From 2e7194f5bcd2b81abdaab52ff03b985fe199b4da Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 6 Dec 2024 19:03:40 +0000 Subject: [PATCH] Auto-Update: 2024-12-06T19:00:27.803361+00:00 --- CVE-2017/CVE-2017-133xx/CVE-2017-13308.json | 39 +++- CVE-2018/CVE-2018-93xx/CVE-2018-9386.json | 39 +++- CVE-2018/CVE-2018-93xx/CVE-2018-9388.json | 39 +++- CVE-2018/CVE-2018-93xx/CVE-2018-9390.json | 39 +++- CVE-2018/CVE-2018-93xx/CVE-2018-9391.json | 39 +++- CVE-2020/CVE-2020-367xx/CVE-2020-36778.json | 122 ++++++++++- CVE-2020/CVE-2020-367xx/CVE-2020-36782.json | 141 +++++++++++- CVE-2020/CVE-2020-367xx/CVE-2020-36783.json | 141 +++++++++++- CVE-2020/CVE-2020-367xx/CVE-2020-36784.json | 122 ++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46955.json | 217 +++++++++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46956.json | 141 +++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46966.json | 217 +++++++++++++++++- CVE-2021/CVE-2021-469xx/CVE-2021-46967.json | 122 ++++++++++- CVE-2021/CVE-2021-470xx/CVE-2021-47025.json | 84 ++++++- CVE-2021/CVE-2021-470xx/CVE-2021-47041.json | 141 +++++++++++- CVE-2021/CVE-2021-470xx/CVE-2021-47042.json | 84 ++++++- CVE-2021/CVE-2021-470xx/CVE-2021-47045.json | 103 ++++++++- CVE-2022/CVE-2022-258xx/CVE-2022-25883.json | 109 ++++++--- CVE-2023/CVE-2023-297xx/CVE-2023-29709.json | 43 +++- CVE-2023/CVE-2023-332xx/CVE-2023-33289.json | 60 ++++- CVE-2023/CVE-2023-334xx/CVE-2023-33405.json | 46 +++- CVE-2023/CVE-2023-335xx/CVE-2023-33591.json | 52 ++++- CVE-2023/CVE-2023-337xx/CVE-2023-33725.json | 47 +++- CVE-2024/CVE-2024-109xx/CVE-2024-10905.json | 4 +- CVE-2024/CVE-2024-111xx/CVE-2024-11158.json | 24 +- CVE-2024/CVE-2024-112xx/CVE-2024-11220.json | 104 +++++++++ CVE-2024/CVE-2024-116xx/CVE-2024-11680.json | 79 ++++++- CVE-2024/CVE-2024-210xx/CVE-2024-21070.json | 63 +++++- CVE-2024/CVE-2024-210xx/CVE-2024-21093.json | 62 +++++- CVE-2024/CVE-2024-261xx/CVE-2024-26164.json | 52 ++++- CVE-2024/CVE-2024-261xx/CVE-2024-26166.json | 156 ++++++++++++- CVE-2024/CVE-2024-261xx/CVE-2024-26198.json | 231 +++++++++++++++++++- CVE-2024/CVE-2024-261xx/CVE-2024-26199.json | 51 ++++- CVE-2024/CVE-2024-262xx/CVE-2024-26201.json | 52 ++++- CVE-2024/CVE-2024-272xx/CVE-2024-27223.json | 24 +- CVE-2024/CVE-2024-272xx/CVE-2024-27234.json | 24 +- CVE-2024/CVE-2024-383xx/CVE-2024-38344.json | 47 +++- CVE-2024/CVE-2024-424xx/CVE-2024-42494.json | 100 +++++++++ CVE-2024/CVE-2024-44xx/CVE-2024-4456.json | 24 +- CVE-2024/CVE-2024-470xx/CVE-2024-47043.json | 100 +++++++++ CVE-2024/CVE-2024-475xx/CVE-2024-47547.json | 100 +++++++++ CVE-2024/CVE-2024-487xx/CVE-2024-48703.json | 21 ++ CVE-2024/CVE-2024-488xx/CVE-2024-48859.json | 78 +++++++ CVE-2024/CVE-2024-488xx/CVE-2024-48863.json | 78 +++++++ CVE-2024/CVE-2024-488xx/CVE-2024-48865.json | 78 +++++++ CVE-2024/CVE-2024-488xx/CVE-2024-48866.json | 78 +++++++ CVE-2024/CVE-2024-488xx/CVE-2024-48867.json | 78 +++++++ CVE-2024/CVE-2024-488xx/CVE-2024-48868.json | 78 +++++++ CVE-2024/CVE-2024-488xx/CVE-2024-48871.json | 104 +++++++++ CVE-2024/CVE-2024-503xx/CVE-2024-50387.json | 78 +++++++ CVE-2024/CVE-2024-503xx/CVE-2024-50388.json | 82 +++++++ CVE-2024/CVE-2024-503xx/CVE-2024-50389.json | 78 +++++++ CVE-2024/CVE-2024-503xx/CVE-2024-50393.json | 78 +++++++ CVE-2024/CVE-2024-504xx/CVE-2024-50402.json | 78 +++++++ CVE-2024/CVE-2024-504xx/CVE-2024-50403.json | 78 +++++++ CVE-2024/CVE-2024-504xx/CVE-2024-50404.json | 78 +++++++ CVE-2024/CVE-2024-506xx/CVE-2024-50677.json | 39 +++- CVE-2024/CVE-2024-513xx/CVE-2024-51378.json | 88 +++++++- CVE-2024/CVE-2024-517xx/CVE-2024-51727.json | 100 +++++++++ CVE-2024/CVE-2024-523xx/CVE-2024-52320.json | 104 +++++++++ CVE-2024/CVE-2024-525xx/CVE-2024-52558.json | 104 +++++++++ CVE-2024/CVE-2024-536xx/CVE-2024-53691.json | 78 +++++++ CVE-2024/CVE-2024-539xx/CVE-2024-53907.json | 39 +++- CVE-2024/CVE-2024-539xx/CVE-2024-53908.json | 39 +++- CVE-2024/CVE-2024-541xx/CVE-2024-54143.json | 82 +++++++ CVE-2024/CVE-2024-547xx/CVE-2024-54749.json | 21 ++ CVE-2024/CVE-2024-547xx/CVE-2024-54750.json | 39 +++- CVE-2024/CVE-2024-552xx/CVE-2024-55268.json | 21 ++ CVE-2024/CVE-2024-66xx/CVE-2024-6601.json | 40 +++- README.md | 97 ++++---- _state.csv | 206 +++++++++-------- 71 files changed, 5350 insertions(+), 374 deletions(-) create mode 100644 CVE-2024/CVE-2024-112xx/CVE-2024-11220.json create mode 100644 CVE-2024/CVE-2024-424xx/CVE-2024-42494.json create mode 100644 CVE-2024/CVE-2024-470xx/CVE-2024-47043.json create mode 100644 CVE-2024/CVE-2024-475xx/CVE-2024-47547.json create mode 100644 CVE-2024/CVE-2024-487xx/CVE-2024-48703.json create mode 100644 CVE-2024/CVE-2024-488xx/CVE-2024-48859.json create mode 100644 CVE-2024/CVE-2024-488xx/CVE-2024-48863.json create mode 100644 CVE-2024/CVE-2024-488xx/CVE-2024-48865.json create mode 100644 CVE-2024/CVE-2024-488xx/CVE-2024-48866.json create mode 100644 CVE-2024/CVE-2024-488xx/CVE-2024-48867.json create mode 100644 CVE-2024/CVE-2024-488xx/CVE-2024-48868.json create mode 100644 CVE-2024/CVE-2024-488xx/CVE-2024-48871.json create mode 100644 CVE-2024/CVE-2024-503xx/CVE-2024-50387.json create mode 100644 CVE-2024/CVE-2024-503xx/CVE-2024-50388.json create mode 100644 CVE-2024/CVE-2024-503xx/CVE-2024-50389.json create mode 100644 CVE-2024/CVE-2024-503xx/CVE-2024-50393.json create mode 100644 CVE-2024/CVE-2024-504xx/CVE-2024-50402.json create mode 100644 CVE-2024/CVE-2024-504xx/CVE-2024-50403.json create mode 100644 CVE-2024/CVE-2024-504xx/CVE-2024-50404.json create mode 100644 CVE-2024/CVE-2024-517xx/CVE-2024-51727.json create mode 100644 CVE-2024/CVE-2024-523xx/CVE-2024-52320.json create mode 100644 CVE-2024/CVE-2024-525xx/CVE-2024-52558.json create mode 100644 CVE-2024/CVE-2024-536xx/CVE-2024-53691.json create mode 100644 CVE-2024/CVE-2024-541xx/CVE-2024-54143.json create mode 100644 CVE-2024/CVE-2024-547xx/CVE-2024-54749.json create mode 100644 CVE-2024/CVE-2024-552xx/CVE-2024-55268.json diff --git a/CVE-2017/CVE-2017-133xx/CVE-2017-13308.json b/CVE-2017/CVE-2017-133xx/CVE-2017-13308.json index d21cf941b04..466525d62eb 100644 --- a/CVE-2017/CVE-2017-133xx/CVE-2017-13308.json +++ b/CVE-2017/CVE-2017-133xx/CVE-2017-13308.json @@ -2,7 +2,7 @@ "id": "CVE-2017-13308", "sourceIdentifier": "security@android.com", "published": "2024-12-05T22:15:18.177", - "lastModified": "2024-12-05T22:15:18.177", + "lastModified": "2024-12-06T17:15:05.390", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2018/CVE-2018-93xx/CVE-2018-9386.json b/CVE-2018/CVE-2018-93xx/CVE-2018-9386.json index fbeb083c31d..98894d470a7 100644 --- a/CVE-2018/CVE-2018-93xx/CVE-2018-9386.json +++ b/CVE-2018/CVE-2018-93xx/CVE-2018-9386.json @@ -2,7 +2,7 @@ "id": "CVE-2018-9386", "sourceIdentifier": "security@android.com", "published": "2024-12-05T23:15:04.607", - "lastModified": "2024-12-05T23:15:04.607", + "lastModified": "2024-12-06T17:15:05.680", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In reboot_block_command of htc reboot_block driver, there is a possible\n stack buffer overflow due to a missing bounds check. This could lead to\n local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2018/CVE-2018-93xx/CVE-2018-9388.json b/CVE-2018/CVE-2018-93xx/CVE-2018-9388.json index 7182ec79b7f..778de2e271b 100644 --- a/CVE-2018/CVE-2018-93xx/CVE-2018-9388.json +++ b/CVE-2018/CVE-2018-93xx/CVE-2018-9388.json @@ -2,7 +2,7 @@ "id": "CVE-2018-9388", "sourceIdentifier": "security@android.com", "published": "2024-12-05T23:15:04.703", - "lastModified": "2024-12-05T23:15:04.703", + "lastModified": "2024-12-06T17:15:06.080", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2018/CVE-2018-93xx/CVE-2018-9390.json b/CVE-2018/CVE-2018-93xx/CVE-2018-9390.json index 0756cdac6bc..65464672bf0 100644 --- a/CVE-2018/CVE-2018-93xx/CVE-2018-9390.json +++ b/CVE-2018/CVE-2018-93xx/CVE-2018-9390.json @@ -2,7 +2,7 @@ "id": "CVE-2018-9390", "sourceIdentifier": "security@android.com", "published": "2024-12-05T23:15:04.793", - "lastModified": "2024-12-05T23:15:04.793", + "lastModified": "2024-12-06T17:15:06.543", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In procfile_write of gl_proc.c, there is a possible out of bounds read of a\n function pointer due to an incorrect bounds check. This could lead to local\n escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2018/CVE-2018-93xx/CVE-2018-9391.json b/CVE-2018/CVE-2018-93xx/CVE-2018-9391.json index b983ff5483f..02dc8843df5 100644 --- a/CVE-2018/CVE-2018-93xx/CVE-2018-9391.json +++ b/CVE-2018/CVE-2018-93xx/CVE-2018-9391.json @@ -2,7 +2,7 @@ "id": "CVE-2018-9391", "sourceIdentifier": "security@android.com", "published": "2024-12-05T23:15:04.877", - "lastModified": "2024-12-05T23:15:04.877", + "lastModified": "2024-12-06T17:15:06.967", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "In update_gps_sv and output_vzw_debug of\n vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor\n ker.c, there is a possible out of bounds write due to a missing bounds\n check. This could lead to local escalation of privilege with System\n execution privileges needed. User interaction is not needed for\n exploitation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01", diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36778.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36778.json index ce7d19bd907..46f0de53340 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36778.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36778.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36778", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:36.457", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:56:05.877", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: i2c: xiic: corrige la fuga de referencia cuando falla pm_runtime_get_sync No se espera que el recuento de referencias de PM aumente al regresar en xiic_xfer y xiic_i2c_remove. Sin embargo, pm_runtime_get_sync incrementar\u00e1 el recuento de referencias de PM incluso si falla. Olvidarse de poner en funcionamiento resultar\u00e1 en una fuga de referencia aqu\u00ed. Reempl\u00e1celo con pm_runtime_resume_and_get para mantener el contador de uso equilibrado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.6", + "versionEndExcluding": "5.10.37", + "matchCriteriaId": "8DAB7F83-8B24-421D-A7BE-C8380EDFC077" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.21", + "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/a42ac16e6573f19c78f556ea292f5b534fcc4514", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a85c5c7a3aa8041777ff691400b4046e56149fd3", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c977426db644ba476938125597947979e8aba725", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e2ba996577eaea423694dc69ae43d56f1410a22b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/a42ac16e6573f19c78f556ea292f5b534fcc4514", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/a85c5c7a3aa8041777ff691400b4046e56149fd3", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/c977426db644ba476938125597947979e8aba725", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/e2ba996577eaea423694dc69ae43d56f1410a22b", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36782.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36782.json index fe809db7665..3c4c9bad8f2 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36782.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36782.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36782", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:36.777", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T18:02:53.493", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,152 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: i2c: imx-lpi2c: corrige la fuga de referencia cuando falla pm_runtime_get_sync No se espera que el recuento de referencias de PM aumente al regresar en lpi2c_imx_master_enable. Sin embargo, pm_runtime_get_sync incrementar\u00e1 el recuento de referencias de PM incluso si falla. Olvidarse de poner en funcionamiento resultar\u00e1 en una fuga de referencia aqu\u00ed. Reempl\u00e1celo con pm_runtime_resume_and_get para mantener el contador de uso equilibrado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndExcluding": "5.4.119", + "matchCriteriaId": "F7888DB8-8CF4-40E0-95BF-BD6103099C09" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.37", + "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.21", + "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/278e5bbdb9a94fa063c0f9bcde2479d0b8042462", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/815859cb1d2302e74f11bf6894bceace9ca9eb4a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b100650d80cd2292f6c152f5f2943b5944b3e8ce", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/bb300acc867e937edc2a6898e92b21f88e4e4e66", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/cc49d206414240483bb93ffa3d80243e6a776916", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/278e5bbdb9a94fa063c0f9bcde2479d0b8042462", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/815859cb1d2302e74f11bf6894bceace9ca9eb4a", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/b100650d80cd2292f6c152f5f2943b5944b3e8ce", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/bb300acc867e937edc2a6898e92b21f88e4e4e66", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/cc49d206414240483bb93ffa3d80243e6a776916", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36783.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36783.json index e2e00ed2eae..c1093775466 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36783.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36783.