admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-08T23:00:19.669041+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-08 23:03:20 +00:00
parent fe139feb88
commit 273ab3eebd
65 changed files with 3098 additions and 526 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CVE-2019/CVE-2019-162xx/CVE-2019-16278.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-16278",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-10-14T17:15:09.427",
"lastModified": "2024-11-08T02:00:02.450",
"vulnStatus": "Modified",
"lastModified": "2024-11-08T21:16:59.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-11-07",
"cisaActionDue": "2024-11-28",
@ -133,6 +133,7 @@
"url": "http://packetstormsecurity.com/files/155045/Nostromo-1.9.6-Directory-Traversal-Remote-Command-Execution.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -141,6 +142,7 @@
"url": "http://packetstormsecurity.com/files/155802/nostromo-1.9.6-Remote-Code-Execution.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
@ -149,14 +151,14 @@
"url": "http://www.nazgul.ch/dev/nostromo_cl.txt",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
"Release Notes"
]
},
{
"url": "https://git.sp0re.sh/sp0re/Nhttpd-exploits",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]
@ -165,6 +167,7 @@
"url": "https://sp0re.sh",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
}

39
CVE-2021/CVE-2021-473xx/CVE-2021-47308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47308",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-21T15:15:18.383",
"lastModified": "2024-05-21T16:54:26.047",
"lastModified": "2024-11-08T22:35:03.540",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: libfc: Corregir excepci\u00f3n de \u00edndice de matriz fuera de los l\u00edmites. Corregir excepci\u00f3n de \u00edndice de matriz fuera de los l\u00edmites en fc_rport_prli_resp()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0fe70c15f9435bb3c50954778245d62ee38b0e03",

27
CVE-2023/CVE-2023-507xx/CVE-2023-50740.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50740",
"sourceIdentifier": "security@apache.org",
"published": "2024-03-06T14:15:47.407",
"lastModified": "2024-05-01T18:15:11.290",
"lastModified": "2024-11-08T22:35:04.780",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En Apache Linkis <= 1.4.0, la contrase\u00f1a se imprime en el registro cuando se utiliza la fuente de datos de Oracle del m\u00f3dulo de fuente de datos de Linkis. Recomendamos a los usuarios actualizar la versi\u00f3n de Linkis a la versi\u00f3n 1.5.0"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@apache.org",

39
CVE-2023/CVE-2023-523xx/CVE-2023-52344.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-52344",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-04-08T03:15:08.407",
"lastModified": "2024-04-08T18:48:40.217",
"lastModified": "2024-11-08T22:35:05.047",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En modem-ps-nas-ngmm, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podr\u00eda conducir a la divulgaci\u00f3n remota de informaci\u00f3n, sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313",

64
CVE-2024/CVE-2024-100xx/CVE-2024-10020.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10020",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-06T07:15:03.377",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:19:58.813",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,7 +18,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -36,10 +36,40 @@
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -51,14 +81,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:heateor:social_login:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.36",
"matchCriteriaId": "9248BE1D-7546-4B2D-884F-96A7C6950E5E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3177729/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6b1d212b-75fe-4285-9c22-62b040e5a36c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-100xx/CVE-2024-10028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10028",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-06T00:15:13.000",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:21:47.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:everestthemes:everest_backup:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.14",
"matchCriteriaId": "A7F512C0-278E-4873-8746-8E9DC4B7FCBE"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/everest-backup/tags/2.2.13/inc/classes/class-backup-directory.php#L514",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9b871957-a2b3-492f-b461-7040d9098b2b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

37
CVE-2024/CVE-2024-105xx/CVE-2024-10535.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10535",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-06T07:15:03.880",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:19:27.540",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martinvalchev:video_gallery_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.32",
"matchCriteriaId": "3B9C0934-B533-4AC0-83A7-6A1F7664F4B0"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/video-wc-gallery/trunk/admin/admin-ui-setup.php#L545",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3182174%40video-wc-gallery&new=3182174%40video-wc-gallery&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/50259040-a984-42a8-8d58-cc94e349ca45?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-105xx/CVE-2024-10543.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10543",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-06T07:15:04.160",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:19:02.700",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tumult:tumult_hype_animations:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.9.15",
"matchCriteriaId": "7BC6765F-C820-4055-B91E-81D68986D953"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3182537%40tumult-hype-animations&new=3182537%40tumult-hype-animations&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7273526e-bb51-418f-9ac8-8832f2de1cd6?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2024/CVE-2024-106xx/CVE-2024-10647.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10647",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-06T02:15:15.930",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:20:50.847",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:westguardsolutions:ws_form:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "1.9.245",
"matchCriteriaId": "2AF238D9-AC03-4FA4-91CE-EC086BC561F7"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3179725/ws-form",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cab527f-bd67-4b67-8133-f085098d63dc?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-109xx/CVE-2024-10919.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10919",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-06T16:15:05.610",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:07:58.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cov/triggerUnitCover. The manipulation of the argument uuid leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en didi Super-Jacoco 1.0 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /cov/triggerUnitCover. La manipulaci\u00f3n del argumento uuid provoca la inyecci\u00f3n de comandos del sistema operativo. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {
@ -57,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -105,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,22 +154,57 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:didi:super-jacoco:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE5CE81-6250-439C-B811-B6068786FAD6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/didi/super-jacoco/issues/49",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.283315",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.283315",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.432689",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

141
CVE-2024/CVE-2024-110xx/CVE-2024-11026.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-11026",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-08T22:15:14.610",
"lastModified": "2024-11-08T22:15:14.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument DEFAULT_KEYSTORE_PASSWORD with the input changeit leads to use of hard-coded password. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6
},
"baseSeverity": "LOW",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-255"
},
{
"lang": "en",
"value": "CWE-259"
}
]
}
],
"references": [
{
"url": "https://github.com/secuserx/CVE/blob/main/%5BHardcoded%20Keystore%20Password%5D%20found%20in%20FREENOW%20(ex%20Beat%20app)%2012.10.0%20-%20(SSL.java).md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.283544",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283544",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.434538",
"source": "cna@vuldb.com"
}
]
}

44
CVE-2024/CVE-2024-219xx/CVE-2024-21994.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2024-21994",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2024-11-08T21:15:16.477",
"lastModified": "2024-11-08T21:15:16.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to a service crash."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@netapp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20241108-0001/",
"source": "security-alert@netapp.com"
}
]
}

