admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-05T21:00:25.415535+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-05 21:00:29 +00:00
parent 30c49c2b95
commit 214708c06d
40 changed files with 2185 additions and 1439 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

187
CVE-2005/CVE-2005-02xx/CVE-2005-0246.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-0246",
"sourceIdentifier": "secalert@redhat.com",
"published": "2005-05-02T04:00:00.000",
"lastModified": "2017-10-11T01:29:54.780",
"vulnStatus": "Modified",
"lastModified": "2024-02-05T19:56:12.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -58,138 +58,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95E0614E-0911-43EE-9F3D-2CF87E0F1851"
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0",
"versionEndExcluding": "7.3.9",
"matchCriteriaId": "4C486421-63ED-418C-BAE1-75690B1AC07D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF09CFB-F7CE-4659-BB20-83231539F765"
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.7",
"matchCriteriaId": "A44A4B35-A6B2-419C-859C-C95483E49826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE8C2A3-7575-41C6-896C-C367E6D35015"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88ED8E8C-9044-4E77-923A-D5C6C02A1081"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "037FF208-82A1-4448-88FE-FACB922FE1E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "458F558C-7550-48B8-8318-A0D5FAF9ABF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1A6E7C-B1DC-45CC-90B4-AFD6F669AA94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "23B710BA-91FF-47B9-BB56-4711CD50D50F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4064A96D-84D5-4257-9981-1139CD4CD08C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98290E4-2919-4492-BD14-BB24BA85C729"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B56E9F72-6CBF-4784-89CD-435A030AC0B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6DEF0FE5-EFCF-448E-B6BD-95FDDD4E17FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "03B480F0-8FFC-4463-ADC6-95906751811C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF44286-0DBF-4CCA-8FFB-993976C18CDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "629881D2-2A6D-4461-8C35-6EE575B63E6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C91580-6428-4234-92DF-6A96108FCF7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A19EB5-A1AF-4293-854D-347CD21065DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B18ED293-B408-435F-9D1F-2365A2E51022"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE2567C-BF48-4255-9E56-590A6F9DD932"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8DDD98-9A2D-402D-9172-F3C4C4C97FEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "20C8302B-631A-4DF7-839B-C6F3CC39E000"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FB318EB9-1B49-452A-92CF-89D9BA990AB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5913A53B-7B72-4CBD-ADAE-318333EB8B7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "815E58C0-327D-4F14-B496-05FC8179627E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF2D056-5120-4F98-8343-4EC31F962CFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "516E0E86-3D8A-43F9-9DD5-865F5C889FC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B45F3BF0-9EB6-4A06-B6F7-DE95DD13EFBF"
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.0.1",
"matchCriteriaId": "8EBCC126-D544-4D59-994F-99071F262808"
}
]
}
@ -201,20 +87,40 @@
"url": "http://archives.postgresql.org/pgsql-committers/2005-01/msg00401.php",
"source": "secalert@redhat.com",
"tags": [
"Patch"
"Mailing List",
"Patch",
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=110806034116082&w=2",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/12948",
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:040",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2005-138.html",
@ -226,15 +132,26 @@
},
{
"url": "http://www.securityfocus.com/bid/12417",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19185",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10148",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
}
]
}

1196
CVE-2013/CVE-2013-09xx/CVE-2013-0913.json
View File

File diff suppressed because it is too large Load Diff

41
CVE-2014/CVE-2014-00xx/CVE-2014-0069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-0069",
"sourceIdentifier": "secalert@redhat.com",
"published": "2014-02-28T06:18:54.010",
"lastModified": "2023-02-13T00:31:06.883",
"vulnStatus": "Modified",
"lastModified": "2024-02-05T19:51:26.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,8 +63,36 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.13.5",
"matchCriteriaId": "DBA2348F-3FA5-450F-BA4A-CB9A016037FA"
"versionEndExcluding": "3.2.57",
"matchCriteriaId": "30DD9401-EECC-40F5-82AB-E3D03817B960"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.4.83",
"matchCriteriaId": "444BEF1A-94EA-4815-8CDE-C7E3E86CBE1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5",
"versionEndExcluding": "3.10.33",
"matchCriteriaId": "866B1918-D40A-4541-8E8E-CA0859732AAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.12.14",
"matchCriteriaId": "5EFBEE95-34B7-4D8E-8C84-A642C03BAA58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "13.13.6",
"matchCriteriaId": "9FDA28E5-5488-4AC2-9A8C-D3F6948194B7"
}
]
}
@ -151,7 +179,10 @@
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html",