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36783", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:36.823", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:37:43.990", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,152 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: i2c: img-scb: corrige la fuga de referencia cuando falla pm_runtime_get_sync No se espera que el recuento de referencias de PM aumente al regresar en las funciones img_i2c_xfer e img_i2c_init. Sin embargo, pm_runtime_get_sync incrementar\u00e1 el recuento de referencias de PM incluso si falla. Olvidarse de poner en funcionamiento resultar\u00e1 en una fuga de referencia aqu\u00ed. Reempl\u00e1celo con pm_runtime_resume_and_get para mantener el contador de uso equilibrado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "5.4.119", + "matchCriteriaId": "596D748F-C19F-4E71-9DB2-A06B9BDFF818" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.37", + "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.21", + "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/223125e37af8a641ea4a09747a6a52172fc4b903", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4734c4b1d9573c9d20bbc46cf37dde095ee011b8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7ee35cde1e810ad6ca589980b9ec2b7b62946a5b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/96c4a03658d661666c360959aa80cdabfe2972ed", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e80ae8bde41266d3b8bf012460b6593851766006", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/223125e37af8a641ea4a09747a6a52172fc4b903", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/4734c4b1d9573c9d20bbc46cf37dde095ee011b8", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/7ee35cde1e810ad6ca589980b9ec2b7b62946a5b", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/96c4a03658d661666c360959aa80cdabfe2972ed", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/e80ae8bde41266d3b8bf012460b6593851766006", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36784.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36784.json index 128916a4dce..c3ae2a4e938 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36784.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36784.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36784", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:36.883", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:37:59.973", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: i2c: cadencia: corrige la fuga de referencia cuando falla pm_runtime_get_sync No se espera que el recuento de referencias de PM aumente al regresar en las funciones cdns_i2c_master_xfer y cdns_reg_slave. Sin embargo, pm_runtime_get_sync incrementar\u00e1 el contador de uso de pm incluso si falla. Olvidarse de poner en funcionamiento resultar\u00e1 en una fuga de referencia aqu\u00ed. Reempl\u00e1celo con pm_runtime_resume_and_get para mantener el contador de uso equilibrado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "5.10.37", + "matchCriteriaId": "0067E6A1-4B8B-4154-A7E1-9B492B922C72" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.21", + "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46955.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46955.json index 1203ef5b2a8..c2744fe6756 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46955.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46955.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46955", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:06.667", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:53:52.043", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,43 +15,236 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: openvswitch: corrige la lectura OOB de la pila al fragmentar paquetes IPv4 al ejecutar openvswitch en kernels creados con KASAN, es posible ver el siguiente s\u00edmbolo al probar la fragmentaci\u00f3n de paquetes IPv4: ERROR: KASAN: stack- fuera de los l\u00edmites en ip_do_fragment+0x1b03/0x1f60 Lectura de tama\u00f1o 1 en la direcci\u00f3n ffff888112fc713c por task handler2/1367 CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418 Nombre de hardware: Red Hat KVM, BIOS 1.11 .1-4.module+el8.1.0+4066+0f1aadab 01/04/2014 Seguimiento de llamadas: dump_stack+0x92/0xc1 print_address_description.constprop.7+0x1a/0x150 kasan_report.cold.13+0x7f/0x111 ip_do_fragment+0x1b03/0x1f60 ovs_fragment+0x5bf/0x840 [openvswitch] do_execute_actions+0x1bd5/0x2400 [openvswitch] ovs_execute_actions+0xc8/0x3d0 [openvswitch] ovs_packet_cmd_execute+0xa39/0x1150 [openvswitch] genl_family_rcv_msg_do it.isra.15+0x227/0x2d0 genl_rcv_msg+0x287/0x490 netlink_rcv_skb+0x120/ 0x380 genl_rcv+0x24/0x40 netlink_unicast+0x439/0x630 netlink_sendmsg+0x719/0xbf0 sock_sendmsg+0xe2/0x110 ____sys_sendmsg+0x5ba/0x890 ___sys_sendmsg+0xe9/0x160 __sy s_sendmsg+0xd3/0x170 do_syscall_64+0x33/0x40 Entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033: 0x7f957079db07 C\u00f3digo: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 eb ec ff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 24 ed ff ff 48 RSP: 002b:00007f956ce35a50 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RB X: 0000000000000019 RCX: 00007f957079db07 RDX: 0000000000000000 RSI: 00007f956ce35ae0 RDI: 0000000000000019 RBP: 00007f956ce35ae0 R08: 00000000000000000 R09: 00007f9558006730 R10: 0000000000000000 R11: 00000000000000293 R12: 0000000000000000 R13: 00007f956ce37308 R14: 00007f956ce35f80 R15: 00007f956ce35ae0 La direcci\u00f3n del error pertenece a la p\u00e1gina: p\u00e1gina:00000000af2a1d93 refcount:0 mapcount:0 mapeo:00000000000000000 index:0x0 pfn: 0x112fc7 banderas: 0x17ffffc0000000() sin formato: 0017ffffc0000000 0000000000000000 muerto000000000122 00000000000000000 sin formato: 0000000000000000 000000000000 0000 00000000ffffffff 0000000000000000 p\u00e1gina volcada porque: kasan: mal acceso detectado addr ffff888112fc713c est\u00e1 ubicado en la pila del controlador de tareas 2/1367 en el desplazamiento 180 en el framework: ovs_fragment+0x0/0x840 [ openvswitch] este framework tiene 2 objetos: [32, 144) 'ovs_dst' [192, 424) 'ovs_rt' Estado de la memoria alrededor de la direcci\u00f3n del error: ffff888112fc7000: f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff88811 2fc7080 : 00 f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00 >ffff888112fc7100: 00 00 00 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00 ^ ffff888112fc7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff888112fc7200: 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 00 00 para paquetes IPv4, ovs_fragment() utiliza una estructura temporal dst_entry. Luego, en el siguiente gr\u00e1fico de llamadas: ip_do_fragment() ip_skb_dst_mtu() ip_dst_mtu_maybe_forward() ip_mtu_locked() el puntero a struct dst_entry se usa como puntero a struct rtable: esto convierte el acceso a miembros de estructura como rt_mtu_locked en una lectura OOB en la pila. Solucione este problema cambiando la variable temporal utilizada para los paquetes IPv4 en ovs_fragment(), de manera similar a lo que se hace para IPv6 unas l\u00edneas m\u00e1s abajo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.134", + "versionEndExcluding": "4.4.269", + "matchCriteriaId": "65ED7534-D47C-47CE-BF7D-8022A6B38C4B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9.104", + "versionEndExcluding": "4.9.269", + "matchCriteriaId": "634D2BFA-73FA-4C9A-B897-11E3DD69E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.45", + "versionEndExcluding": "4.14.233", + "matchCriteriaId": "4C007C3B-E2A3-42E4-97C1-FDAC6B8515E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndExcluding": "4.19.191", + "matchCriteriaId": "F677F1C8-2451-43EC-9555-E283697C189E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "C83F5505-AF9D-4F2A-8D37-A8EB73ED772D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "003E22D0-CA29-4338-8B35-0754C740074F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/23e17ec1a5eb53fe39cc34fa5592686d5acd0dac", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/490ad0a2390442d0a7b8c00972a83dbb09cab142", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5a52fa8ad45b5a593ed416adf326538638454ff1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7c0ea5930c1c211931819d83cfb157bff1539a4c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a1478374b0bda89b4277a8afd39208271faad4be", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b1d7280f9ba1bfdbc3af5bdb82e51f014854f26f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b3502b04e84ac5349be95fc033c17bd701d2787a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d841d3cf5297fde4ce6a41ff35451d0e82917f3e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/df9e900de24637be41879e2c50afb713ec4e8b2e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/23e17ec1a5eb53fe39cc34fa5592686d5acd0dac", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/490ad0a2390442d0a7b8c00972a83dbb09cab142", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/5a52fa8ad45b5a593ed416adf326538638454ff1", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/7c0ea5930c1c211931819d83cfb157bff1539a4c", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/a1478374b0bda89b4277a8afd39208271faad4be", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/b1d7280f9ba1bfdbc3af5bdb82e51f014854f26f", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/b3502b04e84ac5349be95fc033c17bd701d2787a", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/d841d3cf5297fde4ce6a41ff35451d0e82917f3e", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/df9e900de24637be41879e2c50afb713ec4e8b2e", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46956.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46956.json index ff72d5afbfd..7531059fdb3 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46956.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46956.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46956", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:06.717", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:54:34.117", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,152 @@ "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: virtiofs: corrige p\u00e9rdida de memoria en virtio_fs_probe() Al pasar accidentalmente dos veces la misma etiqueta a qemu, kmemleak termin\u00f3 reportando una p\u00e9rdida de memoria en virtiofs. Adem\u00e1s, mirando el registro vi el siguiente error (fue entonces cuando me di cuenta de la etiqueta duplicada): virtiofs: la sonda de virtio5 fall\u00f3 con el error -17 Aqu\u00ed est\u00e1 el registro kmemleak como referencia: objeto sin referencia 0xffff888103d47800 (tama\u00f1o 1024): comm \"systemd- udevd\", pid 118, jiffies 4294893780 (edad 18.340 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 ......N....... ... ff ff ff ff ff ff ff ff 80 90 02 a0 ff ff ff ff ................ rastreo: [<000000000ebb87c1>] virtio_fs_probe+0x171/0x7ae [virtiofs] [<00000000f8aca419>] virtio_dev_probe+0x15f/0x210 [<000000004d6baf3c>] very_probe+0xea/0x430 [<00000000a6ceeac8>] device_driver_attach+0xa8/0xb0 [<00000000196f47a7 >] __driver_attach+0x98/0x140 [<000000000b20601d>] bus_for_each_dev+0x7b/0xc0 [<00000000399c7b7f>] bus_add_driver+0x11b/0x1f0 [<0000000032b09ba7>] driver_register+0x8f/0xe0 [<00000000cdd55998>] 0xffffffffa002c013 [<000000000ea196a2> ] do_one_initcall+0x64/0x2e0 [<0000000008f727ce>] do_init_module+0x5c/0x260 [<000000003cdedab6> ] __do_sys_finit_module+0xb5/0x120 [<00000000ad2f48c6>] do_syscall_64+0x33/0x40 [<00000000809526b5>] Entry_SYSCALL_64_after_hwframe+0x44/0xae " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "45C90F78-15A8-452F-AA7D-00A762FDEFE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "003E22D0-CA29-4338-8B35-0754C740074F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/310efc95c72c13faf855c692d19cd4d054d827c8", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/5116e79fc6e6725b8acdad8b7e928a83ab7b47e6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9b9d60c0eb8ada99cce2a9ab5c15dffc523b01ae", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c79c5e0178922a9e092ec8fed026750f39dcaef4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d19555ff225d0896a33246a49279e6d578095f15", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/310efc95c72c13faf855c692d19cd4d054d827c8", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/5116e79fc6e6725b8acdad8b7e928a83ab7b47e6", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/9b9d60c0eb8ada99cce2a9ab5c15dffc523b01ae", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/c79c5e0178922a9e092ec8fed026750f39dcaef4", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/d19555ff225d0896a33246a49279e6d578095f15", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46966.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46966.json index 155d7b1085e..6d43a6b17f2 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46966.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46966.