,4af7903ddb29d8d7dc2f9165fb1ab2e72953018208f733aa4da3b701e8170b77,2024-09-18T16:15:06.160000 +CVE-2024-46086,0,1,32b8ebb76222fe230d0ebcb52431524d64d881180813f7b4b0933e90ad3c1e8c,2024-09-18T18:35:13.440000 CVE-2024-4609,0,0,b6f3fd3db9085553e8d026a562774e21d6dc7bb2eb7a9a6cfeb43138546783c0,2024-05-17T18:36:31.297000 CVE-2024-4610,0,0,43047990281e26a04055de4ace6574603f0b08f61a7727d9acdec64f6d8d9784,2024-08-14T17:06:24.800000 CVE-2024-4611,0,0,51a3d5438728b832e97210e2f9860d8c98e7a9272bd8319e6cdccdf57653adc1,2024-05-29T13:02:09.280000 @@ -260292,16 +260299,22 @@ CVE-2024-46942,0,0,39b03564ad46dfa226521fed6197bd85a5899e9352724095b0a13d9a65f5e CVE-2024-46943,0,0,152386ee346108a0b10024e97836216e24787fcc13e07313dcb51a8afe0ec6cb,2024-09-17T15:35:11.950000 CVE-2024-4695,0,0,aa253f1bdce79ef626aa7622c4e367006f6b60359a6a2b0af989b23a6e81f980,2024-05-21T12:37:59.687000 CVE-2024-46958,0,0,55b6c34933d7f404734afe78f6fca5f500d88d2d153f0079c17dd51e529b774d,2024-09-16T15:30:28.733000 +CVE-2024-46959,1,1,47d5f83d561a982f4a4be7b405a83d2d9fa4ba828de30b6ae661fef4ddec5ff0,2024-09-18T18:15:06.730000 CVE-2024-4696,0,0,b8ce6d89da084f88972905e9878372f109e48889eae7d9f95b30ecbbc63816ed,2024-06-17T12:43:31.090000 CVE-2024-4697,0,0,3bc62a9bb9952d026af8ecd13a98f81fa60290945109a2f6023ef384956822fe,2024-06-04T16:57:41.053000 CVE-2024-46970,0,0,850e1f9bd88ec99bda9e7fcbc1327358ebf0bb50f2ce23e44dc920d53302143a,2024-09-16T15:30:28.733000 CVE-2024-46976,0,0,f3786e54e8d51b8dd39dbbbd9771974fd9112681cfc7638f96badfdf4c35d719,2024-09-17T21:15:12.763000 +CVE-2024-46978,1,1,36b285d1460b110c481154f782e68d9c8d1dbf797d63b33fab3e9a2d3ca20de7,2024-09-18T18:15:06.800000 +CVE-2024-46979,1,1,a3ce74339b7719674395a76d00801d8b382d6390868e9fcc0ca030e18df5986e,2024-09-18T18:15:07.020000 CVE-2024-4698,0,0,9dba1ffb097faf0537551ac7612916f547965c7b253baf1637388ba1ee83ae86,2024-05-20T13:00:34.807000 CVE-2024-46982,0,0,ea2fe597553d263f2cd1280d984988f3dd8bd84e5f24bd16a84753abcca26655,2024-09-17T22:15:02.273000 +CVE-2024-46986,1,1,ab926f7ee3625c1f0fa39ee7df55321654bf0797162efeee0b83d34e0f36f202,2024-09-18T18:15:07.223000 +CVE-2024-46987,1,1,0b3e61b78d6adc419a3f678f58860f4b2fd2c45d12714c222bbe2cf403782bf7,2024-09-18T18:15:07.440000 +CVE-2024-46989,1,1,48dd7108bf10593b6831181378ca5e465053fb270e6b778a9f5fc4b1e64c1ebe,2024-09-18T18:15:07.650000 CVE-2024-4699,0,0,094a3293d1ad6c00b8f42deb1643b829befd633ab0dcef49a183da331debaad7,2024-08-06T19:15:57.580000 -CVE-2024-46990,1,1,0086cd506cde60b64c95cfd59e3cef371a66ac89f344398a809e570bfb502034,2024-09-18T17:15:19.687000 +CVE-2024-46990,0,0,0086cd506cde60b64c95cfd59e3cef371a66ac89f344398a809e570bfb502034,2024-09-18T17:15:19.687000 CVE-2024-4700,0,0,fa1a582bbd6e4a675ead2d89728236d2ca7c92c15fe998cffa14cb24a4febb9d,2024-05-21T12:37:59.687000 -CVE-2024-47001,0,1,83229a19d20eee81e566ef79ab83e90e0827d76bd000b5c84838a15b7c996890,2024-09-18T16:35:16.540000 +CVE-2024-47001,0,0,83229a19d20eee81e566ef79ab83e90e0827d76bd000b5c84838a15b7c996890,2024-09-18T16:35:16.540000 CVE-2024-4701,0,0,5f841f0540b46f49c80d409ca526b0c08d190fe4f1f5bc2d7cfb115b5ba38647,2024-05-14T16:11:39.510000 CVE-2024-4702,0,0,dd020b59844aa3c2b904a852a1e5f578b8784127317756ef97f595c083848ea0,2024-05-15T16:40:19.330000 CVE-2024-4703,0,0,7e57d47de6048bcd912b4c77aa51d488946887d89315e68305481f1a25780324,2024-06-11T18:06:31.967000 @@ -261521,7 +261534,7 @@ CVE-2024-6087,0,0,bd8b7ffb5790bff23459a1175abf6870ac2ed6fcd6a6fe860d24726af8d03b CVE-2024-6088,0,0,ed650bb4582239ce54305f8b10efe45d50e8cb6f1aa2aa30a6eb4b92f9ce96ee,2024-07-02T18:08:38.550000 CVE-2024-6089,0,0,fa11ebbd3c2f4a5c1117ab55af0cf255d158d35dec5a0296617f7f6f3c04b619,2024-09-10T14:05:16.183000 CVE-2024-6090,0,0,97ec0efad50117bd537daa7e8cf0d79ae16e3a9835d40dc90b67ac25a55b7eab,2024-06-27T19:25:12.067000 -CVE-2024-6091,0,0,a46bb661155ba57b4e08a622a5b0e25d862dd153c6f3f6b4aca3f0c88d6cb8e1,2024-09-11T16:26:11.920000 +CVE-2024-6091,0,1,bb7b961b168ed94110b11915eb6181b2a134b2679cab348c5f10ff830194015b,2024-09-18T18:41:31.247000 CVE-2024-6094,0,0,c88417a3a0b84de6c71136c141990a312384401ffa03a26b016fd58bc4fbac2f,2024-08-01T14:00:11.220000 CVE-2024-6095,0,0,1bbfd7c9b87c44d08a43ff0a5e8179e2c5df6e66e4cde292cf2d451628bbb0a8,2024-07-09T17:41:10.523000 CVE-2024-6096,0,0,6b5f1375532be5fbd8f0909be12e0ecac09c21eb2b2624e229274d814c555540,2024-07-26T12:57:36.633000 @@ -262006,7 +262019,7 @@ CVE-2024-6672,0,0,f03acb9d245a8919bddd732053bec54770cb0a4b96386add16d0f2ae9269f6 CVE-2024-6675,0,0,efdcf1bd038d8c9716519636ba8adbdaf757c6f9212f3c0c6f277c3b8045a346,2024-07-24T12:55:13.223000 CVE-2024-6676,0,0,b617e99f4ff839e117300b1a5f3c494dc1ceb13864a576e2b1519c7ec5960d34,2024-07-11T13:05:54.930000 CVE-2024-6677,0,0,d8004a1441e952f05633a34727a4f9223ac5077c2123fd1507a1955287de18f3,2024-07-12T12:49:07.030000 -CVE-2024-6678,0,0,a8e10ed12e192abed863e4ebe6e8c0dc0c398f1cd2be0726cf3f619b21b64e86,2024-09-12T21:34:55.633000 +CVE-2024-6678,0,1,c59e2958794ee588f09de3d0c5eb757393ccfbf81a758dafd00478636348c517,2024-09-18T19:14:14.837000 CVE-2024-6679,0,0,193698b3a519c2de1af0fd23f7e404e2d54c730e4704d97d0092b63ef1c81272,2024-07-11T18:09:58.777000 CVE-2024-6680,0,0,131299d0989a76f846afb0c8ae15f4692f1a0fdd9931fad30c165660cd1232fc,2024-07-11T18:09:58.777000 CVE-2024-6681,0,0,fd87484dafd740c0f788720b14149eb40f6b6d8ce371416d0e039ce9acf82071,2024-07-11T18:09:58.777000 @@ -262144,7 +262157,7 @@ CVE-2024-6873,0,0,8e5db8bfa0491746f29814d1d8249a1850325cbcdbd09b52dbf90709e95d21 CVE-2024-6874,0,0,805a0b27cbdf811d96209b292e2d5909e967f9d3161226db1f6fe45d6b995555,2024-09-10T15:27:04.190000 CVE-2024-6876,0,0,743577dc92893ad331003e5e7d748a3bee9fa96e904d71b602ea86d0aeed6917,2024-09-10T17:43:14.410000 CVE-2024-6877,0,0,c778de9272c5a8813b8beccd6fc852d9bef42e13437f5fac87efcad188a03490,2024-09-18T15:15:18.860000 -CVE-2024-6878,0,0,db12157b937b7fc348973352c9cf8dbecbecf18ce1feaf5ec1dfd1582a4ca22f,2024-09-18T15:15:18.970000 +CVE-2024-6878,0,1,53660dcd49b4f705db523366433f8adfcc9655cb9f439629eb565276cf1fd2dd,2024-09-18T18:35:14.400000 CVE-2024-6879,0,0,6dd99f7574923c6a0220f28a1253b4ac8ff29b09a2650b86b7b021e79b9e4f08,2024-08-28T15:35:24.120000 CVE-2024-6881,0,0,9eb1bb1325feedc0a442bcf6c20b4ef8c1194f18829a36ce47ae950cf638d18d,2024-08-27T11:15:04.740000 CVE-2024-6883,0,0,17af31f8537d0ebfdcc29735e63f85da6d525c783f08d8df80e6d71ccea2f1ba,2024-08-21T12:30:33.697000 @@ -262681,7 +262694,7 @@ CVE-2024-7605,0,0,bc09a75b7c45de231dc015ea353239dfd63eba4bd43fa0fa35326485eaab33 CVE-2024-7606,0,0,d1994339c445d05a7d0516150729b84de3d1d7c8a4d08e8012b40ecbd6deed28,2024-08-30T15:43:41.773000 CVE-2024-7607,0,0,1fc6dc2de47de502ba4dba054f1982731028b52bc9234ef0062aa94d686e06ad,2024-08-30T15:41:02.407000 CVE-2024-7608,0,0,b8872988f702757177432eab77e95a14e7cc629ce3c064dd49371a09c8fc5a16,2024-08-28T12:15:06.900000 -CVE-2024-7609,0,0,6139e7270c526162e0ad4613f862a4c23477edd56070c3ee4e0808fcad3543f3,2024-09-11T16:26:11.920000 +CVE-2024-7609,0,1,e867ef3503795a4cb2b0be83f6f1b140827e4a95af51756f638bc1584594b108,2024-09-18T18:33:09.633000 CVE-2024-7610,0,0,b0ce86cdbef2b0081b727d87f884505d4aea23572226b0988a51de68f40b68a6,2024-08-29T15:45:27.523000 CVE-2024-7611,0,0,20c7aea76b96fadb718b1a1cc787a6b3d6bd93752875f41cd913fb6624e501f4,2024-09-06T16:46:26.830000 