115
CVE-2015/CVE-2015-32xx/CVE-2015-3290.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-3290",
"sourceIdentifier": "secalert@redhat.com",
"published": "2015-08-31T10:59:08.770",
"lastModified": "2017-09-17T01:29:03.657",
"vulnStatus": "Modified",
"lastModified": "2024-02-05T20:15:29.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,8 +63,36 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.1.5",
"matchCriteriaId": "44877FD6-2CE0-4950-B1C4-8B0A4E0E0333"
"versionEndExcluding": "3.12.47",
"matchCriteriaId": "967C3CF4-381C-4010-9E1D-C350069E6813"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "3.14.54",
"matchCriteriaId": "B92F6F8B-8BAF-4BE9-A3A7-6D7F85E5E8C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.15",
"versionEndExcluding": "3.16.35",
"matchCriteriaId": "7DC4BA70-B111-4D2E-BC78-6601CED68F08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.17",
"versionEndExcluding": "3.18.22",
"matchCriteriaId": "1ACF067E-CBE4-4A62-9BC1-203FAF12DD2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.19",
"versionEndExcluding": "4.1.6",
"matchCriteriaId": "0ACD1220-4091-4A0D-9FBE-4FDAF6A40B0B"
}
]
}
@ -74,15 +102,26 @@
"references": [
{
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.debian.org/security/2015/dsa-3313",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6",
@ -93,47 +132,87 @@
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/07/22/7",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/08/04/8",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.securityfocus.com/bid/76004",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2687-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2688-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2689-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2690-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2691-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243465",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/torvalds/linux/commit/9b6e6a8334d56354853f9c255d1395c2ba570e0a",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/37722/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

9
CVE-2017/CVE-2017-151xx/CVE-2017-15126.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-15126",
"sourceIdentifier": "secalert@redhat.com",
"published": "2018-01-14T06:29:00.217",
"lastModified": "2023-02-12T23:28:49.183",
"vulnStatus": "Modified",
"lastModified": "2024-02-05T19:52:32.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -98,11 +98,6 @@
"versionStartIncluding": "4.11",
"versionEndExcluding": "4.13.6",
"matchCriteriaId": "6AA05A17-8B2B-40D5-A8FD-3B328291D06B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8710C99A-A7C1-4702-BC24-6B24C40FC533"
}
]
}

23
CVE-2023/CVE-2023-202xx/CVE-2023-20246.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20246",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-01T18:15:09.583",
"lastModified": "2024-01-25T17:15:40.870",
"vulnStatus": "Modified",
"lastModified": "2024-02-05T19:06:25.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -90,8 +90,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.1.57.0",
"matchCriteriaId": "03BBE9C4-8E31-4223-B2CB-04118A8799EB"
"matchCriteriaId": "F696F350-A488-452D-8644-89A10F66B118"
}
]
}
@ -105,17 +106,17 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.12",
"versionEndExcluding": "17.12.2",
"matchCriteriaId": "6BF7CD16-FAF3-4241-B511-5894881B1957"
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.3.1.1",
"matchCriteriaId": "D9BB9DB5-5C7E-4546-9C2C-FD292EC18407"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.13",
"versionEndExcluding": "17.13.1",
"matchCriteriaId": "B5F4D8FD-9B97-4DEA-A269-22B978D6BB63"
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.12",
"versionEndExcluding": "17.12.2",
"matchCriteriaId": "9CB7906F-3AF4-4A2A-B614-92DD4B236335"
}
]
}