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46966", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:07.127", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:55:15.673", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,43 +15,236 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ACPI: custom_method: soluciona un posible problema de use-after-free En cm_write(), buf siempre se libera al llegar al final de la funci\u00f3n. Si el recuento solicitado es menor que table.length, el b\u00fafer asignado se liberar\u00e1, pero las llamadas posteriores a cm_write() seguir\u00e1n intentando acceder a \u00e9l. Elimine el kfree(buf) incondicional al final de la funci\u00f3n y establezca el buf en NULL en la ruta de error -EINVAL para que coincida con el resto de la funci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.195", + "versionEndExcluding": "4.4.269", + "matchCriteriaId": "54A3D99C-739B-406F-AF5B-ABFF201FD7EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9.195", + "versionEndExcluding": "4.9.269", + "matchCriteriaId": "40842990-645D-419D-851F-07328ECC681E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.147", + "versionEndExcluding": "4.14.233", + "matchCriteriaId": "06219DEF-0B7F-4D93-9878-9DC640945517" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19.77", + "versionEndExcluding": "4.19.191", + "matchCriteriaId": "3E80ED24-F781-449F-8035-CBA0FB5C6691" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4", + "versionEndExcluding": "5.4.118", + "matchCriteriaId": "45C90F78-15A8-452F-AA7D-00A762FDEFE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "003E22D0-CA29-4338-8B35-0754C740074F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1d53ca5d131074c925ce38361fb0376d3bf7e394", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/62dc2440ebb552aa0d7f635e1697e077d9d21203", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/72814a94c38a33239793f7622cec6ace1e540c4b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8b04d57f30caf76649d0567551589af9a66ca9be", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/90575d1d9311b753cf1718f4ce9061ddda7dfd23", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a5b26a2e362f572d87e9fd35435680e557052a17", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b7a5baaae212a686ceb812c32fceed79c03c0234", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e483bb9a991bdae29a0caa4b3a6d002c968f94aa", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/f16737caf41fc06cfe6e49048becb09657074d4b", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/1d53ca5d131074c925ce38361fb0376d3bf7e394", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/62dc2440ebb552aa0d7f635e1697e077d9d21203", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/72814a94c38a33239793f7622cec6ace1e540c4b", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/8b04d57f30caf76649d0567551589af9a66ca9be", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/90575d1d9311b753cf1718f4ce9061ddda7dfd23", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/a5b26a2e362f572d87e9fd35435680e557052a17", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/b7a5baaae212a686ceb812c32fceed79c03c0234", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/e483bb9a991bdae29a0caa4b3a6d002c968f94aa", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/f16737caf41fc06cfe6e49048becb09657074d4b", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-469xx/CVE-2021-46967.json b/CVE-2021/CVE-2021-469xx/CVE-2021-46967.json index 3f8aa287a81..579e82f48a3 100644 --- a/CVE-2021/CVE-2021-469xx/CVE-2021-46967.json +++ b/CVE-2021/CVE-2021-469xx/CVE-2021-46967.json @@ -2,8 +2,8 @@ "id": "CVE-2021-46967", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-27T19:04:07.170", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:55:35.723", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,23 +15,131 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: vhost-vdpa: corrige vm_flags para el mapeo del timbre virtqueue El timbre virtqueue generalmente se implementa a trav\u00e9s de registros, pero no proporcionamos los vma->flags necesarios como VM_PFNMAP. Esto puede causar varios problemas, por ejemplo, cuando el espacio de usuario intenta asignar el timbre a trav\u00e9s de vhost IOTLB, el kernel puede entrar en p\u00e1nico debido a que la p\u00e1gina no est\u00e1 respaldada por la estructura de la p\u00e1gina. Este parche soluciona este problema configurando los vm_flags necesarios. Con este parche, intentar asignar el timbre a trav\u00e9s de IOTLB fallar\u00e1 con una direcci\u00f3n incorrecta." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8", + "versionEndExcluding": "5.10.36", + "matchCriteriaId": "4A500519-BED3-4E94-A4DF-98098BF45173" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.20", + "matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.3", + "matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3b8b6399666a29daa30b0bb3f5c9e3fc81c5a6a6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/93dbbf20e3ffad14f04227a0b7105f6e6f0387ce", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/940230a5c31e2714722aee04c521a21f484b4df7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/3a3e0fad16d40a2aa68ddf7eea4acdf48b22dd44", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/3b8b6399666a29daa30b0bb3f5c9e3fc81c5a6a6", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/93dbbf20e3ffad14f04227a0b7105f6e6f0387ce", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/940230a5c31e2714722aee04c521a21f484b4df7", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-470xx/CVE-2021-47025.json b/CVE-2021/CVE-2021-470xx/CVE-2021-47025.json index 48a8c563f0f..08431eb17b9 100644 --- a/CVE-2021/CVE-2021-470xx/CVE-2021-47025.json +++ b/CVE-2021/CVE-2021-470xx/CVE-2021-47025.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47025", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:39.290", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T18:52:52.237", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/mediatek: habilite siempre clk al reanudar. En mtk_iommu_runtime_resume habilite siempre clk, incluso si m4u_dom es nulo. De lo contrario, el cb 'suspender' podr\u00eda desactivar el clk que ya est\u00e1 desactivado provocando la advertencia: [1.586104] infra_m4u ya desactivado [1.586133] ADVERTENCIA: CPU: 0 PID: 121 en drivers/clk/clk.c:952 clk_core_disable+0xb0/0xb8 [ 1.594391] mtk-iommu 10205000.iommu: enlazado 18001000.larb (ops mtk_smi_larb_component_ops) [ 1.598108] M\u00f3dulos vinculados en: [ 1.598114] CPU: 0 PID: 121 Comm: kworker/0:2 No contaminado 5.12.0 -rc5 #69 [ 1.609246] mtk-iommu 10205000.iommu: enlazado 14027000.larb (ops mtk_smi_larb_component_ops) [ 1.617487] Nombre del hardware: Google Elm (DT) [ 1.617491] Cola de trabajo: pm pm_runtime_work [ 1.620545] mtk-iomm u 10205000.iommu: encuadernado 19001000.larb (ops mtk_smi_larb_component_ops) [1.627229] pstate: 60000085 (nZCv daIf -PAN -UAO -TCO BTYPE=--) [1.659297] pc: clk_core_disable+0xb0/0xb8 [1.663475] lr: clk_core_disable+0xb0/0x b8 [1.667652] sp: ffff800011b9bbe0 [ 1.670959] x29: ffff800011b9bbe0 x28: 0000000000000000 [ 1.676267] x27: ffff800011448000 x26: ffff8000100cfd98 [ 1.681574] x25: ffff800011b9 bd48 x24: 0000000000000000 [ 1.686882] x23: 0000000000000000 x22: ffff8000106fad90 [ 1.692189] x21: 0000000000000000a x20: ffff0000c004850 0 [1,697496] x19: ffff0000c0048500 x18: ffffffffffffffff [ 1.702804] x17: 0000000000000000 x16: 00000000000000000 [ 1.708112] x15: ffff800011460300 x14: ffffffffffe000 0 [ 1.713420] x13: ffff8000114602d8 x12: 0720072007200720 [ 1.718727] x11: 0720072007200720 x10: 0720072007200720 [ 1.724035] x9 : ffff800 011b9bbe0 x8: ffff800011b9bbe0 [ 1.729342] x7: 0000000000000009 x6: ffff8000114b8328 [1.734649] x5: 0000000000000000 x4: 00000000000000000 [1.739956] x3: 00000000ffff ffff x2: ffff800011460298 [1.745263] x1: 1af1d7de276f4500 x0: 0000000000000000 [1.750572] Rastreo de llamadas: [1.753010] clk_core_disable+0xb0/0xb8 [ 1.756840] clk_core_disable_lock+0x24/0x40 [ 1.761105] clk_disable+0x20/0x30 [ 1.764501] mtk_iommu_runtime_suspend+0x88/0xa8 [ 1.769114] pm_generic_runtime_suspend+0x2c/0x48 [ 1 .773815] __rpm_callback+0xe0/0x178 [ 1.777559] rpm_callback+0x24/0x88 [ 1.781041] rpm_suspend+0xdc/0x470 [ 1.784523] rpm_idle+0x12c/0x170 [ 1.787831] pm_runtime_work+0xa8/0xc0 [ 1.791573] Process_one_work+0x1e8/0x360 [ 1.795580] trabajador_thread+0x44/0x478 [ 1.799237] kthread+0x150/0x158 [ 1.802460] ret_from_fork+ 0x10/0x30 [1.806034] ---[ final de seguimiento 82402920ef64573b ]--- [ 1.810728] ------------[ cortar aqu\u00ed ]------------ Adem\u00e1s , ahora no necesitamos habilitar el reloj desde la funci\u00f3n mtk_iommu_hw_init ya que ya est\u00e1 habilitado en el curr\u00edculum." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/5cad9e2caa9613fdcd246bd4ebf0ffbec1cba2ca", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b34ea31fe013569d42b7e8681ef3f717f77c5b72", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/5cad9e2caa9613fdcd246bd4ebf0ffbec1cba2ca", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/b34ea31fe013569d42b7e8681ef3f717f77c5b72", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-470xx/CVE-2021-47041.json b/CVE-2021/CVE-2021-470xx/CVE-2021-47041.json index 10378deb33c..c786854a961 100644 --- a/CVE-2021/CVE-2021-470xx/CVE-2021-47041.json +++ b/CVE-2021/CVE-2021-470xx/CVE-2021-47041.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47041", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:40.037", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T18:41:12.523", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,27 +15,152 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvmet-tcp: corrige el bloqueo incorrecto en la devoluci\u00f3n de llamada de state_change sk No estamos cambiando nada en el estado de la conexi\u00f3n TCP, por lo que no debemos tomar un bloqueo de escritura sino un bloqueo de lectura. Esto caus\u00f3 un punto muerto al ejecutar nvmet-tcp y nvme-tcp en el mismo sistema, donde las devoluciones de llamada state_change en el host y en el lado del controlador tienen una relaci\u00f3n causal y generaron un informe de lockdep sobre esto con blktests: ========= ======================= ADVERTENCIA: estado de bloqueo inconsistente 5.12.0-rc3 #1 Contaminado: GI ------------ -------------------- uso inconsistente de {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-R}. nvme/1324 [HC0[0]:SC0[0]:HE1:SE1] toma: ffff888363151000 (reloj-AF_INET){++-?}-{2:2}, en: nvme_tcp_state_change+0x21/0x150 [nvme_tcp] { IN-SOFTIRQ-W} el estado se registr\u00f3 en: __lock_acquire+0x79b/0x18d0 lock_acquire+0x1ca/0x480 _raw_write_lock_bh+0x39/0x80 nvmet_tcp_state_change+0x21/0x170 [nvmet_tcp] tcp_fin+0x2a8/0x780 tcp_data_queue +0xf94/0x1f20 tcp_rcv_establecido+0x6ba/0x1f00 tcp_v4_do_rcv +0x502/0x760 tcp_v4_rcv+0x257e/0x3430 ip_protocol_deliver_rcu+0x69/0x6a0 ip_local_deliver_finish+0x1e2/0x2f0 ip_local_deliver+0x1a2/0x420 ip_rcv+0x4fb/0x6b0 __netif_receive _skb_one_core+0x162/0x1b0 proceso_backlog+0x1ff/0x770 __napi_poll.constprop.0+0xa9/0x5c0 net_rx_action+ 0x7b3/0xb30 __do_softirq+0x1f0/0x940 do_softirq+0xa1/0xd0 __local_bh_enable_ip+0xd8/0x100 ip_finish_output2+0x6b7/0x18a0 __ip_queue_xmit+0x706/0x1aa0 __tcp_transmit_skb+0 x2068/0x2e20 tcp_write_xmit+0xc9e/0x2bb0 __tcp_push_pending_frames+0x92/0x310 inet_shutdown+0x158/0x300 __nvme_tcp_stop_queue+ 0x36/0x270 [nvme_tcp] nvme_tcp_stop_queue+0x87/0xb0 [nvme_tcp] nvme_tcp_teardown_admin_queue+0x69/0xe0 [nvme_tcp] nvme_do_delete_ctrl+0x100/0x10c [nvme_core] nv me_sysfs_delete.cold+0x8/0xd [nvme_core] kernfs_fop_write_iter+0x2c7/0x460 new_sync_write+0x36c/0x610 vfs_write+0x5c0/0x870 ksys_write+0xf9/0x1d0 do_syscall_64+0x33/0x40 Entry_SYSCALL_64_after_hwframe+0x44/0xae Sello de evento irq: 10687 hardirqs habilitado por \u00faltima vez en (10687): [] _raw_spin_unlock _irqrestore+0x2d/0x40 hardirqs se deshabilit\u00f3 por \u00faltima vez en (10686) : [] _raw_spin_lock_irqsave+0x68/0x90 softirqs habilitado por \u00faltima vez en (10684): [] __do_softirq+0x608/0x940 softirqs deshabilitado por \u00faltima vez en (10649): [] do_softirq+0xa1 /0xd0 otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: Posible escenario de bloqueo inseguro: CPU0 ---- lock(clock-AF_INET); bloqueo(reloj-AF_INET); *** DEADLOCK *** 5 bloqueos retenidos por nvme/1324: #0: ffff8884a01fe470 (sb_writers#4){.+.+}-{0:0}, en: ksys_write+0xf9/0x1d0 #1: ffff8886e435c090 (&of ->mutex){+.+.}-{3:3}, en: kernfs_fop_write_iter+0x216/0x460 #2: ffff888104d90c38 (kn->active#255){++++}-{0:0}, en : kernfs_remove_self+0x22d/0x330 #3: ffff8884634538d0 (&queue->queue_lock){+.+.}-{3:3}, en: nvme_tcp_stop_queue+0x52/0xb0 [nvme_tcp] #4: ffff888363150d30 (sk_lock-AF _INET){+ .+.}-{0:0}, en: inet_shutdown+0x59/0x300 seguimiento de pila: CPU: 26 PID: 1324 Comunicaciones: nvme Contaminado: GI 5.12.0-rc3 #1 Nombre de hardware: Dell Inc. PowerEdge R640/06NR82 , BIOS 2.10.0 12/11/2020 Seguimiento de llamadas: dump_stack+0x93/0xc2 mark_lock_irq.cold+0x2c/0xb3? verificar_lock_unused+0x390/0x390? stack_trace_consume_entry+0x160/0x160? lock_downgrade+0x100/0x100? save_trace+0x88/0x5e0? _raw_spin_unlock_irqrestore+0x2d/0x40 mark_lock+0x530/0x1470 ? mark_lock_irq+0x1d10/0x1d10? enqueue_timer+0x660/0x660 mark_usage+0x215/0x2a0 __lock_acquire+0x79b/0x18d0? tcp_schedule_loss_probe.part.0+0x38c/0x520 lock_acquire+0x1ca/0x480? nvme_tcp_state_change+0x21/0x150 [nvme_tcp] ? rcu_read_unlock+0x40/0x40? tcp_mtu_probe+0x1ae0/0x1ae0? kmalloc_reserve+0xa0/0xa0? sysfs_file_ops+0x170/0x170 _raw_read_lock+0x3d/0xa0 ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp] nvme_tcp_state_change+0x21/0x150 [nvme_tcp] ? sysfs_file_ops ---truncado---" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0", + "versionEndExcluding": "5.4.119", + "matchCriteriaId": "9CE89AEF-FBDF-4C15-B17B-1A7C321B30AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.37", + "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.21", + "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/06beaa1a9f6e501213195e47c30416032fd2bbd5", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/60ade0d56b06537a28884745059b3801c78e03bc", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/906c538340dde6d891df89fe7dac8eaa724e40da", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/999d606a820c36ae9b9e9611360c8b3d8d4bb777", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/b5332a9f3f3d884a1b646ce155e664cc558c1722", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-470xx/CVE-2021-47042.json b/CVE-2021/CVE-2021-470xx/CVE-2021-47042.json index cc3ffb35bd2..e92fff1d70a 100644 --- a/CVE-2021/CVE-2021-470xx/CVE-2021-47042.json +++ b/CVE-2021/CVE-2021-470xx/CVE-2021-47042.