admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-05-16T10:01:20.609846+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-05-16 10:04:11 +00:00
parent c57b480ddb
commit 238bd18352
45 changed files with 2632 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2024/CVE-2024-207xx/CVE-2024-20791.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20791",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:08.967",
"lastModified": "2024-05-16T09:15:08.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-30.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-207xx/CVE-2024-20792.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20792",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:09.313",
"lastModified": "2024-05-16T09:15:09.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Illustrator versions 28.4, 27.9.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-30.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-207xx/CVE-2024-20793.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-20793",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:09.560",
"lastModified": "2024-05-16T09:15:09.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/illustrator/apsb24-30.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-23xx/CVE-2024-2358.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-2358",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:09.800",
"lastModified": "2024-05-16T09:15:09.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due to insufficient sanitization of user-supplied input in the configuration settings, specifically within the 'extensions' parameter. Attackers can exploit this by crafting a payload that includes relative path traversal sequences ('../../../'), enabling them to navigate to arbitrary directories. This flaw subsequently allows the server to load and execute a malicious '__init__.py' file, leading to remote code execution. The issue affects the latest version of parisneo/lollms-webui."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/b2771df3-be50-45bd-93c4-0974ce38bc22",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-23xx/CVE-2024-2361.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-2361",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:10.060",
"lastModified": "2024-05-16T09:15:10.060",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Specifically, the issue resides in the `install_model()` function within `lollms_core/lollms/binding.py`, where the application fails to properly sanitize the `file://` protocol and other inputs, leading to arbitrary read and upload capabilities. Attackers can exploit this vulnerability by manipulating the `path` and `variant_name` parameters to achieve path traversal, allowing for the reading of arbitrary files and uploading files to arbitrary locations on the server. This vulnerability affects the latest version of parisneo/lollms-webui."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/cd383817-924a-445a-838e-d0c867c6a176",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-23xx/CVE-2024-2366.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-2366",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:10.287",
"lastModified": "2024-05-16T09:15:10.287",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the parisneo/lollms-webui application, specifically within the reinstall_binding functionality in lollms_core/lollms/server/endpoints/lollms_binding_infos.py of the latest version. The vulnerability arises due to insufficient path sanitization, allowing an attacker to exploit path traversal to navigate to arbitrary directories. By manipulating the binding_path to point to a controlled directory and uploading a malicious __init__.py file, an attacker can execute arbitrary code on the server."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/63266c77-408b-45ff-962c-8163db50a864",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30274.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30274",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:10.527",
"lastModified": "2024-05-16T09:15:10.527",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30275.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30275",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:10.750",
"lastModified": "2024-05-16T09:15:10.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Aero Desktop versions 23.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/aero/apsb24-33.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30281.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30281",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:11.007",
"lastModified": "2024-05-16T09:15:11.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Designer versions 13.1.1 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30282.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30282",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:11.253",
"lastModified": "2024-05-16T09:15:11.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30293.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30293",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:11.497",
"lastModified": "2024-05-16T09:15:11.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Animate versions 24.0.2, 23.0.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30294.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30294",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:11.763",
"lastModified": "2024-05-16T09:15:11.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Animate versions 24.0.2, 23.0.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30295.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30295",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:11.990",
"lastModified": "2024-05-16T09:15:11.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Animate versions 24.0.2, 23.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30296.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30296",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:12.213",
"lastModified": "2024-05-16T09:15:12.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30297.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30297",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:12.447",
"lastModified": "2024-05-16T09:15:12.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-302xx/CVE-2024-30298.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30298",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:12.680",
"lastModified": "2024-05-16T09:15:12.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Animate versions 24.0.2, 23.0.5 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/animate/apsb24-36.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-303xx/CVE-2024-30307.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30307",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:12.910",
"lastModified": "2024-05-16T09:15:12.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-303xx/CVE-2024-30308.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30308",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:13.137",
"lastModified": "2024-05-16T09:15:13.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2024/CVE-2024-303xx/CVE-2024-30309.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30309",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-05-16T09:15:13.377",
"lastModified": "2024-05-16T09:15:13.377",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html",
"source": "psirt@adobe.com"
}
]
}

59
CVE-2024/CVE-2024-31xx/CVE-2024-3126.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-3126",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:13.840",
"lastModified": "2024-05-16T09:15:13.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollms-webui application, specifically within the 'lollms_xtts.py' script. The vulnerability arises due to the improper neutralization of special elements used in an OS command. The affected function utilizes 'subprocess.Popen' to execute a command constructed with a Python f-string, without adequately sanitizing the 'xtts_base_url' input. This flaw allows attackers to execute arbitrary commands remotely by manipulating the 'xtts_base_url' parameter. The vulnerability affects versions up to and including the latest version before 9.5. Successful exploitation could lead to arbitrary remote code execution (RCE) on the system where the application is deployed."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/41dbb1b3f2e78ea276e5269544e50514252c0c25",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/0e2bec70-826e-4c24-8015-31921e23fd12",
"source": "security@huntr.dev"
}
]
}

13
CVE-2024/CVE-2024-333xx/CVE-2024-33386.json
View File

@ -2,19 +2,14 @@
"id": "CVE-2024-33386",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-05-14T15:37:35.623",
"lastModified": "2024-05-14T16:12:23.490",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-05-16T09:15:13.600",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "An issue in SoundCloud Prometheu v.2.5.1 and before allows a remote attacker to execute arbitrary code via the query parameter."
"value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/keaidmmc/33386/blob/main/33386.md",
"source": "cve@mitre.org"
}
]
"references": []
}

55
CVE-2024/CVE-2024-34xx/CVE-2024-3403.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-3403",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:14.053",
"lastModified": "2024-05-16T09:15:14.053",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI to retrieve or disclose the contents of any file on the system. This vulnerability could lead to various impacts, including but not limited to remote code execution by obtaining private SSH keys, unauthorized access to private files, source code disclosure facilitating further attacks, and exposure of configuration files."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/7431d1dd-f014-4d4f-acb6-f97369ef3688",
"source": "security@huntr.dev"
}
]
}

59
CVE-2024/CVE-2024-34xx/CVE-2024-3435.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-3435",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:14.290",
"lastModified": "2024-05-16T09:15:14.290",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the 'save_settings' endpoint of the parisneo/lollms-webui application, affecting versions up to the latest release before 9.5. The vulnerability arises due to insufficient sanitization of the 'config' parameter in the 'apply_settings' function, allowing an attacker to manipulate the application's configuration by sending specially crafted JSON payloads. This could lead to remote code execution (RCE) by bypassing existing patches designed to mitigate such vulnerabilities."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/bb99b59e710d00c4f2598faa5e183fa30fbd3bc2",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/494f349a-8650-4d30-a0bd-4742fda44ce5",
"source": "security@huntr.dev"
}
]
}

59
CVE-2024/CVE-2024-38xx/CVE-2024-3848.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-3848",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:14.543",
"lastModified": "2024-05-16T09:15:14.543",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the fragment, effectively skipping validation. This allows an attacker to construct a URL that, when processed, ignores the protocol scheme and uses the provided path for filesystem access. As a result, an attacker can read arbitrary files, including sensitive information such as SSH and cloud keys, by exploiting the way the application converts the URL into a filesystem path. The issue stems from insufficient validation of the fragment portion of the URL, leading to arbitrary file read through path traversal."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
}
],
"references": [
{
"url": "https://github.com/mlflow/mlflow/commit/f8d51e21523238280ebcfdb378612afd7844eca8",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/8d5aadaa-522f-4839-b41b-d7da362dd610",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-38xx/CVE-2024-3851.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-3851",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:14.823",
"lastModified": "2024-05-16T09:15:14.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored Cross-Site Scripting (XSS) vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exploit this vulnerability by uploading malicious HTML files, such as those containing JavaScript payloads, which are then executed in the context of the victim's session when accessed. This could lead to the execution of arbitrary JavaScript code in the context of the user's browser session, potentially resulting in phishing attacks or other malicious actions. The vulnerability affects the latest version of the repository."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/cae1a492-4e09-4d56-8e11-17703bdfe653",
"source": "security@huntr.dev"
}
]
}

47
CVE-2024/CVE-2024-38xx/CVE-2024-3887.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-3887",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-16T09:15:15.070",
"lastModified": "2024-05-16T09:15:15.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Form Builder widget in all versions up to, and including, 1.3.974 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086890%40royal-elementor-addons&old=3081886%40royal-elementor-addons&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5122800d-f274-4129-84d4-02380269502c?source=cve",
"source": "security@wordfence.com"
}
]
}

