Auto-Update: 2024-11-18T11:00:19.383135+00:00

2025-07-09 16:05:11 +00:00 · 2024-11-18 11:03:21 +00:00 · 2024-11-18 11:03:21 +00:00 · 1e5efac4eb
commit 1e5efac4eb
parent b7227f8049
29 changed files with 1525 additions and 26 deletions
--- a/CVE-2023/CVE-2023-391xx/CVE-2023-39176.json
+++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39176.json
@ -0,0 +1,64 @@
 {
  "id": "CVE-2023-39176",
  "sourceIdentifier": "patrick@puiterwijk.org",
  "published": "2024-11-18T10:15:04.667",
  "lastModified": "2024-11-18T10:15:04.667",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "patrick@puiterwijk.org",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "patrick@puiterwijk.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://access.redhat.com/security/cve/CVE-2023-39176",
      "source": "patrick@puiterwijk.org"
    },
    {
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326503",
      "source": "patrick@puiterwijk.org"
    },
    {
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-586/",
      "source": "patrick@puiterwijk.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-391xx/CVE-2023-39179.json
+++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39179.json
@ -0,0 +1,64 @@
 {
  "id": "CVE-2023-39179",
  "sourceIdentifier": "patrick@puiterwijk.org",
  "published": "2024-11-18T10:15:04.980",
  "lastModified": "2024-11-18T10:15:04.980",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "patrick@puiterwijk.org",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "LOW",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.7
      }
    ]
  },
  "weaknesses": [
    {
      "source": "patrick@puiterwijk.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://access.redhat.com/security/cve/CVE-2023-39179",
      "source": "patrick@puiterwijk.org"
    },
    {
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326529",
      "source": "patrick@puiterwijk.org"
    },
    {
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-586/",
      "source": "patrick@puiterwijk.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-391xx/CVE-2023-39180.json
+++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39180.json
@ -0,0 +1,64 @@
 {
  "id": "CVE-2023-39180",
  "sourceIdentifier": "patrick@puiterwijk.org",
  "published": "2024-11-18T10:15:05.217",
  "lastModified": "2024-11-18T10:15:05.217",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "patrick@puiterwijk.org",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "LOW",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "patrick@puiterwijk.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://access.redhat.com/security/cve/CVE-2023-39180",
      "source": "patrick@puiterwijk.org"
    },
    {
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326531",
      "source": "patrick@puiterwijk.org"
    },
    {
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-589/",
      "source": "patrick@puiterwijk.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-384xx/CVE-2024-38472.json
+++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38472.json
@ -2,13 +2,13 @@
  "id": "CVE-2024-38472",
  "sourceIdentifier": "security@apache.org",
  "published": "2024-07-01T19:15:04.563",
-  "lastModified": "2024-07-12T14:15:15.043",
+  "lastModified": "2024-11-18T09:15:04.347",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
-      "value": "SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and\u00a0malicious requests or content \nUsers are recommended to upgrade to version 2.4.60 which fixes this issue.\u00a0 Note: Existing configurations that access UNC paths will have to configure new directive \"UNCList\" to allow access during request processing."
+      "value": "SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and\u00a0malicious requests or content \nUsers are recommended to upgrade to version 2.4.60 which fixes this issue.\u00a0 Note: Existing configurations that access UNC paths will have to configure new directive \"UNCList\" to allow access during request processing."
    },
    {
      "lang": "es",
@ -55,10 +55,6 @@
    {
      "url": "https://httpd.apache.org/security/vulnerabilities_24.html",
      "source": "security@apache.org"
    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20240712-0001/",
      "source": "security@apache.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-411xx/CVE-2024-41151.json
+++ b/CVE-2024/CVE-2024-411xx/CVE-2024-41151.json
@ -0,0 +1,37 @@
 {
  "id": "CVE-2024-41151",
  "sourceIdentifier": "security@apache.org",
  "published": "2024-11-18T09:15:05.010",
  "lastModified": "2024-11-18T09:15:05.010",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Deserialization of Untrusted Data vulnerability in Apache HertzBeat.\n\nThis vulnerability can only be exploited by authorized attackers.\n\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "security@apache.org",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://lists.apache.org/thread/oor9nw6nh2ojnfw8d8oxrv40cbtk5mwj",
      "source": "security@apache.org"
    },
    {
      "url": "https://lists.apache.org/thread/p33tg0vo5nh6kscth4262ktsqo3h5lqo",
      "source": "security@apache.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41967.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41967.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41967",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T09:15:05.150",
  "lastModified": "2024-11-18T09:15:05.150",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker\u00a0may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41968.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41968.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41968",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T09:15:05.410",
  "lastModified": "2024-11-18T09:15:05.410",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker may modify the docker settings setup of the device, leading to a limited DoS."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41969.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41969.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41969",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T09:15:05.637",
  "lastModified": "2024-11-18T09:15:05.637",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker may\u00a0modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41970.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41970.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41970",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T10:15:05.487",
  "lastModified": "2024-11-18T10:15:05.487",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker\u00a0may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41971.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41971.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41971",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T10:15:05.750",
  "lastModified": "2024-11-18T10:15:05.750",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41972.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41972.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41972",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T10:15:05.967",
  "lastModified": "2024-11-18T10:15:05.967",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker can\u00a0overwrite an arbitrary file on the filesystem which\u00a0may lead to an arbitrary file read with root privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-35"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41973.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41973.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41973",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T10:15:06.213",