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47042", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:40.083", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T18:41:24.943", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,15 +15,89 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: datos locales gratuitos despu\u00e9s de su uso. Corrige la siguiente p\u00e9rdida de memoria en dc_link_construct(): objeto sin referencia 0xffffa03e81471400 (tama\u00f1o 1024): comm \"amd_module_load\", pid 2486, jiffies 4294946026 (edad 10,544 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ retroceso: [<000000000bdf5c4a>] kmem_cache_alloc_trace+0x30a/0x4a0 [<00000000e7c59f0e>] link_create+0xce/0xac0 [amdgpu] [<000000002fb6c072>] dc_create+0x370/0x720 [amdgpu] [<000000000094d1f3>] amdgpu_dm_init+0x18e/0x17a0 [amdgpu] [<00000000bec048fd>] dm_hw_in es+0x12/0x20 [amdgpu] [<00000000a2bb7cf6>] amdgpu_device_init+0x1463 /0x1e60 [amdgpu] [<0000000032d3bb13>] amdgpu_driver_load_kms+0x5b/0x330 [amdgpu] [<00000000a27834f9>] amdgpu_pci_probe+0x192/0x280 [amdgpu] [<00000000fec7d29 1>] local_pci_probe+0x47/0xa0 [<0000000055dbbfa7>] pci_device_probe+0xe3/ 0x180 [<00000000815da970>] very_probe+0x1c4/0x4e0 [<00000000b4b6974b>] driver_probe_device+0x62/0x150 [<000000000f9ecc61>] device_driver_attach+0x58/0x60 [<0000000 00f65c843>] __driver_attach+0xd6/0x150 [<000000002f5e3683>] bus_for_each_dev+0x6a/ 0xc0 [<00000000a1cfc897>] controlador_attach+0x1e/0x20" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/296443139f893b554dddd56a99ba8471ab5802d4", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/616cf23b6cf40ad6f03ffbddfa1b6c4eb68d8ae1", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/296443139f893b554dddd56a99ba8471ab5802d4", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/616cf23b6cf40ad6f03ffbddfa1b6c4eb68d8ae1", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-470xx/CVE-2021-47045.json b/CVE-2021/CVE-2021-470xx/CVE-2021-47045.json index b04dde07b49..27c670b2289 100644 --- a/CVE-2021/CVE-2021-470xx/CVE-2021-47045.json +++ b/CVE-2021/CVE-2021-470xx/CVE-2021-47045.json @@ -2,8 +2,8 @@ "id": "CVE-2021-47045", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-02-28T09:15:40.223", - "lastModified": "2024-02-28T14:06:45.783", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T18:41:37.933", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,110 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: lpfc: corrige la desreferencia del puntero nulo en lpfc_prep_els_iocb() Es posible llamar a lpfc_issue_els_plogi() pasando un did para el cual no se encuentra ning\u00fan ndlp coincidente. Luego se realiza una llamada a lpfc_prep_els_iocb() con un puntero nulo a una estructura lpfc_nodelist, lo que da como resultado una desreferencia del puntero nulo. Corrija devolviendo un estado de error si no se encuentra ning\u00fan ndlp v\u00e1lido. Corrija los comentarios sobre el recuento de referencias de ndlp." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.11.21", + "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.12", + "versionEndExcluding": "5.12.4", + "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/8dd1c125f7f838abad009b64bff5f0a11afe3cb6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/9bdcfbed2a9fe24d2c7eaa1bad7c705e18de8cc7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a09677de458d500b00701f6036baa423d9995408", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/8dd1c125f7f838abad009b64bff5f0a11afe3cb6", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/9bdcfbed2a9fe24d2c7eaa1bad7c705e18de8cc7", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://git.kernel.org/stable/c/a09677de458d500b00701f6036baa423d9995408", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-258xx/CVE-2022-25883.json b/CVE-2022/CVE-2022-258xx/CVE-2022-25883.json index 29e00fe00ef..5767d48aac0 100644 --- a/CVE-2022/CVE-2022-258xx/CVE-2022-25883.json +++ b/CVE-2022/CVE-2022-258xx/CVE-2022-25883.json @@ -2,7 +2,7 @@ "id": "CVE-2022-25883", "sourceIdentifier": "report@snyk.io", "published": "2023-06-21T05:15:09.060", - "lastModified": "2023-11-07T03:44:51.993", + "lastModified": "2024-12-06T17:15:07.260", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -13,32 +13,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, { "source": "report@snyk.io", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -46,16 +28,44 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 3.9, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, "weaknesses": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1333" + } + ] + }, { "source": "nvd@nist.gov", "type": "Primary", @@ -67,7 +77,7 @@ ] }, { - "source": "report@snyk.io", + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [ { @@ -154,6 +164,55 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://github.com/npm/node-semver/blob/main/classes/range.js%23L97-L104", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Broken Link" + ] + }, + { + "url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L138", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Broken Link" + ] + }, + { + "url": "https://github.com/npm/node-semver/blob/main/internal/re.js%23L160", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Broken Link" + ] + }, + { + "url": "https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] + }, + { + "url": "https://github.com/npm/node-semver/pull/564", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Vendor Advisory" + ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241025-0004/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-297xx/CVE-2023-29709.json b/CVE-2023/CVE-2023-297xx/CVE-2023-29709.json index 65c63b54c24..a4299c07899 100644 --- a/CVE-2023/CVE-2023-297xx/CVE-2023-29709.json +++ b/CVE-2023/CVE-2023-297xx/CVE-2023-29709.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29709", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-22T11:15:09.437", - "lastModified": "2023-06-30T16:33:44.100", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T17:15:07.473", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +28,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 @@ -91,6 +111,21 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://github.com/shellpei/Wildix-Logical/blob/main/CVE-2023-29709", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://holistic-height-e6d.notion.site/Wildix-WSG24POE-Logical-vulnerability-7780c24cc25b40dd9d2830f7b21f04a3", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33289.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33289.json index e11b088bb5d..18f71840a84 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33289.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33289.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33289", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-21T20:15:10.157", - "lastModified": "2023-06-28T16:44:05.340", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T18:15:20.427", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +28,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 @@ -45,6 +65,16 @@ "value": "CWE-1333" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-1333" + } + ] } ], "configurations": [ @@ -87,6 +117,28 @@ "tags": [ "Product" ] + }, + { + "url": "https://gist.github.com/6en6ar/b118888dc739e8979038f24c8ac33611", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/progscrape/urlnorm", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] + }, + { + "url": "https://lib.rs/crates/urlnorm", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33405.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33405.json index 1d295dc9820..2a41bc0f614 100644 --- a/CVE-2023/CVE-2023-334xx/CVE-2023-33405.json +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33405.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33405", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-21T21:15:11.357", - "lastModified": "2023-06-28T15:46:39.587", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T18:15:21.373", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +28,27 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 2.7 @@ -45,6 +65,16 @@ "value": "CWE-601" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] } ], "configurations": [ @@ -73,6 +103,14 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://github.com/hacip/CVE-2023-33405", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33591.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33591.json index 22fbfdd662b..88e67177026 100644 --- a/CVE-2023/CVE-2023-335xx/CVE-2023-33591.json +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33591.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33591", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-21T20:15:10.213", - "lastModified": "2023-06-28T15:47:35.893", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T18:15:21.610", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +28,27 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 2.7 @@ -45,6 +65,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ @@ -78,6 +108,20 @@ "tags": [ "Product" ] + }, + { + "url": "https://github.com/DARSHANAGUPTA10/CVE/blob/main/CVE%202023-33591", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-337xx/CVE-2023-33725.json b/CVE-2023/CVE-2023-337xx/CVE-2023-33725.json index e86b4f0f8c5..a01a264a2e3 100644 --- a/CVE-2023/CVE-2023-337xx/CVE-2023-33725.json +++ b/CVE-2023/CVE-2023-337xx/CVE-2023-33725.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33725", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-21T16:15:11.413", - "lastModified": "2023-07-05T15:52:44.110", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-06T18:15:21.850", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -26,9 +28,27 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 2.7 @@ -45,6 +65,16 @@ "value": "CWE-79" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ @@ -82,6 +112,15 @@ "Mitigation", "Third Party Advisory" ] + }, + { + "url": "https://github.com/Contrast-Security-OSS/Burptrast/tree/main/docs/CVE-2023-33725", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Mitigation", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-109xx/CVE-2024-10905.json b/CVE-2024/CVE-2024-109xx/CVE-2024-10905.json index 9c6acceaf14..93f5c4ef23d 100644 --- a/CVE-2024/CVE-2024-109xx/CVE-2024-10905.json +++ b/CVE-2024/CVE-2024-109xx/CVE-2024-10905.json @@ -2,13 +2,13 @@ "id": "CVE-2024-10905", "sourceIdentifier": "psirt@sailpoint.com", "published": "2024-12-02T15:15:10.240", - "lastModified": "2024-12-04T17:15:11.697", + "lastModified": "2024-12-06T18:15:22.207", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions\u00a0allows HTTP access to\u00a0static content in the IdentityIQ application directory that should be protected." + "value": "IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions\u00a0allow HTTP/HTTPS access to\u00a0static content in the IdentityIQ application directory that should be protected." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-111xx/CVE-2024-11158.json b/CVE-2024/CVE-2024-111xx/CVE-2024-11158.json index 2a4b277e44d..24ca6779ae7 100644 --- a/CVE-2024/CVE-2024-111xx/CVE-2024-11158.json +++ b/CVE-2024/CVE-2024-111xx/CVE-2024-11158.json @@ -2,7 +2,7 @@ "id": "CVE-2024-11158", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2024-12-05T18:15:21.243", - "lastModified": "2024-12-05T18:15:21.243", + "lastModified": "2024-12-06T17:15:07.970", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -55,6 +55,28 @@ "providerUrgency": "NOT_DEFINED" } } + ], + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } ] }, "weaknesses": [ diff --git a/CVE-2024/CVE-2024-112xx/CVE-2024-11220.json b/CVE-2024/CVE-2024-112xx/CVE-2024-11220.json new file mode 100644 index 00000000000..7d48be1d922 --- /dev/null +++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11220.json @@ -0,0 +1,104 @@ +{ + "id": "CVE-2024-11220", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:22.407", + "lastModified": "2024-12-06T18:15:22.407", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-279" + } + ] + } + ], + "references": [ + { + "url": "https://openautomationsoftware.com/downloads/", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-03", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11680.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11680.json index e21072393a8..35ec23fdda0 100644 --- a/CVE-2024/CVE-2024-116xx/CVE-2024-11680.json +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11680.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11680", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2024-11-26T10:15:04.540", - "lastModified": "2024-12-04T02:00:02.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T18:42:17.390", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -53,28 +73,73 @@ "value": "CWE-287" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:projectsend:projectsend:*:*:*:*:*:*:*:*", + "versionEndExcluding": "r1720", + "matchCriteriaId": "7595D81C-8332-4FF5-A6B6-DF6203DEF6A5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/projectsend-auth-bypass.yaml", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/projectsend_unauth_rce.rb", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vulncheck.com/advisories/projectsend-bypass", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.synacktiv.com/sites/default/files/2024-07/synacktiv-projectsend-multiple-vulnerabilities.pdf", - "source": "disclosure@vulncheck.com" + "source": "disclosure@vulncheck.com", + "tags": [ + "Mitigation", + "Technical Description", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-210xx/CVE-2024-21070.json b/CVE-2024/CVE-2024-210xx/CVE-2024-21070.json index 2870d713727..3c1c6c6d568 100644 --- a/CVE-2024/CVE-2024-210xx/CVE-2024-21070.json +++ b/CVE-2024/CVE-2024-210xx/CVE-2024-21070.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21070", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-04-16T22:15:25.650", - "lastModified": "2024-04-17T12:48:31.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:08:50.733", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secalert_us@oracle.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,19 +32,66 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 2.5 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", + "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*", + "matchCriteriaId": "AF191D4F-3D54-4525-AAF5-B70D3FD2F818" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*", + "matchCriteriaId": "18F15FC6-947A-462A-8329-C52907799A7C" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-210xx/CVE-2024-21093.json b/CVE-2024/CVE-2024-210xx/CVE-2024-21093.json index 22a4f1a1fe2..efc3b4565b8 100644 --- a/CVE-2024/CVE-2024-210xx/CVE-2024-21093.json +++ b/CVE-2024/CVE-2024-210xx/CVE-2024-21093.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21093", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-04-16T22:15:29.680", - "lastModified": "2024-04-17T12:48:31.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:03:13.813", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secalert_us@oracle.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -30,19 +32,65 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.6, "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:java_virtual_machine:*:*:*:*:*:*:*:*", + "versionStartIncluding": "19.3", + "versionEndIncluding": "19.22", + "matchCriteriaId": "6127D254-1C5B-4F95-938D-F3E7ACE9D4F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:java_virtual_machine:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.3", + "versionEndIncluding": "21.13", + "matchCriteriaId": "72F38047-4BD1-40D1-810A-BC3D154225EB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26164.