70
CVE-2023/CVE-2023-362xx/CVE-2023-36259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36259",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T09:15:47.377",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T19:24:46.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en Craft CMS Audit Plugin anterior a la versi\u00f3n 3.0.2 permite a los atacantes ejecutar c\u00f3digo arbitrario durante la creaci\u00f3n de usuarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.2",
"matchCriteriaId": "3340E025-8B5B-487C-8608-DF95E8EC5DF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sjelfull/craft-audit/pull/73",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://www.linkedin.com/pulse/threat-briefing-craftcms-amrcybersecurity-emi0e/?trackingId=E75GttWvQp6gfvPiJDDUBA%3D%3D",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-362xx/CVE-2023-36260.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36260",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T09:15:47.440",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:02:07.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "Un problema descubierto en Craft CMS versi\u00f3n 4.6.1. permite a atacantes remotos provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de una cadena manipulada en los campos Feed-Me Name y Feed-Me URL debido a que se guarda un feed utilizando un tipo de elemento Asset sin volumen seleccionado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.1.1",
"matchCriteriaId": "8622F89B-52E2-4EE9-96CB-4A411E27F065"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/craftcms/feed-me/commit/b5d6ede51848349bd91bc95fec288b6793f15e28%29",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.linkedin.com/pulse/threat-briefing-craftcms-amrcybersecurity-emi0e/?trackingId=E75GttWvQp6gfvPiJDDUBA%3D%3D",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-405xx/CVE-2023-40546.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40546",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T17:15:08.347",
"lastModified": "2024-01-29T17:39:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:06:26.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en Shim cuando ocurri\u00f3 un error al crear una nueva variable ESL. Si Shim no puede crear la nueva variable, intenta imprimir un mensaje de error para el usuario; sin embargo, la cantidad de par\u00e1metros utilizados por la funci\u00f3n de registro no coincide con la cadena de formato utilizada, lo que provoca un bloqueo en determinadas circunstancias."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -46,14 +80,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:shim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.8",
"matchCriteriaId": "01639865-3664-4034-BCFB-F4E09AF37F28"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-40546",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241796",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-42xx/CVE-2023-4207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4207",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-09-06T14:15:11.453",
"lastModified": "2024-01-11T19:15:11.767",
"vulnStatus": "Modified",
"lastModified": "2024-02-05T19:55:24.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -90,8 +90,51 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5",
"matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1"
"versionStartIncluding": "3.18",
"versionEndExcluding": "4.14.326",
"matchCriteriaId": "8E857727-2DE9-4334-8C95-B7FB874F17C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.295",
"matchCriteriaId": "D419C7D6-F33D-4EF8-8950-1CB5DDF6A55D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.253",
"matchCriteriaId": "0707E9FF-8CDE-4AC1-98F3-5BB74EF88F8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.190",
"matchCriteriaId": "B8DECE4F-2D62-4976-B338-963015198AC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.126",
"matchCriteriaId": "C552AC9E-23B8-4D7D-AA26-57985BD93962"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.45",
"matchCriteriaId": "A0CA013D-55AF-4494-A931-AFC8EA64E875"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.4.10",
"matchCriteriaId": "7BB0D94C-4FCE-46F4-A8D4-062D6A84627A"
}
]
}
@ -134,7 +177,12 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5492",

61
CVE-2023/CVE-2023-462xx/CVE-2023-46231.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-46231",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2024-01-30T17:15:10.117",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:59:05.240",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on."
},
{
"lang": "es",
"value": "En las versiones de Splunk Add-on Builder inferiores a 4.1.4, la aplicaci\u00f3n escribe tokens de sesi\u00f3n de usuario en sus archivos de registro internos cuando visita Splunk Add-on Builder o cuando crea o edita una aplicaci\u00f3n o complemento personalizado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "prodsec@splunk.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
},
{
"source": "prodsec@splunk.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splunk:add-on_builder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1.4",
"matchCriteriaId": "5DB4FEB0-90F8-406B-98E8-79A5AB5028C6"
}
]
}
]
}
],
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-0110",
"source": "prodsec@splunk.com"
"source": "prodsec@splunk.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-471xx/CVE-2023-47158.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-47158",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-22T20:15:47.077",
"lastModified": "2024-01-25T02:02:44.530",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-05T19:15:08.353",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750."
"value": "IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) \n\n10.5, 11.1 and 11.5\n\n could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 270750."
},
{
"lang": "es",

8
CVE-2023/CVE-2023-70xx/CVE-2023-7069.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-7069",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-02-01T04:15:49.780",
"lastModified": "2024-02-01T13:41:44.257",
"lastModified": "2024-02-05T19:15:08.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and including, 2023.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
"value": "The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and including, 2023.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVE-2024-24870 is likely a duplicate of this issue."
},
{
"lang": "es",
"value": "El complemento Advanced iFrame para WordPress es vulnerable a cross site scripting almacenado a trav\u00e9s del c\u00f3digo corto 'advanced_iframe' del complemento en todas las versiones hasta la 2023.10 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

12
CVE-2024/CVE-2024-05xx/CVE-2024-0565.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0565",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T20:15:43.630",
"lastModified": "2024-01-23T20:31:54.850",
"lastModified": "2024-02-05T19:33:59.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,19 +21,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 1.5,
"impactScore": 5.9
},
{

65
CVE-2024/CVE-2024-08xx/CVE-2024-0836.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0836",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-31T08:15:41.533",
"lastModified": "2024-01-31T14:05:27.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:47:03.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radiustheme:review_schema:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.14",
"matchCriteriaId": "2B26A0B6-FA0C-4585-BDD0-10E3C21D3739"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3028627/review-schema/trunk/app/Controllers/Ajax/Review.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7039206-a25a-4aa0-87e2-be11dd1f12eb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-10xx/CVE-2024-1012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1012",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T08:15:41.820",
"lastModified": "2024-01-31T14:05:27.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:46:22.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:whir:ezoffice:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "277CD17D-2528-476B-8309-E569598951D4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/4nNns/cveAdd/blob/b73e94ff089ae2201d9836b4d61b8175ff21618a/sqli/%E4%B8%87%E6%88%B7EZOFFICE%20%E5%89%8D%E5%8F%B0SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.252281",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.252281",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