59
CVE-2024/CVE-2024-40xx/CVE-2024-4078.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-4078",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:15.313",
"lastModified": "2024-05-16T09:15:15.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the parisneo/lollms, specifically in the `/unInstall_binding` endpoint, allows for arbitrary code execution due to insufficient sanitization of user input. The issue arises from the lack of path sanitization when handling the `name` parameter in the `unInstall_binding` function, allowing an attacker to traverse directories and execute arbitrary code by loading a malicious `__init__.py` file. This vulnerability affects the latest version of the software. The exploitation of this vulnerability could lead to remote code execution on the system where parisneo/lollms is deployed."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms/commit/7ebe08da7e0026b155af4f7be1d6417bc64cf02f",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/a55a8c04-df44-49b2-bcfa-2a2b728a299d",
"source": "security@huntr.dev"
}
]
}

59
CVE-2024/CVE-2024-41xx/CVE-2024-4181.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-4181",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:15.553",
"lastModified": "2024-05-16T09:15:15.553",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in the RunGptLLM class of the llama_index library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models (LLMs). The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine. This issue was fixed in version 0.10.13. The exploitation of this vulnerability could lead to a hosting provider gaining full control over client machines."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/run-llama/llama_index/commit/d73715eaf0642705583e7897c78b9c8dd2d3a7ba",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/1a204520-598a-434e-b13d-0d34f2a5ddc1",
"source": "security@huntr.dev"
}
]
}

47
CVE-2024/CVE-2024-42xx/CVE-2024-4223.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-4223",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-16T09:15:15.810",
"lastModified": "2024-05-16T09:15:15.810",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete data."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3086489/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce4c4395-6d1a-4d5f-885f-383e5c44c0f8?source=cve",
"source": "security@wordfence.com"
}
]
}

59
CVE-2024/CVE-2024-42xx/CVE-2024-4263.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-4263",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:16.037",
"lastModified": "2024-05-16T09:15:16.037",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT permissions, allowing them to perform unauthorized deletions of artifacts. The vulnerability specifically affects the handling of artifact deletions within the application, as demonstrated by the ability of a low privilege user to delete a directory inside an artifact using a DELETE request, despite the official documentation stating that users with EDIT permission can only read and update artifacts, not delete them."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/mlflow/mlflow/commit/b43e0e3de5b500554e13dc032ba2083b2d6c94b8",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/bfa116d3-2af8-4c4a-ac34-ccde7491ae11",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-43xx/CVE-2024-4321.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-4321",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:16.327",
"lastModified": "2024-05-16T09:15:16.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Local File Inclusion (LFI) vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically within the functionality for uploading chat history. The vulnerability arises due to improper input validation when handling file paths during the chat history upload process. An attacker can exploit this vulnerability by intercepting requests and manipulating the 'name' parameter to specify arbitrary file paths. This allows the attacker to read sensitive files on the server, leading to information leakage, including API keys and private information. The issue affects version 20240310 of the application."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/19a16f8e-3d92-498f-abc9-8686005f067e",
"source": "security@huntr.dev"
}
]
}

55
CVE-2024/CVE-2024-43xx/CVE-2024-4322.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-4322",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:16.613",
"lastModified": "2024-05-16T09:15:16.613",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `/list_personalities` endpoint. By manipulating the `category` parameter, an attacker can traverse the directory structure and list any directory on the system. This issue affects the latest version of the application. The vulnerability is due to improper handling of user-supplied input in the `list_personalities` function, where the `category` parameter can be controlled to specify arbitrary directories for listing. Successful exploitation of this vulnerability could allow an attacker to list all folders in the drive on the system, potentially leading to information disclosure."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209",
"source": "security@huntr.dev"
}
]
}

59
CVE-2024/CVE-2024-43xx/CVE-2024-4326.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-4326",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:16.887",
"lastModified": "2024-05-16T09:15:16.887",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute arbitrary code. The vulnerability stems from insufficient protection of the `/apply_settings` and `/execute_code` endpoints. Attackers can bypass protections by setting the host to localhost, enabling code execution, and disabling code validation through the `/apply_settings` endpoint. Subsequently, arbitrary commands can be executed remotely via the `/execute_code` endpoint, exploiting the delay in settings enforcement. This issue was addressed in version 9.5."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-15"
}
]
}
],
"references": [
{
"url": "https://github.com/parisneo/lollms-webui/commit/abb4c6d495a95a3ef5b114ffc57f85cd650b905e",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/2ab9f03d-0538-4317-be21-0748a079cbdd",
"source": "security@huntr.dev"
}
]
}

51
CVE-2024/CVE-2024-43xx/CVE-2024-4391.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-4391",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-16T09:15:17.143",
"lastModified": "2024-05-16T09:15:17.143",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Event Calendar widget in all versions up to, and including, 3.10.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/trunk/widgets/event-calendar/widget.php#L1811",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3083138/happy-elementor-addons/trunk/widgets/event-calendar/widget.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e75f7e1a-f3bb-4b24-bf04-b83d0e572551?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-44xx/CVE-2024-4478.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-4478",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-16T08:15:38.200",
"lastModified": "2024-05-16T08:15:38.200",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Stack Group widget in all versions up to, and including, 3.10.7 due to insufficient input sanitization and output escaping on user supplied 'tooltip_position' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.7/widgets/image-stack-group/widget.php#L611",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3083138/#file584",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/happy-elementor-addons/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7243f40-5cca-475a-bb27-44fab965bb0e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-45xx/CVE-2024-4546.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-4546",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-16T08:15:38.487",
"lastModified": "2024-05-16T08:15:38.487",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Custom Post Type Attachment plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pdf_attachment' shortcode in all versions up to, and including, 3.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3087121/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6ba2907-36f4-4c4d-9e25-d13d32e28690?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-46xx/CVE-2024-4642.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-4642",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-05-16T09:15:17.360",
"lastModified": "2024-05-16T09:15:17.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb/wandb repository due to improper handling of HTTP 302 redirects. This issue allows team members with access to the 'User settings -> Webhooks' function to exploit this vulnerability to access internal HTTP(s) servers. In severe cases, such as on AWS instances, this could potentially be abused to achieve remote code execution on the victim's machine. The vulnerability is present in the latest version of the repository."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/055eb540-57f8-46d6-b858-3a9e22d347d9",
"source": "security@huntr.dev"
}
]
}

96
CVE-2024/CVE-2024-49xx/CVE-2024-4964.json Normal file
View File

@ -0,0 +1,96 @@
{
"id": "CVE-2024-4964",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-16T08:15:38.693",
"lastModified": "2024-05-16T08:15:38.693",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This vulnerability affects unknown code of the file /firewall/urlblist.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264532. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/%3CWHB%7Cj%5CIbSU0m4%3A_/D-LINK-DAR-7000_upload_%20urlblist.php.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.264532",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.264532",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.333783",
"source": "cna@vuldb.com"
}
]
}

96
CVE-2024/CVE-2024-49xx/CVE-2024-4965.json Normal file
View File

@ -0,0 +1,96 @@
{
"id": "CVE-2024-4965",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-16T08:15:39.030",
"lastModified": "2024-05-16T08:15:39.030",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This issue affects some unknown processing of the file /useratte/resmanage.php. The manipulation of the argument load leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264533 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/%3CWHB%7Cj%5CIbSU0m4%3A_/D-LINK-DAR-7000_RCE_%20resmanage.php.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.264533",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.264533",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.333784",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-49xx/CVE-2024-4966.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-4966",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-16T08:15:39.317",
"lastModified": "2024-05-16T08:15:39.317",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester SchoolWebTech 1.0. It has been classified as critical. Affected is an unknown function of the file /improve/home.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-264534 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/CveSecLook/cve/issues/30",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.264534",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.264534",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.334216",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-49xx/CVE-2024-4967.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-4967",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-16T09:15:17.617",
"lastModified": "2024-05-16T09:15:17.617",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-mark.php. The manipulation of the argument mark leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-264535."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20SQL%20Injection.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.264535",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.264535",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.335190",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-49xx/CVE-2024-4968.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-4968",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-16T09:15:17.953",
"lastModified": "2024-05-16T09:15:17.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Marker Name of the component Add Marker. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264536."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Interactive%20Map%20App/Interactive%20Map%20App%20-%20Cross-Site-Scripting.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.264536",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.264536",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.335191",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2024/CVE-2024-49xx/CVE-2024-4972.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2024-4972",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-16T09:15:18.277",
"lastModified": "2024-05-16T09:15:18.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in code-projects Simple Chat System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264537 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Simple%20Chat%20App/Simple%20Chat%20App%20-%20SQL%20Injection%20-%201.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.264537",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.264537",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.335199",
"source": "cna@vuldb.com"
}
]
}