  "lastModified": "2024-11-18T10:15:06.213",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker can\u00a0specify an arbitrary file on the filesystem which\u00a0may lead to an arbitrary file writes with root privileges."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-35"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-419xx/CVE-2024-41974.json
+++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41974.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-41974",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2024-11-18T10:15:06.447",
  "lastModified": "2024-11-18T10:15:06.447",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A low privileged remote attacker\u00a0may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/en/advisories/VDE-2024-047",
      "source": "info@cert.vde.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42383.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42383.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42383",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:06.667",
  "lastModified": "2024-11-18T10:15:06.667",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 4.2,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 2.5
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-823"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42383",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42384.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42384.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42384",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:06.943",
  "lastModified": "2024-11-18T10:15:06.943",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42384",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42385.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42385.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42385",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:07.187",
  "lastModified": "2024-11-18T10:15:07.187",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "HIGH",
          "privilegesRequired": "HIGH",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 0.3,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-140"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42385",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42386.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42386.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42386",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:07.427",
  "lastModified": "2024-11-18T10:15:07.427",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-823"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42386",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42387.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42387.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42387",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:07.647",
  "lastModified": "2024-11-18T10:15:07.647",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-823"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42387",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42388.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42388.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42388",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:07.873",
  "lastModified": "2024-11-18T10:15:07.873",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-823"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42388",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42389.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42389.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42389",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:08.090",
  "lastModified": "2024-11-18T10:15:08.090",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-823"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42389",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42390.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42390.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42390",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:08.307",
  "lastModified": "2024-11-18T10:15:08.307",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-823"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42390",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42391.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42391.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42391",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:08.540",
  "lastModified": "2024-11-18T10:15:08.540",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-823"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42391",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-423xx/CVE-2024-42392.json
+++ b/CVE-2024/CVE-2024-423xx/CVE-2024-42392.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-42392",
  "sourceIdentifier": "prodsec@nozominetworks.com",
  "published": "2024-11-18T10:15:08.753",
  "lastModified": "2024-11-18T10:15:08.753",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "prodsec@nozominetworks.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "HIGH",
          "privilegesRequired": "HIGH",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 4.0,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 0.3,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "prodsec@nozominetworks.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-140"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42392",
      "source": "prodsec@nozominetworks.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-455xx/CVE-2024-45505.json
+++ b/CVE-2024/CVE-2024-455xx/CVE-2024-45505.json
@ -0,0 +1,37 @@
 {
  "id": "CVE-2024-45505",
  "sourceIdentifier": "security@apache.org",
  "published": "2024-11-18T09:15:05.870",
  "lastModified": "2024-11-18T09:15:05.870",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (incubating).\n\nThis vulnerability can only be exploited by authorized attackers.\nThis issue affects Apache HertzBeat (incubating): before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "security@apache.org",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://lists.apache.org/thread/gvbc68krhqhht7mkkkx7k13k6k6fdhy0",
      "source": "security@apache.org"
    },
    {
      "url": "https://lists.apache.org/thread/h8k14o1bfyod66p113pkgnt1s52p6p19",
      "source": "security@apache.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-457xx/CVE-2024-45791.json
+++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45791.json
@ -0,0 +1,37 @@
 {
  "id": "CVE-2024-45791",
  "sourceIdentifier": "security@apache.org",
  "published": "2024-11-18T09:15:05.990",
  "lastModified": "2024-11-18T09:15:05.990",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.\n\nThis issue affects Apache HertzBeat: before 1.6.1.\n\nUsers are recommended to upgrade to version 1.6.1, which fixes the issue."
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "security@apache.org",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://lists.apache.org/thread/jmbsfjsvrfnvosh1ftrm3ry4j3sb7doz",
      "source": "security@apache.org"
    },
    {
      "url": "https://lists.apache.org/thread/lvsczrp8kdynppmzyxtkh4ord4gpw1ph",
      "source": "security@apache.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-472xx/CVE-2024-47208.json
+++ b/CVE-2024/CVE-2024-472xx/CVE-2024-47208.json
@ -0,0 +1,49 @@
 {
  "id": "CVE-2024-47208",
  "sourceIdentifier": "security@apache.org",
  "published": "2024-11-18T09:15:06.100",
  "lastModified": "2024-11-18T09:15:06.100",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue."