69
CVE-2024/CVE-2024-10xx/CVE-2024-1021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1021",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-29T22:15:08.553",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:13:11.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +105,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruifang-tech:rebuild:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.5.5",
"matchCriteriaId": "C149F519-0311-442C-91C5-75F428245EE1"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.252290",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252290",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-10xx/CVE-2024-1022.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1022",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-29T23:15:08.313",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:08:39.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:farahkharrat:simple_student_result_management_system:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36E00894-E283-40AB-9EF0-AFFA7E915AF5"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1lPZ1yL9UlU-uB03xz17q4OR9338X_1am/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.252291",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252291",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-10xx/CVE-2024-1027.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1027",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T03:15:07.617",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T19:27:53.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,14 +95,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:facebook_news_feed_like:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D92CFE-1206-4F8C-BF15-22055B9F8FBC"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.252300",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252300",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-10xx/CVE-2024-1030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1030",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T10:15:08.467",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:40:39.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,14 +95,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cogites:ereserv:7.7.58:*:*:*:*:*:*:*",
"matchCriteriaId": "A101648E-3E32-4D66-B5FE-CECFFA2DEDED"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.252303",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.252303",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

63
CVE-2024/CVE-2024-10xx/CVE-2024-1031.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1031",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T13:15:09.123",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:43:36.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the argument item leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252304."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en CodeAstro Expense Management System 1.0. Ha sido declarada problem\u00e1tica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo templates/5-Add-Expenses.php del componente Add Expenses Page. La manipulaci\u00f3n del argumento item conduce a cross site scripting. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-252304."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:expense_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83C0931B-6724-40E2-B0F1-0754756797B9"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.qq.com/doc/DYmhqV3piekZ5dlZi",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?ctiid.252304",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.252304",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

65
CVE-2024/CVE-2024-10xx/CVE-2024-1036.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1036",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T18:15:47.300",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:51:31.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function uploadIcon of the file /application/index/controller/Screen.php of the component Icon Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252311."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en openBI hasta 1.0.8 y se clasific\u00f3 como cr\u00edtica. Este problema afecta la funci\u00f3n uploadIcon del archivo /application/index/controller/Screen.php del componente Icon Handler. La manipulaci\u00f3n conduce a una carga sin restricciones. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-252311."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbi:openbi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "80906DC4-0662-4638-876F-3E5B228116EF"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/X1ASzPP5rHel",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.252311",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.252311",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

102
CVE-2024/CVE-2024-10xx/CVE-2024-1059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1059",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-01-30T22:15:52.937",
"lastModified": "2024-02-05T04:15:07.960",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-05T20:50:26.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,111 @@
"value": "El use after free en Peer Connection en Google Chrome anterior a 121.0.6167.139 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n de la pila a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.6167.139",
"matchCriteriaId": "F995B06D-6E73-4A90-8916-5C084C20E681"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1514777",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
}
]
}

102
CVE-2024/CVE-2024-10xx/CVE-2024-1060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1060",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-01-30T22:15:53.000",
"lastModified": "2024-02-05T04:15:08.033",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-05T20:49:55.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,111 @@
"value": "El use after free en Canvas en Google Chrome anterior a 121.0.6167.139 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.6167.139",
"matchCriteriaId": "F995B06D-6E73-4A90-8916-5C084C20E681"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1511567",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
}
]
}

102
CVE-2024/CVE-2024-10xx/CVE-2024-1077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1077",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-01-30T22:15:53.090",
"lastModified": "2024-02-05T04:15:08.090",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-02-05T20:49:00.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,111 @@
"value": "El use after free en Network de Google Chrome anterior a 121.0.6167.139 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de un archivo malicioso. (Severidad de seguridad de Chromium: alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0.6167.139",
"matchCriteriaId": "F995B06D-6E73-4A90-8916-5C084C20E681"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1511085",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
}
]
}

88
CVE-2024/CVE-2024-10xx/CVE-2024-1085.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1085",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2024-01-31T13:15:10.630",
"lastModified": "2024-01-31T14:05:19.990",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:41:40.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability.\n\nWe recommend upgrading past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7.\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de use after free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para lograr una escalada de privilegios local. La funci\u00f3n nft_setelem_catchall_deactivate() comprueba si el elemento del conjunto general est\u00e1 activo en la generaci\u00f3n actual en lugar de en la siguiente generaci\u00f3n antes de liberarlo, pero solo lo marca como inactivo en la siguiente generaci\u00f3n, lo que permite liberar el elemento varias veces, lo que lleva a una vulnerabilidad double free. Recomendamos actualizar la confirmaci\u00f3n anterior b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -46,14 +80,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.148",
"matchCriteriaId": "204B38A4-3EB9-47E0-9F1D-0F4A2A97B347"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.75",
"matchCriteriaId": "070D0ED3-90D0-4F95-B1FF-57D7F46F332D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.14",
"matchCriteriaId": "5C6B50A6-3D8B-4CE2-BDCC-A098609CBA14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.2",
"matchCriteriaId": "7229C448-E0C9-488B-8939-36BA5254065E"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Patch"
]
},
{
"url": "https://kernel.dance/b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Patch"
]
}
]
}