CVE-2024-7613,0,0,595ae1d3f56b81eeb34ef1e184ddf7962f3a8fbfc042ff77a8fcf0bd3f10f263,2024-08-21T18:47:11.523000 @@ -262770,12 +262783,12 @@ CVE-2024-7715,0,0,cce2a99e52ea07f4f42d2501434c3e0483cd57d931341a557261d628f3236d CVE-2024-7716,0,0,88dfee0136ba1b85a390619cc3563514cfd309aa2ee08edf35baab8e16cdcd86,2024-09-11T16:35:39.790000 CVE-2024-7717,0,0,f37fc224ac1ab42d2f828caf93198cd6646f26bd1e976379d7595c5ee2d24865,2024-09-03T12:59:02.453000 CVE-2024-7720,0,0,71f1c1973f29e2c7c1373dd24daaa52398594a70072a570fc445a13cbea904ba,2024-09-06T22:33:30.767000 -CVE-2024-7721,0,0,99564ab663e4fb118e3e55c1415db1cb0c330e417fb06c45e32ecc53045eef8c,2024-09-11T16:26:11.920000 +CVE-2024-7721,0,1,5238e6abb0456ce90553edc6cb50412ac7f049775518f27d535d7c20a17394f2,2024-09-18T18:01:01.893000 CVE-2024-7722,0,0,dd34a6c6fa187cfdff62390c6b38a3b9bbf49b761e6117c420a823ed09401edf,2024-08-21T17:24:59.627000 CVE-2024-7723,0,0,0bdf76bf964a28a97b4d4d8ab086a048836c54fd8be0e41d26426907a661be8a,2024-08-21T17:24:59.627000 CVE-2024-7724,0,0,fd9d5d4a5cde684cb1f23cf1c101e9cac57afdf61c2e095e3e5cfe8dee5c7260,2024-08-21T17:24:59.627000 CVE-2024-7725,0,0,71c5fab1268c5ae7612b358c83d8e419d390e8fe339c287745de342ed473d1f6,2024-08-21T17:24:59.627000 -CVE-2024-7727,0,0,82761e482f626dc8b2efa8e81ca296917f87eb3616270e6541908c8c9cbe456a,2024-09-11T16:26:11.920000 +CVE-2024-7727,0,1,210da2d03590f7837e73d2a797749f40cf37c3d8121af3fa52cb49298f27dd84,2024-09-18T18:07:55.450000 CVE-2024-7728,0,0,6e291d9f53263e2fb59ac76ca77cbca952de50403aadce3c0e948994f87ca9a9,2024-08-14T13:00:37.107000 CVE-2024-7729,0,0,2bbcc23121d3cbbbfd7b7747e3325c391cd14964f404891acd614a24c4694f71,2024-08-14T13:00:37.107000 CVE-2024-7731,0,0,e84a2998e171304858ad1fb8b038e10b362c1589200ef021af448b39d41434b9,2024-08-22T14:40:00.913000 @@ -262970,7 +262983,7 @@ CVE-2024-8005,0,0,c059370cb975aea915e5671e32cb80d879151797480dbd5423b1593aeba966 CVE-2024-8006,0,0,092177f7b5a6e786b0c334d1c1238c9acce1b59320806ff7e04615edaed13d55,2024-09-03T12:59:02.453000 CVE-2024-8007,0,0,d4843ecbff9c18b0a3733961009c3b0a5fd18a5329783b13479a12d64d8f35f3,2024-09-18T08:15:06.990000 CVE-2024-8011,0,0,47ed34213e682e27e1c9cff56ca191160c24a6476f0554888eb469f5be11be06,2024-09-11T18:15:02.023000 -CVE-2024-8012,0,1,8a1525213894489e4e1b5228ce01d263a380f2eb822086dfeb6cd3303970b800,2024-09-18T17:53:47.860000 +CVE-2024-8012,0,0,8a1525213894489e4e1b5228ce01d263a380f2eb822086dfeb6cd3303970b800,2024-09-18T17:53:47.860000 