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "security@apache.org",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-918"
        },
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://issues.apache.org/jira/browse/OFBIZ-13158",
      "source": "security@apache.org"
    },
    {
      "url": "https://lists.apache.org/thread/022r19skfofhv3lzql33vowlrvqndh11",
      "source": "security@apache.org"
    },
    {
      "url": "https://ofbiz.apache.org/download.html",
      "source": "security@apache.org"
    },
    {
      "url": "https://ofbiz.apache.org/security.html",
      "source": "security@apache.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-489xx/CVE-2024-48962.json
+++ b/CVE-2024/CVE-2024-489xx/CVE-2024-48962.json
@ -0,0 +1,98 @@
 {
  "id": "CVE-2024-48962",
  "sourceIdentifier": "security@apache.org",
  "published": "2024-11-18T09:15:06.237",
  "lastModified": "2024-11-18T09:15:06.237",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Control of Generation of Code ('Code Injection'), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "security@apache.org",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "privilegesRequired": "NONE",
          "userInteraction": "ACTIVE",
          "vulnerableSystemConfidentiality": "HIGH",
          "vulnerableSystemIntegrity": "HIGH",
          "vulnerableSystemAvailability": "HIGH",
          "subsequentSystemConfidentiality": "HIGH",
          "subsequentSystemIntegrity": "HIGH",
          "subsequentSystemAvailability": "HIGH",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirements": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "automatable": "NO",
          "recovery": "USER",
          "valueDensity": "CONCENTRATED",
          "vulnerabilityResponseEffort": "HIGH",
          "providerUrgency": "AMBER",
          "baseScore": 8.9,
          "baseSeverity": "HIGH"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security@apache.org",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-1336"
        },
        {
          "lang": "en",
          "value": "CWE-352"
        },
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://issues.apache.org/jira/browse/OFBIZ-13162",
      "source": "security@apache.org"
    },
    {
      "url": "https://lists.apache.org/thread/6sddh4pts90cp8ktshqb4xykdp6lb6q6",
      "source": "security@apache.org"
    },
    {
      "url": "https://ofbiz.apache.org/download.html",
      "source": "security@apache.org"
    },
    {
      "url": "https://ofbiz.apache.org/security.html",
      "source": "security@apache.org"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2024-11-18T09:00:34.595517+00:00
+2024-11-18T11:00:19.383135+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2024-11-18T08:15:03.550000+00:00
+2024-11-18T10:15:08.753000+00:00
 ```
 ### Last Data Feed Release
@ -33,26 +33,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-270112
+270138
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `7`
+Recently added CVEs: `26`
- [CVE-2024-11311](CVE-2024/CVE-2024-113xx/CVE-2024-11311.json) (`2024-11-18T07:15:13.063`)
+- [CVE-2023-39179](CVE-2023/CVE-2023-391xx/CVE-2023-39179.json) (`2024-11-18T10:15:04.980`)
- [CVE-2024-11312](CVE-2024/CVE-2024-113xx/CVE-2024-11312.json) (`2024-11-18T07:15:14.903`)
+- [CVE-2023-39180](CVE-2023/CVE-2023-391xx/CVE-2023-39180.json) (`2024-11-18T10:15:05.217`)