50
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-05-16T08:00:38.837751+00:00
2024-05-16T10:01:20.609846+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-05-16T07:15:53.317000+00:00
2024-05-16T09:15:18.277000+00:00
```
### Last Data Feed Release
@ -33,33 +33,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
250089
250131
```
### CVEs added in the last Commit
Recently added CVEs: `14`
Recently added CVEs: `42`
- [CVE-2024-3641](CVE-2024/CVE-2024-36xx/CVE-2024-3641.json) (`2024-05-16T06:15:08.703`)
- [CVE-2024-3642](CVE-2024/CVE-2024-36xx/CVE-2024-3642.json) (`2024-05-16T06:15:09.770`)
- [CVE-2024-3643](CVE-2024/CVE-2024-36xx/CVE-2024-3643.json) (`2024-05-16T06:15:10.053`)
- [CVE-2024-3644](CVE-2024/CVE-2024-36xx/CVE-2024-3644.json) (`2024-05-16T06:15:10.370`)
- [CVE-2024-4279](CVE-2024/CVE-2024-42xx/CVE-2024-4279.json) (`2024-05-16T06:15:10.667`)
- [CVE-2024-4318](CVE-2024/CVE-2024-43xx/CVE-2024-4318.json) (`2024-05-16T06:15:11.480`)
- [CVE-2024-4635](CVE-2024/CVE-2024-46xx/CVE-2024-4635.json) (`2024-05-16T06:15:12.090`)
- [CVE-2024-4843](CVE-2024/CVE-2024-48xx/CVE-2024-4843.json) (`2024-05-16T06:15:12.690`)
- [CVE-2024-4844](CVE-2024/CVE-2024-48xx/CVE-2024-4844.json) (`2024-05-16T07:15:50.743`)
- [CVE-2024-4946](CVE-2024/CVE-2024-49xx/CVE-2024-4946.json) (`2024-05-16T06:15:13.547`)
- [CVE-2024-4960](CVE-2024/CVE-2024-49xx/CVE-2024-4960.json) (`2024-05-16T06:15:14.650`)
- [CVE-2024-4961](CVE-2024/CVE-2024-49xx/CVE-2024-4961.json) (`2024-05-16T06:15:15.653`)
- [CVE-2024-4962](CVE-2024/CVE-2024-49xx/CVE-2024-4962.json) (`2024-05-16T07:15:52.070`)
- [CVE-2024-4963](CVE-2024/CVE-2024-49xx/CVE-2024-4963.json) (`2024-05-16T07:15:53.317`)
- [CVE-2024-30308](CVE-2024/CVE-2024-303xx/CVE-2024-30308.json) (`2024-05-16T09:15:13.137`)
- [CVE-2024-30309](CVE-2024/CVE-2024-303xx/CVE-2024-30309.json) (`2024-05-16T09:15:13.377`)
- [CVE-2024-3126](CVE-2024/CVE-2024-31xx/CVE-2024-3126.json) (`2024-05-16T09:15:13.840`)
- [CVE-2024-3403](CVE-2024/CVE-2024-34xx/CVE-2024-3403.json) (`2024-05-16T09:15:14.053`)
- [CVE-2024-3435](CVE-2024/CVE-2024-34xx/CVE-2024-3435.json) (`2024-05-16T09:15:14.290`)
- [CVE-2024-3848](CVE-2024/CVE-2024-38xx/CVE-2024-3848.json) (`2024-05-16T09:15:14.543`)
- [CVE-2024-3851](CVE-2024/CVE-2024-38xx/CVE-2024-3851.json) (`2024-05-16T09:15:14.823`)
- [CVE-2024-3887](CVE-2024/CVE-2024-38xx/CVE-2024-3887.json) (`2024-05-16T09:15:15.070`)
- [CVE-2024-4078](CVE-2024/CVE-2024-40xx/CVE-2024-4078.json) (`2024-05-16T09:15:15.313`)
- [CVE-2024-4181](CVE-2024/CVE-2024-41xx/CVE-2024-4181.json) (`2024-05-16T09:15:15.553`)
- [CVE-2024-4223](CVE-2024/CVE-2024-42xx/CVE-2024-4223.json) (`2024-05-16T09:15:15.810`)
- [CVE-2024-4263](CVE-2024/CVE-2024-42xx/CVE-2024-4263.json) (`2024-05-16T09:15:16.037`)
- [CVE-2024-4321](CVE-2024/CVE-2024-43xx/CVE-2024-4321.json) (`2024-05-16T09:15:16.327`)
- [CVE-2024-4322](CVE-2024/CVE-2024-43xx/CVE-2024-4322.json) (`2024-05-16T09:15:16.613`)
- [CVE-2024-4326](CVE-2024/CVE-2024-43xx/CVE-2024-4326.json) (`2024-05-16T09:15:16.887`)
- [CVE-2024-4391](CVE-2024/CVE-2024-43xx/CVE-2024-4391.json) (`2024-05-16T09:15:17.143`)
- [CVE-2024-4478](CVE-2024/CVE-2024-44xx/CVE-2024-4478.json) (`2024-05-16T08:15:38.200`)
- [CVE-2024-4546](CVE-2024/CVE-2024-45xx/CVE-2024-4546.json) (`2024-05-16T08:15:38.487`)
- [CVE-2024-4642](CVE-2024/CVE-2024-46xx/CVE-2024-4642.json) (`2024-05-16T09:15:17.360`)
- [CVE-2024-4964](CVE-2024/CVE-2024-49xx/CVE-2024-4964.json) (`2024-05-16T08:15:38.693`)
- [CVE-2024-4965](CVE-2024/CVE-2024-49xx/CVE-2024-4965.json) (`2024-05-16T08:15:39.030`)
- [CVE-2024-4966](CVE-2024/CVE-2024-49xx/CVE-2024-4966.json) (`2024-05-16T08:15:39.317`)
- [CVE-2024-4967](CVE-2024/CVE-2024-49xx/CVE-2024-4967.json) (`2024-05-16T09:15:17.617`)
- [CVE-2024-4968](CVE-2024/CVE-2024-49xx/CVE-2024-4968.json) (`2024-05-16T09:15:17.953`)
- [CVE-2024-4972](CVE-2024/CVE-2024-49xx/CVE-2024-4972.json) (`2024-05-16T09:15:18.277`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `1`
- [CVE-2024-33386](CVE-2024/CVE-2024-333xx/CVE-2024-33386.json) (`2024-05-16T09:15:13.600`)
## Download and Usage