CVE-2024-8016,0,0,2657510d64afe84d5852969b1e9344475f01e752907a5430dff930bc1f486129,2024-09-03T14:51:16.470000 CVE-2024-8022,0,0,469d074c70ed4d6e1b7ca7023005d3bb3e3f23419b5a39b3540fd69e34fadcaa,2024-08-21T12:30:33.697000 CVE-2024-8023,0,0,7f1c10536d9d4e1a728f09b10c1ff35f77d0bba503a7c61c411fbfd5f6584d46,2024-08-21T12:30:33.697000 @@ -263043,7 +263056,7 @@ CVE-2024-8139,0,0,30a28567f99fee6c1c6f825267497f95b5b28ab0436eee99757c8433aaff2e CVE-2024-8140,0,0,5905102d90fa9e01c1c294a1e12efca1eb0a1890a608c263dfef788228e71855,2024-08-26T19:09:52.653000 CVE-2024-8141,0,0,d494eb4aa5e779d518a311786c18c827e0ced59860399587e09c025afdbaf176,2024-08-26T19:09:16.763000 CVE-2024-8142,0,0,d4b24d12d326b40d1c063c9a3edca906c8e404b0436fcc16715466b79bbf260c,2024-08-26T19:08:38.493000 -CVE-2024-8144,0,0,b4ff9146db613e3c52e5250545428280bf39cf0da8707bed207da37f08dd2db5,2024-09-18T15:31:17.277000 +CVE-2024-8144,0,1,8c217cf77629850f2a31ec00f7904f772883a591a54b72411e3d3cd24bcf1f00,2024-09-18T18:24:46.730000 CVE-2024-8145,0,0,bd81408bdf46da0e2582ac2e30e29c3e5c1bfb2c062e1e74f1ce357731354e4f,2024-09-18T15:34:47.007000 CVE-2024-8146,0,0,502bd763591d1b91f8fa47be050033990936c92c3733fdcfd7eebfdf8d4cb42d,2024-08-26T12:47:20.187000 CVE-2024-8147,0,0,ec07f8c3276e9a222de07865fca93dea2ccb4507aaa042530afe8cfe5642dbe8,2024-09-11T18:37:20.670000 @@ -263129,6 +263142,7 @@ CVE-2024-8279,0,0,5d39f13bab18c8b062f816d8a34a66e17dacced8749261e8ff2d72add9b366 CVE-2024-8280,0,0,18ff93fe95d9a618cd1e9aa30ede1e799ae76756e814abae774622eee2d35ef4,2024-09-14T11:47:14.677000 CVE-2024-8281,0,0,315ce652edea1d53f877da56f47f4821a8fb50ce483f6ae9e053efb7b35fdfa1,2024-09-14T11:47:14.677000 CVE-2024-8285,0,0,44d06284adb5d71c65e8f3277866d5d546f57dcd495152060c7216923cd6bd07,2024-09-03T12:59:02.453000 +CVE-2024-8287,1,1,7e500053e23c28f6317e3f024a590b95e246ac37197a466d327cb9dff719182c,2024-09-18T19:15:41.073000 CVE-2024-8289,0,0,900bfbd861154484ed59254bdbec992d28a9742381ab830cf631e50b7fa985ab,2024-09-05T17:41:58.350000 CVE-2024-8292,0,0,ddba0ea03a741b8e444eb2158f82b5461df4d19adfc58fb2639bbcaaaadf6349,2024-09-12T12:37:18.380000 CVE-2024-8294,0,0,76cafe7a1838d9cd0244706a299f12cd4ba69ef653952654db2fa070ca07bd0d,2024-08-30T15:38:13.437000 @@ -263140,8 +263154,8 @@ CVE-2024-8301,0,0,517ca402c22af2219c7d5e72c26f25471bc06be609f1fc004544a29726452f CVE-2024-8302,0,0,73573fb95f4db9829ae46e4068d229d908324e137e6241c89a1030ab338e0051,2024-08-30T13:00:05.390000 