- [CVE-2024-11313](CVE-2024/CVE-2024-113xx/CVE-2024-11313.json) (`2024-11-18T07:15:15.420`)
+- [CVE-2024-41151](CVE-2024/CVE-2024-411xx/CVE-2024-41151.json) (`2024-11-18T09:15:05.010`)
- [CVE-2024-11314](CVE-2024/CVE-2024-113xx/CVE-2024-11314.json) (`2024-11-18T07:15:15.993`)
+- [CVE-2024-41967](CVE-2024/CVE-2024-419xx/CVE-2024-41967.json) (`2024-11-18T09:15:05.150`)
- [CVE-2024-11315](CVE-2024/CVE-2024-113xx/CVE-2024-11315.json) (`2024-11-18T07:15:16.673`)
+- [CVE-2024-41968](CVE-2024/CVE-2024-419xx/CVE-2024-41968.json) (`2024-11-18T09:15:05.410`)
- [CVE-2024-22067](CVE-2024/CVE-2024-220xx/CVE-2024-22067.json) (`2024-11-18T07:15:17.370`)
+- [CVE-2024-41969](CVE-2024/CVE-2024-419xx/CVE-2024-41969.json) (`2024-11-18T09:15:05.637`)
- [CVE-2024-49574](CVE-2024/CVE-2024-495xx/CVE-2024-49574.json) (`2024-11-18T08:15:03.550`)
+- [CVE-2024-41970](CVE-2024/CVE-2024-419xx/CVE-2024-41970.json) (`2024-11-18T10:15:05.487`)
 - [CVE-2024-41971](CVE-2024/CVE-2024-419xx/CVE-2024-41971.json) (`2024-11-18T10:15:05.750`)
 - [CVE-2024-41972](CVE-2024/CVE-2024-419xx/CVE-2024-41972.json) (`2024-11-18T10:15:05.967`)
 - [CVE-2024-41973](CVE-2024/CVE-2024-419xx/CVE-2024-41973.json) (`2024-11-18T10:15:06.213`)
 - [CVE-2024-41974](CVE-2024/CVE-2024-419xx/CVE-2024-41974.json) (`2024-11-18T10:15:06.447`)
 - [CVE-2024-42383](CVE-2024/CVE-2024-423xx/CVE-2024-42383.json) (`2024-11-18T10:15:06.667`)
 - [CVE-2024-42384](CVE-2024/CVE-2024-423xx/CVE-2024-42384.json) (`2024-11-18T10:15:06.943`)
 - [CVE-2024-42385](CVE-2024/CVE-2024-423xx/CVE-2024-42385.json) (`2024-11-18T10:15:07.187`)
 - [CVE-2024-42386](CVE-2024/CVE-2024-423xx/CVE-2024-42386.json) (`2024-11-18T10:15:07.427`)
 - [CVE-2024-42387](CVE-2024/CVE-2024-423xx/CVE-2024-42387.json) (`2024-11-18T10:15:07.647`)
 - [CVE-2024-42388](CVE-2024/CVE-2024-423xx/CVE-2024-42388.json) (`2024-11-18T10:15:07.873`)
 - [CVE-2024-42389](CVE-2024/CVE-2024-423xx/CVE-2024-42389.json) (`2024-11-18T10:15:08.090`)
 - [CVE-2024-42390](CVE-2024/CVE-2024-423xx/CVE-2024-42390.json) (`2024-11-18T10:15:08.307`)
 - [CVE-2024-42391](CVE-2024/CVE-2024-423xx/CVE-2024-42391.json) (`2024-11-18T10:15:08.540`)
 - [CVE-2024-42392](CVE-2024/CVE-2024-423xx/CVE-2024-42392.json) (`2024-11-18T10:15:08.753`)
 - [CVE-2024-45505](CVE-2024/CVE-2024-455xx/CVE-2024-45505.json) (`2024-11-18T09:15:05.870`)
 - [CVE-2024-45791](CVE-2024/CVE-2024-457xx/CVE-2024-45791.json) (`2024-11-18T09:15:05.990`)
 - [CVE-2024-47208](CVE-2024/CVE-2024-472xx/CVE-2024-47208.json) (`2024-11-18T09:15:06.100`)
 - [CVE-2024-48962](CVE-2024/CVE-2024-489xx/CVE-2024-48962.json) (`2024-11-18T09:15:06.237`)
 ### CVEs modified in the last Commit
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 - [CVE-2024-38472](CVE-2024/CVE-2024-384xx/CVE-2024-38472.json) (`2024-11-18T09:15:04.347`)
 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -229891,6 +229891,9 @@ CVE-2023-39172,0,0,5d1f3f2b677b0a85af1f0e1718122f63379f727c5f55286cdaefc4f2cdf31
 CVE-2023-39173,0,0,94988e678dfa2aa507f7074d6091cd6c6a4eec57d4e8fabf0754fee84b8e4907,2023-08-01T01:02:33.797000
 CVE-2023-39174,0,0,c6d2e823a977d91e23e51acd8d719844156eb21bb7500fe830b5bef64c5b8759,2023-08-01T01:10:49.157000
 CVE-2023-39175,0,0,bc456592ae9ac6c2adcc5162a962f99df7fdd9b829de4a2da8a4cbf033cf9c8e,2023-08-01T01:08:48.417000
 CVE-2023-39176,1,1,aa563df238200eb898c9484b61b6445b97e9c0ed2befabe3252028130688420b,2024-11-18T10:15:04.667000