27
CVE-2024/CVE-2024-267xx/CVE-2024-26755.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26755",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-03T17:15:52.103",
"lastModified": "2024-04-03T17:24:18.150",
"lastModified": "2024-11-08T22:35:06.080",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: No suspender la matriz por remodelaci\u00f3n interrumpida md_start_sync() suspender\u00e1 la matriz si hay repuestos que se pueden agregar o eliminar de conf, sin embargo, si la remodelaci\u00f3n a\u00fan est\u00e1 en marcha progreso, esto no suceder\u00e1 en absoluto o los datos se da\u00f1ar\u00e1n (no se llamar\u00e1 a remove_and_add_spares desde md_choose_sync_action para remodelar), por lo tanto, no hay necesidad de suspender la matriz si la remodelaci\u00f3n a\u00fan no se ha realizado. Mientras tanto, existe un posible punto muerto para raid456: 1) se interrumpe la remodelaci\u00f3n; 2) configure uno de los discos WantReplacement y agregue un nuevo disco a la matriz; sin embargo, la recuperaci\u00f3n no comenzar\u00e1 hasta que finalice la remodelaci\u00f3n; 3) luego emita una IO a trav\u00e9s de la posici\u00f3n de reshpae, esta IO esperar\u00e1 a que la remodelaci\u00f3n avance; 4) contin\u00fae remodelando, luego md_start_sync() encontr\u00f3 que hay un disco de repuesto que se puede agregar a conf, se llama a mddev_suspend(); Los pasos 4 y 3 se esperan el uno al otro y se activa el punto muerto. Observ\u00e9 que este problema se encuentra mediante la revisi\u00f3n del c\u00f3digo y a\u00fan no se ha informado. Solucione este problema al no suspender la matriz durante una remodelaci\u00f3n interrumpida, esto es seguro porque la configuraci\u00f3n no se cambiar\u00e1 hasta que finalice la remodelaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/60d6130d0ac1d883ed93c2a1e10aadb60967fd48",

22
CVE-2024/CVE-2024-268xx/CVE-2024-26882.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26882",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T11:15:10.060",
"lastModified": "2024-11-05T10:15:57.773",
"lastModified": "2024-11-08T22:35:06.303",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},

25
CVE-2024/CVE-2024-275xx/CVE-2024-27527.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27527",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.253",
"lastModified": "2024-11-08T22:15:15.253",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wasm3 139076a is vulnerable to Denial of Service (DoS)."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/5d2f3a216457aeef9f40331aca33be6e",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/wasm3/wasm3/issues/464",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-275xx/CVE-2024-27528.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27528",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.360",
"lastModified": "2024-11-08T22:15:15.360",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/baa757c4af4fefb410d9c74d7a68152e",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/wasm3/wasm3/issues/463",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-275xx/CVE-2024-27529.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27529",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.440",
"lastModified": "2024-11-08T22:15:15.440",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wasm3 139076a contains memory leaks in Read_utf8."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/ac70bd83b9c0ed1de6289d818488da78",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/wasm3/wasm3/issues/462",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-275xx/CVE-2024-27530.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27530",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.520",
"lastModified": "2024-11-08T22:15:15.520",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wasm3 139076a contains a Use-After-Free in ForEachModule."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/94dd274487b58e037bcc8839dc88b203",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/wasm3/wasm3/issues/458",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-275xx/CVE-2024-27532.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-27532",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.603",
"lastModified": "2024-11-08T22:15:15.603",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) 06df58f is vulnerable to NULL Pointer Dereference in function `block_type_get_result_types."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/e468ac3b3234f9bc42a9cc367457119a",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/bytecodealliance/wasm-micro-runtime/issues/3130",
"source": "cve@mitre.org"
}
]
}

39
CVE-2024/CVE-2024-314xx/CVE-2024-31400.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-31400",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-06-11T05:15:53.130",
"lastModified": "2024-06-11T13:54:12.057",
"lastModified": "2024-11-08T22:35:06.663",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "Existe un problema de inserci\u00f3n de informaci\u00f3n confidencial en los datos enviados en Cybozu Garoon 5.0.0 a 5.15.0. Si se aprovecha esta vulnerabilidad, es posible que se dejen datos no deseados en el correo reenviado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"references": [
{
"url": "https://cs.cybozu.co.jp/2024/007901.html",

25
CVE-2024/CVE-2024-354xx/CVE-2024-35410.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35410",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.737",
"lastModified": "2024-11-08T22:15:15.737",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/f686e1d517e8f5d1281b02e633129522",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/kanaka/wac/issues/17",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35418.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35418",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.823",
"lastModified": "2024-11-08T22:15:15.823",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wac commit 385e1 was discovered to contain a heap overflow via the setup_call function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/29237c52bd0cc30e3cc906f0af221b09",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/kanaka/wac/issues/19",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35419.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35419",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:15.913",
"lastModified": "2024-11-08T22:15:15.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wac commit 385e1 was discovered to contain a heap overflow via the load_module function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/8b9e1922083abef33a9024017eb2b9fe",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/kanaka/wac/issues/18",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35420.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35420",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.010",
"lastModified": "2024-11-08T22:15:16.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wac commit 385e1 was discovered to contain a heap overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/ebabc705fb04aff38c600f2b63601aae",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/kanaka/wac/issues/20",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35421.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35421",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.090",
"lastModified": "2024-11-08T22:15:16.090",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmir e8117 was discovered to contain a segmentation violation via the wasm_parse_block function at /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/318c4e35531f9e3b01df51016ac5c12b",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/andoma/vmir/issues/22",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35422.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35422",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.180",
"lastModified": "2024-11-08T22:15:16.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmir e8117 was discovered to contain a heap buffer overflow via the wasm_call function at /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/21f9ad538db2a98e651cfe34ba4176f3",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/andoma/vmir/issues/23",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35423.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35423",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.257",
"lastModified": "2024-11-08T22:15:16.257",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmir e8117 was discovered to contain a heap buffer overflow via the wasm_parse_section_functions function at /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/32fd20583f2008e6b68caaaaf4ecf237",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/andoma/vmir/issues/18",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35424.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35424",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.343",
"lastModified": "2024-11-08T22:15:16.343",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmir e8117 was discovered to contain a segmentation violation via the import_function function at /src/vmir_wasm_parser.c."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/58fa3df36ca7d0c972c7481cf80ffd80",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/andoma/vmir/issues/21",
"source": "cve@mitre.org"
}
]
}

25
CVE-2024/CVE-2024-354xx/CVE-2024-35425.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-35425",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:16.430",
"lastModified": "2024-11-08T22:15:16.430",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmir e8117 was discovered to contain a segmentation violation via the function_prepare_parse function at /src/vmir_function.c."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/haruki3hhh/c64ff6431c71be1b08e15d4ff480ce6b",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/andoma/vmir/issues/19",
"source": "cve@mitre.org"
}
]
}