CVE-2024-8303,0,0,7d291660edacb98ef58ef33c4f7785c68c1ad74e546b2f9d99bc765dad9ef6ed,2024-08-30T13:00:05.390000 CVE-2024-8304,0,0,b1d6e33c277c4c2a3cea7a584dbe53065d5f96f3f0410bcd4a103e0365afda5d,2024-08-30T13:00:05.390000 -CVE-2024-8306,0,0,a50f389c91b1add269b051df61bae08823d7fe47f213b267309a768dd52900b3,2024-09-11T16:26:11.920000 -CVE-2024-8311,0,0,d0c9d0e36665cc2b62c72ee0e68ca49e21fc816ac942351809299e26f5ead5fa,2024-09-12T21:34:55.633000 +CVE-2024-8306,0,1,8e0a05cb4cc1d2892722cafe041f9325413c92ba2fea525dcf4a3adbe1e3e801,2024-09-18T19:51:14.850000 +CVE-2024-8311,0,1,5b6832ab4de9e09983d490e9b9cfb24e40403bdf974bac09340ae2b77983823b,2024-09-18T19:12:52.810000 CVE-2024-8317,0,0,75ca94f8a803caa3f0996235375e7a6ab4757d251a8a35a9b32dc3ad55213ecc,2024-09-11T17:46:03.753000 CVE-2024-8318,0,0,5a1c058346165498258e6a0dbcca1e25ab26db572376e8715726de97a7feed6e,2024-09-04T13:05:36.067000 CVE-2024-8319,0,0,19bee7e43deb1719502aef7eb4c05b0fb28cffea0ae04999821f01ddbcc0e265,2024-09-03T14:43:13.787000 @@ -263237,7 +263251,7 @@ CVE-2024-8490,0,0,cd43fa149fe90bca2eda91b8754b977ff280f5e87ebc6b8acb93d3ce2649ba CVE-2024-8503,0,0,9f803200a857fcdb413b5557fdfb30066c33963fff9f6132df8887c5f7ded0b9,2024-09-11T16:26:11.920000 CVE-2024-8504,0,0,8357da8291f04353fac31874868f2eb40b31e26be1555ef771437bf9554e80e3,2024-09-12T14:35:23.173000 CVE-2024-8509,0,0,72b678ade46a23d1db65e1dfb65526568e7875d83752ef0a47b4a7edfeaf5ddf,2024-09-09T19:15:14.837000 -CVE-2024-8517,0,0,3800f6b128aab40f688c971c9a9e47c0b6a42cbdd5c8d94b7cf3eaf620f48fad,2024-09-09T16:15:03.053000 +CVE-2024-8517,0,1,ce937d4c0c27f8995dba93692196810f803407b9c7a2ce432d973aed0a5fc274,2024-09-18T18:05:03.553000 CVE-2024-8521,0,0,65485edaf907369f60ded6330bfa86fc3cb4b0554a8f781a990c000b1998cccb,2024-09-09T13:03:38.303000 CVE-2024-8522,0,0,2ab431c4f2cf5ab967664e41dd1dc524f59071081def8323632354294bee4f38,2024-09-13T16:12:30.497000 CVE-2024-8523,0,0,97cab60ebb5ec07bfc3fbe69bde3146d8e6846c5d869fc10534b5a2c3c29806e,2024-09-09T13:03:38.303000 @@ -263280,7 +263294,7 @@ CVE-2024-8601,0,0,350a6e2c691d4290217990f07e5aa1eab0aea03118253c9c9cd54625cff0b3 CVE-2024-8604,0,0,011a82fa33d28627d93910a4b1b240e8b61f649834230335b18a4a93ce8a99bf,2024-09-10T19:14:57.017000 CVE-2024-8605,0,0,2abdfde3fad91633012e2fbc4796f8bda82aa939ecbbf9c2890b650d01ffd42b,2024-09-13T15:31:52.140000 