87
CVE-2024/CVE-2024-10xx/CVE-2024-1086.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1086",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2024-01-31T13:15:10.827",
"lastModified": "2024-01-31T14:05:19.990",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:41:24.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de use after free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para lograr una escalada de privilegios local. La funci\u00f3n nft_verdict_init() permite valores positivos como error de eliminaci\u00f3n dentro del veredicto del gancho y, por lo tanto, la funci\u00f3n nf_hook_slow() puede causar una vulnerabilidad double free cuando NF_DROP se emite con un error de eliminaci\u00f3n similar a NF_ACCEPT. Recomendamos actualizar despu\u00e9s del compromiso f342de4e2f33e0e39165d8639387aa6c19dff660."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -46,14 +80,59 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.15",
"versionEndExcluding": "6.1.76",
"matchCriteriaId": "D5B7FA3B-4605-4DF7-A8E1-B455017442C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.15",
"matchCriteriaId": "87C718CB-AE3D-4B07-B4D9-BFF64183C468"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.7.3",
"matchCriteriaId": "58FD5308-148A-40D3-B36A-0CA6B434A8BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9F4EA73-0894-400F-A490-3A397AB7A517"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Patch"
]
}
]
}

73
CVE-2024/CVE-2024-10xx/CVE-2024-1098.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1098",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T12:16:04.547",
"lastModified": "2024-01-31T14:05:19.990",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:45:38.343",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -65,8 +85,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -75,18 +105,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruifang-tech:rebuild:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.5.5",
"matchCriteriaId": "C149F519-0311-442C-91C5-75F428245EE1"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.252455",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.252455",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/ouiw375l0m8mw5ls",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-10xx/CVE-2024-1099.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1099",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T12:16:04.967",
"lastModified": "2024-01-31T14:05:19.990",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:44:23.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruifang-tech:rebuild:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.5.5",
"matchCriteriaId": "C149F519-0311-442C-91C5-75F428245EE1"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.252456",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.252456",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/dcilugg0htp973nx",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-11xx/CVE-2024-1103.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1103",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-31T15:15:10.863",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:39:28.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input <img src=x onerror=alert(document.cookie)> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252458 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en CodeAstro Real Estate Management System 1.0. Ha sido calificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo perfil.php del componente Feedback Form es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento Your Feedback con la entrada conduce a cross site scripting. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-252458 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:surajkumarvishwakarma:real_estate_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21361FB2-BF44-43B2-B59A-F6539F07703B"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.google.com/document/d/18M55HRrxHQ9Jhph6CwWF-d5epAKtOSHt/edit?usp=drive_link&ouid=105609487033659389545&rtpof=true&sd=true",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.252458",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.252458",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

59
CVE-2024/CVE-2024-222xx/CVE-2024-22202.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-22202",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-05T20:15:55.390",
"lastModified": "2024-02-05T20:15:55.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an attacker to spoof another user's detail, and in turn make a compelling phishing case for removing another user's account. The front-end of this page doesn't allow changing the form details, an attacker can utilize a proxy to intercept this request and submit other data. Upon submitting this form, an email is sent to the administrator informing them that this user wants to delete their account. An administrator has no way of telling the difference between the actual user wishing to delete their account or the attacker issuing this for an account they do not control. This issue has been patched in version 3.2.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpMyFAQ/commit/1348dcecdaec5a5714ad567c16429432417b534d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-6648-6g96-mg35",
"source": "security-advisories@github.com"
}
]
}

47
CVE-2024/CVE-2024-223xx/CVE-2024-22305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22305",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T12:16:05.783",
"lastModified": "2024-01-31T14:05:19.990",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:42:22.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaliforms:kali_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.37",
"matchCriteriaId": "B2903A17-879C-4A36-A6F8-E7584976735B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/kali-forms/wordpress-kali-forms-plugin-2-3-38-insecure-direct-object-references-idor-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2024/CVE-2024-225xx/CVE-2024-22567.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22567",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T20:15:55.620",
"lastModified": "2024-02-05T20:15:55.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h3ak/MCMS-CVE-Request/",
"source": "cve@mitre.org"
}
]
}