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26164.json index 3ada76a88b2..2ff58946a48 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26164.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26164.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26164", "sourceIdentifier": "secure@microsoft.com", "published": "2024-03-12T17:15:55.643", - "lastModified": "2024-04-11T20:15:33.877", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:14:53.333", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,12 +49,50 @@ "value": "CWE-20" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:django_backend:*:*:*:*:*:sql_server:*:*", + "versionEndExcluding": "1.4.1", + "matchCriteriaId": "99DC22EF-0D58-4BC4-BC1E-26D4737104CF" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26164", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26164", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26166.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26166.json index 96363943d81..c7fc11ca13a 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26166.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26166.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26166", "sourceIdentifier": "secure@microsoft.com", "published": "2024-03-12T17:15:55.993", - "lastModified": "2024-04-11T20:15:33.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:13:11.063", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,12 +49,154 @@ "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.10240.20526", + "matchCriteriaId": "FAE3130D-C88C-42C1-89EF-A8F86254E04D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.10240.20526", + "matchCriteriaId": "CFF4870F-71A6-4ED9-B398-0757DC9A9B77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.14393.6796", + "matchCriteriaId": "EA2CA05A-8688-45D6-BC96-627DEB1962E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.14393.6796", + "matchCriteriaId": "F7C03B8B-2E86-4FEB-9925-623CC805AD34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "6FBF7292-731F-493E-BF30-C8561ACFE379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.4170", + "matchCriteriaId": "2CA95D8E-CAD9-4D07-AE35-36D83D546AA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.4170", + "matchCriteriaId": "968B931A-18E6-4425-B326-5A02C0B93A08" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2836", + "matchCriteriaId": "D08CEC8B-343C-486E-B6FA-F4D60ACF7E63" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.3296", + "matchCriteriaId": "4DBD4A55-729C-4F86-AE29-6067F62FD03A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22631.3296", + "matchCriteriaId": "A332CC68-568F-406B-8463-9FEF359BEA4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6796", + "matchCriteriaId": "2545664A-E87B-40F7-9C19-53AEC8198B81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.5576", + "matchCriteriaId": "FFF3EE72-52DE-4CB2-8D42-74809CD7B292" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2333", + "matchCriteriaId": "5F08760C-CF31-4507-8CBD-21A2FEAE478C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.20348.2340", + "matchCriteriaId": "9EDA5547-D293-41D0-A10C-4A613E725231" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.25398.763", + "matchCriteriaId": "0AD05A2D-BA23-4B63-8B75-1395F74C36CB" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26166", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26166", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26198.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26198.json index af15eea7e02..a26ea7381ce 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26198.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26198.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26198", "sourceIdentifier": "secure@microsoft.com", "published": "2024-03-12T17:15:58.223", - "lastModified": "2024-05-29T00:15:37.817", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:12:07.640", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 @@ -49,12 +49,229 @@ "value": "CWE-426" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*", + "matchCriteriaId": "8039FBA1-73D4-4FF2-B183-0DCC961CBFF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*", + "matchCriteriaId": "56728785-188C-470A-9692-E6C7235109CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*", + "matchCriteriaId": "63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*", + "matchCriteriaId": "9BE04790-85A2-4078-88CE-1787BC5172E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*", + "matchCriteriaId": "CCF101BE-27FD-4E2D-A694-C606BD3D1ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*", + "matchCriteriaId": "4DF5BDB5-205D-4B64-A49A-0152AFCF4A13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*", + "matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*", + "matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*", + "matchCriteriaId": "4830D6A9-AF74-480C-8F69-8648CD619980" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*", + "matchCriteriaId": "079E1E3F-FF25-4B0D-AC98-191D6455A014" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*", + "matchCriteriaId": "29805EC7-6403-44B9-91EC-109C087E98EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*", + "matchCriteriaId": "28FCA0E8-7D27-4746-9731-91B834CA3E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*", + "matchCriteriaId": "996163E7-6F3F-4D3B-AEA4-62A7F7E1F54D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*", + "matchCriteriaId": "19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*", + "matchCriteriaId": "3BE427A4-B0C2-4064-8234-29426325C348" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*", + "matchCriteriaId": "449CE85B-E599-44D3-A7C1-5133F6A55E86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*", + "matchCriteriaId": "FE401B0A-DDE4-4A36-8E27-6DB14E094BE2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*", + "matchCriteriaId": "450319C4-7C8F-43B7-B7F8-80DA4F1F2817" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*", + "matchCriteriaId": "23015889-48AF-40A5-862F-290E73A54E77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*", + "matchCriteriaId": "4FC34516-D7E7-4AD9-9B45-5474831548E0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*", + "matchCriteriaId": "5211792E-5292-41C0-B7E9-8AA63EC606EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*", + "matchCriteriaId": "075E907F-AF2F-4C31-86C7-51972BE412A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*", + "matchCriteriaId": "69AF19DC-3D65-49A8-A85F-511085CDF27B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*", + "matchCriteriaId": "40D8A6DB-9225-4A3F-AD76-192F6CCCF002" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*", + "matchCriteriaId": "051DE6C4-7456-4C42-BC51-253208AADB4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*", + "matchCriteriaId": "B4185347-EEDD-4239-9AB3-410E2EC89D2A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*", + "matchCriteriaId": "435343A4-BF10-461A-ABF2-D511A5FBDA75" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*", + "matchCriteriaId": "B23C8E3E-5243-4DA6-B9AA-F6053084B55E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*", + "matchCriteriaId": "583745C7-B802-4CBE-BD88-B5B9AF9B5371" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*", + "matchCriteriaId": "EE320413-D2C9-4B28-89BF-361B44A3F0FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*", + "matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*", + "matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*", + "matchCriteriaId": "8A9FB275-7F17-48B2-B528-BE89309D2AF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*", + "matchCriteriaId": "D4AB3C25-CEA8-4D66-AEE4-953C8B17911A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*", + "matchCriteriaId": "36CE5C6D-9A04-41F5-AE7C-265779833649" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*", + "matchCriteriaId": "44ECF39A-1DE1-4870-A494-06A53494338D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*", + "matchCriteriaId": "71CDF29B-116B-4DE2-AFD0-B62477FF0AEB" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26198", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26198", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26199.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26199.json index a58ef8f47e1..2dd0731b607 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26199.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26199.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26199", "sourceIdentifier": "secure@microsoft.com", "published": "2024-03-12T17:15:58.393", - "lastModified": "2024-05-29T00:15:37.927", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:12:27.343", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -49,12 +49,49 @@ "value": "CWE-59" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", + "matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26199", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26199", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-262xx/CVE-2024-26201.json b/CVE-2024/CVE-2024-262xx/CVE-2024-26201.json index 127fe232f14..dc9d0a14872 100644 --- a/CVE-2024/CVE-2024-262xx/CVE-2024-26201.json +++ b/CVE-2024/CVE-2024-262xx/CVE-2024-26201.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26201", "sourceIdentifier": "secure@microsoft.com", "published": "2024-03-12T17:15:58.560", - "lastModified": "2024-04-11T20:15:35.327", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-06T17:02:30.493", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secure@microsoft.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", + "baseScore": 6.6, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", - "baseScore": 6.6, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.3, "impactScore": 5.2 @@ -49,12 +49,50 @@ "value": "CWE-284" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:intune_company_portal:*:*:*:*:*:android:*:*", + "versionEndExcluding": "1.2402.12", + "matchCriteriaId": "975A26D7-ACF6-4C83-A8C0-FAE98A8F2E1D" + } + ] + } + ] } ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26201", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26201", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json index c1a233cbaa4..f9aa5b296c8 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27223.json @@ -2,7 +2,7 @@ "id": "CVE-2024-27223", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:48.603", - "lastModified": "2024-11-15T21:35:13.053", + "lastModified": "2024-12-06T18:15:24.070", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,19 +32,33 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "LOW", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 2.5, "impactScore": 2.5 } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-03-01", "source": "dsap-vuln-management@google.com" + }, + { + "url": "https://source.android.com/security/bulletin/pixel/2024-03-01", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json b/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json index 1eec646f75a..d986baefabc 100644 --- a/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json +++ b/CVE-2024/CVE-2024-272xx/CVE-2024-27234.json @@ -2,7 +2,7 @@ "id": "CVE-2024-27234", "sourceIdentifier": "dsap-vuln-management@google.com", "published": "2024-03-11T19:15:49.010", - "lastModified": "2024-11-04T17:35:12.957", + "lastModified": "2024-12-06T18:15:24.243", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,19 +32,33 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 5.9, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 2.5, "impactScore": 3.4 } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2024-03-01", "source": "dsap-vuln-management@google.com" + }, + { + "url": "https://source.android.com/security/bulletin/pixel/2024-03-01", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-383xx/CVE-2024-38344.json b/CVE-2024/CVE-2024-383xx/CVE-2024-38344.json index 91f4a6956cf..972d06f93fb 100644 --- a/CVE-2024/CVE-2024-383xx/CVE-2024-38344.json +++ b/CVE-2024/CVE-2024-383xx/CVE-2024-38344.json @@ -2,7 +2,7 @@ "id": "CVE-2024-38344", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2024-07-04T01:15:02.260", - "lastModified": "2024-07-05T12:55:51.367", + "lastModified": "2024-12-06T18:15:24.490", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,42 @@ "value": "Existe una vulnerabilidad de Cross-Site Request Forgery en las versiones de WP Tweet Walls anteriores a la 1.0.4. Si se explota esta vulnerabilidad, un atacante permite que un usuario que inicia sesi\u00f3n en el sitio de WordPress donde est\u00e1 habilitado el complemento afectado acceda a una p\u00e1gina maliciosa. Como resultado, el usuario puede realizar operaciones no deseadas en el sitio de WordPress." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN34977158/", @@ -24,6 +59,14 @@ { "url": "https://wordpress.org/plugins/wp-tweet-walls/", "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://jvn.jp/en/jp/JVN34977158/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://wordpress.org/plugins/wp-tweet-walls/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42494.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42494.json new file mode 100644 index 00000000000..95f80c1c9f2 --- /dev/null +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42494.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-42494", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:24.707", + "lastModified": "2024-12-06T18:15:24.707", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-359" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4456.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4456.json index 7dbda7733cd..504a907facd 100644 --- a/CVE-2024/CVE-2024-44xx/CVE-2024-4456.json +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4456.json @@ -2,7 +2,7 @@ "id": "CVE-2024-4456", "sourceIdentifier": "security@octopus.com", "published": "2024-05-08T01:15:06.667", - "lastModified": "2024-05-08T13:15:00.690", + "lastModified": "2024-12-06T18:15:25.450", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.1, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", @@ -30,19 +32,33 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 4.1, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 0.7, "impactScore": 3.4 } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://advisories.octopus.com/post/2024/sa2024-04/", "source": "security@octopus.com" + }, + { + "url": "https://advisories.octopus.com/post/2024/sa2024-04/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47043.