CVE-2024-8610,0,0,9284b474db1beea95bd52a2a34ba37d6ccf26129d36f3b91404a653005c49f87,2024-09-17T18:48:12.130000 -CVE-2024-8611,0,1,3d63bb09edc11ef6327fe857dfe381551fd3ed233dd119eaa741dce3b9b25e8e,2024-09-18T17:24:34.163000 +CVE-2024-8611,0,0,3d63bb09edc11ef6327fe857dfe381551fd3ed233dd119eaa741dce3b9b25e8e,2024-09-18T17:24:34.163000 CVE-2024-8622,0,0,8c0d8566c114d14578f376fb46a83dd09ecfc9aef59b4f73eead49a6f9d03ae6,2024-09-12T12:35:54.013000 CVE-2024-8631,0,0,ec0f3e499204fe8b3096f23de4c15b4f57ab537964111dc6b7313fbad5d35ea5,2024-09-14T15:22:31.717000 CVE-2024-8635,0,0,7a33169aa1c56166fecdf7f4d906662353a5e22f1362c34800f026c91df08470,2024-09-14T15:24:45.657000 @@ -263289,7 +263303,7 @@ CVE-2024-8637,0,0,d6df40a324e01da3d9d07d635490137e7d47536917ac9016017a9e8f14b895 CVE-2024-8638,0,0,adc287523433619e00a0c3ce2872c8a5b5ae1ed0dec799a6e833b4af67d9d1f7,2024-09-13T14:35:10.470000 CVE-2024-8639,0,0,81b4d237da336d5cfc4eef796e8c69ea1e42ce312224983662ce770673b442eb,2024-09-13T14:35:11.650000 CVE-2024-8640,0,0,355c8649c87d5efaa043494b8ec77b10dd7fca0f372cd99c6e0195d9ec1f3b26,2024-09-14T15:37:37.257000 -CVE-2024-8641,0,0,44a666b512bfb21d7f5979c4454fd81c2b709bcd1728b92fe712e9d59db44ca6,2024-09-12T21:34:55.633000 +CVE-2024-8641,0,1,6714847a0a2d7b4da8f2ecb0f7b3c9e94c4657d9429961f088a44e0537d8381a,2024-09-18T19:12:18.930000 CVE-2024-8642,0,0,f6a1188f71d8be1d5939c85a9a69699c0bc882a241a1a770bbbd1ca3f6acaf53,2024-09-11T16:26:11.920000 CVE-2024-8645,0,0,a9ec59eb761dcf7b03b051641e3314ff9102e8e55de30e4e3a512e1bddcece61,2024-09-10T12:09:50.377000 CVE-2024-8646,0,0,cfb9f652fd985c7871cc2c3d34f011a0ae92ad7c5f0486bb78cd619daf2d5be9,2024-09-11T16:26:11.920000 @@ -263316,7 +263330,7 @@ CVE-2024-8696,0,0,3ba62a921109450e540b318e77e86831bda9c658513319d0aed77dfa516028 CVE-2024-8705,0,0,cb97dc5a896b102e020f4c6f7ce9db0475b1546a38609fc8cb74768e11db5694,2024-09-12T12:35:54.013000 CVE-2024-8706,0,0,6f71e5876a7dec7ae56fc457ee5142cb7cf0075ec2e95d2e16cb7162a3c7da96,2024-09-12T12:35:54.013000 CVE-2024-8707,0,0,53b8f536d953dccbee27f563b6dc5109a4e216dbbeb04b8d1e78c2b9c947dcb4,2024-09-12T15:18:27.333000 -CVE-2024-8708,0,0,5ef2b50614a0df8bc885350592e6748544bb35fd26cfadc248f257341a211827,2024-09-12T12:35:54.013000 +CVE-2024-8708,0,1,661e441f732f7c590146c851caa19d4b9d733a437db35f14f249fe50618d2cbc,2024-09-18T19:11:28.080000 CVE-2024-8709,0,0,c4b78e9440da9a95da6880cb2eb594efc3dc26da0951b28cab597493ad1bb06a,2024-09-13T16:27:21.273000 