51
CVE-2024/CVE-2024-235xx/CVE-2024-23505.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-23505",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T16:15:47.163",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:27:44.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive PDF Viewer & 3D PDF Flipbook \u2013 DearPDF allows Stored XSS.This issue affects PDF Viewer & 3D PDF Flipbook \u2013 DearPDF: from n/a through 2.0.38.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en DearHive PDF Viewer y 3D PDF Flipbook: DearPDF permite XSS almacenado. Este problema afecta al PDF Viewer y 3D PDF Flipbook \u2013 DearPDF: desde n/a hasta 2.0. 38."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dearhive:dearpdf:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.38",
"matchCriteriaId": "DF98D694-5EDB-4778-968C-9176FA9CD8F1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dearpdf-lite/wordpress-pdf-viewer-3d-pdf-flipbook-dearpdf-plugin-2-0-38-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-235xx/CVE-2024-23507.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23507",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T12:16:06.007",
"lastModified": "2024-01-31T14:05:19.990",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:42:09.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.1.0.9",
"matchCriteriaId": "8F64534D-B2EB-42F8-9D98-35D7C4967FF1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-9-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-235xx/CVE-2024-23508.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-23508",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-31T16:15:47.407",
"lastModified": "2024-01-31T19:54:51.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:27:29.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins PDF Poster \u2013 PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster \u2013 PDF Embedder Plugin for WordPress: from n/a through 2.1.17.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en PDF Poster \u2013 PDF Embedder Plugin para WordPress permite XSS reflejado. Este problema afecta a PDF Poster \u2013 PDF Embedder Plugin para WordPress: desde n/a hasta 2.1. 17."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bplugins:pdf_poster:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.18",
"matchCriteriaId": "A1F5CA4C-1A65-454F-AF5B-95B89D700FC2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/pdf-poster/wordpress-pdf-poster-plugin-2-1-17-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-238xx/CVE-2024-23840.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-23840",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:11.810",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:56:21.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. `goreleaser release --debug` log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0."
},
{
"lang": "es",
"value": "GoReleaser crea archivos binarios de Go para varias plataformas, crea una versi\u00f3n de GitHub y luego env\u00eda una f\u00f3rmula Homebrew a un repositorio tap. El registro `goreleaser release --debug` muestra los valores secretos utilizados en el editor personalizado. Esta vulnerabilidad se solucion\u00f3 en 1.24.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goreleaser:goreleaser:1.23.0:*:*:*:*:go:*:*",
"matchCriteriaId": "876998FE-22A3-446E-ADF8-0C5BF63A1F96"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/goreleaser/goreleaser/commit/d5b6a533ca1dc3366983d5d31ee2d2b6232b83c0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/goreleaser/goreleaser/security/advisories/GHSA-h3q2-8whx-c29h",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

28
CVE-2024/CVE-2024-243xx/CVE-2024-24396.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2024-24396",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T19:15:08.557",
"lastModified": "2024-02-05T19:15:08.557",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component."
}
],
"metrics": {},
"references": [
{
"url": "http://stimulsoft.com",
"source": "cve@mitre.org"
},
{
"url": "https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R",
"source": "cve@mitre.org"
},
{
"url": "https://cves.at/posts/cve-2024-24396/writeup/",
"source": "cve@mitre.org"
}
]
}

78
CVE-2024/CVE-2024-245xx/CVE-2024-24565.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-24565",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:12.110",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T20:55:23.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage. This vulnerability is patched in 5.3.9, 5.4.8, 5.5.4, and 5.6.1."
},
{
"lang": "es",
"value": "CrateDB es una base de datos SQL distribuida que simplifica el almacenamiento y an\u00e1lisis de cantidades masivas de datos en tiempo real. Hay una funci\u00f3n COPIAR DESDE en la base de datos CrateDB que se utiliza para importar datos de archivos a tablas de bases de datos. Esta funci\u00f3n tiene un defecto y los atacantes autenticados pueden utilizar la funci\u00f3n COPIAR DE para importar contenido de archivos arbitrario en tablas de bases de datos, lo que provoca una fuga de informaci\u00f3n. Esta vulnerabilidad est\u00e1 parcheada en 5.3.9, 5.4.8, 5.5.4 y 5.6.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.3.9",
"matchCriteriaId": "FAF44B85-F769-493B-A674-7A8456A874F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.0",
"versionEndExcluding": "5.4.8",
"matchCriteriaId": "64B0DBA5-7EA3-4398-ACF8-D852EFA5C744"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.5.4",
"matchCriteriaId": "A4ABD3EE-2E41-4CF6-BC26-F947BB6499E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6.0",
"versionEndExcluding": "5.6.1",
"matchCriteriaId": "80901C4B-6B82-40BF-BC22-DA206B95003C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