70
CVE-2024/CVE-2024-355xx/CVE-2024-35517.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35517",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-11T22:15:03.930",
"lastModified": "2024-10-15T12:57:46.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:24:19.870",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -39,10 +59,54 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:xr1000_firmware:1.0.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C3AA9F-FEDD-44E9-9267-6F452B8FE5E0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/consrc/cves/blob/main/CVE-2024-35517.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-355xx/CVE-2024-35522.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35522",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-11T22:15:04.117",
"lastModified": "2024-10-15T12:57:46.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:25:44.667",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -39,10 +59,56 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.0.98",
"matchCriteriaId": "0F3F1FD8-CCF2-48D5-8265-1BE8A63F083C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/consrc/cves/blob/main/CVE-2024-35522.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-386xx/CVE-2024-38618.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-38618",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T14:15:21.567",
"lastModified": "2024-07-15T07:15:13.020",
"lastModified": "2024-11-08T22:35:09.490",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: temporizador: establece el l\u00edmite inferior del tiempo de inicio. Actualmente, el temporizador ALSA no tiene el l\u00edmite inferior del tiempo de inicio y permite un tama\u00f1o muy peque\u00f1o, por ejemplo, 1 tic. con resoluci\u00f3n de 1ns para hrtimer. Tal situaci\u00f3n puede provocar una parada inesperada de la RCU, donde la devoluci\u00f3n de llamada pone en cola repetidamente la actualizaci\u00f3n caducada, seg\u00fan lo informado por fuzzer. Este parche introduce una verificaci\u00f3n de cordura del tiempo de inicio del temporizador, de modo que el sistema devuelve un error cuando se establece un tama\u00f1o de inicio demasiado peque\u00f1o. A partir de este parche, el l\u00edmite inferior est\u00e1 codificado en 100us, que es bastante peque\u00f1o pero a\u00fan puede funcionar de alguna manera."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/2c95241ac5fc90c929d6c0c023e84bf0d30e84c3",

20
CVE-2024/CVE-2024-436xx/CVE-2024-43601.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43601",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-10-08T18:15:27.953",
"lastModified": "2024-10-17T18:23:01.007",
"vulnStatus": "Analyzed",
"lastModified": "2024-11-08T22:15:20.270",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -18,27 +18,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",

51
CVE-2024/CVE-2024-439xx/CVE-2024-43981.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-43981",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:51.377",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:10:35.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in AyeCode \u2013 WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70."
},
{
"lang": "es",
"value": " Vulnerabilidad de autorizaci\u00f3n faltante en AyeCode \u2013 WP Business Directory Plugins GeoDirectory permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a GeoDirectory: desde n/a hasta 2.3.70."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ayecode:geodirectory:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.71",
"matchCriteriaId": "E0626C66-DC20-4048-9D84-2D3C484505BB"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/geodirectory/wordpress-geodirectory-plugin-2-3-70-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-439xx/CVE-2024-43982.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-43982",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:51.630",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:11:11.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Geek Code Lab Login As Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login As Users: from n/a through 1.4.3."
},
{
"lang": "es",
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en Geek Code Lab Login As Users permite explotar los niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Login As Users: desde n/a hasta 1.4.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geekcodelab:login_as_users:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.4",
"matchCriteriaId": "B449A112-9488-4BCD-A4DC-F57B5678CFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/login-as-users/wordpress-login-as-users-plugin-1-4-3-broken-access-control-to-account-takeover-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-439xx/CVE-2024-43998.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-43998",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:51.843",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:11:32.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3."
},
{
"lang": "es",
"value": " La vulnerabilidad de autorizaci\u00f3n faltante en WebsiteinWP Blogpoet permite acceder a funcionalidades que no est\u00e1n correctamente restringidas por las ACL. Este problema afecta a Blogpoet: desde n/a hasta 1.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:websiteinwp:blogpoet:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.4",
"matchCriteriaId": "3F4F18AD-3F00-41D6-9426-E1E24D3D73F2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/blogpoet/wordpress-blogpoet-theme-1-0-3-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-440xx/CVE-2024-44006.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44006",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:52.043",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:08:38.960",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.6."
},
{
"lang": "es",
"value": " La vulnerabilidad de autorizaci\u00f3n faltante en WooCommerce Multilingual y Multicurrency multilingual de OnTheGoSystems permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a WooCommerce Multilingual y Multicurrency: desde n/a hasta 5.3.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:onthegosystems:woocommerce_multilingual_\\&_multicurrency:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.3.7",
"matchCriteriaId": "D2922C8A-56FA-4519-99B1-3E72A192083D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-multilingual/wordpress-woocommerce-multilingual-multicurrency-plugin-5-3-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-440xx/CVE-2024-44019.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44019",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:52.250",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:06:54.373",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through 0.4.67."
},
{
"lang": "es",
"value": " La vulnerabilidad de autorizaci\u00f3n faltante en la extensi\u00f3n Campaign Monitor de Renzo Johnson Contact Form 7 permite acceder a funciones que no est\u00e1n correctamente restringidas por las ACL. Este problema afecta a la extensi\u00f3n Campaign Monitor de Contact Form 7: desde n/a hasta 0.4.67."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:renzojohnson:contact_form_7_campaign_monitor_extension:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.4.67",
"matchCriteriaId": "E63BE947-FAA7-4E79-A916-F3187BE52EE7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contact-form-7-campaign-monitor-extension/wordpress-contact-form-7-campaign-monitor-extension-plugin-0-4-67-arbitrary-file-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-440xx/CVE-2024-44020.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44020",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:52.483",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:02:41.617",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS allows .\n\nThis issue affects WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS: from n/a through 1.2.6."
},
{
"lang": "es",
"value": "Vulnerabilidad de falta de autorizaci\u00f3n en Prasad Kirpekar WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS permite . Este problema afecta a WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS: desde n/a hasta 1.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:prasadkirpekar:wp_free_ssl:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.6",
"matchCriteriaId": "153C0023-3D74-41A5-B602-5F10C0D497CB"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-free-ssl/wordpress-wp-free-ssl-plugin-1-2-6-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-440xx/CVE-2024-44021.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44021",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:52.697",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:30:51.710",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Truepush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Truepush: from n/a through 1.0.8."
},
{
"lang": "es",
"value": " La vulnerabilidad de autorizaci\u00f3n faltante en Truepush permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Truepush: desde n/a hasta 1.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:truepush:truepush:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "6C1C394C-4980-43C2-936E-5204EBA513DF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/truepush-free-web-push-notifications/wordpress-truepush-plugin-1-0-8-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-440xx/CVE-2024-44031.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44031",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:52.897",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:26:34.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.6.3."
},
{
"lang": "es",
"value": " La vulnerabilidad de autorizaci\u00f3n faltante en BearDev JoomSport permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a JoomSport: desde n/a hasta 5.6.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beardev:joomsport:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.6.4",
"matchCriteriaId": "C6806D21-5C2B-4A08-983A-0D4FD054E6B5"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/joomsport-sports-league-results-management/wordpress-joomsport-plugin-5-6-3-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-440xx/CVE-2024-44038.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44038",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:53.113",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:26:02.140",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 3.2.9."
},
{
"lang": "es",
"value": " La vulnerabilidad de autorizaci\u00f3n faltante en WP Sunshine Sunshine Photo Cart permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Sunshine Photo Cart: desde n/a hasta 3.2.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sunshinephotocart:sunshine_photo_cart:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2.10",
"matchCriteriaId": "9BECD7F7-F0FB-44C8-BBEB-6510DA7A1A2A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-plugin-3-2-9-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2024/CVE-2024-440xx/CVE-2024-44052.json
View File