CVE-2024-8710,0,0,4c5169ef585cdb335030b939d5748b4dbbc0a0ee6166dc565231ca1259e5b90c,2024-09-13T16:25:47.510000 CVE-2024-8711,0,0,0a0fc486d277b8c36cfb49b6365925dae98dcfc88dd0e7309623a05e1f41ecb4,2024-09-13T16:18:15.670000 @@ -263329,7 +263343,7 @@ CVE-2024-8734,0,0,9e6d59a7188c5f7bdb4b9bf39cdde9c63979b5564fa6f0addb2210b9f7451b CVE-2024-8737,0,0,cbc297970ae1416d9a802a8a3fb088b4d7e9eea01eac91d358a962752f26995b,2024-09-13T16:37:22.997000 CVE-2024-8742,0,0,6b8bc8fc216bb6a3b43d6b286657ec19196e95b44b152c94642c410394d382b2,2024-09-13T14:06:04.777000 CVE-2024-8747,0,0,6c88c8c8e632bc4d53a0196f95b7ceddf7275f331456b55093d5f334ca6d7b36,2024-09-13T16:37:22.997000 -CVE-2024-8749,0,0,6cdc0c26d2421a0ac61bce5d110eb5d73a3249ad7bc3d62d61fc4629cab2bddf,2024-09-12T12:35:54.013000 +CVE-2024-8749,0,1,dc7dd50ec6adedb45c385a82f706a7ab45f55e506e70a64a626b0d8f521f6289,2024-09-18T18:53:54.860000 CVE-2024-8750,0,0,bbeeb9c5927a1117a6a9a7bc1deb1f81319b716e09eab91fef8cd544ecfb288f,2024-09-12T12:35:54.013000 CVE-2024-8751,0,0,dd4f77422f5dc981129a2e765da3e243ee86648b85be15172cd0c4e6601f992a,2024-09-13T14:06:04.777000 CVE-2024-8752,0,0,0be9e28f6d85a85d4e0858af0a364ad7f2c3e55ca0710790013b49eb71d6357c,2024-09-16T18:03:16.707000 @@ -263369,8 +263383,8 @@ CVE-2024-8891,0,0,66ee1e3a5770b3f6e09e8b032a6124a31192085197984368a464d9541bf3af CVE-2024-8892,0,0,b8b5b660b06202667c5cd07cec126cd880bab05613441d7293a44f11f3e1c023,2024-09-18T13:15:03.907000 CVE-2024-8897,0,0,b99b42e128a3a937599a5ee8c7a3b275ca81dee2198a043376f3ec3c0daeea34,2024-09-17T13:15:04.423000 CVE-2024-8900,0,0,f58f5185481b4f9d895145fbfe2d15f4fe9fa908c07bf76713d81ef85bc63469,2024-09-17T19:15:29.163000 -CVE-2024-8904,0,1,154b42e06b3eec9dd6263288069b5cac3c6ac5013e0c0ce81a0319625e4f3176,2024-09-18T16:35:17.877000 -CVE-2024-8905,0,1,f4bcda9cc4c1bd1ffbda7130fd2d6fba2d07ae19df57b92968e0e6b8f6a2196a,2024-09-18T16:35:18.640000 +CVE-2024-8904,0,0,154b42e06b3eec9dd6263288069b5cac3c6ac5013e0c0ce81a0319625e4f3176,2024-09-18T16:35:17.877000 +CVE-2024-8905,0,0,f4bcda9cc4c1bd1ffbda7130fd2d6fba2d07ae19df57b92968e0e6b8f6a2196a,2024-09-18T16:35:18.640000 CVE-2024-8906,0,0,a825cb604140b0e13ad78ca82d1d231a96e53bbe511215a792b4240c110540db,2024-09-17T21:15:13.140000 CVE-2024-8907,0,0,64dc4dc8a4d40c7e225809d67f10cc92608ae63c53341c28f0018040d67ff7cd,2024-09-17T21:15:13.193000 CVE-2024-8908,0,0,5ad2b20eaf7b11cce42e37ec1af63dc38b712b10d9cb0d1e4c7b4750e472beb6,2024-09-17T21:15:13.247000