 CVE-2023-39179,1,1,80222f972e2daa94434b13860108378b7ce180e0683db0fb066e37927d819acd,2024-11-18T10:15:04.980000
 CVE-2023-39180,1,1,22caad6df3b2bbbd75cf24534daad75037755088aa22f2cce57a87e2a9eff3ff,2024-11-18T10:15:05.217000
 CVE-2023-39181,0,0,5779a7e12127c05426caed1b79cbad0420f35a50b8e5299eea089f21f74c95df,2023-08-10T15:56:38.890000
 CVE-2023-39182,0,0,55a8ec3c40df58e32d7c6d55926b018855a6b6f54a0171e66bfc574495807417,2023-08-10T16:02:54.477000
 CVE-2023-39183,0,0,964d0db7c48d041c6935cc07d25789a2cd8767124a64f3f9f2f3583c72690437,2023-08-10T16:04:10.890000
@ -243285,11 +243288,11 @@ CVE-2024-11306,0,0,f77aaaa67be9242d576d27dffde714b37bfb854f091ee9b96d0ca7ce4c9e0
 CVE-2024-11308,0,0,7e0a566461a1a25058b504b1b076a10b434fc2fde4d7646a8b9f4bf31fc5a5d5,2024-11-18T06:15:04.263000
 CVE-2024-11309,0,0,9411965c35ece716f8c90dd545a21d618e8ac858b01683f6ff41a9045699a6fe,2024-11-18T06:15:04.673000
 CVE-2024-11310,0,0,2d4d611d5e61ee3d47de293865eca5b79be60453c907c37cedc531a8bacc72a0,2024-11-18T06:15:04.987000
-CVE-2024-11311,1,1,47f486cfaf2f8e67141b65904d6812610644729332839ae7b425a509d1ee80a1,2024-11-18T07:15:13.063000
+CVE-2024-11311,0,0,47f486cfaf2f8e67141b65904d6812610644729332839ae7b425a509d1ee80a1,2024-11-18T07:15:13.063000
-CVE-2024-11312,1,1,71db06e2a096f0449f94df279bc5cb863b993686028b0aa9e878b169c9d8d472,2024-11-18T07:15:14.903000
+CVE-2024-11312,0,0,71db06e2a096f0449f94df279bc5cb863b993686028b0aa9e878b169c9d8d472,2024-11-18T07:15:14.903000
-CVE-2024-11313,1,1,890f011cbf9b34450e7704907c25d098bdda5249e8660c02c0f3a68f1c57debc,2024-11-18T07:15:15.420000
+CVE-2024-11313,0,0,890f011cbf9b34450e7704907c25d098bdda5249e8660c02c0f3a68f1c57debc,2024-11-18T07:15:15.420000
-CVE-2024-11314,1,1,77b62bdc6299b6d60a12b7a7152852e6fe05a08406e9a701a9a1af91def37fef,2024-11-18T07:15:15.993000
+CVE-2024-11314,0,0,77b62bdc6299b6d60a12b7a7152852e6fe05a08406e9a701a9a1af91def37fef,2024-11-18T07:15:15.993000
-CVE-2024-11315,1,1,cc9ed50e7db63318901354c8ed077ff950a09534cf38b4d91deb60ae50f13e1d,2024-11-18T07:15:16.673000
+CVE-2024-11315,0,0,cc9ed50e7db63318901354c8ed077ff950a09534cf38b4d91deb60ae50f13e1d,2024-11-18T07:15:16.673000
 CVE-2024-1132,0,0,3de6e62885ac8497a4c1d8f4950ebedc171b13b33dfedd6a9eea9ae164fd993a,2024-07-03T01:45:01.507000
 CVE-2024-1133,0,0,b8b851364368259dd533f1c71b437f741276dcf99770b03558b5d9cd5d3f095a,2024-02-29T13:49:29.390000
 CVE-2024-1134,0,0,92ca7b611a6a52333e888fa3a581b5dbc5c29b22a5e7e62eb553cb40e2cb6d77,2024-05-24T13:03:05.093000
@ -245860,7 +245863,7 @@ CVE-2024-22062,0,0,cc06929fe5df33d033a09c6d5b184881dcbf0939fe62637d4555c345e1a11
 CVE-2024-22064,0,0,4ab6f1fd7aac8f5f705eb95fc6fb847518aebb95babd98d77adf15137fe26c27,2024-05-14T16:13:02.773000
 CVE-2024-22065,0,0,0787c7694397a7c698dcdd055072a6446d70ea428a21429fa1b1a63fb95542eb,2024-10-29T14:34:04.427000
 CVE-2024-22066,0,0,04a1f5193e3d1cd4c2ff5e8b00e85bd78f3fa88fdda81531a689089e114ff7c4,2024-11-08T14:31:32.933000
-CVE-2024-22067,1,1,0df063e4cfb4727625a4769f0e9465766089f4a68a4efbd16211cd7af62d0a5f,2024-11-18T07:15:17.370000
+CVE-2024-22067,0,0,0df063e4cfb4727625a4769f0e9465766089f4a68a4efbd16211cd7af62d0a5f,2024-11-18T07:15:17.370000
 CVE-2024-22068,0,0,0d00619c52fbf410991eb6fb75db8e695c1b871ad9ed5a9a9a67d1976582dc23,2024-10-10T12:51:56.987000
 CVE-2024-22069,0,0,4264d807f7b5f6c2c545419e352dc9886522b6dff10818d72b9f5fb46c144466,2024-08-20T17:22:39.500000
 CVE-2024-2207,0,0,8ee5e243bdeb55079a285867c41b1d92102261a83307cfe5423cbfee70a33969,2024-11-13T17:01:16.850000