72
_state.csv
View File

@ -241386,6 +241386,9 @@ CVE-2024-20779,0,0,6fd5665d768cb852ea47732221a85e067d0080ad0de1ca2d2241cb625c59d
CVE-2024-2078,0,0,1f3625edc40ce981dfa798326c49d364352417c97edbdeb08f2797c1a0a609b2,2024-03-01T14:04:04.827000
CVE-2024-20780,0,0,ec1b341950c30681e570ac487b080ed639019cf375cf8a334e95e6a235124aee,2024-04-10T13:23:38.787000
CVE-2024-2079,0,0,d19df912ca8f24c4783570207f7ead00a2f333eee11795e142007ff6a5180cfc,2024-03-14T12:52:16.723000
CVE-2024-20791,1,1,84c1fcc1cf2a2f9248bc07ac3a30e99d65c6562db5c647af61281c7d1985725b,2024-05-16T09:15:08.967000
CVE-2024-20792,1,1,edfc1eee897f9bdb22af8fe557d6e04ca7053655344d1e3b6c23ef6edd5c52b4,2024-05-16T09:15:09.313000
CVE-2024-20793,1,1,c6e04f85678f218a2953c51b0c33b925324cdec398e48bdc733638cbd18428f4,2024-05-16T09:15:09.560000
CVE-2024-20794,0,0,4fe1712e563ebe7ce315d7e522a29bf13a19a3e9ef230be176694920d61afc35,2024-04-11T12:47:44.137000
CVE-2024-20795,0,0,cd7ff50f8ca961947e205c660b3364abe9f8ebb2130c9ff9ad7235f8951a7a63,2024-04-11T12:47:44.137000
CVE-2024-20796,0,0,9f91cdf60843a0b7b0c45e20f9d786e0895d9dcbe5e5ddd6c81933919004da26,2024-04-11T12:47:44.137000
@ -242993,6 +242996,7 @@ CVE-2024-23560,0,0,39262a3d1a015486541c11a9acaae3509226c69e322cbf4650c4cfad43009
CVE-2024-23561,0,0,a22fcf5dfd91b5d6ac506750080d833a3983c3c231b1230f7c5930b307faa639,2024-04-16T13:24:07.103000
CVE-2024-2357,0,0,2af3f167a5f07c033333870e1f5044e9ac66d1548287fd20eff05541e2132cfb,2024-03-23T03:15:12.690000
CVE-2024-23576,0,0,fa772848f65b9fbe0b2af01b9b9bd28d30a4b44840aadc43b28ff198f7906160,2024-05-14T16:13:02.773000
CVE-2024-2358,1,1,3be16f8ef71cfe052eae2ae6426efb1299f3092c560fd6816cd53dcb3dd7e074,2024-05-16T09:15:09.800000
CVE-2024-23584,0,0,0a74df816091d3b0eb89fda75cd2dbdfa4a27fc3d1fc7171d6cfed2608adfd53,2024-04-11T01:24:48.327000
CVE-2024-23591,0,0,f4c08614f6a162f49ecc99f020c088036b0b565e06b57796e1304b45ae78e59d,2024-02-20T22:15:08.353000
CVE-2024-23592,0,0,8410729adf8ea2140a95009744b2dfc023c8f0c5b5843d18404a4118ed1b693b,2024-04-08T18:49:25.863000
@ -243006,6 +243010,7 @@ CVE-2024-23606,0,0,d18ee66738a0da29eed7ca7740f6d3a4a5bb4a5d8a6f1fc93eccc3dec2fe5
CVE-2024-23607,0,0,9d7c732921220f83b5eff07690b54ea6a115e7a3e6165a5081dc42626650ab39,2024-02-14T18:04:45.380000
CVE-2024-23608,0,0,3de025d97d44c421580b59364372ba43cab7d3ef0ff9a5a0120be3556bbac80a,2024-03-12T12:40:13.500000
CVE-2024-23609,0,0,b3be023bb78290eb112f306f7c609bf3dbdddb2899da6c9044083739ccf10869,2024-03-12T12:40:13.500000
CVE-2024-2361,1,1,bcde77055f2de3e9d14ac8291d73be388724508ea1dc9144724d47e3cdaeebe4,2024-05-16T09:15:10.060000
CVE-2024-23610,0,0,ed01f5879c3263ca1842cb29bf18f310cc2dd5aaf50dffe03c49f8b4e513a3ea,2024-03-12T12:40:13.500000
CVE-2024-23611,0,0,efc77da11ed29bd672c8a01121d66b481444a3909d7d6d570c57883210aa579f,2024-03-12T12:40:13.500000
CVE-2024-23612,0,0,905fa11223afb6b2fa02b73efda7bdd729dee0c227ce723282717a065d8df6b3,2024-03-12T12:40:13.500000
@ -243055,6 +243060,7 @@ CVE-2024-23655,0,0,b4fe4299d47f9606e4fc07c80e04bb15761ba2650f126678feb918b4172cc
CVE-2024-23656,0,0,695cb145f7353545c42b021c49ddb6b311a4d25b9fa1e7632b8b33e1235c65fb,2024-01-31T23:26:14.650000
CVE-2024-23658,0,0,4fd332de96fe33333de93e4a2a6d5b75daef55cd44cb46bff5d3000338fc5623,2024-04-08T18:48:40.217000
CVE-2024-23659,0,0,236290b059375e8b7040b3505591889202adcca1fe58c9cff8e0844cbcf32583,2024-01-25T14:58:22.470000
CVE-2024-2366,1,1,964193c234b21012eaa98c62f515d3878c1342fd340b15cc7b2c5082dd1a0314,2024-05-16T09:15:10.287000
CVE-2024-23660,0,0,1b2c29c1f9877409e81cc31263cb621728177876460bb697b8348507998614a6,2024-02-15T16:01:29.370000
CVE-2024-23662,0,0,878b23e10c46382d5166f21a5ce8b15ca491a34151aa70377e6758a415cbb56d,2024-04-10T13:24:22.187000
CVE-2024-23671,0,0,108c61a6aa74a9b71687a2e3aa153a422c4a0c3adcd258415c5b065e1ef21ae7,2024-04-10T13:24:22.187000
@ -246983,9 +246989,19 @@ CVE-2024-30270,0,0,1d63c3afc5f402042a52c95204320e8698a660fcf024b4b1cd2dbe8241952
CVE-2024-30271,0,0,7934d49c76a773104fea3a055c8dca49939c18c3dc4eab227ecf5b491d16669d,2024-04-12T12:44:04.930000
CVE-2024-30272,0,0,fe18d25a398b5738660bb343d4a7fb499e0a8c129d952f35b1144eb8f7e44fa0,2024-04-12T12:44:04.930000
CVE-2024-30273,0,0,430d9deac2ea84fb25615ee056f7341da6ab62ae3551a67df5079d8156e28185,2024-04-12T12:44:04.930000
CVE-2024-30274,1,1,98319c1f12962c392bc43707c5379cf05d11a9b0d1cccaf9176e497769d6d04d,2024-05-16T09:15:10.527000
CVE-2024-30275,1,1,4dc5196e1adceb46a2cd58d6de25d9d0263dafeeeea9ce442be18438e4c3bd28,2024-05-16T09:15:10.750000
CVE-2024-3028,0,0,080bb069f1a2cade59952c14793e39c6c54825fa436573f5b60987254afab568,2024-04-16T13:24:07.103000
CVE-2024-30281,1,1,ceb11143d1c3b200aeec3632b6967e0f862464b26fbed385406ffe2e513cac36,2024-05-16T09:15:11.007000
CVE-2024-30282,1,1,6a26e26231e329b0120e71ef045faafa06a35c403d616cb625145ff9615424fc,2024-05-16T09:15:11.253000
CVE-2024-30284,0,0,de189b1e4b9646a0079d952b8a9620298ad4d9a49b7d510b99107352710be095,2024-05-15T16:40:19.330000
CVE-2024-3029,0,0,54e489ae31021cd62a123b17a985eef09bd69f22c945608ba51d64fcde83450f,2024-04-16T13:24:07.103000
CVE-2024-30293,1,1,5229f6413859d63f684be1f139a602b63976381916c02fe9ab7b527e7952eb01,2024-05-16T09:15:11.497000
CVE-2024-30294,1,1,68f09da97f8e68bcf60217ae404b845d55d0cf8c176be99cae376d98cb187f9b,2024-05-16T09:15:11.763000
CVE-2024-30295,1,1,eb97f8e6c1f98c31e8aa0dcbf9176eaa02e05985db79db30801caa905b3fc6ca,2024-05-16T09:15:11.990000
CVE-2024-30296,1,1,5468a5ceec33e007623544be201af8985e419821d51d5fc813d08cff897920bf,2024-05-16T09:15:12.213000
CVE-2024-30297,1,1,3b3016292d18933cc04b0d37897381e1c2847cab088e155388d705c73ec537f3,2024-05-16T09:15:12.447000