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47043.json new file mode 100644 index 00000000000..feefb7f6316 --- /dev/null +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47043.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-47043", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:24.853", + "lastModified": "2024-12-06T18:15:24.853", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-922" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47547.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47547.json new file mode 100644 index 00000000000..67f48c2e274 --- /dev/null +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47547.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-47547", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:25.017", + "lastModified": "2024-12-06T18:15:25.017", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication vulnerable to brute force attacks." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", + "baseScore": 9.4, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-640" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48703.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48703.json new file mode 100644 index 00000000000..824f8019aaf --- /dev/null +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48703.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-48703", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-06T18:15:25.170", + "lastModified": "2024-12-06T18:15:25.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/0xBhushan/Writeups/blob/main/CVE/phpGurukul/Medical%20Card%20Generation%20System/Reflected%20Cross-Site%20Scripting%20%28XSS%29-Search.pdf", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48859.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48859.json new file mode 100644 index 00000000000..d006b136fda --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48859.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-48859", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:08.350", + "lastModified": "2024-12-06T17:15:08.350", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to compromise the security of the system.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.9.2954 build 20241120 and later\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.1.9.2954 build 20241120 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48863.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48863.json new file mode 100644 index 00000000000..46a354d2298 --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48863.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-48863", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:08.533", + "lastModified": "2024-12-06T17:15:08.533", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A command injection vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nLicense Center 1.9.43 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-50", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48865.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48865.json new file mode 100644 index 00000000000..56bcb4bc492 --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48865.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-48865", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:08.653", + "lastModified": "2024-12-06T17:15:08.653", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow attackers with local network access to compromise the security of the system.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.9.2954 build 20241120 and later\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.1.9.2954 build 20241120 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48866.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48866.json new file mode 100644 index 00000000000..9fe9ed50dbe --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48866.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-48866", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:08.800", + "lastModified": "2024-12-06T17:15:08.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.9.2954 build 20241120 and later\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.1.9.2954 build 20241120 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 2.3, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-177" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48867.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48867.json new file mode 100644 index 00000000000..fc6e93ebdbb --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48867.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-48867", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:08.940", + "lastModified": "2024-12-06T17:15:08.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.9.2954 build 20241120 and later\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.1.9.2954 build 20241120 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-93" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48868.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48868.json new file mode 100644 index 00000000000..114c080e72c --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48868.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-48868", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:09.063", + "lastModified": "2024-12-06T17:15:09.063", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.9.2954 build 20241120 and later\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.1.9.2954 build 20241120 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-93" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-488xx/CVE-2024-48871.json b/CVE-2024/CVE-2024-488xx/CVE-2024-48871.json new file mode 100644 index 00000000000..e39419839ef --- /dev/null +++ b/CVE-2024/CVE-2024-488xx/CVE-2024-48871.json @@ -0,0 +1,104 @@ +{ + "id": "CVE-2024-48871", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:25.267", + "lastModified": "2024-12-06T18:15:25.267", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.planet.com.tw/en/support/downloads?method=keyword&keyword=v1.305b241111", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50387.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50387.json new file mode 100644 index 00000000000..fc8225475fe --- /dev/null +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50387.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-50387", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:09.247", + "lastModified": "2024-12-06T17:15:09.247", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to inject malicious code.\n\nWe have already fixed the vulnerability in the following version:\nSMB Service 4.15.002 and later\nSMB Service h4.15.002 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-42", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50388.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50388.json new file mode 100644 index 00000000000..df5c292fe33 --- /dev/null +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50388.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-50388", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:09.373", + "lastModified": "2024-12-06T17:15:09.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute commands.\n\nWe have already fixed the vulnerability in the following version:\nHBS 3 Hybrid Backup Sync 25.1.1.673 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.5, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + }, + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-41", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50389.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50389.json new file mode 100644 index 00000000000..8d7e0cdad3a --- /dev/null +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50389.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-50389", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:09.510", + "lastModified": "2024-12-06T17:15:09.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the vulnerability could allow remote attackers to inject malicious code.\n\nWe have already fixed the vulnerability in the following version:\nQuRouter 2.4.5.032 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.5, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "HIGH", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-45", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-503xx/CVE-2024-50393.json b/CVE-2024/CVE-2024-503xx/CVE-2024-50393.json new file mode 100644 index 00000000000..840f1df4134 --- /dev/null +++ b/CVE-2024/CVE-2024-503xx/CVE-2024-50393.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-50393", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:09.637", + "lastModified": "2024-12-06T17:15:09.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.9.2954 build 20241120 and later\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.1.9.2954 build 20241120 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50402.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50402.json new file mode 100644 index 00000000000..4a042f05f93 --- /dev/null +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50402.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-50402", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:09.757", + "lastModified": "2024-12-06T17:15:09.757", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.9.2954 build 20241120 and later\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.1.9.2954 build 20241120 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 2.1, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-134" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50403.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50403.json new file mode 100644 index 00000000000..32586d8dc33 --- /dev/null +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50403.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-50403", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:09.900", + "lastModified": "2024-12-06T17:15:09.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.2.2950 build 20241114 and later\nQuTS hero h5.2.2.2952 build 20241116 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 2.1, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-134" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-49", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-504xx/CVE-2024-50404.json b/CVE-2024/CVE-2024-504xx/CVE-2024-50404.json new file mode 100644 index 00000000000..9069aaadb5a --- /dev/null +++ b/CVE-2024/CVE-2024-504xx/CVE-2024-50404.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-50404", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:10.043", + "lastModified": "2024-12-06T17:15:10.043", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations.\n\nWe have already fixed the vulnerability in the following versions:\nQsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "ACTIVE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-48", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-506xx/CVE-2024-50677.json b/CVE-2024/CVE-2024-506xx/CVE-2024-50677.json index a4c5cd5da4f..f8082654c07 100644 --- a/CVE-2024/CVE-2024-506xx/CVE-2024-50677.json +++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50677.json @@ -2,7 +2,7 @@ "id": "CVE-2024-50677", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-06T16:15:21.117", - "lastModified": "2024-12-06T16:15:21.117", + "lastModified": "2024-12-06T17:15:10.180", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "A cross-site scripting (XSS) vulnerability in OroPlatform CMS v5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://github.com/ZumiYumi/CVE-2024-50677", diff --git a/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json b/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json index beb61894b24..4972104e2f3 100644 --- a/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json +++ b/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json @@ -2,8 +2,8 @@ "id": "CVE-2024-51378", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-29T23:15:04.083", - "lastModified": "2024-12-05T02:00:01.677", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-12-06T18:17:17.377", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,6 +36,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -44,6 +64,16 @@ "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "CyberPanel Incorrect Default Permissions Vulnerability", "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", @@ -55,34 +85,74 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.3.8", + "matchCriteriaId": "4AF5FFC6-208E-4DD5-B298-56EFD7047F47" + } + ] + } + ] + } + ], "references": [ { "url": "https://cwe.mitre.org/data/definitions/420.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Technical Description" + ] }, { "url": "https://cwe.mitre.org/data/definitions/78.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Technical Description" + ] }, { "url": "https://cyberpanel.net/KnowledgeBase/home/change-logs/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://cyberpanel.net/blog/detials-and-fix-of-recent-security-issue-and-patch-of-cyberpanel", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/usmannasir/cyberpanel/commit/1c0c6cbcf71abe573da0b5fddfb9603e7477f683", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://refr4g.github.io/posts/cyberpanel-command-injection-vulnerability/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Press/Media Coverage" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-517xx/CVE-2024-51727.json b/CVE-2024/CVE-2024-517xx/CVE-2024-51727.json new file mode 100644 index 00000000000..c4573780959 --- /dev/null +++ b/CVE-2024/CVE-2024-517xx/CVE-2024-51727.json @@ -0,0 +1,100 @@ +{ + "id": "CVE-2024-51727", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:25.580", + "lastModified": "2024-12-06T18:15:25.