@ -2,17 +2,41 @@
"id": "CVE-2024-44052",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T15:15:53.333",
"lastModified": "2024-11-01T20:24:53.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:24:59.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in HelloAsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HelloAsso: from n/a through 1.1.10."
},
{
"lang": "es",
"value": "La vulnerabilidad de autorizaci\u00f3n faltante en HelloAsso permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a HelloAsso: desde n/a hasta 1.1.10."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -47,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:helloasso:helloasso:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.11",
"matchCriteriaId": "ABB11B6A-A8C1-4EF0-BF69-EA3EE398BB88"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/helloasso/wordpress-helloasso-plugin-1-1-10-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-475xx/CVE-2024-47575.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-47575",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-10-23T15:15:30.707",
"lastModified": "2024-11-07T08:15:13.360",
"vulnStatus": "Modified",
"lastModified": "2024-11-08T21:16:28.987",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-10-23",
"cisaActionDue": "2024-11-13",

25
CVE-2024/CVE-2024-480xx/CVE-2024-48073.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48073",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T22:15:20.787",
"lastModified": "2024-11-08T22:15:20.787",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin/update program, which is responsible for updating the software in the HT3300 device, is given the execution mode of sudo NOPASSWD. This program is vulnerable to a command injection vulnerability, which could allow an attacker to pass commands to this program via command line arguments to gain elevated root privileges."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/Giles-one/56f677b96aab5a67fbe31dd41fd1303d",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Giles-one/sunniwellHT3300PrivilegeEscalation",
"source": "cve@mitre.org"
}
]
}

6
CVE-2024/CVE-2024-480xx/CVE-2024-48074.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-48074",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-28T12:15:15.200",
"lastModified": "2024-10-29T19:35:18.963",
"lastModified": "2024-11-08T22:15:20.877",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,10 @@
}
],
"references": [
{
"url": "https://gist.github.com/Giles-one/6425e97dcd1ec97a722a1e20da25fad7",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Giles-one/Vigor2960Crack",
"source": "cve@mitre.org"

90
CVE-2024/CVE-2024-501xx/CVE-2024-50107.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50107",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:14.177",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:27:32.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,95 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: platform/x86/intel/pmc: Corregir pmc_core_iounmap para llamar a iounmap para direcciones v\u00e1lidas. La confirmaci\u00f3n 50c6dbdfd16e (\"x86/ioremap: Mejorar las comprobaciones del rango de direcciones de iounmap()\") introduce una ADVERTENCIA cuando los rangos de direcciones de iounmap no son v\u00e1lidos. En Thinkpad P1 Gen 7 (Meteor Lake-P), esto provoc\u00f3 que apareciera la siguiente advertencia: ADVERTENCIA: CPU: 7 PID: 713 en arch/x86/mm/ioremap.c:461 iounmap+0x58/0x1f0 M\u00f3dulos vinculados en: rfkill(+) snd_timer(+) fjes(+) snd soundcore intel_pmc_core(+) int3403_thermal(+) int340x_thermal_zone intel_vsec pmt_telemetry acpi_pad pmt_class acpi_tad int3400_thermal acpi_thermal_rel joydev loop nfnetlink zram xe drm_suballoc_helper nouveau i915 mxm_wmi drm_ttm_helper gpu_sched drm_gpuvm drm_exec drm_buddy i2c_algo_bit crct10dif_pclmul crc32_pclmul ttm crc32c_intel polyval_clmulni rtsx_pci_sdmmc ucsi_acpi polyval_generic mmc_core hid_multitouch drm_display_helper ghash_clmulni_intel typec_ucsi nvme sha512_ssse3 video sha256_ssse3 nvme_core intel_vpu sha1_ssse3 rtsx_pci cec typec nvme_auth i2c_hid_acpi i2c_hid wmi pinctrl_meteorlake serio_raw ip6_tables ip_tables fuse CPU: 7 UID: 0 PID: 713 Comm: (udev-worker) No contaminado 6.12.0-rc2iounmap+ #42 Nombre del hardware: LENOVO 21KWCTO1WW/21KWCTO1WW, BIOS N48ET19W (1.06) 18/07/2024 RIP: 0010:iounmap+0x58/0x1f0 C\u00f3digo: 85 6a 01 00 00 48 8b 05 e6 e2 28 04 48 39 c5 72 19 eb 26 cc cc cc 48 ba 00 00 00 00 00 00 32 00 48 8d 44 02 ff 48 39 c5 72 23 <0f> 0b 48 83 c4 08 5b 5d 41 5c c3 cc cc cc cc 48 ba 00 00 00 00 00 RSP: 0018:ffff888131eff038 EFLAGS: 00010207 RAX: ffffc90000000000 RBX: 0000000000000000 RCX: ffff888e33b80000 RDX: dffffc0000000000 RSI: ffff888e33bc29c0 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffff8881598a8000 R09: ffff888e2ccedc10 R10: 0000000000000003 R11: ffffffffb3367634 R12: 00000000fe000000 R13: ffff888101d0da28 R14: ffffffffc2e437e0 R15: ffff888110b03b28 FS: 00007f3c1d4b3980(0000) GS:ffff888e33b80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005651cfc93578 CR3: 0000000124e4c002 CR4: 0000000000f70ef0 DR0: 00000000000000000 DR1: 00000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400 PKRU: 55555554 Seguimiento de llamadas: ? __warn.cold+0xb6/0x176 ? iounmap+0x58/0x1f0 ? report_bug+0x1f4/0x2b0 ? handle_bug+0x58/0x90 ? exc_invalid_op+0x17/0x40 ? pci_enable_device_flags+0x1e3/0x2e0 ? __pfx_mtl_core_init+0x10/0x10 [intel_pmc_core] pmc_core_ssram_init+0x7f/0x110 [intel_pmc_core] mtl_core_init+0xda/0x130 [intel_pmc_core] ? __mutex_init+0xb9/0x130 pmc_core_probe+0x27e/0x10b0 [intel_pmc_core] ? _raw_spin_lock_irqsave+0x96/0xf0 ? __pfx_pmc_core_probe+0x10/0x10 [intel_pmc_core] ? __pfx_mutex_unlock+0x10/0x10 ? __pfx_mutex_lock+0x10/0x10 ? device_pm_check_callbacks+0x82/0x370 ? acpi_dev_pm_attach+0x234/0x2b0 platform_probe+0x9f/0x150 really_probe+0x1e0/0x8a0 __driver_probe_device+0x18c/0x370 ? __pfx___driver_attach+0x10/0x10 driver_probe_device+0x4a/0x120 __driver_attach+0x190/0x4a0 ? __pfx___driver_attach+0x10/0x10 bus_for_each_dev+0x103/0x180 ? __pfx_bus_for_each_dev+0x10/0x10 ? klist_add_tail+0x136/0x270 bus_add_driver+0x2fc/0x540 driver_register+0x1a5/0x360 ? __pfx_pmc_core_driver_init+0x10/0x10 [intel_pmc_core] do_one_initcall+0xa4/0x380 ? __pfx_do_one_initcall+0x10/0x10 ? kasan_unpoison+0x44/0x70 do_init_module+0x296/0x800 load_module+0x5090/0x6ce0 ? __pfx_load_module+0x10/0x10 ? ima_post_read_file+0x193/0x200 ? __pfx_ima_post_read_file+0x10/0x10 ? rw_verify_area+0x152/0x4c0 ? kernel_read_file+0x257/0x750 ? __pfx_kernel_read_file+0x10/0x10 ? __pfx_filemap_get_read_batch+0x10/0x10 ? init_module_from_file+0xd1/0x130 init_module_from_file+0xd1/0x130 ? __pfx_init_module_from_file+0x10/0 ---truncado---"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "2CAA29A6-36B4-4C90-A862-A816F65153DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/01c473e64cafe2231e51be140446388024e669e8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/48771da48072823956b271dddd568492c13d8170",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