CVE-2024-30298,1,1,89d1d221addd6e5d77df812fffb315d1a425182ad17dfad15eea78d738113dae,2024-05-16T09:15:12.680000
CVE-2024-3030,0,0,88c29228ef56d61e184f00d5d8d99ea5dd9800435eeb42a07f389309c9f00688,2024-04-04T12:48:41.700000
CVE-2024-30301,0,0,34b23729cd9edf28be4c2d988192584b2980a0ec70b16064c51311fdd3e3b57c,2024-05-03T12:50:34.250000
CVE-2024-30302,0,0,6456cd77762c99d131718f53b35582a1960091e5036976e625fc5fc658a078e0,2024-05-03T12:50:34.250000
@ -246993,6 +247009,9 @@ CVE-2024-30303,0,0,6f33b81c4af944bbf96dcd2699ecddcaedfa18b6645e1843afc4e3d8d61b0
CVE-2024-30304,0,0,c008b216bc83741e9c3f86a48d2f036636f57f601f0be3b09d08b9238e3b8d69,2024-05-03T12:50:34.250000
CVE-2024-30305,0,0,f9170aedfcb56d495924dc338c4bff877992c1a111fc2374df14a2f13d9685ae,2024-05-03T12:50:34.250000
CVE-2024-30306,0,0,3d0be5fa22f6a17837661930cea95c4e979049e02e29ef28995e28fef468bf8e,2024-05-03T12:50:34.250000
CVE-2024-30307,1,1,379cf774e0980b572fa36f9cbbf65e122356d9ab84ede91da916c6da6f49f17b,2024-05-16T09:15:12.910000
CVE-2024-30308,1,1,56086f6c7fe17dca2188049767c6d6ef045efc78e3f0061ef066827cbf28e1a0,2024-05-16T09:15:13.137000
CVE-2024-30309,1,1,92125248f7e2f2a958a2999230312e44cf8675da6cc8130d1c989e150704a7f0,2024-05-16T09:15:13.377000
CVE-2024-30310,0,0,292e05954c7c556b9dd93d8fb2d73a6e02f4c15df54e0c88a8121bc251029ac7,2024-05-15T16:40:19.330000
CVE-2024-30311,0,0,4637fc86d9203a92d21203b252ac4cacdd358c424403e73dfa12bc430db08077,2024-05-15T16:40:19.330000
CVE-2024-30312,0,0,ca26a8ea8bea0527c18456ddc207847852cd3131056e5651de97b059feef616c,2024-05-15T16:40:19.330000
@ -247538,6 +247557,7 @@ CVE-2024-31256,0,0,e48b38259a099cbb76cf911e6af5cabc5863a73c22401e27fabcfed8f4418
CVE-2024-31257,0,0,fa456292adcc4270e79a5301f489c6e165d5b1b11341822d1fab40735b36b372,2024-04-08T18:48:40.217000
CVE-2024-31258,0,0,70ba64c3e0672c516aea184bf9b51e94fe678827f2f5693d4b3dbfedfe55d45c,2024-04-08T18:48:40.217000
CVE-2024-31259,0,0,efdb49628f40b67578a55906f9ed71383df344a163aa9aaab9057d7f21783b9d,2024-04-10T19:49:51.183000
CVE-2024-3126,1,1,88c67ea82f93932465920adbd4aaaca3e57e069581ed190eaea3190f57162831,2024-05-16T09:15:13.840000
CVE-2024-31260,0,0,7e6454e18ac0aac4dfbd56f1964329148e3fb0d2e57f0c69ea3f924848606c06,2024-04-08T18:48:40.217000
CVE-2024-31262,0,0,2a9bcea0985fcaddd83893245a1b9fdc06643313b9df1f9c0a4fa4b5530f3f61,2024-04-15T13:15:51.577000
CVE-2024-31263,0,0,8f2890afedcc5d88494c2f6c1c034154cfb17cbd4a58e7b9478e628be5899862,2024-04-15T13:15:51.577000
@ -248589,7 +248609,7 @@ CVE-2024-33371,0,0,ec7a79f056a06763ccfa7dcfdf94bdae70f29613e0b1d07abafaf338bff1e
CVE-2024-3338,0,0,9454a656764280ba43f4b4a832049a80a0f45e8c0d37939e326776fd301ff609,2024-05-02T18:00:37.360000
CVE-2024-33382,0,0,fdefbc91dd758eee79622e13a87ace7fd97404c7ba92ae8195304a5c3b9d8c61,2024-05-09T13:05:45.620000
CVE-2024-33383,0,0,70f21187cd92beebcc08c0b97ec4ff0e6f501ff7515be84dc12b959842f9d519,2024-05-01T13:02:20.750000
CVE-2024-33386,0,0,640251dc2097cef37d0d1e3389b613867c06cc54cda3fda8c499fa05988a2bb7,2024-05-14T16:12:23.490000
CVE-2024-33386,0,1,436f4c1344591e4001ca08c7b23cbfcba1b8812956aad72563da143c23f90755,2024-05-16T09:15:13.600000
CVE-2024-33393,0,0,018d61de30ae0147a0b58f5237f7fa8307e49a810da2f771e0e19fa79d7ec287,2024-05-01T19:50:25.633000
CVE-2024-33394,0,0,ed10577b50a727b8e61753bfc089dbe484bddaeb7fa4df113e2419da22f628ba,2024-05-03T12:50:34.250000
CVE-2024-33396,0,0,68a3840ed26978a94680f7555ff56bbd8b6ebcb38af1a3286b70476efdfc8f61,2024-05-03T12:50:34.250000
@ -248899,6 +248919,7 @@ CVE-2024-34010,0,0,c31f2f180475c1f3f2204c1feb2010c5ada948eb1b4d37517c54f97316341
CVE-2024-34011,0,0,4e2e0fb5d64e6e75da5ff3561c6f86ff1f891a3646e890e015512c561d328a58,2024-04-30T13:11:16.690000
CVE-2024-34020,0,0,9d9b11f4db84c3770acd92b1150bad9b802c58de4fce781bba37a89c232e029f,2024-04-30T13:11:16.690000
CVE-2024-34025,0,0,efef57ec9aa0e082e9a5c83219cb61ece32e743eacd52a5ecd541daf92a87dd0,2024-05-15T20:15:13.190000
CVE-2024-3403,1,1,0ff37daf2372805ac30027e840237445aa10d3423a566d4adcb8f9fc6e5c7e3d,2024-05-16T09:15:14.053000
CVE-2024-34031,0,0,32832cbb1e8c12d82b1b4f0b17dd8da5298483e844da3b9dfde76f943f816f64,2024-05-03T12:50:34.250000
CVE-2024-34032,0,0,5a4c84545c086e02a753cbdc2a69955417aff416961e34fcc07fc6e9fddc4770,2024-05-03T12:50:34.250000
CVE-2024-34033,0,0,719a8ff9b4eb14602d2888920177741310f8b0330069ca799cf076b91625a4df,2024-05-03T12:50:34.250000
@ -249029,6 +249050,7 @@ CVE-2024-34345,0,0,d2c3cc183c82ea7b4f617c9ff27811917d958958dad5b1a41c76d87c4d115
CVE-2024-34346,0,0,f52097ade7b5e4599f6ef6850f0ed1a9b313d490e9105e7facad506e728d0b5f,2024-05-08T13:15:00.690000
CVE-2024-34347,0,0,b22bdf1911ccdb7a910b449ec61ee1d039df1c1ee42b8aae7edaca22aca3f542,2024-05-08T17:05:24.083000
CVE-2024-34349,0,0,42841c63beb4ad614ee7eec172d9057889e0fa8346de0be819d108ce11a51d43,2024-05-14T16:12:23.490000
CVE-2024-3435,1,1,75f1a3563b0b2c8ef4dec74095f16f3069bd1d11b570e59916f874dc58791c4f,2024-05-16T09:15:14.290000
CVE-2024-34350,0,0,b35bff4939683632a07d29af9806f27846effefb8db7cd604be55f1e2a72ece3,2024-05-14T16:12:23.490000
CVE-2024-34351,0,0,05a31c0cff96a1a03f38991b29fb847fa63542071a7ab11bf21ea9c29c09e87f,2024-05-14T16:12:23.490000
CVE-2024-34352,0,0,7bf0c84df9b40c2d6624f82804a4c68550f215fecd750b8a8f6fc3d0822c5ecc,2024-05-14T16:12:23.490000
@ -249380,10 +249402,10 @@ CVE-2024-3630,0,0,926139967a60c2fbb973591bfaf02247176107857bd2016db228b1bad05093
CVE-2024-3631,0,0,23ed89adaefd79fb5d4ee26d730630bda7cfdcd82c863393b1235437ef1ba153,2024-05-15T16:40:19.330000
CVE-2024-3634,0,0,c3f42805e4dda629640e8954ef2ceb56e7ae10c94dfd6ea4087a1beeea605aaf,2024-05-15T16:40:19.330000