@ -257940,7 +257943,7 @@ CVE-2024-38469,0,0,511cfa020ce0415f6c58505919037fce87bd20a70c430acbe541f3249cbfb
 CVE-2024-3847,0,0,95f9ad8fbf5c3c80550e0a325ff7f48c02be2f78865a75992b282f70c630bcf1,2024-07-03T02:06:43.977000
 CVE-2024-38470,0,0,e532fc2610ce0ba05d395b2565b3921da00db5c8c8ee1a62b50a319ed8de746e,2024-07-03T02:05:07.477000
 CVE-2024-38471,0,0,3da065067273e795c22a9430ea2650425c29da7d06ad6ab18b550114c797a95a,2024-07-08T14:18:45.747000
-CVE-2024-38472,0,0,0483e32b4907ebc7f547fb87caf5b24bef6a9183e30ea4e30b4ad6dc0faa92cd,2024-07-12T14:15:15.043000
+CVE-2024-38472,0,1,e2da2567ed5c1bd58671597c1e4c6860b639e273ff91bc91c02bde109665e5ec,2024-11-18T09:15:04.347000
 CVE-2024-38473,0,0,36c5b6d67728da1356289c3874d586ffc56f76a7fbb2f457e14a9e4a12de691d,2024-08-01T13:54:52.397000
 CVE-2024-38474,0,0,4f088cfc0bc3e33027842b99d0e9469f8c62a5c78773b6fa11ed87f2035049e0,2024-08-21T15:03:30.407000
 CVE-2024-38475,0,0,4434bbc9e26235e103b2ea8722d70e74e682dd306d9d4b03d295c12ec512ff31,2024-07-12T14:15:15.277000
@ -259722,6 +259725,7 @@ CVE-2024-41143,0,0,e8899d473fa3a8ea11660d6f2ba88aff617e29347ef6b002447e4155241e1
 CVE-2024-41144,0,0,a99ced5ff39791199789f8b7404cf70d5ada3bff5c6dc65a7803cc1121e905e5,2024-09-04T17:25:48.123000
 CVE-2024-4115,0,0,89bc89df66a101d446d6568b359dec67345256fa579984420e2e2fe7ea4994ac,2024-06-04T19:20:29.937000
 CVE-2024-41150,0,0,f29e18c57230cbc3b76f00f0b7fe1001f55bb08bda82442884bf5072f9726b00,2024-08-27T14:35:09.013000
 CVE-2024-41151,1,1,ac2e20cfe18937f41a25987ff4765d4d73273b765d5092fe92ec19e25f2d0d10,2024-11-18T09:15:05.010000
 CVE-2024-41153,0,0,dafb89be97200d81ac5d60fe35f2a445ceac861b85bb58f78c85df804ae27889,2024-10-31T14:37:48.533000
 CVE-2024-41156,0,0,c0093084afabf89304f87b01eeae3792e9c6bc73b0c168ddc8c792fe08c67a19,2024-10-31T14:49:39.800000
 CVE-2024-41157,0,0,7a282611d45c2fbb6f2dc936e4617dedd23e7f4d2ca4cbf354d2844aba4fb55d,2024-09-04T16:30:40.737000
@ -260200,7 +260204,15 @@ CVE-2024-41961,0,0,3c3cbde88cd825de8bae83de9e23bceebed48c0b620332721ebe0297499b9
 CVE-2024-41962,0,0,db50354a8566471f488ea803a7a6894035b73491a2359165637f817d330c25eb,2024-08-16T16:34:48.873000
 CVE-2024-41964,0,0,54621a6adee825c0636e7afd8773c219e1650b44db222dda2ec93364b11574bb,2024-09-06T22:56:18.010000
 CVE-2024-41965,0,0,2d1c3b12d760b98aa2eaba7bc040a10a4b90c52e44f9dfa32fdcb4160559d799,2024-08-09T14:09:32.507000
 CVE-2024-41967,1,1,184e0f2ba651c36a054866910b0eb27e9f356f1dc19e4cc3cc69170f7684a3f6,2024-11-18T09:15:05.150000
 CVE-2024-41968,1,1,d53797c226739a273870d4357b7038db28e813f5b27527044d2f13ae864304d1,2024-11-18T09:15:05.410000
 CVE-2024-41969,1,1,7dc6266ab9626a4c38828c6835444366d20b2710b43478972117e8e83cb7a2fd,2024-11-18T09:15:05.637000
 CVE-2024-4197,0,0,45da0b07f911473fe59b939894a184bd20b4010bb74cc514ccd6533e9d15c77b,2024-06-25T12:24:17.873000
 CVE-2024-41970,1,1,8673d3ab86077ee00005d5cbb5e2dbeda32e664a8bd13b294fdbb12264160151,2024-11-18T10:15:05.487000
 CVE-2024-41971,1,1,0552f83e80023a5f54896fd682060a73475ec804288cffa5c074debb374a9763,2024-11-18T10:15:05.750000
 CVE-2024-41972,1,1,442ae43a9cfbdb24a9b592741605314ddc5f327d54bf282b64631b0f858b82d7,2024-11-18T10:15:05.967000
 CVE-2024-41973,1,1,c343f1d2d3c85dc9f5ab3be159f4e4290b4a608eab096e50bcd9a718dca4324b,2024-11-18T10:15:06.213000
 CVE-2024-41974,1,1,f10a5335cdd9e654d8b744f59fd419b5661c7eba3d880d5437eaffb04a2c10a6,2024-11-18T10:15:06.447000
 CVE-2024-41976,0,0,28d622db4b0702423d465fd5f760fc3d4baf285e2f7024720bdb5fee42ef0c33,2024-08-23T18:40:16.173000