113
CVE-2024/CVE-2024-501xx/CVE-2024-50108.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50108",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:14.247",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:28:02.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,122 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Deshabilitar PSR-SU tambi\u00e9n en Parade 08-01 TCON Stuart Hayhurst ha descubierto que tanto en el arranque como en pantalla completa, el v\u00eddeo VA-API provoca pantallas negras durante alrededor de 1 segundo y rastros de ADVERTENCIA [1] en el kernel al llamar a dmub_psr_enable() con Parade 08-01 TCON. Todos estos s\u00edntomas desaparecen con PSR-SU deshabilitado para este TCON, as\u00ed que deshabil\u00edtelo por ahora mientras se pueden analizar los rastros DMUB [2] del fallo y se puede determinar correctamente el estado del fallo. (seleccionado de la confirmaci\u00f3n afb634a6823d8d9db23c5fb04f79c5549349628b)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.115",
"matchCriteriaId": "E0D63989-DFCF-456E-A28D-F522BD59429B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.59",
"matchCriteriaId": "5D15CA59-D15C-4ACD-8B03-A072DEAD2081"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "E4486B12-007B-4794-9857-F07145637AA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5660bcc4dd533005248577d5042f1c48cce2b443",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ba1959f71117b27f3099ee789e0815360b4081dd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c79e0a18e4b301401bb745702830be9041cfbf04",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/fc6afa07b5e251148fb37600ee06e1a7007178c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

90
CVE-2024/CVE-2024-501xx/CVE-2024-50109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50109",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:14.317",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:30:11.820",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,95 @@
"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md/raid10: se corrige la desreferencia ptr nulo en raid10_size() En raid10_run(), si raid10_set_queue_limits() tiene \u00e9xito, el valor de retorno se establece en cero y, si fallan los siguientes procedimientos, raid10_run() devolver\u00e1 cero mientras que mddev->private sigue siendo NULL, lo que provoca una desreferencia ptr nula en raid10_size(). Solucione el problema sobrescribiendo solo el valor de retorno si raid10_set_queue_limits() falla."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "2132686D-AA83-479C-98CA-4B9F24436525"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/825711e00117fc686ab89ac36a9a7b252dc349c6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b3054db2fd2d35f2eb3b4b5fb1407792f465391c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

126
CVE-2024/CVE-2024-501xx/CVE-2024-50110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-50110",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-05T18:15:14.370",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:05:35.453",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,27 +15,137 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xfrm: corrige una fuga de informaci\u00f3n del kernel m\u00e1s en el volcado de algoritmos. Durante las pruebas fuzz, se descubri\u00f3 el siguiente problema: ERROR: KMSAN: fuga de informaci\u00f3n del kernel en _copy_to_iter+0x598/0x2a30 _copy_to_iter+0x598/0x2a30 __skb_datagram_iter+0x168/0x1060 skb_copy_datagram_iter+0x5b/0x220 netlink_recvmsg+0x362/0x1700 sock_recvmsg+0x2dc/0x390 __sys_recvfrom+0x381/0x6d0 __x64_sys_recvfrom+0x130/0x200 x64_sys_call+0x32c8/0x3cc0 do_syscall_64+0xd8/0x1c0 entry_SYSCALL_64_after_hwframe+0x79/0x81 Ununit se almacen\u00f3 en la memoria en: copy_to_user_state_extra+0xcc1/0x1e00 dump_one_state+0x28c/0x5f0 xfrm_state_walk+0x548/0x11e0 xfrm_dump_sa+0x1e0/0x840 netlink_dump+0x943/0x1c40 __netlink_dump_start+0x746/0xdb0 xfrm_user_rcv_msg+0x429/0xc00 netlink_rcv_skb+0x613/0x780 xfrm_netlink_rcv+0x77/0xc0 netlink_unicast+0xe90/0x1280 netlink_sendmsg+0x126d/0x1490 __sock_sendmsg+0x332/0x3d0 ____sys_sendmsg+0x863/0xc30 ___sys_sendmsg+0x285/0x3e0 __x64_sys_sendmsg+0x2d6/0x560 x64_sys_call+0x1316/0x3cc0 do_syscall_64+0xd8/0x1c0 entry_SYSCALL_64_after_hwframe+0x79/0x81 Uninit se cre\u00f3 en: __kmalloc+0x571/0xd30 attached_auth+0x106/0x3e0 xfrm_add_sa+0x2aa0/0x4230 xfrm_user_rcv_msg+0x832/0xc00 netlink_rcv_skb+0x613/0x780 xfrm_netlink_rcv+0x77/0xc0 netlink_unicast+0xe90/0x1280 netlink_sendmsg+0x126d/0x1490 __sock_sendmsg+0x332/0x3d0 ____sys_sendmsg+0x863/0xc30 ___sys_sendmsg+0x285/0x3e0 __x64_sys_sendmsg+0x2d6/0x560 x64_sys_call+0x1316/0x3cc0 do_syscall_64+0xd8/0x1c0 entry_SYSCALL_64_after_hwframe+0x79/0x81 Los bytes 328-379 de 732 no est\u00e1n inicializados El acceso a la memoria de tama\u00f1o 732 comienza en ffff88800e18e000 Datos copiados a la direcci\u00f3n de usuario 00007ff30f48aff0 CPU: 2 PID: 18167 Comm: syz-executor.0 No contaminado 6.8.11 #1 Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Corrige la copia de algoritmos xfrm donde algunos datos aleatorios de los campos de estructura pueden terminar en el espacio de usuario. El relleno en las estructuras se puede rellenar con datos aleatorios (posiblemente confidenciales) y nunca se debe proporcionar directamente al espacio de usuario. Un problema similar se resolvi\u00f3 en la confirmaci\u00f3n 8222d5910dae (\"xfrm: relleno de ceros al volcar algoritmos y encap\") encontrado por Linux Verification Center (linuxtesting.org) con Syzkaller."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.170",
"matchCriteriaId": "A9BA1C73-2D2E-45E3-937B-276A28AEB5FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.115",
"matchCriteriaId": "C08A77A6-E42E-4EFD-B5A1-2BF6CBBB42AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.59",
"matchCriteriaId": "5D15CA59-D15C-4ACD-8B03-A072DEAD2081"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.6",
"matchCriteriaId": "E4486B12-007B-4794-9857-F07145637AA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1e8fbd2441cb2ea28d6825f2985bf7d84af060bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/610d4cea9b442b22b4820695fc3335e64849725e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6889cd2a93e1e3606b3f6e958aa0924e836de4d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c73bca72b84b453c8d26a5e7673b20adb294bf54",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dc2ad8e8818e4bf1a93db78d81745b4877b32972",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