CVE-2024-3637,0,0,e0d8ef5f7498633f88592f7b832da01e95be5d925cdaa67450761833b0152a3c,2024-05-03T12:48:41.067000
CVE-2024-3641,1,1,c2c736069181bb65e29c0da7bca489a775aa681088f4ee928d86de4924e35b70,2024-05-16T06:15:08.703000
CVE-2024-3642,1,1,dfcb658191217b0847b0136fb1181db07bc4bc30be62a8d122326f31cb93ccc8,2024-05-16T06:15:09.770000
CVE-2024-3643,1,1,9c63838f3108e1184b5f6296a67d9a667ca829e16dd541cd6e0af5d2ae7c4c4f,2024-05-16T06:15:10.053000
CVE-2024-3644,1,1,60ce9d7c14633a7757759403191393c379c01f763c9f518cf2d6452724743e9d,2024-05-16T06:15:10.370000
CVE-2024-3641,0,0,c2c736069181bb65e29c0da7bca489a775aa681088f4ee928d86de4924e35b70,2024-05-16T06:15:08.703000
CVE-2024-3642,0,0,dfcb658191217b0847b0136fb1181db07bc4bc30be62a8d122326f31cb93ccc8,2024-05-16T06:15:09.770000
CVE-2024-3643,0,0,9c63838f3108e1184b5f6296a67d9a667ca829e16dd541cd6e0af5d2ae7c4c4f,2024-05-16T06:15:10.053000
CVE-2024-3644,0,0,60ce9d7c14633a7757759403191393c379c01f763c9f518cf2d6452724743e9d,2024-05-16T06:15:10.370000
CVE-2024-3645,0,0,9bfaa42192c6fa49951fba1d7645fb7975d3a2b4cd9bcc55a7dd9ceef33e077c,2024-04-22T19:24:12.920000
CVE-2024-3646,0,0,f1ba7615d07aeacaca9371aa5a68bf3033db9a231eaf2716a6cbfd3f340bcd58,2024-04-19T16:19:49.043000
CVE-2024-3647,0,0,ca25e9298939397c868176f0412c03a959d2ccf69e0a681bb97da636a0c7782e,2024-05-02T18:00:37.360000
@ -249525,7 +249547,9 @@ CVE-2024-3844,0,0,557b2843dd1fca85a530c46acabf2e2b3fe4cb4e29b4ec8be3ca0b11ef9703
CVE-2024-3845,0,0,0eb4004f99da1c2122444a8d1de5d3db39129e713bf386d7b60bb455af744c00,2024-05-03T03:16:29.210000
CVE-2024-3846,0,0,c48e0a8a684c17ee6ebfa3dd6ef492735a7e1f61d2741ebafccef32d97787cb1,2024-05-03T03:16:29.250000
CVE-2024-3847,0,0,a2146e655749d60cf9631f855db42a3d44cf07cd9a542fd1035e46bb9a6304c5,2024-05-03T03:16:29.293000
CVE-2024-3848,1,1,22d27e3583c56a7627f0f1ae3b75b229e0ccefd6c73209929a0e4e492c324ef9,2024-05-16T09:15:14.543000
CVE-2024-3849,0,0,d4181d6192aab2f4a2b324451fbda7660fbd9621eb95f5f54a642a6a3d1e7d46,2024-05-02T18:00:37.360000
CVE-2024-3851,1,1,eb8ca0ceab3fa7108454f861bcc754e7813bd67207c8a1611774bf62e824605c,2024-05-16T09:15:14.823000
CVE-2024-3852,0,0,3038e46972183e994310b2b410f139aaace8bd74e7e7e979d336a57b5feba459,2024-04-22T10:15:07.430000
CVE-2024-3853,0,0,da9bcb4a065926b49732a0dd79b2f07a12fd9777c9341906bc363e07df8725cf,2024-04-17T12:48:31.863000
CVE-2024-3854,0,0,1fc25728bc86cd277ba270d144040c69a89e438f315d3ebf85291cac5fb28ebb,2024-04-22T10:15:07.470000
@ -249558,6 +249582,7 @@ CVE-2024-3881,0,0,74a4058853729df1fb1315606b5cebfa0071662bdd4c60c29b9ba4bc731d1c
CVE-2024-3882,0,0,77fc3072d2ae06401cbd6f6cc4aa444206292cc3aceefec11f7aeda9349d0617,2024-05-14T15:42:31.770000
CVE-2024-3883,0,0,c0ee3c129d03d9b7803729c6b8ba3c3dbf4ee4f2b39f81dd559f9f8568fb1be9,2024-05-02T13:27:25.103000
CVE-2024-3885,0,0,18d5fcf15976a3d948a4584d141049e724e0352960b62e33e0645d8a5c391224,2024-05-02T18:00:37.360000
CVE-2024-3887,1,1,468c7db526d6e01bfe525db6b50e40191f5e907039f5fd4142c6473421eedc62,2024-05-16T09:15:15.070000
CVE-2024-3889,0,0,c4039354ee4d81ce5faec2ce618c8f0af30c97c1ad1feeb689836cb585b438a6,2024-04-23T12:52:09.397000
CVE-2024-3890,0,0,167befe3a418fe829a07bf47548aa5d5c5fe13f91b75a3184f188bef038919b6,2024-04-26T12:58:17.720000
CVE-2024-3891,0,0,8daff08d10085680eb7790a9a2c0ef842bf636f7de8dcdfbf7cd60ad81535ead,2024-05-02T18:00:37.360000
@ -249650,6 +249675,7 @@ CVE-2024-4073,0,0,979f929e9236abc637be3ba3fab56222fdbb52c10c37a595f7976ff0071f8d
CVE-2024-4074,0,0,23e3928f2d175cd1573ccf8d82982542aa52a9779eb1786c1604cafc880eb67b,2024-05-14T15:42:50.427000
CVE-2024-4075,0,0,1a331c5266fda5965e4b46414d3c3187800e75b373d3dbdb555fcd76397522d0,2024-05-14T15:42:50.910000
CVE-2024-4077,0,0,88c9fb35aec8dbee15c3169eb34c083d7cc8d7a290cdea9208a3041187ada836,2024-04-25T13:18:02.660000
CVE-2024-4078,1,1,e37785070466f909ef665985bf1c6e2b98b495fa707be01bc1cfee6bb3fed691,2024-05-16T09:15:15.313000
CVE-2024-4082,0,0,822cb60507068dc3bdea8ede7c156d1acb09f7f663880578b2edf582bf4058a8,2024-05-14T16:11:39.510000
CVE-2024-4083,0,0,90b3f0c23e53e5107774f39811ea28166caf07e02a51ec5c595625bec75a4f5e,2024-05-02T18:00:37.360000
CVE-2024-4085,0,0,18b49aedef154a5f78284d7ff3699691fe3b4904260085a931cc6d08f4fb7ca8,2024-05-02T18:00:37.360000
@ -249706,6 +249732,7 @@ CVE-2024-4172,0,0,9433dc17402f860ca979750f4355fa76a4430fa9c85c0faf807710819409ba
CVE-2024-4173,0,0,806a08191dc2b624e0ee02a7be11ce6c5ceee33617f7b3eb9464afb5420bb62b,2024-04-25T23:15:47.240000
CVE-2024-4174,0,0,c142274bead27dee8f65c018633c5143a8f9b64dc6c6d83b389a2c439d2fca3c,2024-04-25T13:18:02.660000
CVE-2024-4175,0,0,60706a95032c3b7b71280c12c10b7cdce6a73ddf5468ef6a0d21aafa3328ee4a,2024-04-25T13:18:02.660000
CVE-2024-4181,1,1,5b533ed9ea6918ccca6cd30920f865ebd33d7dce37f6e48c0e7bc300becfa3a7,2024-05-16T09:15:15.553000
CVE-2024-4182,0,0,e7bfd5d03ac4e50248987fdc4c50fca364e9bca2384ff17427febaa9cba5bb33,2024-04-26T12:58:17.720000
CVE-2024-4183,0,0,ccc399a2445bf78d9e7d0cacf88ee6d06233217c2d933caf866c50fd88c63c71,2024-04-26T12:58:17.720000
CVE-2024-4185,0,0,4997c26f83a14bd54a98f3da542941a3f7d6c6c6777c0f0d023281d709e1d844,2024-04-30T13:11:16.690000
@ -249723,6 +249750,7 @@ CVE-2024-4209,0,0,d8400e0dd8f4909c53290c35079fb7499a08d2e56ed4f79281678d45054145
CVE-2024-4213,0,0,33db088b2047cab4402e24074b0626ffc423161f2f205cab9408ae51552f548f,2024-05-14T16:11:39.510000
CVE-2024-4215,0,0,0d7dbfaf8275e9ff6c32259712a00cedd32b92104e92991d7893f67c59faf7d0,2024-05-03T12:50:34.250000
CVE-2024-4216,0,0,80b76898bbc4459141293c47297450a985b668060a3a6e72db0d9ef898a4d417,2024-05-03T12:50:34.250000
CVE-2024-4223,1,1,73b2af3470645781ab6d7b830ecc1ee4ba99e1befd345fc536b1f799c47de840,2024-05-16T09:15:15.810000