 CVE-2024-41977,0,0,d5d8e1f89415d399848bf3d43d8f9a317c22096ecf54afde801686a9741da6f6,2024-08-23T18:39:13.990000
 CVE-2024-41978,0,0,bd0d09a1a56dc8d7414c845b0662922159c0a17b71c017862473bb9d2c3c7ab8,2024-08-23T18:34:36.283000
@ -260556,7 +260568,17 @@ CVE-2024-42379,0,0,3df4e462d3527273fa2a98871af6d02d089a425040231b6521435b06449dc
 CVE-2024-4238,0,0,188cceccdce16b8df034bef32fee010a6dd0f801c6690e1589421c7cadfb521c,2024-06-04T19:20:33.063000
 CVE-2024-42380,0,0,5abd276ef303a0a04718583183567bd8e789e2a4185f71fabf777d854e3f8a5a,2024-09-10T12:09:50.377000
 CVE-2024-42381,0,0,a5fa1277b5fe346d1dd5469d0c93ac780c7d0547ab1d06a7617c27606bb89aa8,2024-08-01T13:59:22.207000
 CVE-2024-42383,1,1,2be8df96a7cb26e915a93e0ac962c943b1279aec7c7832bdba0fad33874b43c8,2024-11-18T10:15:06.667000
 CVE-2024-42384,1,1,f298384383fd30ae2a676184dcfadad14b2336c7aac64e9943db3390b7c509d4,2024-11-18T10:15:06.943000
 CVE-2024-42385,1,1,d012d2bdbf72b21bf4483a06699490531ba125461a838fe81dba188e35e233f3,2024-11-18T10:15:07.187000
 CVE-2024-42386,1,1,44f57a2c936a836d67fe05b3af9d82caf4656480fd48b884b0b3b000defba598,2024-11-18T10:15:07.427000
 CVE-2024-42387,1,1,5f59394f84bb46308f3282a3d35e78b4794b618dde523fac815221485650fbb0,2024-11-18T10:15:07.647000
 CVE-2024-42388,1,1,e425093e5c6384aa19a1931f42570a44509c2be277bc2cb694b8225954a0793c,2024-11-18T10:15:07.873000
 CVE-2024-42389,1,1,4f2ec49962c6317efe1419a4a1be9d77c36081fd8705d58d5d7c326f96fdcac7,2024-11-18T10:15:08.090000
 CVE-2024-4239,0,0,cecc2be82896f12bf6cdae75a3b125d58c075d387f3da865cfaf565a2c454897,2024-06-04T19:20:33.163000
 CVE-2024-42390,1,1,2be89beae2069d663b7f8f2695054cea57a3204bc4d91dc76cf6eace46faad42,2024-11-18T10:15:08.307000
 CVE-2024-42391,1,1,a78ad1fa98ddcc8a458d297cf38256ed8ff3f6b292dc5e3a3d1a0644ab4fc8d3,2024-11-18T10:15:08.540000
 CVE-2024-42392,1,1,ffb29d55a2df75b4531a31e3d1e0de35b4379f522f2b242fb409b7093d75af8c,2024-11-18T10:15:08.753000
 CVE-2024-42393,0,0,dccd6d06051b1376b790b00ce1bb00ad00ff605de076bb7cd98815c096883960,2024-08-12T18:22:45.023000
 CVE-2024-42394,0,0,3fe51273497ddc687f2c439e086f8a7a30ea6afb40f9bca0dc53718488d7bc49,2024-08-12T18:23:19.533000
 CVE-2024-42395,0,0,5ee69c7240e27d4f3c6f1cb04e94fbb984a7c6f59b13e977c958944ad3c06ea4,2024-08-12T18:23:57.077000
@ -262662,6 +262684,7 @@ CVE-2024-45496,0,0,cb4145e26d358c15cb434585f9bcb20449ce473167aa6d60e18e039ff47cf
 CVE-2024-45498,0,0,ead799fee90d0be791c926b84a8db9a257cc85e76c202f16fed08488baf7d590,2024-11-04T17:35:22.900000
 CVE-2024-4550,0,0,ea2693a2208898e22f1b33bfbea2ea7879154431a660b6be5aad9a2659ccd071,2024-09-14T11:47:14.677000
 CVE-2024-45504,0,0,3b58dca9312966af1f86033b4db5d926602e7a6d36304d3cb72a6a0485059e81,2024-11-04T21:35:09.173000
 CVE-2024-45505,1,1,9e6cef572aaacd043b7ed07f99d88565dede9c8ee3f5be1766039ff6fd59c83a,2024-11-18T09:15:05.870000
 CVE-2024-45506,0,0,53228a9659d8b3663e59f7b6cd3ffdc01b4518a34e19971e095f98575a886619,2024-10-14T03:15:10.123000
 CVE-2024-45507,0,0,b2cf0920dcb75db868de7b4afd51449cea360da72164b9b7e7a575176b0c17c4,2024-09-05T17:53:39.760000
 CVE-2024-45508,0,0,a7bf13ff5f2bf318e53d0cc8b12c1b5ac7eae45f1991e7b683a2e3673a166bb9,2024-09-04T16:44:08.247000
@ -262795,6 +262818,7 @@ CVE-2024-45788,0,0,7ba304e58f1e132a77e708ed9119516e49dd167750ae6faec1e1736fde9ea
 CVE-2024-45789,0,0,85b2a3e63aad506ab70a8ae8f934d73422c76c344971f05123a4397c0e8661da,2024-09-18T19:55:58.287000