25
CVE-2024/CVE-2024-508xx/CVE-2024-50808.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-50808",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T21:15:20.740",
"lastModified": "2024-11-08T21:15:20.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the \"notify\" variable in admin_notify.php."
}
],
"metrics": {},
"references": [
{
"url": "http://seacms.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/v9d0g/CVEs/blob/main/CVE-2024-50808.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-508xx/CVE-2024-50809.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-50809",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T21:15:20.870",
"lastModified": "2024-11-08T21:15:20.870",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The theme.php file in SDCMS 2.8 has a command execution vulnerability that allows for the execution of system commands"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/v9d0g/CVEs/blob/main/CVE-2024-50809.md",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-511xx/CVE-2024-51157.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-51157",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-08T21:15:20.980",
"lastModified": "2024-11-08T21:15:20.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component http://erp.07fly.net:80/oa/OaSchedule/add.html."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/xiaoyunzhui/cms/blob/main/2/readme.md",
"source": "cve@mitre.org"
}
]
}

88
CVE-2024/CVE-2024-515xx/CVE-2024-51567.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51567",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T23:15:04.307",
"lastModified": "2024-11-08T02:00:02.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:14:28.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-11-07",
"cisaActionDue": "2024-11-28",
@ -21,6 +21,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -44,6 +64,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
@ -55,34 +85,74 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.8",
"matchCriteriaId": "4AF5FFC6-208E-4DD5-B298-56EFD7047F47"
}
]
}
]
}
],
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/420.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://cwe.mitre.org/data/definitions/78.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://dreyand.rs/code/review/2024/10/27/what-are-my-options-cyberpanel-v236-pre-auth-rce",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "https://github.com/usmannasir/cyberpanel/commit/5b08cd6d53f4dbc2107ad9f555122ce8b0996515",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
}
]
}

61
CVE-2024/CVE-2024-517xx/CVE-2024-51740.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-51740",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-05T19:15:08.087",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:09:45.387",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -51,10 +71,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.11",
"matchCriteriaId": "1BF82095-AA7D-454F-9228-78EC4D8CD5CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.0.5",
"matchCriteriaId": "BB27E0C9-520F-4289-AB31-A4DDAD763F52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.0",
"versionEndExcluding": "3.1.2",
"matchCriteriaId": "88B32C5C-D9F9-4719-ACA5-217D1E696D4C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Combodo/iTop/security/advisories/GHSA-w9g8-mxm5-ph62",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-59xx/CVE-2024-5910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5910",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-07-10T19:15:11.390",
"lastModified": "2024-11-08T02:00:02.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:04:18.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2024-11-07",
"cisaActionDue": "2024-11-28",
@ -63,9 +63,41 @@
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
@ -77,10 +109,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:expedition:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.2.0",
"versionEndExcluding": "1.2.92",
"matchCriteriaId": "CCBF1116-E6AB-472A-82F8-2D360186A8CD"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5910",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

42
CVE-2024/CVE-2024-66xx/CVE-2024-6626.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6626",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-06T07:15:04.460",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:18:44.400",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:theinnovs:eleforms:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.9.9.9",
"matchCriteriaId": "EF5D0F9D-4B72-4D75-8C4F-B2802257DF09"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/all-contact-form-integration-for-elementor/trunk/includes/export_csv.php#L20",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/all-contact-form-integration-for-elementor/trunk/includes/wp-ajax.php#L147",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/all-contact-form-integration-for-elementor/trunk/includes/wp-ajax.php#L7",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eccea504-b8b9-46d3-b9fd-ae893528e521?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

98
CVE-2024/CVE-2024-67xx/CVE-2024-6762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6762",
"sourceIdentifier": "emo@eclipse.org",
"published": "2024-10-14T16:15:03.930",
"lastModified": "2024-10-15T12:57:46.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:29:51.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -51,30 +81,82 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.0.18",
"matchCriteriaId": "464A4A99-38E9-4ECD-AD6E-309AABC2F016"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.18",
"matchCriteriaId": "823119A8-D743-4EFB-A35A-2821C5960139"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.0.4",
"matchCriteriaId": "FE233C37-A184-44BC-B8C0-40F7B1E7512E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jetty/jetty.project/pull/10755",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jetty/jetty.project/pull/10756",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jetty/jetty.project/pull/9715",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jetty/jetty.project/pull/9716",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/24",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-67xx/CVE-2024-6763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6763",
"sourceIdentifier": "emo@eclipse.org",
"published": "2024-10-14T16:15:04.163",
"lastModified": "2024-10-15T12:57:46.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:15:57.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -51,18 +81,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "12.0.12",
"matchCriteriaId": "42139A4F-DE37-4B6A-B7AC-6CA22999F733"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jetty/jetty.project/pull/12012",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/25",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Vendor Advisory"
]
}
]
}

12
CVE-2024/CVE-2024-70xx/CVE-2024-7059.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-7059",
"sourceIdentifier": "security@genetec.com",
"published": "2024-11-05T13:15:03.963",
"lastModified": "2024-11-05T16:15:19.097",
"lastModified": "2024-11-08T22:15:21.000",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A high-severity vulnerability that can lead to arbitrary code execution was found in the Genetec Security Center product line."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de alta gravedad que puede llevar a la ejecuci\u00f3n de c\u00f3digo arbitrario en la l\u00ednea de productos Genetec Security Center."
}
],
"metrics": {
@ -71,7 +75,11 @@
],
"references": [
{
"url": "https://resources.genetec.com/security-advisories/",
"url": "https://resources.genetec.com/security-advisories/high-severity-vulnerability-affecting-security-center-web-sdk-role",
"source": "security@genetec.com"
},
{
"url": "https://ressources.genetec.com/bulletins-de-securite/vulnerabilite-de-haute-severite-affectant-le-role-sdk-web-de-security-center",
"source": "security@genetec.com"
}
]