CVE-2024-4225,0,0,ac71ef092dab43c080586d967efe31f36fc3673c6a3103eaf0a29ff9fdbbfa8b,2024-04-30T13:11:16.690000
CVE-2024-4226,0,0,71c8bf7eb5a4d3d3ec7c43ac428cd4d409488f8f04217410fc871554bd101d4e,2024-04-30T13:11:16.690000
CVE-2024-4231,0,0,5f6eefd3118de859e766ff7371d861540e851b237d24ae37e54276d33b65dc83,2024-05-14T16:11:39.510000
@ -249750,10 +249778,11 @@ CVE-2024-4252,0,0,45106f386c6c3e24e46826c9df7e9bed2cb35ee41d1ec9edcc6c0271a5dc78
CVE-2024-4255,0,0,5f92555334907f19d336f1106a438e0a7a71240d1d7940ebeb6ff93247aa5f87,2024-05-14T15:43:11.787000
CVE-2024-4256,0,0,bd1d037d6cd9f2246956dcc85f608c167ddb1fb6371e03152412427f6950122c,2024-05-14T15:43:11.890000
CVE-2024-4257,0,0,686afb2bdc1867e065959576dafa6e091563f36d275fffebd240115b17e62655,2024-05-14T15:43:12
CVE-2024-4263,1,1,eceb4ef92ea40b22be30d2fdc106c3692234e676992fb77f73599351925f17c5,2024-05-16T09:15:16.037000
CVE-2024-4265,0,0,91d38fbd7b9c4ea0cd26c0f2028b5e1f8ee8c7d7e1c2c632d6b17cd2b7b69603,2024-05-02T18:00:37.360000
CVE-2024-4275,0,0,78dbf52771ddf59505b9222514d00cf39d2cb883e25965ab29139ce3d748873c,2024-05-14T16:11:39.510000
CVE-2024-4277,0,0,28c68fbd8fbf742ea35db69404ff5cf06f67a7656a1fd7514e44e23e67f2b3ef,2024-05-14T16:11:39.510000
CVE-2024-4279,1,1,2ac6bd0b10e6e7f652d9e3858e14943b37c33b2f252a487abb99bbfbc2deb934,2024-05-16T06:15:10.667000
CVE-2024-4279,0,0,2ac6bd0b10e6e7f652d9e3858e14943b37c33b2f252a487abb99bbfbc2deb934,2024-05-16T06:15:10.667000
CVE-2024-4280,0,0,7aeafddb0fd83afa23fda482b3f98dd67daeefdc6486dcc1d229d77652fac665,2024-05-14T16:11:39.510000
CVE-2024-4281,0,0,f2f6c94941e4ed7f1c98ab6351686f1d868a8657bf9b3ff2bb73d7d016e69d14,2024-05-08T13:15:00.690000
CVE-2024-4291,0,0,99733dd1187908a84b94fea97d567381592a65c8716487f97acf2ee13215c059,2024-05-14T15:43:13.120000
@ -249778,8 +249807,11 @@ CVE-2024-4312,0,0,59fbf303153e0d85b8066207fb91c9445249544d5462e1272c1306971dcf6c
CVE-2024-4314,0,0,1abe213d6359155fbc7a923a6e4d64b59f3117ef3b0bed7e9addf21bcf8fc7a2,2024-05-14T16:11:39.510000
CVE-2024-4316,0,0,4eb558b43c841d372c5646b0ff6f31e7b1e5f7c5b425e59da2142a83b01fc710,2024-05-14T16:11:39.510000
CVE-2024-4317,0,0,2c3dc7f9b6a3b150a489d24a5609d4e1b33dc890cef48ba2f73e55381d4c5f9c,2024-05-14T16:11:39.510000
CVE-2024-4318,1,1,d24f2ab57d12f01d40cb03b1f03d2be7573aa3e153bbb498909fbc1fd235f4b9,2024-05-16T06:15:11.480000
CVE-2024-4318,0,0,d24f2ab57d12f01d40cb03b1f03d2be7573aa3e153bbb498909fbc1fd235f4b9,2024-05-16T06:15:11.480000
CVE-2024-4321,1,1,907e50f00958a46dcff50083dda9221d639bf7fc4d37ada6a89b2540f6ebb825,2024-05-16T09:15:16.327000
CVE-2024-4322,1,1,647dea61af651a73ed1bc87b6c1fb14b5488806a433031dca1232b872308bd4e,2024-05-16T09:15:16.613000
CVE-2024-4324,0,0,7ffaeab065d0c9a1857569b7bf1dcf908cb9c5c673c6c887858b7e3bb59f5daf,2024-05-02T18:00:37.360000
CVE-2024-4326,1,1,6b17ab8a33579465c3ad48c7f6b9b08d9f4839d29978bb64177cee451d3569ce,2024-05-16T09:15:16.887000
CVE-2024-4327,0,0,20184bec92cc4082f2f126e139d861bc6fcef5b3844d9de9bb39897b0f981d4a,2024-05-14T15:43:17.490000
CVE-2024-4329,0,0,06b73c5bc760ef811acf316cbe7dd6deaf968eed416c3cec66b38549d21201e2,2024-05-14T16:11:39.510000
CVE-2024-4331,0,0,bfd934b1b2f76cc8bd478cc4e561b67ba50f4f419d76b2999ea5119ff2a84bcd,2024-05-04T02:15:06.800000
@ -249803,6 +249835,7 @@ CVE-2024-4370,0,0,9cb4b287947cccbb5312f0b956bd28c5e0677f742a744bda42968ce33f6a04
CVE-2024-4373,0,0,1ffc43bce359a7dc4906a84b6fc8a1ff35c385d778f8a99a36e9677433d92d07,2024-05-15T16:40:19.330000
CVE-2024-4383,0,0,5a1fe08151a13ea21e71cf2d0c78ad0aa3b9532b0b753d777378763b8935a44b,2024-05-14T16:11:39.510000
CVE-2024-4386,0,0,e3470cc6a1cc1ee4032b4297ad39fc1eda67f128aadce11b5ef951d1e0deaf83,2024-05-14T16:11:39.510000
CVE-2024-4391,1,1,2dd0f00951be0cb0d40e88fa9eac9621c3b5d50fb9f35286f15e10d56c3b553a,2024-05-16T09:15:17.143000
CVE-2024-4392,0,0,295add67f1c1835ca48b184321ee2a614cdfb2bd5847957c4de906f109f41ee2,2024-05-14T19:17:55.627000
CVE-2024-4393,0,0,104b496ba9688611beda7ef57b83424396e65d62ee7d7a6e8c7b696d3fc66e71,2024-05-08T13:15:00.690000
CVE-2024-4397,0,0,1ff0cac198df7cdb84e188713151ab4768a8ae04de0af598021ab791140ea920,2024-05-14T16:11:39.510000
@ -249835,6 +249868,7 @@ CVE-2024-4461,0,0,ad05f4e37257e33f27f784f842f8dfa34f685ff06dd273bc6842a04c51c93b
CVE-2024-4463,0,0,975e23bc9e7f0154e2009775a50a2df78ff69b5c2a62059914a1d542e202b13d,2024-05-14T16:11:39.510000
CVE-2024-4466,0,0,d6c981370b54d7938faad670495d8ca5b736025a1a2ded921b62354a18385ccc,2024-05-03T12:48:41.067000
CVE-2024-4473,0,0,81fb6dbfe6aaee127784dc2cfed1f04fdcd41dea2aad9b26fe171f473a639d18,2024-05-14T19:17:55.627000
CVE-2024-4478,1,1,9ee3a9ca49e503fb6dd123f904a35118cb9c7e0845d39decb45a57e5cebe7068,2024-05-16T08:15:38.200000
CVE-2024-4481,0,0,f4e88735e685a956ddff0451c5ba00613ef12685069f33ac86d9c0c9e1325cfe,2024-05-14T16:11:39.510000
CVE-2024-4487,0,0,fe915244444c7ae676a3d6f03ff06d22db2b051f791884b5d79919009e1c2774,2024-05-14T16:11:39.510000
CVE-2024-4490,0,0,db931a57623721d9d456777f6c98711532655ce3f4d4b4a093bb6c6e9a0d0631,2024-05-14T16:11:39.510000
@ -249879,6 +249913,7 @@ CVE-2024-4538,0,0,dbb952ff57fc82a37e26bc4eac10a9f198285e190e0ce1d17eb40564657c4b
CVE-2024-4539,0,0,63732024d49bbbf95790ba66c38f1657d2ab759ea30361f0750a4e1742125c7a,2024-05-14T16:11:39.510000
CVE-2024-4542,0,0,b982be3556520cf91cc9a2972ab154a1fd89e45937d49d0eaf1d2077dc0ceefb,2024-05-14T16:11:39.510000
CVE-2024-4545,0,0,5fcd5daa61f9786b1338451b9ddcf8c8b2d6711d43a7127d1e6d820486e2ecc9,2024-05-14T16:11:39.510000
CVE-2024-4546,1,1,ce545448a30bf131007c673f595d9a98f0bdc1563318d69aa176665903d01ccf,2024-05-16T08:15:38.487000
CVE-2024-4547,0,0,6b600f363e41b63ee43a4b2365298fb38de96fd61b910d0724ca38ee29a8a8df,2024-05-06T16:00:59.253000