74
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-05T19:00:26.677795+00:00
2024-02-05T21:00:25.415535+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-05T18:54:19.030000+00:00
2024-02-05T20:59:05.240000+00:00
```
### Last Data Feed Release
@ -29,55 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237585
237588
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `3`
* [CVE-2023-6028](CVE-2023/CVE-2023-60xx/CVE-2023-6028.json) (`2024-02-05T18:15:51.670`)
* [CVE-2023-6874](CVE-2023/CVE-2023-68xx/CVE-2023-6874.json) (`2024-02-05T18:15:51.877`)
* [CVE-2024-0953](CVE-2024/CVE-2024-09xx/CVE-2024-0953.json) (`2024-02-05T17:15:09.320`)
* [CVE-2024-24258](CVE-2024/CVE-2024-242xx/CVE-2024-24258.json) (`2024-02-05T18:15:52.083`)
* [CVE-2024-24259](CVE-2024/CVE-2024-242xx/CVE-2024-24259.json) (`2024-02-05T18:15:52.133`)
* [CVE-2024-24260](CVE-2024/CVE-2024-242xx/CVE-2024-24260.json) (`2024-02-05T18:15:52.187`)
* [CVE-2024-24262](CVE-2024/CVE-2024-242xx/CVE-2024-24262.json) (`2024-02-05T18:15:52.230`)
* [CVE-2024-24263](CVE-2024/CVE-2024-242xx/CVE-2024-24263.json) (`2024-02-05T18:15:52.277`)
* [CVE-2024-24265](CVE-2024/CVE-2024-242xx/CVE-2024-24265.json) (`2024-02-05T18:15:52.327`)
* [CVE-2024-24266](CVE-2024/CVE-2024-242xx/CVE-2024-24266.json) (`2024-02-05T18:15:52.380`)
* [CVE-2024-24267](CVE-2024/CVE-2024-242xx/CVE-2024-24267.json) (`2024-02-05T18:15:52.427`)
* [CVE-2024-24396](CVE-2024/CVE-2024-243xx/CVE-2024-24396.json) (`2024-02-05T19:15:08.557`)
* [CVE-2024-22202](CVE-2024/CVE-2024-222xx/CVE-2024-22202.json) (`2024-02-05T20:15:55.390`)
* [CVE-2024-22567](CVE-2024/CVE-2024-225xx/CVE-2024-22567.json) (`2024-02-05T20:15:55.620`)
### CVEs modified in the last Commit
Recently modified CVEs: `47`
Recently modified CVEs: `36`
* [CVE-2024-21626](CVE-2024/CVE-2024-216xx/CVE-2024-21626.json) (`2024-02-05T17:15:09.383`)
* [CVE-2024-1016](CVE-2024/CVE-2024-10xx/CVE-2024-1016.json) (`2024-02-05T17:25:50.500`)
* [CVE-2024-23822](CVE-2024/CVE-2024-238xx/CVE-2024-23822.json) (`2024-02-05T18:04:52.843`)
* [CVE-2024-24135](CVE-2024/CVE-2024-241xx/CVE-2024-24135.json) (`2024-02-05T18:10:12.477`)
* [CVE-2024-1061](CVE-2024/CVE-2024-10xx/CVE-2024-1061.json) (`2024-02-05T18:21:08.577`)
* [CVE-2024-1033](CVE-2024/CVE-2024-10xx/CVE-2024-1033.json) (`2024-02-05T18:25:49.590`)
* [CVE-2024-24762](CVE-2024/CVE-2024-247xx/CVE-2024-24762.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24768](CVE-2024/CVE-2024-247xx/CVE-2024-24768.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-0323](CVE-2024/CVE-2024-03xx/CVE-2024-0323.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-23054](CVE-2024/CVE-2024-230xx/CVE-2024-23054.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24397](CVE-2024/CVE-2024-243xx/CVE-2024-24397.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24468](CVE-2024/CVE-2024-244xx/CVE-2024-24468.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24469](CVE-2024/CVE-2024-244xx/CVE-2024-24469.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-1063](CVE-2024/CVE-2024-10xx/CVE-2024-1063.json) (`2024-02-05T18:25:57.167`)
* [CVE-2024-23108](CVE-2024/CVE-2024-231xx/CVE-2024-23108.json) (`2024-02-05T18:25:58.053`)