 CVE-2024-4579,0,0,b44e5adee861e75c9f2de9111724b513cf79b7a7dcd7134192d107fac1782253,2024-05-14T15:44:07.607000
 CVE-2024-45790,0,0,339d5c59c4b08184225ef02e77057a5607db1e407fbacc8325ce6de4811d4a59,2024-09-18T18:38:04.393000
 CVE-2024-45791,1,1,e00e08370eee4826bcdd5006dbdac3841f2b3e17be5d254ae3b822a74efd5814,2024-11-18T09:15:05.990000
 CVE-2024-45792,0,0,5abb7de999f910eaa61796ecbea33f574a65653e2aa062ee4c5c2e229e356bd5,2024-10-04T13:51:25.567000
 CVE-2024-45793,0,0,9df195d476b9f18fe89dd15d9de75cbf87671a956c83113b39ce1c0cbc87094f,2024-09-26T13:32:55.343000
 CVE-2024-45794,0,0,19fba7f9f80e8b5484ce94a7454fbad3ec8a7fa0a22390c43e093d2565218be6,2024-11-08T19:01:03.880000
@ -263585,6 +263609,7 @@ CVE-2024-47195,0,0,13778db546c78cfe27d2d127a511510e1d599b625eb31f21fc4e65992e212
 CVE-2024-47196,0,0,854c9d23e22c82e5339f8a331c929fb519fa43506b02445ee87a1d94228daed1,2024-10-16T18:07:38.850000
 CVE-2024-47197,0,0,e4a1d8789bd0c967523f7418fe544ba10b0b511b96a39b8a241e5a1afb5230b4,2024-10-02T17:25:36.990000
 CVE-2024-4720,0,0,eb5b6c06efbc2e8e5b700d46905e09781ba603e4dc4e18ff8664640e85fa6762,2024-06-04T19:20:47.440000
 CVE-2024-47208,1,1,b620527cf6de3641c13e3c2764db4b26a2727b76a61053f90f030844e2a0ed6b,2024-11-18T09:15:06.100000
 CVE-2024-4721,0,0,58190a4c7e114543454f0451ab9386f5b2fe1b56ab67d3c8b011dbecb251f4fd,2024-05-17T02:40:34.750000
 CVE-2024-47210,0,0,ca2b900fbd9eb194b293e1ce40d6ad1fe1c427789838eaeabb19878edb5f2c77,2024-09-26T13:32:55.343000
 CVE-2024-47211,0,0,8d8dc13d8cf35ee447487a09511da084431dcb4b69bd4c3291b15cb655fdb03c,2024-11-05T15:35:15.623000
@ -264546,6 +264571,7 @@ CVE-2024-48955,0,0,84de7be29efb285e46fc24626f552063b1e23de7f9dbbe9943b534f430e23
 CVE-2024-48957,0,0,73c8e1634cf56d3192b3375f11aa72eac69f0bcf8a4cb1f3b137dcc189616d8f,2024-10-11T21:36:47.930000
 CVE-2024-48958,0,0,92a426e369946b14ff79b98b6fb42dd0c692d3b7d45d68198a4072bdaadf4922,2024-10-11T21:36:48.687000
 CVE-2024-4896,0,0,20cc2dc19f323150528d4fb3a23b846b2e602fa65e075afe5dc2b86cb95d9c94,2024-05-22T12:46:53.887000
 CVE-2024-48962,1,1,bd3ff5aade929483229f8c352353f0b6d241b60852765987754d0db5e23c2ccb,2024-11-18T09:15:06.237000
 CVE-2024-48963,0,0,6d60ed9d1e7a308212fb6ea5de6f1d94d8559909dd9cb5f4650d856671de0962,2024-10-30T14:54:53.937000
 CVE-2024-48964,0,0,7d209543eb23e2e6809a7e4f01bdb09a7ba8fb1b32d439bae945ab7d5b6dd3de,2024-10-30T13:46:31.657000
 CVE-2024-48966,0,0,6ce21af485b8f7bde854dc6fa73e4754262c2c902a98462d651b3be5a8dc03bb,2024-11-15T13:58:08.913000
@ -264854,7 +264880,7 @@ CVE-2024-49558,0,0,3c676b75de26a8476d548ed8b3e232d51677ecb4a62749082177600c22312
 CVE-2024-4956,0,0,319b39cd7f80ef1a8cfcc633b91e7d5f141facd950994947b42a7565c106a7a4,2024-05-17T18:36:31.297000
 CVE-2024-49560,0,0,0903f1d2d4b8ea486a494eda9aaa463e3a0d845c10ed5808d6808c17d2b3d951,2024-11-15T17:35:25.407000
 CVE-2024-4957,0,0,e3bb8e47c8dfba146bed7647eff25fc6cc8427bb0bd54429262b4324d627abed,2024-07-03T02:08:22.473000
-CVE-2024-49574,1,1,1be1ee4ae3282a118752790130cac8d3d756131f62b6f0d2bf633054b33d6aad,2024-11-18T08:15:03.550000
+CVE-2024-49574,0,0,1be1ee4ae3282a118752790130cac8d3d756131f62b6f0d2bf633054b33d6aad,2024-11-18T08:15:03.550000
 CVE-2024-49579,0,0,0f0dd66a3db0fe299ae55b9b0e6c22f11c400dc3ee27d05103041b63e67e9d3e,2024-11-14T19:24:45.603000
 CVE-2024-4958,0,0,15591ba73d7708bbd560fadc0281274b5c7c2c12545797826fbf6e13e1222639,2024-06-03T14:46:24.250000
 CVE-2024-49580,0,0,89085af96d96dbfcdc87aa1d40157bd1a1b8615e2e8f40b207dbbe916ae159de,2024-11-14T19:25:47.433000