89
CVE-2024/CVE-2024-81xx/CVE-2024-8184.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8184",
"sourceIdentifier": "emo@eclipse.org",
"published": "2024-10-14T16:15:04.380",
"lastModified": "2024-10-15T12:57:46.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:00:09.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -51,18 +81,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.3.12",
"versionEndExcluding": "9.4.56",
"matchCriteriaId": "38EE28A7-83A2-4D16-A1D7-197C1680C234"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.0.24",
"matchCriteriaId": "40B124FE-E76C-4612-8781-42CF3182E264"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.0.24",
"matchCriteriaId": "43B96569-B73B-4765-994F-809E5AE1A3CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.0.9",
"matchCriteriaId": "CDCB79ED-6D2F-4A37-BB89-41EABF18EAC1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jetty/jetty.project/pull/11723",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/30",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-84xx/CVE-2024-8499.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8499",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-10-04T13:15:12.380",
"lastModified": "2024-10-04T13:50:43.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:01:13.457",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -51,18 +71,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themehigh:checkout_field_editor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.4",
"matchCriteriaId": "3FA2367C-5EB6-4D2F-BE1B-507CDA5A914A"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-checkout-field-editor-pro/trunk/admin/class-thwcfd-admin.php#L426",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3160299/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81eb8963-548f-4e94-83bd-266a19c09aab?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2024/CVE-2024-93xx/CVE-2024-9307.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9307",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-06T07:15:04.717",
"lastModified": "2024-11-06T18:17:17.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-08T21:18:16.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
@ -51,14 +71,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themelooks:mfolio:*:*:*:*:lite:wordpress:*:*",
"versionEndIncluding": "1.2.1",
"matchCriteriaId": "6900B9BF-BA00-426A-B1B2-C59A41EC6CD3"
}
]
}
]
}
],
"references": [
{
"url": "https://wordpress.org/plugins/mfolio-lite/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3b4012dd-7c0a-45f1-8ada-8f9dc6867e1e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