* [CVE-2024-23109](CVE-2024/CVE-2024-231xx/CVE-2024-23109.json) (`2024-02-05T18:25:58.053`)
* [CVE-2024-1035](CVE-2024/CVE-2024-10xx/CVE-2024-1035.json) (`2024-02-05T18:30:58.720`)
* [CVE-2024-1032](CVE-2024/CVE-2024-10xx/CVE-2024-1032.json) (`2024-02-05T18:31:07.090`)
* [CVE-2024-21985](CVE-2024/CVE-2024-219xx/CVE-2024-21985.json) (`2024-02-05T18:32:52.040`)
* [CVE-2024-1018](CVE-2024/CVE-2024-10xx/CVE-2024-1018.json) (`2024-02-05T18:33:53.527`)
* [CVE-2024-1034](CVE-2024/CVE-2024-10xx/CVE-2024-1034.json) (`2024-02-05T18:35:52.530`)
* [CVE-2024-23441](CVE-2024/CVE-2024-234xx/CVE-2024-23441.json) (`2024-02-05T18:41:43.547`)
* [CVE-2024-23334](CVE-2024/CVE-2024-233xx/CVE-2024-23334.json) (`2024-02-05T18:44:40.053`)
* [CVE-2024-22523](CVE-2024/CVE-2024-225xx/CVE-2024-22523.json) (`2024-02-05T18:45:22.323`)
* [CVE-2024-23825](CVE-2024/CVE-2024-238xx/CVE-2024-23825.json) (`2024-02-05T18:46:02.203`)
* [CVE-2023-40546](CVE-2023/CVE-2023-405xx/CVE-2023-40546.json) (`2024-02-05T20:06:26.127`)
* [CVE-2023-46231](CVE-2023/CVE-2023-462xx/CVE-2023-46231.json) (`2024-02-05T20:59:05.240`)
* [CVE-2024-1027](CVE-2024/CVE-2024-10xx/CVE-2024-1027.json) (`2024-02-05T19:27:53.177`)
* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-02-05T19:33:59.377`)
* [CVE-2024-1022](CVE-2024/CVE-2024-10xx/CVE-2024-1022.json) (`2024-02-05T20:08:39.697`)
* [CVE-2024-1021](CVE-2024/CVE-2024-10xx/CVE-2024-1021.json) (`2024-02-05T20:13:11.287`)
* [CVE-2024-23508](CVE-2024/CVE-2024-235xx/CVE-2024-23508.json) (`2024-02-05T20:27:29.570`)
* [CVE-2024-23505](CVE-2024/CVE-2024-235xx/CVE-2024-23505.json) (`2024-02-05T20:27:44.793`)
* [CVE-2024-1103](CVE-2024/CVE-2024-11xx/CVE-2024-1103.json) (`2024-02-05T20:39:28.830`)
* [CVE-2024-1030](CVE-2024/CVE-2024-10xx/CVE-2024-1030.json) (`2024-02-05T20:40:39.707`)
* [CVE-2024-1086](CVE-2024/CVE-2024-10xx/CVE-2024-1086.json) (`2024-02-05T20:41:24.390`)
* [CVE-2024-1085](CVE-2024/CVE-2024-10xx/CVE-2024-1085.json) (`2024-02-05T20:41:40.513`)
* [CVE-2024-23507](CVE-2024/CVE-2024-235xx/CVE-2024-23507.json) (`2024-02-05T20:42:09.590`)
* [CVE-2024-22305](CVE-2024/CVE-2024-223xx/CVE-2024-22305.json) (`2024-02-05T20:42:22.943`)
* [CVE-2024-1031](CVE-2024/CVE-2024-10xx/CVE-2024-1031.json) (`2024-02-05T20:43:36.340`)
* [CVE-2024-1099](CVE-2024/CVE-2024-10xx/CVE-2024-1099.json) (`2024-02-05T20:44:23.767`)
* [CVE-2024-1098](CVE-2024/CVE-2024-10xx/CVE-2024-1098.json) (`2024-02-05T20:45:38.343`)
* [CVE-2024-1012](CVE-2024/CVE-2024-10xx/CVE-2024-1012.json) (`2024-02-05T20:46:22.983`)
* [CVE-2024-0836](CVE-2024/CVE-2024-08xx/CVE-2024-0836.json) (`2024-02-05T20:47:03.430`)
* [CVE-2024-1077](CVE-2024/CVE-2024-10xx/CVE-2024-1077.json) (`2024-02-05T20:49:00.927`)
* [CVE-2024-1060](CVE-2024/CVE-2024-10xx/CVE-2024-1060.json) (`2024-02-05T20:49:55.413`)
* [CVE-2024-1059](CVE-2024/CVE-2024-10xx/CVE-2024-1059.json) (`2024-02-05T20:50:26.783`)
* [CVE-2024-1036](CVE-2024/CVE-2024-10xx/CVE-2024-1036.json) (`2024-02-05T20:51:31.707`)
* [CVE-2024-24565](CVE-2024/CVE-2024-245xx/CVE-2024-24565.json) (`2024-02-05T20:55:23.270`)
* [CVE-2024-23840](CVE-2024/CVE-2024-238xx/CVE-2024-23840.json) (`2024-02-05T20:56:21.880`)
## Download and Usage