CVE-2024-4548,0,0,255fb62729cbf70b5d240d036752cc7d31677deac2357745733c1172bc76cfe7,2024-05-06T16:00:59.253000
CVE-2024-4549,0,0,6f08cdb7bdf1bc14a6d26c3a39b799558e43e67fec9cb01e1f3b74f80a87ace3,2024-05-06T21:15:48.783000
@ -249920,8 +249955,9 @@ CVE-2024-4622,0,0,db6b68bd807a8a0ddb358e449d01643070e9098450ab994d9259859922691c
CVE-2024-4624,0,0,2f2dfaacad2af40d5d5be1945c7dfb7bd2ed3b09b9d237413e46013b6e4c845a,2024-05-14T19:17:55.627000
CVE-2024-4630,0,0,9ee39c9e70c3fde26d4ddaa20f9f4583498b5ac1a624dc38857653acd661b1f9,2024-05-14T16:11:39.510000
CVE-2024-4631,0,0,e8ed3d07eca49fd9ce5a62406bcf23da9793cbcc792a956665a267b4f25fd693,2024-05-14T15:44:13.487000
CVE-2024-4635,1,1,50fd8f7f5db531f8bedaa09f8b425a92825a91facd7129de67b4f16b3c31db60,2024-05-16T06:15:12.090000
CVE-2024-4635,0,0,50fd8f7f5db531f8bedaa09f8b425a92825a91facd7129de67b4f16b3c31db60,2024-05-16T06:15:12.090000
CVE-2024-4636,0,0,7626c868e066027a522192c74e27577bfe95437bdd86013fd6693eefb1ef5c81,2024-05-15T16:40:19.330000
CVE-2024-4642,1,1,e9f40fa00442edfd0d7d226835bb93bc2e8b19f819574759bb1087a5ae35c8e4,2024-05-16T09:15:17.360000
CVE-2024-4644,0,0,0fbd9df577d4302041330f9a7bc7fdd69e588e0f0c78920c1382b2bed37c1f1c,2024-05-14T15:44:13.613000
CVE-2024-4645,0,0,2b9f7a703a2aa52d907a1c026b10663f1b251b0b170d9ffa49ce909ae1af0e08,2024-05-08T13:15:17.563000
CVE-2024-4646,0,0,a5d56cb26b4826698ebd4e143c40a283ceb7be944ba2ce47aa30b27aa4103ced,2024-05-14T15:44:13.827000
@ -250035,8 +250071,8 @@ CVE-2024-4824,0,0,12997f7cb79ce3030574eecdb24c333619e16861704962f1656fbd26f7680d
CVE-2024-4825,0,0,1e0f749d21405e7cf2edd3aac0c05b5f99c8de86001892a511648a80a7280ab0,2024-05-14T16:11:39.510000
CVE-2024-4837,0,0,98aa18fa41c916e1bd621beebea0d7870bfc50e824dc02b9686403b5c337ef1b,2024-05-15T18:35:11.453000
CVE-2024-4840,0,0,c9ca0895b4a51cab0e2c0d59965d65e29a18e7a3fb86aea7f8e73c28a9d25dc4,2024-05-14T16:11:39.510000
CVE-2024-4843,1,1,3818dc820acf6e4fe82f48c8f8f73db1472d9b9cc2125ea1604de8ad3989a7cd,2024-05-16T06:15:12.690000
CVE-2024-4844,1,1,847ae9c7847e01c3e32c5a3c03c48c67b55d2183294ad6cb4301d83ba2064b5d,2024-05-16T07:15:50.743000
CVE-2024-4843,0,0,3818dc820acf6e4fe82f48c8f8f73db1472d9b9cc2125ea1604de8ad3989a7cd,2024-05-16T06:15:12.690000
CVE-2024-4844,0,0,847ae9c7847e01c3e32c5a3c03c48c67b55d2183294ad6cb4301d83ba2064b5d,2024-05-16T07:15:50.743000
CVE-2024-4847,0,0,bba6603a81b56f6d60e806e2e7574571e772d40efe56d1512e7524611ff51b1c,2024-05-15T16:40:19.330000
CVE-2024-4853,0,0,08d9956cd1fc82aacd4cc52b553fb1ad7c9d41ecc90cc195f4a6a68d3e7942e4,2024-05-14T16:11:39.510000
CVE-2024-4854,0,0,3d480ab215b58518bc8b4d2ff21b01ce90d2ee2286e511ec2300ae6a56284679,2024-05-14T16:11:39.510000
@ -250077,14 +250113,20 @@ CVE-2024-4931,0,0,e8aef8669aecd123bcf043fff54871e4465e2968f0b1250d2d302a5f8fecab
CVE-2024-4932,0,0,058543e447fe0a6c6e3ca8a3b483a4b014e7d28d3f060e226c444a4c1c5a9a03,2024-05-16T05:15:51.653000
CVE-2024-4933,0,0,ab99dc1911a1d20350ea3b7f0ab187ed2ed291967036718a5441324a0985fe0a,2024-05-16T05:15:51.923000
CVE-2024-4945,0,0,f7ff43915bb3447a49348ea8439196c37097175d385373eb27c5110d3bca27db,2024-05-16T05:15:52.187000
CVE-2024-4946,1,1,56d2009b3ea2f42166976333c587ee672b667eb69299fd030e9cac0c5f8a0cfd,2024-05-16T06:15:13.547000
CVE-2024-4946,0,0,56d2009b3ea2f42166976333c587ee672b667eb69299fd030e9cac0c5f8a0cfd,2024-05-16T06:15:13.547000
CVE-2024-4947,0,0,f706014ab5e494173f189b6b147bc73eaca2bb6d431298f9b49d098b14ff5782,2024-05-15T21:15:09.273000
CVE-2024-4948,0,0,bdd7cd38392862513bf6cf6f69f8c528e08e359340031d01daba548f07be3f14,2024-05-15T21:15:09.347000
CVE-2024-4949,0,0,7a7f679654eca12ebf0c1d1d6ac210b4148b3d26ab259c26b5f77d48b40c4cf5,2024-05-15T21:15:09.430000
CVE-2024-4950,0,0,efed32b4f23b877a04e85fe2ab12f10b9d3c39ad2529470125a1a9db3cdcfb9e,2024-05-15T21:15:09.493000
CVE-2024-4960,1,1,c49508adf3f3a5eb1425f7e931390bfce6357a2941a524ce558affdebf7d9038,2024-05-16T06:15:14.650000
CVE-2024-4961,1,1,b5bf727b57104372660c156a79de4dd7fcbd334baec39df64f2fcd679ab82991,2024-05-16T06:15:15.653000
CVE-2024-4962,1,1,3baa8333e1c6ce33c5d2777d789b5621e22d7c0e10ef51ecf2767ae021e895b8,2024-05-16T07:15:52.070000
CVE-2024-4963,1,1,1a3c037e8b3229455ecd984a22cb3ed58fa4dd2659d4c4795a0e51d745b1c4c3,2024-05-16T07:15:53.317000
CVE-2024-4960,0,0,c49508adf3f3a5eb1425f7e931390bfce6357a2941a524ce558affdebf7d9038,2024-05-16T06:15:14.650000
CVE-2024-4961,0,0,b5bf727b57104372660c156a79de4dd7fcbd334baec39df64f2fcd679ab82991,2024-05-16T06:15:15.653000
CVE-2024-4962,0,0,3baa8333e1c6ce33c5d2777d789b5621e22d7c0e10ef51ecf2767ae021e895b8,2024-05-16T07:15:52.070000
CVE-2024-4963,0,0,1a3c037e8b3229455ecd984a22cb3ed58fa4dd2659d4c4795a0e51d745b1c4c3,2024-05-16T07:15:53.317000
CVE-2024-4964,1,1,55f90ad29b754c21ca9d1fa535e11a061c8fe0cfb67d718b34b2ccaadbfb8fc4,2024-05-16T08:15:38.693000
CVE-2024-4965,1,1,602151299830335e4f70a5de411ed18ae6705f03482fbbacb9e245dfc480860c,2024-05-16T08:15:39.030000
CVE-2024-4966,1,1,3f150234c0e98b35a6d2f4be20767869b72be1ba86a814694da423ea839cb488,2024-05-16T08:15:39.317000
CVE-2024-4967,1,1,db8d26f0eea9278bcb73faa55b13dcfb8b86b9f2db8911931d6533a8592f10ad,2024-05-16T09:15:17.617000
CVE-2024-4968,1,1,2583853c2d1d9ee7413ce00b029724878269cacaaef11ea2f503583844de8d60,2024-05-16T09:15:17.953000
CVE-2024-4972,1,1,b8bae170c0377c422553effab6338d5dde5f7c618852ec869cea22c5bed54839,2024-05-16T09:15:18.277000
CVE-2024-4976,0,0,7bb4e20b87953c4b97f492da11cca71d462ce6af7b37913524811fb56920cd3a,2024-05-15T21:15:09.560000
CVE-2024-4984,0,0,ae1bf2c0289bb389f179eb37322fc8de1d2045b7a529e537ac0945a8c2d06fe0,2024-05-16T02:15:09.003000

Can't render this file because it is too large.