86
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-11-08T21:00:20.824687+00:00
2024-11-08T23:00:19.669041+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-11-08T20:56:54.807000+00:00
2024-11-08T22:35:09.490000+00:00
```
### Last Data Feed Release
@ -33,50 +33,64 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
268701
268721
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `20`
- [CVE-2024-44765](CVE-2024/CVE-2024-447xx/CVE-2024-44765.json) (`2024-11-08T19:15:05.590`)
- [CVE-2024-50810](CVE-2024/CVE-2024-508xx/CVE-2024-50810.json) (`2024-11-08T19:15:05.877`)
- [CVE-2024-50811](CVE-2024/CVE-2024-508xx/CVE-2024-50811.json) (`2024-11-08T19:15:06.020`)
- [CVE-2024-51055](CVE-2024/CVE-2024-510xx/CVE-2024-51055.json) (`2024-11-08T19:15:06.190`)
- [CVE-2024-51211](CVE-2024/CVE-2024-512xx/CVE-2024-51211.json) (`2024-11-08T19:15:06.347`)
- [CVE-2024-51997](CVE-2024/CVE-2024-519xx/CVE-2024-51997.json) (`2024-11-08T19:15:06.487`)
- [CVE-2024-11026](CVE-2024/CVE-2024-110xx/CVE-2024-11026.json) (`2024-11-08T22:15:14.610`)
- [CVE-2024-21994](CVE-2024/CVE-2024-219xx/CVE-2024-21994.json) (`2024-11-08T21:15:16.477`)
- [CVE-2024-27527](CVE-2024/CVE-2024-275xx/CVE-2024-27527.json) (`2024-11-08T22:15:15.253`)
- [CVE-2024-27528](CVE-2024/CVE-2024-275xx/CVE-2024-27528.json) (`2024-11-08T22:15:15.360`)
- [CVE-2024-27529](CVE-2024/CVE-2024-275xx/CVE-2024-27529.json) (`2024-11-08T22:15:15.440`)
- [CVE-2024-27530](CVE-2024/CVE-2024-275xx/CVE-2024-27530.json) (`2024-11-08T22:15:15.520`)
- [CVE-2024-27532](CVE-2024/CVE-2024-275xx/CVE-2024-27532.json) (`2024-11-08T22:15:15.603`)
- [CVE-2024-35410](CVE-2024/CVE-2024-354xx/CVE-2024-35410.json) (`2024-11-08T22:15:15.737`)
- [CVE-2024-35418](CVE-2024/CVE-2024-354xx/CVE-2024-35418.json) (`2024-11-08T22:15:15.823`)
- [CVE-2024-35419](CVE-2024/CVE-2024-354xx/CVE-2024-35419.json) (`2024-11-08T22:15:15.913`)
- [CVE-2024-35420](CVE-2024/CVE-2024-354xx/CVE-2024-35420.json) (`2024-11-08T22:15:16.010`)
- [CVE-2024-35421](CVE-2024/CVE-2024-354xx/CVE-2024-35421.json) (`2024-11-08T22:15:16.090`)
- [CVE-2024-35422](CVE-2024/CVE-2024-354xx/CVE-2024-35422.json) (`2024-11-08T22:15:16.180`)
- [CVE-2024-35423](CVE-2024/CVE-2024-354xx/CVE-2024-35423.json) (`2024-11-08T22:15:16.257`)
- [CVE-2024-35424](CVE-2024/CVE-2024-354xx/CVE-2024-35424.json) (`2024-11-08T22:15:16.343`)
- [CVE-2024-35425](CVE-2024/CVE-2024-354xx/CVE-2024-35425.json) (`2024-11-08T22:15:16.430`)
- [CVE-2024-48073](CVE-2024/CVE-2024-480xx/CVE-2024-48073.json) (`2024-11-08T22:15:20.787`)
- [CVE-2024-50808](CVE-2024/CVE-2024-508xx/CVE-2024-50808.json) (`2024-11-08T21:15:20.740`)
- [CVE-2024-50809](CVE-2024/CVE-2024-508xx/CVE-2024-50809.json) (`2024-11-08T21:15:20.870`)
- [CVE-2024-51157](CVE-2024/CVE-2024-511xx/CVE-2024-51157.json) (`2024-11-08T21:15:20.980`)
### CVEs modified in the last Commit
Recently modified CVEs: `270`
Recently modified CVEs: `43`
- [CVE-2024-51988](CVE-2024/CVE-2024-519xx/CVE-2024-51988.json) (`2024-11-08T19:01:25.633`)
- [CVE-2024-51989](CVE-2024/CVE-2024-519xx/CVE-2024-51989.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-51990](CVE-2024/CVE-2024-519xx/CVE-2024-51990.json) (`2024-11-08T19:01:25.633`)
- [CVE-2024-51993](CVE-2024/CVE-2024-519xx/CVE-2024-51993.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-51994](CVE-2024/CVE-2024-519xx/CVE-2024-51994.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-51995](CVE-2024/CVE-2024-519xx/CVE-2024-51995.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-51998](CVE-2024/CVE-2024-519xx/CVE-2024-51998.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-52043](CVE-2024/CVE-2024-520xx/CVE-2024-52043.json) (`2024-11-08T20:39:36.233`)
- [CVE-2024-7982](CVE-2024/CVE-2024-79xx/CVE-2024-7982.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-8323](CVE-2024/CVE-2024-83xx/CVE-2024-8323.json) (`2024-11-08T20:30:11.340`)
- [CVE-2024-8378](CVE-2024/CVE-2024-83xx/CVE-2024-8378.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-8424](CVE-2024/CVE-2024-84xx/CVE-2024-8424.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-8442](CVE-2024/CVE-2024-84xx/CVE-2024-8442.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-8614](CVE-2024/CVE-2024-86xx/CVE-2024-8614.json) (`2024-11-08T20:23:41.563`)
- [CVE-2024-8615](CVE-2024/CVE-2024-86xx/CVE-2024-8615.json) (`2024-11-08T20:24:28.737`)
- [CVE-2024-8810](CVE-2024/CVE-2024-88xx/CVE-2024-8810.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-9481](CVE-2024/CVE-2024-94xx/CVE-2024-9481.json) (`2024-11-08T20:49:03.597`)
- [CVE-2024-9482](CVE-2024/CVE-2024-94xx/CVE-2024-9482.json) (`2024-11-08T20:49:58.077`)
- [CVE-2024-9483](CVE-2024/CVE-2024-94xx/CVE-2024-9483.json) (`2024-11-08T20:54:30.980`)
- [CVE-2024-9484](CVE-2024/CVE-2024-94xx/CVE-2024-9484.json) (`2024-11-08T20:55:14.283`)
- [CVE-2024-9486](CVE-2024/CVE-2024-94xx/CVE-2024-9486.json) (`2024-11-08T20:56:54.807`)
- [CVE-2024-9594](CVE-2024/CVE-2024-95xx/CVE-2024-9594.json) (`2024-11-08T20:50:48.720`)
- [CVE-2024-9841](CVE-2024/CVE-2024-98xx/CVE-2024-9841.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-9926](CVE-2024/CVE-2024-99xx/CVE-2024-9926.json) (`2024-11-08T19:01:03.880`)
- [CVE-2024-9946](CVE-2024/CVE-2024-99xx/CVE-2024-9946.json) (`2024-11-08T20:38:07.557`)
- [CVE-2024-43982](CVE-2024/CVE-2024-439xx/CVE-2024-43982.json) (`2024-11-08T21:11:11.747`)
- [CVE-2024-43998](CVE-2024/CVE-2024-439xx/CVE-2024-43998.json) (`2024-11-08T21:11:32.880`)
- [CVE-2024-44006](CVE-2024/CVE-2024-440xx/CVE-2024-44006.json) (`2024-11-08T21:08:38.960`)
- [CVE-2024-44019](CVE-2024/CVE-2024-440xx/CVE-2024-44019.json) (`2024-11-08T21:06:54.373`)
- [CVE-2024-44020](CVE-2024/CVE-2024-440xx/CVE-2024-44020.json) (`2024-11-08T21:02:41.617`)
- [CVE-2024-44021](CVE-2024/CVE-2024-440xx/CVE-2024-44021.json) (`2024-11-08T21:30:51.710`)
- [CVE-2024-44031](CVE-2024/CVE-2024-440xx/CVE-2024-44031.json) (`2024-11-08T21:26:34.110`)
- [CVE-2024-44038](CVE-2024/CVE-2024-440xx/CVE-2024-44038.json) (`2024-11-08T21:26:02.140`)
- [CVE-2024-44052](CVE-2024/CVE-2024-440xx/CVE-2024-44052.json) (`2024-11-08T21:24:59.660`)
- [CVE-2024-47575](CVE-2024/CVE-2024-475xx/CVE-2024-47575.json) (`2024-11-08T21:16:28.987`)
- [CVE-2024-48074](CVE-2024/CVE-2024-480xx/CVE-2024-48074.json) (`2024-11-08T22:15:20.877`)
- [CVE-2024-50107](CVE-2024/CVE-2024-501xx/CVE-2024-50107.json) (`2024-11-08T21:27:32.240`)
- [CVE-2024-50108](CVE-2024/CVE-2024-501xx/CVE-2024-50108.json) (`2024-11-08T21:28:02.227`)
- [CVE-2024-50109](CVE-2024/CVE-2024-501xx/CVE-2024-50109.json) (`2024-11-08T21:30:11.820`)
- [CVE-2024-50110](CVE-2024/CVE-2024-501xx/CVE-2024-50110.json) (`2024-11-08T21:05:35.453`)
- [CVE-2024-51567](CVE-2024/CVE-2024-515xx/CVE-2024-51567.json) (`2024-11-08T21:14:28.807`)
- [CVE-2024-51740](CVE-2024/CVE-2024-517xx/CVE-2024-51740.json) (`2024-11-08T21:09:45.387`)
- [CVE-2024-5910](CVE-2024/CVE-2024-59xx/CVE-2024-5910.json) (`2024-11-08T21:04:18.240`)
- [CVE-2024-6626](CVE-2024/CVE-2024-66xx/CVE-2024-6626.json) (`2024-11-08T21:18:44.400`)
- [CVE-2024-6762](CVE-2024/CVE-2024-67xx/CVE-2024-6762.json) (`2024-11-08T21:29:51.237`)
- [CVE-2024-6763](CVE-2024/CVE-2024-67xx/CVE-2024-6763.json) (`2024-11-08T21:15:57.677`)
- [CVE-2024-7059](CVE-2024/CVE-2024-70xx/CVE-2024-7059.json) (`2024-11-08T22:15:21.000`)
- [CVE-2024-8184](CVE-2024/CVE-2024-81xx/CVE-2024-8184.json) (`2024-11-08T21:00:09.857`)
- [CVE-2024-8499](CVE-2024/CVE-2024-84xx/CVE-2024-8499.json) (`2024-11-08T21:01:13.457`)
- [CVE-2024-9307](CVE-2024/CVE-2024-93xx/CVE-2024-9307.json) (`2024-11-08T21:18:16.210`)
## Download and Usage

658
_state.csv
View File

File diff suppressed because it is too large Load Diff