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and cause a denial-of-service attack on a user's account." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-826" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-523xx/CVE-2024-52320.json b/CVE-2024/CVE-2024-523xx/CVE-2024-52320.json new file mode 100644 index 00000000000..58e1b133160 --- /dev/null +++ b/CVE-2024/CVE-2024-523xx/CVE-2024-52320.json @@ -0,0 +1,104 @@ +{ + "id": "CVE-2024-52320", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:25.737", + "lastModified": "2024-12-06T18:15:25.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The affected product is vulnerable to a command injection. An unauthenticated attacker could send commands through a malicious HTTP request which could result in remote code execution." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.planet.com.tw/en/support/downloads?method=keyword&keyword=v1.305b241111", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-525xx/CVE-2024-52558.json b/CVE-2024/CVE-2024-525xx/CVE-2024-52558.json new file mode 100644 index 00000000000..8c4bb542861 --- /dev/null +++ b/CVE-2024/CVE-2024-525xx/CVE-2024-52558.json @@ -0,0 +1,104 @@ +{ + "id": "CVE-2024-52558", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-12-06T18:15:26.007", + "lastModified": "2024-12-06T18:15:26.007", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-191" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.planet.com.tw/en/support/downloads?method=keyword&keyword=v1.305b241111", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-536xx/CVE-2024-53691.json b/CVE-2024/CVE-2024-536xx/CVE-2024-53691.json new file mode 100644 index 00000000000..4e4bcd5ad29 --- /dev/null +++ b/CVE-2024/CVE-2024-536xx/CVE-2024-53691.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-53691", + "sourceIdentifier": "security@qnapsecurity.com.tw", + "published": "2024-12-06T17:15:10.520", + "lastModified": "2024-12-06T17:15:10.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.8.2823 build 20240712 and later\nQTS 5.2.0.2802 build 20240620 and later\nQuTS hero h5.1.8.2823 build 20240712 and later\nQuTS hero h5.2.0.2802 build 20240620 and later" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@qnapsecurity.com.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-59" + } + ] + } + ], + "references": [ + { + "url": "https://www.qnap.com/en/security-advisory/qsa-24-28", + "source": "security@qnapsecurity.com.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53907.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53907.json index 1bf0b3afe43..a5e19813d14 100644 --- a/CVE-2024/CVE-2024-539xx/CVE-2024-53907.json +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53907.json @@ -2,7 +2,7 @@ "id": "CVE-2024-53907", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-06T12:15:17.730", - "lastModified": "2024-12-06T12:15:17.730", + "lastModified": "2024-12-06T17:15:12.007", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], "references": [ { "url": "https://docs.djangoproject.com/en/dev/releases/security/", diff --git a/CVE-2024/CVE-2024-539xx/CVE-2024-53908.json b/CVE-2024/CVE-2024-539xx/CVE-2024-53908.json index 8009c280772..5ff65f2ebd7 100644 --- a/CVE-2024/CVE-2024-539xx/CVE-2024-53908.json +++ b/CVE-2024/CVE-2024-539xx/CVE-2024-53908.json @@ -2,7 +2,7 @@ "id": "CVE-2024-53908", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-06T12:15:18.583", - "lastModified": "2024-12-06T12:15:18.583", + "lastModified": "2024-12-06T17:15:12.350", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], "references": [ { "url": "https://docs.djangoproject.com/en/dev/releases/security/", diff --git a/CVE-2024/CVE-2024-541xx/CVE-2024-54143.json b/CVE-2024/CVE-2024-541xx/CVE-2024-54143.json new file mode 100644 index 00000000000..4590163a1b8 --- /dev/null +++ b/CVE-2024/CVE-2024-541xx/CVE-2024-54143.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-54143", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-06T17:15:12.687", + "lastModified": "2024-12-06T17:15:12.687", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "openwrt/asu is an image on demand server for OpenWrt based distributions. The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious image can be served in place of a legitimate one, allowing the attacker to \"poison\" the artifact cache and deliver compromised images to unsuspecting users. This can be combined with other attacks, such as a command injection in Imagebuilder that allows malicious users to inject arbitrary commands into the build process, resulting in the production of malicious firmware images signed with the legitimate build key. This has been patched with 920c8a1." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "HIGH", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-328" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openwrt/asu/commit/920c8a13d97b4d4095f0d939cf0aaae777e0f87e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/openwrt/asu/security/advisories/GHSA-r3gq-96h6-3v7q", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-547xx/CVE-2024-54749.json b/CVE-2024/CVE-2024-547xx/CVE-2024-54749.json new file mode 100644 index 00000000000..41a341000fa --- /dev/null +++ b/CVE-2024/CVE-2024-547xx/CVE-2024-54749.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-54749", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-06T17:15:12.983", + "lastModified": "2024-12-06T17:15:12.983", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://colorful-meadow-5b9.notion.site/U7-Pro_HardCode_vuln-14bc216a1c30802e9c4cd03753e880cc?pvs=4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-547xx/CVE-2024-54750.json b/CVE-2024/CVE-2024-547xx/CVE-2024-54750.json index f0e9b41d0ed..46801eab693 100644 --- a/CVE-2024/CVE-2024-547xx/CVE-2024-54750.json +++ b/CVE-2024/CVE-2024-547xx/CVE-2024-54750.json @@ -2,7 +2,7 @@ "id": "CVE-2024-54750", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-06T16:15:23.013", - "lastModified": "2024-12-06T16:15:23.013", + "lastModified": "2024-12-06T17:15:13.300", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -11,7 +11,42 @@ "value": "Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], "references": [ { "url": "https://colorful-meadow-5b9.notion.site/U6-LR_HardCode_vuln-14bc216a1c30806487ebdda3bb984e91?pvs=4", diff --git a/CVE-2024/CVE-2024-552xx/CVE-2024-55268.json b/CVE-2024/CVE-2024-552xx/CVE-2024-55268.json new file mode 100644 index 00000000000..13a6f220cfc --- /dev/null +++ b/CVE-2024/CVE-2024-552xx/CVE-2024-55268.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-55268", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-06T17:15:13.690", + "lastModified": "2024-12-06T17:15:13.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Reflected Cross Site Scripting (XSS) vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/COVID19/Reflected%20Cross%20Site%20reg.pdf", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-66xx/CVE-2024-6601.json b/CVE-2024/CVE-2024-66xx/CVE-2024-6601.json index 932399309d0..83d474eb2db 100644 --- a/CVE-2024/CVE-2024-66xx/CVE-2024-6601.json +++ b/CVE-2024/CVE-2024-66xx/CVE-2024-6601.json @@ -2,7 +2,7 @@ "id": "CVE-2024-6601", "sourceIdentifier": "security@mozilla.org", "published": "2024-07-09T15:15:12.410", - "lastModified": "2024-10-30T20:35:39.587", + "lastModified": "2024-12-06T18:15:27.460", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,15 +32,25 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 4.7, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 1.2, "impactScore": 3.4 } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-367" + } + ] + } + ], "references": [ { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1890748", @@ -59,6 +71,26 @@ { "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", "source": "security@mozilla.org" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1890748", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-29/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-30/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-31/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2024-32/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/README.md b/README.md index 2be3009231f..ec83ff16c5e 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-06T17:00:25.808731+00:00 +2024-12-06T19:00:27.803361+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-06T16:58:16.557000+00:00 +2024-12-06T18:52:52.237000+00:00 ``` ### Last Data Feed Release @@ -33,56 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -272394 +272420 ``` ### CVEs added in the last Commit -Recently added CVEs: `12` +Recently added CVEs: `26` -- [CVE-2024-11738](CVE-2024/CVE-2024-117xx/CVE-2024-11738.json) (`2024-12-06T15:15:07.723`) -- [CVE-2024-12254](CVE-2024/CVE-2024-122xx/CVE-2024-12254.json) (`2024-12-06T16:15:20.623`) -- [CVE-2024-30129](CVE-2024/CVE-2024-301xx/CVE-2024-30129.json) (`2024-12-06T16:15:20.777`) -- [CVE-2024-42196](CVE-2024/CVE-2024-421xx/CVE-2024-42196.json) (`2024-12-06T15:15:08.550`) -- [CVE-2024-50677](CVE-2024/CVE-2024-506xx/CVE-2024-50677.json) (`2024-12-06T16:15:21.117`) -- [CVE-2024-54135](CVE-2024/CVE-2024-541xx/CVE-2024-54135.json) (`2024-12-06T16:15:22.340`) -- [CVE-2024-54136](CVE-2024/CVE-2024-541xx/CVE-2024-54136.json) (`2024-12-06T16:15:22.500`) -- [CVE-2024-54137](CVE-2024/CVE-2024-541xx/CVE-2024-54137.json) (`2024-12-06T16:15:22.637`) -- [CVE-2024-54141](CVE-2024/CVE-2024-541xx/CVE-2024-54141.json) (`2024-12-06T15:15:09.530`) -- [CVE-2024-54745](CVE-2024/CVE-2024-547xx/CVE-2024-54745.json) (`2024-12-06T16:15:22.787`) -- [CVE-2024-54747](CVE-2024/CVE-2024-547xx/CVE-2024-54747.json) (`2024-12-06T16:15:22.893`) -- [CVE-2024-54750](CVE-2024/CVE-2024-547xx/CVE-2024-54750.json) (`2024-12-06T16:15:23.013`) +- [CVE-2024-42494](CVE-2024/CVE-2024-424xx/CVE-2024-42494.json) (`2024-12-06T18:15:24.707`) +- [CVE-2024-47043](CVE-2024/CVE-2024-470xx/CVE-2024-47043.json) (`2024-12-06T18:15:24.853`) +- [CVE-2024-47547](CVE-2024/CVE-2024-475xx/CVE-2024-47547.json) (`2024-12-06T18:15:25.017`) +- [CVE-2024-48703](CVE-2024/CVE-2024-487xx/CVE-2024-48703.json) (`2024-12-06T18:15:25.170`) +- [CVE-2024-48859](CVE-2024/CVE-2024-488xx/CVE-2024-48859.json) (`2024-12-06T17:15:08.350`) +- [CVE-2024-48863](CVE-2024/CVE-2024-488xx/CVE-2024-48863.json) (`2024-12-06T17:15:08.533`) +- [CVE-2024-48865](CVE-2024/CVE-2024-488xx/CVE-2024-48865.json) (`2024-12-06T17:15:08.653`) +- [CVE-2024-48866](CVE-2024/CVE-2024-488xx/CVE-2024-48866.json) (`2024-12-06T17:15:08.800`) +- [CVE-2024-48867](CVE-2024/CVE-2024-488xx/CVE-2024-48867.json) (`2024-12-06T17:15:08.940`) +- [CVE-2024-48868](CVE-2024/CVE-2024-488xx/CVE-2024-48868.json) (`2024-12-06T17:15:09.063`) +- [CVE-2024-48871](CVE-2024/CVE-2024-488xx/CVE-2024-48871.json) (`2024-12-06T18:15:25.267`) +- [CVE-2024-50387](CVE-2024/CVE-2024-503xx/CVE-2024-50387.json) (`2024-12-06T17:15:09.247`) +- [CVE-2024-50388](CVE-2024/CVE-2024-503xx/CVE-2024-50388.json) (`2024-12-06T17:15:09.373`) +- [CVE-2024-50389](CVE-2024/CVE-2024-503xx/CVE-2024-50389.json) (`2024-12-06T17:15:09.510`) +- [CVE-2024-50393](CVE-2024/CVE-2024-503xx/CVE-2024-50393.json) (`2024-12-06T17:15:09.637`) +- [CVE-2024-50402](CVE-2024/CVE-2024-504xx/CVE-2024-50402.json) (`2024-12-06T17:15:09.757`) +- [CVE-2024-50403](CVE-2024/CVE-2024-504xx/CVE-2024-50403.json) (`2024-12-06T17:15:09.900`) +- [CVE-2024-50404](CVE-2024/CVE-2024-504xx/CVE-2024-50404.json) (`2024-12-06T17:15:10.043`) +- [CVE-2024-51727](CVE-2024/CVE-2024-517xx/CVE-2024-51727.json) (`2024-12-06T18:15:25.580`) +- [CVE-2024-52320](CVE-2024/CVE-2024-523xx/CVE-2024-52320.json) (`2024-12-06T18:15:25.737`) +- [CVE-2024-52558](CVE-2024/CVE-2024-525xx/CVE-2024-52558.json) (`2024-12-06T18:15:26.007`) +- [CVE-2024-53691](CVE-2024/CVE-2024-536xx/CVE-2024-53691.json) (`2024-12-06T17:15:10.520`) +- [CVE-2024-54143](CVE-2024/CVE-2024-541xx/CVE-2024-54143.json) (`2024-12-06T17:15:12.687`) +- [CVE-2024-54749](CVE-2024/CVE-2024-547xx/CVE-2024-54749.json) (`2024-12-06T17:15:12.983`) +- [CVE-2024-55268](CVE-2024/CVE-2024-552xx/CVE-2024-55268.json) (`2024-12-06T17:15:13.690`) ### CVEs modified in the last Commit -Recently modified CVEs: `37` +Recently modified CVEs: `43` -- [CVE-2024-1826](CVE-2024/CVE-2024-18xx/CVE-2024-1826.json) (`2024-12-06T16:28:47.783`) -- [CVE-2024-1827](CVE-2024/CVE-2024-18xx/CVE-2024-1827.json) (`2024-12-06T16:27:35.863`) -- [CVE-2024-1828](CVE-2024/CVE-2024-18xx/CVE-2024-1828.json) (`2024-12-06T16:22:23.323`) -- [CVE-2024-1829](CVE-2024/CVE-2024-18xx/CVE-2024-1829.json) (`2024-12-06T16:20:39.807`) -- [CVE-2024-1830](CVE-2024/CVE-2024-18xx/CVE-2024-1830.json) (`2024-12-06T16:15:12.410`) -- [CVE-2024-21049](CVE-2024/CVE-2024-210xx/CVE-2024-21049.json) (`2024-12-06T16:58:16.557`) -- [CVE-2024-21050](CVE-2024/CVE-2024-210xx/CVE-2024-21050.json) (`2024-12-06T16:54:42.740`) -- [CVE-2024-21051](CVE-2024/CVE-2024-210xx/CVE-2024-21051.json) (`2024-12-06T16:52:07.510`) -- [CVE-2024-21055](CVE-2024/CVE-2024-210xx/CVE-2024-21055.json) (`2024-12-06T16:46:49.543`) -- [CVE-2024-21056](CVE-2024/CVE-2024-210xx/CVE-2024-21056.json) (`2024-12-06T16:37:56.173`) -- [CVE-2024-21059](CVE-2024/CVE-2024-210xx/CVE-2024-21059.json) (`2024-12-06T16:35:57.460`) -- [CVE-2024-23239](CVE-2024/CVE-2024-232xx/CVE-2024-23239.json) (`2024-12-06T15:19:55.447`) -- [CVE-2024-23257](CVE-2024/CVE-2024-232xx/CVE-2024-23257.json) (`2024-12-06T15:07:41.487`) -- [CVE-2024-23258](CVE-2024/CVE-2024-232xx/CVE-2024-23258.json) (`2024-12-06T15:15:59.713`) -- [CVE-2024-23260](CVE-2024/CVE-2024-232xx/CVE-2024-23260.json) (`2024-12-06T15:21:05.480`) -- [CVE-2024-24195](CVE-2024/CVE-2024-241xx/CVE-2024-24195.json) (`2024-12-06T15:15:08.130`) -- [CVE-2024-26158](CVE-2024/CVE-2024-261xx/CVE-2024-26158.json) (`2024-12-06T15:40:50.143`) -- [CVE-2024-26208](CVE-2024/CVE-2024-262xx/CVE-2024-26208.json) (`2024-12-06T15:39:42.890`) -- [CVE-2024-26209](CVE-2024/CVE-2024-262xx/CVE-2024-26209.json) (`2024-12-06T15:37:15.937`) -- [CVE-2024-34055](CVE-2024/CVE-2024-340xx/CVE-2024-34055.json) (`2024-12-06T15:15:08.330`) -- [CVE-2024-44194](CVE-2024/CVE-2024-441xx/CVE-2024-44194.json) (`2024-12-06T15:15:08.690`) -- [CVE-2024-44244](CVE-2024/CVE-2024-442xx/CVE-2024-44244.json) (`2024-12-06T15:15:08.857`) -- [CVE-2024-44251](CVE-2024/CVE-2024-442xx/CVE-2024-44251.json) (`2024-12-06T16:15:20.907`) -- [CVE-2024-44302](CVE-2024/CVE-2024-443xx/CVE-2024-44302.json) (`2024-12-06T15:15:09.050`) -- [CVE-2024-54679](CVE-2024/CVE-2024-546xx/CVE-2024-54679.json) (`2024-12-06T15:15:09.693`) +- [CVE-2023-29709](CVE-2023/CVE-2023-297xx/CVE-2023-29709.json) (`2024-12-06T17:15:07.473`) +- [CVE-2023-33289](CVE-2023/CVE-2023-332xx/CVE-2023-33289.json) (`2024-12-06T18:15:20.427`) +- [CVE-2023-33405](CVE-2023/CVE-2023-334xx/CVE-2023-33405.json) (`2024-12-06T18:15:21.373`) +- [CVE-2023-33591](CVE-2023/CVE-2023-335xx/CVE-2023-33591.json) (`2024-12-06T18:15:21.610`) +- [CVE-2023-33725](CVE-2023/CVE-2023-337xx/CVE-2023-33725.json) (`2024-12-06T18:15:21.850`) +- [CVE-2024-10905](CVE-2024/CVE-2024-109xx/CVE-2024-10905.json) (`2024-12-06T18:15:22.207`) +- [CVE-2024-11158](CVE-2024/CVE-2024-111xx/CVE-2024-11158.json) (`2024-12-06T17:15:07.970`) +- [CVE-2024-11680](CVE-2024/CVE-2024-116xx/CVE-2024-11680.json) (`2024-12-06T18:42:17.390`) +- [CVE-2024-21070](CVE-2024/CVE-2024-210xx/CVE-2024-21070.json) (`2024-12-06T17:08:50.733`) +- [CVE-2024-21093](CVE-2024/CVE-2024-210xx/CVE-2024-21093.json) (`2024-12-06T17:03:13.813`) +- [CVE-2024-26164](CVE-2024/CVE-2024-261xx/CVE-2024-26164.json) (`2024-12-06T17:14:53.333`) +- [CVE-2024-26166](CVE-2024/CVE-2024-261xx/CVE-2024-26166.json) (`2024-12-06T17:13:11.063`) +- [CVE-2024-26198](CVE-2024/CVE-2024-261xx/CVE-2024-26198.json) (`2024-12-06T17:12:07.640`) +- [CVE-2024-26199](CVE-2024/CVE-2024-261xx/CVE-2024-26199.json) (`2024-12-06T17:12:27.343`) +- [CVE-2024-26201](CVE-2024/CVE-2024-262xx/CVE-2024-26201.json) (`2024-12-06T17:02:30.493`) +- [CVE-2024-27223](CVE-2024/CVE-2024-272xx/CVE-2024-27223.json) (`2024-12-06T18:15:24.070`) +- [CVE-2024-27234](CVE-2024/CVE-2024-272xx/CVE-2024-27234.json) (`2024-12-06T18:15:24.243`) +- [CVE-2024-38344](CVE-2024/CVE-2024-383xx/CVE-2024-38344.json) (`2024-12-06T18:15:24.490`) +- [CVE-2024-4456](CVE-2024/CVE-2024-44xx/CVE-2024-4456.json) (`2024-12-06T18:15:25.450`) +- [CVE-2024-50677](CVE-2024/CVE-2024-506xx/CVE-2024-50677.json) (`2024-12-06T17:15:10.180`) +- [CVE-2024-51378](CVE-2024/CVE-2024-513xx/CVE-2024-51378.json) (`2024-12-06T18:17:17.377`) +- [CVE-2024-53907](CVE-2024/CVE-2024-539xx/CVE-2024-53907.json) (`2024-12-06T17:15:12.007`) +- [CVE-2024-53908](CVE-2024/CVE-2024-539xx/CVE-2024-53908.json) (`2024-12-06T17:15:12.350`) +- [CVE-2024-54750](CVE-2024/CVE-2024-547xx/CVE-2024-54750.json) (`2024-12-06T17:15:13.300`) +- [CVE-2024-6601](CVE-2024/CVE-2024-66xx/CVE-2024-6601.json) (`2024-12-06T18:15:27.460`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 8d4138389d4..b1adc0c7489 100644 --- a/_state.csv +++ b/_state.csv @@ -97059,7 +97059,7 @@ CVE-2017-13304,0,0,bc01bf9619a2ed9e9969de4c65bf442a5fec6030e332a0ad95cf9c9671c48 CVE-2017-13305,0,0,2acce61b5781c64283da81f61da07d2eadea1d7bd22b7b38dbaaa4a20fc64699,2019-10-03T00:03:26.223000 CVE-2017-13306,0,0,423f74da95b3c89ac4494a0b8267dc23743708bc4de0a0cc92f3a3c6e2cdbb52,2019-10-03T00:03:26.223000 CVE-2017-13307,0,0,e83357c9230d3ea5a0100316af468cc9cffb10b590fc6474a2652e4724796965,2019-10-03T00:03:26.223000 -CVE-2017-13308,0,0,38ee1fd0b2d8ab5b38a45c4d2e6a52531b9181d9a13dca686af92f9c786c17ba,2024-12-05T22:15:18.177000 +CVE-2017-13308,0,1,8c01ba1d7cf1c49804466aa5eedce51e7f615e69b26861407bb675fe13f6ca51,2024-12-06T17:15:05.390000 CVE-2017-13309,0,0,491cd9f7b41a6bb9dabc0009989d6e787b291b96b83a3c335f7bb247a54fd391,2024-11-18T17:11:56.587000 CVE-2017-1331,0,0,fbfa6b4058c65afc0dadcb6abf2b300b566ab5bd4820053710fa36c8414eaba4,2017-08-09T12:43:53.857000 CVE-2017-13310,0,0,7f209153c492fb41fd760d206817d716da1e9c7c4982d2ed8ff14992dd5fbbb0,2024-11-19T17:35:00.887000 @@ -126942,10 +126942,10 @@ CVE-2018-9377,0,0,e4a0a8bd1ac9734ae148f92ac66c4e7d1d997837e82ad8c47cc9f88531e107 CVE-2018-9380,0,0,e6fbe63ca9b9f94eed7d3113363726fcbc9fd32f362f8de02b396f07c6dcdef2,2024-12-02T22:15:08.237000 CVE-2018-9381,0,0,6d23302b8a97082a76241d451afb14bf577899eb10a0c0816bc7882dabaf95b5,2024-12-02T22:15:08.493000 CVE-2018-9385,0,0,a04751693f742cd9abca42cb6fa43b673fbcc24bbf305f54b6cb4b8b3d812bd4,2018-12-12T21:37:19.207000 -CVE-2018-9386,0,0,45ba5d4d0e0f7d7b3776b3f708962712cf8bb6d60d44dfe7a3dac3bbcca7feb1,2024-12-05T23:15:04.607000 -CVE-2018-9388,0,0,004e7e4e744846ea2604a46a64f5c23fa1a926873ec4d1c000fd6c655f39ea8a,2024-12-05T23:15:04.703000 -CVE-2018-9390,0,0,5f8bb52259623be827ac21344e0e24009f609094b85f2365a19b1cd7c7cd87b2,2024-12-05T23:15:04.793000 -CVE-2018-9391,0,0,0b911ce46761adc8d7c99a74ccf642290d823ae848c436c79b5477a729d42795,2024-12-05T23:15:04.877000 +CVE-2018-9386,0,1,2de4337d6884f54e0248984bf28f45bbf3362c0a4bac79ee77b29a0e3b893c2a,2024-12-06T17:15:05.680000 +CVE-2018-9388,0,1,8dd94bb70a1039b8e07f52412becf57d66107242cbcb3dddee02abb0cfaa5686,2024-12-06T17:15:06.080000 +CVE-2018-9390,0,1,06ab51438e1f675865b14265cdeec47660bced81d1934a7e27b5a76bf466eb97,2024-12-06T17:15:06.543000 +CVE-2018-9391,0,1,2a1f31b287467f59c30feede383d25049d6e25da45cde1e367bd77d6f7fe9d75,2024-12-06T17:15:06.967000 CVE-2018-9392,0,0,c32dba2c2a98106922261098b9038433eb88bfdab15b7f8a7fa0f36bbfd4c11c,2024-12-05T19:15:05.197000 CVE-2018-9393,0,0,df4b64b8c51b0367567eab39ff6262d599db50bab473af04af8577fd63acfbdb,2024-12-05T19:15:06.160000 CVE-2018-9394,0,0,48a2d54d752724661cb58ac865254bb340812823a8ae32c423c07cbd5c941282,2024-12-05T18:15:19.417000 @@ -159487,16 +159487,16 @@ CVE-2020-36774,0,0,63d2af6e1f77f69c592918f611b2831429216f8341a37ec3fc1c1670cc5f4 CVE-2020-36775,0,0,57f8b1cfccf2aab26d73dffa8165b7564de4aa3bb3113b44ae141b4cc4ecf246,2024-04-17T17:32:18.957000 CVE-2020-36776,0,0,95448c982f03576592f62bc1c771f3ada9b048de048bbc46661ad5c33a037c87,2024-04-10T19:34:31.410000 CVE-2020-36777,0,0,049b8813e9bcefe32870c3cf66fa0cd20fdf6be2bd1a3ff587d83ec743eb7201,2024-04-10T19:32:09.210000 -CVE-2020-36778,0,0,58953424d0105836bc5b83a06a4f1a21fc2b40fd22d252a3f5643ad3022d6c4f,2024-02-28T14:06:45.783000 -CVE-2020-36779,0,1,b340ce85ed5e7b477f5fb274c0fd8555d5b7508db3f0bf7a88d4f3d3c6028939,2024-12-06T16:14:26.157000 +CVE-2020-36778,0,1,14964463b56c3f46cf0d7e1681e081ed056ba6255f767b3c58eee346e18635d2,2024-12-06T17:56:05.877000 +CVE-2020-36779,0,0,b340ce85ed5e7b477f5fb274c0fd8555d5b7508db3f0bf7a88d4f3d3c6028939,2024-12-06T16:14:26.157000 CVE-2020-3678,0,0,06bc52800dd28cf5aa680d8cd1fedbae3c530842e5dcee33fc1506714969812f,2024-11-21T05:31:33.650000 CVE-2020-36780,0,0,56476c1e5cf8e661b5c2e9c8f9aff0a5c950781a316ab7251e767dfc2013dbef,2024-11-06T15:35:01.093000 -CVE-2020-36781,0,1,002d82cc7803a268ecca16f3d91e0bf2d619360efb63b1688924453870cba627,2024-12-06T16:19:35.777000 -CVE-2020-36782,0,0,1431a48342434d9bab8e132cab75b82cbbeff46df1a56cd9e6d3cf750ae4fda9,2024-02-28T14:06:45.783000 -CVE-2020-36783,0,0,caa430b2b6e2db815c144f46ee4cfe84516eb1af7156e42225c1288618e90b1e,2024-02-28T14:06:45.783000 -CVE-2020-36784,0,0,11e114b5e8c51596c20f7c52af04b488a6633973be98fd1339e0c4093c038ef6,2024-02-28T14:06:45.783000 -CVE-2020-36785,0,1,8abd1aefac894fa31fb9663b853815059d0d596e701ab17d0204178beba874a6,2024-12-06T15:59:06.807000 -CVE-2020-36786,0,1,0ea15290adb4074d2af998942543822278a7d5c85d7cd142f1bf61d58786e330,2024-12-06T15:59:30.400000 +CVE-2020-36781,0,0,002d82cc7803a268ecca16f3d91e0bf2d619360efb63b1688924453870cba627,2024-12-06T16:19:35.777000 +CVE-2020-36782,0,1,7cfa043aa5ddbfe9fc75b67a2d014bf83a9b10b337589bf1682cc032ffbd860c,2024-12-06T18:02:53.493000 +CVE-2020-36783,0,1,e286124c61448f7fd51b57f763b347528856a4a1ca56c75478cf046c0bba56c6,2024-12-06T17:37:43.990000 +CVE-2020-36784,0,1,14269507ec793103ba5d47be84ea6c5627160c5f1dd2329a2c107e8028183ee0,2024-12-06T17:37:59.973000 +CVE-2020-36785,0,0,8abd1aefac894fa31fb9663b853815059d0d596e701ab17d0204178beba874a6,2024-12-06T15:59:06.807000 +CVE-2020-36786,0,0,0ea15290adb4074d2af998942543822278a7d5c85d7cd142f1bf61d58786e330,2024-12-06T15:59:30.400000 CVE-2020-36787,0,0,a57c8d42032470b06da5d1ceb3e54a3215bc5848719ed8447fde53e2cfc5ba16,2024-02-28T14:06:45.783000 CVE-2020-36788,0,0,27d3522f337a1ce6e78abe42ab9c9eee036e0a9d6d620f6473f9323ae1a28a4a,2024-05-21T16:54:26.047000 CVE-2020-3679,0,0,e8bdf55f8b3f68f66d8eaac2ace382de5d7f2fcc3ca87ea41ac01974d842b58d,2024-11-21T05:31:33.770000 @@ -187095,8 +187095,8 @@ CVE-2021-46951,0,0,885c61f9e7da07612d949faded4ceb8afc94f412e675d52bf4d2b2ee3f013 CVE-2021-46952,0,0,9b0db874ec7e3850deaad8426e3b7d3cc0b498036f5c3e78f7383423f408a42e,2024-04-10T20:15:42.153000 CVE-2021-46953,0,0,5b8b163a10423fb772acc2c04e5217817b2f0ad2a781f96947cdc6f9504f8984,2024-04-10T20:15:31.827000 CVE-2021-46954,0,0,cf24145985e4cf1a2de3f03a17cf527c7a09fafaf7801ad9095a1e0bf6cd4e8a,2024-04-10T20:15:05.997000 -CVE-2021-46955,0,0,cbcb99779d45cdba36292e5f8923a45cbea3cca4608319acc43303aa40aec6ec,2024-02-28T14:06:45.783000 -CVE-2021-46956,0,0,eb05a2e8f5ae829fd75ef0088724f9fce24d1382c80d2d9e8afa3688be60b754,2024-02-28T14:06:45.783000 +CVE-2021-46955,0,1,fba2bdea5b92fd2bb608ef13865c7c716d690c748a48c0107fec8f1770dcc976,2024-12-06T17:53:52.043000 +CVE-2021-46956,0,1,76c2d7d149a52a4365576d3df8b3754fee5701e4ff7f9a4a2a36c2118984f44d,2024-12-06T17:54:34.117000 CVE-2021-46957,0,0,0d48587a88ed301685dd5f0286c21432ba833503a137058bce96dfbdaaff8c9f,2024-11-01T15:35:02.377000 CVE-2021-46958,0,0,8f4bb69aad95baa93dc3483f4699d0fa1c7aebd01adedae1bac82d25c41803fa,2024-02-28T14:06:45.783000 CVE-2021-46959,0,0,901fa35a755711bca4c53d9b7deb16151fa1a83386424061f86cbb4d6225ca26,2024-03-01T14:04:26.010000 @@ -187106,8 +187106,8 @@ CVE-2021-46962,0,0,89fb9feaa4e3312c65768c88cdc2a5ba734772883375bdffc0c2e21b4afde CVE-2021-46963,0,0,c5518118a25465b7b9f1602f01c842c3730abbded9ff61b413f7cc545a77d1a0,2024-02-28T14:06:45.783000 CVE-2021-46964,0,0,6b47a45a095abf8dd4c42960fe12d6e359943058d867ffd2013642b6a9dce1db,2024-02-28T14:06:45.783000 CVE-2021-46965,0,0,411d9233d469c88e0a9457e81b9f5b6e2923f544f1548be17957c22aa30cb174,2024-02-28T14:06:45.783000 -CVE-2021-46966,0,0,5722af98c250fa3461fa2f58acd5572ad3ebb988958b0390c1b581d520c875ce,2024-02-28T14:06:45.783000 -CVE-2021-46967,0,0,e88f0681144b312d6c92fb4bd5e3ffdbdef37daf6d5cf9959b61a7f45ee3deac,2024-02-28T14:06:45.783000 +CVE-2021-46966,0,1,97fed527abc8c179af4ef0cded9357d2e989b82f53f8292e5a23e469eb8ca4e1,2024-12-06T17:55:15.673000 +CVE-2021-46967,0,1,0d10ab6c120f6067de586d730b5ff32613097e1f26ae10084ef35df2124ba25e,2024-12-06T17:55:35.723000 CVE-2021-46968,0,0,255805be10bb7d9d0cdf6929c08ddd7f925de0b242ac255739a7897d01d0ee05,2024-02-28T14:06:45.783000 CVE-2021-46969,0,0,2442b4d168529e6235ad42a19423413c8061f66da3e7a2ea9cdf5ed9cb2e6e27,2024-02-28T14:06:45.783000 CVE-2021-46970,0,0,38ad2dfd3a74fef99034005d7aee5aba8eeae3c676148951accab60b691e8b45,2024-02-28T14:06:45.783000 @@ -187121,17 +187121,17 @@ CVE-2021-46977,0,0,d1d161e94901e50528f60d982519891204ae84ebfa26840884a3742c37481 CVE-2021-46978,0,0,0187421fdb780c5e8402e6f5d3328f1325a92158cb760e25754a40716ed6a9f2,2024-11-04T18:35:00.933000 CVE-2021-46979,0,0,c37c9c214f340e677412cf2d33e7caafefcb389b424397f0168c07f01ce4d395,2024-02-28T14:06:45.783000 CVE-2021-46980,0,0,58325d996fe77641a4d00dbfe23b24bd7564ddab119d93d92ae442b18a3036cb,2024-02-28T14:06:45.783000 -CVE-2021-46981,0,1,281b8d3bd5246febb07b2f37e1e28153bb01deea8dd3565580ccf7e81f7832ef,2024-12-06T15:59:55.120000 +CVE-2021-46981,0,0,281b8d3bd5246febb07b2f37e1e28153bb01deea8dd3565580ccf7e81f7832ef,2024-12-06T15:59:55.120000 CVE-2021-46982,0,0,63abad699d87d75c3d8ce3b0888618a685ca7bbeab6cb35eb76bed8b35245077,2024-02-28T14:06:45.783000 -CVE-2021-46983,0,1,7623a46cfb41eb0accdf877d2048554768c69745b1a465c2891d4276d6274c99,2024-12-06T16:02:03.857000 -CVE-2021-46984,0,1,d9cce9d726ee3d6403e2144a0618518d03488b8f6aa8580231d506cf0d7c311a,2024-12-06T15:00:58.083000 -CVE-2021-46985,0,1,b55f7da4d8af6b538e5342c699879b38a7eac54f39c8d2da26b510610f029cd8,2024-12-06T15:02:17.187000 +CVE-2021-46983,0,0,7623a46cfb41eb0accdf877d2048554768c69745b1a465c2891d4276d6274c99,2024-12-06T16:02:03.857000 +CVE-2021-46984,0,0,d9cce9d726ee3d6403e2144a0618518d03488b8f6aa8580231d506cf0d7c311a,2024-12-06T15:00:58.083000 +CVE-2021-46985,0,0,b55f7da4d8af6b538e5342c699879b38a7eac54f39c8d2da26b510610f029cd8,2024-12-06T15:02:17.187000 CVE-2021-46986,0,0,ebd0dd8fe5db0b48cbd262a90b8e8423d57b98cf2e9d94a4cda5e99e2875036e,2024-02-28T14:06:45.783000 -CVE-2021-46987,0,1,8b30e27b6b209d80685bed3bea9ab3c4c2b966757291dae1784881a91a36c579,2024-12-06T15:07:49.483000 +CVE-2021-46987,0,0,8b30e27b6b209d80685bed3bea9ab3c4c2b966757291dae1784881a91a36c579,2024-12-06T15:07:49.483000 CVE-2021-46988,0,0,a9ba9f369fea8a4d24ea3389b2ab5fa9be247ca1e8ca43aa55f681f99b5ccccb,2024-02-28T14:06:45.783000 CVE-2021-46989,0,0,7866592ccbf1276372121c94c8485d5e30621d2f483a5264775b43216b0a6e03,2024-11-04T17:35:01.073000 CVE-2021-46990,0,0,3e4ac0af655ffa67aafe6583a51f4992e8dee7b3c5537062fca28ff84cfa3c9d,2024-02-28T14:06:45.783000 -CVE-2021-46991,0,1,2f6445f008d8252daec57a306462580e4e81cb2e8269cb435b7460491da39731,2024-12-06T15:27:56.500000 +CVE-2021-46991,0,0,2f6445f008d8252daec57a306462580e4e81cb2e8269cb435b7460491da39731,2024-12-06T15:27:56.500000 CVE-2021-46992,0,0,3b16720d3cef6c7f4a65ba23608e80851b1f858dd42d7ebe5c67c0d0e5a3f026,2024-02-28T14:06:45.783000 CVE-2021-46993,0,0,ebd7fcdb3b7d2aeb27404cedc21325c15dca1e92129e0f70358bab6001a5b4b8,2024-02-28T14:06:45.783000 CVE-2021-46994,0,0,5c26f1bffad42113527c03012feabb3100b9729be111faf4a3e0339d6d4c855a,2024-12-06T14:42:34.983000 @@ -187165,7 +187165,7 @@ CVE-2021-47021,0,0,9b358774567fe50179d1f4db93b99a7a3238ac5b927480afdde61a0f7943b CVE-2021-47022,0,0,59be32a3f1a08166e4014ec59d4ebdb524edccbcc930be81506830c6a2855d58,2024-02-28T14:06:45.783000 CVE-2021-47023,0,0,23a1e68a708386cf0880da14cb600d90b0c0f8930ba33d316ee3667c1f90d249,2024-08-01T13:42:29.830000 CVE-2021-47024,0,0,254caea9e85f7939a88cc79b40ef6f81dc077ebaa4e7954e567e3475016cca7c,2024-02-28T14:06:45.783000 -CVE-2021-47025,0,0,21a8682e32d8175631f981b9b32006a41a0b800e12b88e9ba4a2a479dc1c7c12,2024-02-28T14:06:45.783000 +CVE-2021-47025,0,1,ee50fde26af33349414069695c5a3e83e5c39b9aeb74c1620ab0889c7d727001,2024-12-06T18:52:52.237000 CVE-2021-47026,0,0,ee5b52f37088ac43beaa8f41447f70e6b8f156f688f30dd24f1ca587f6d88347,2024-02-28T14:06:45.783000 CVE-2021-47027,0,0,5ae95187a3f142985bf68e0b19617e7b7cea4508ab4f344a46a3c5581a75abc5,2024-02-28T14:06:45.783000 CVE-2021-47028,0,0,4094814a15b845e8f62ee7bfdc0f4cb61ef11ede0d59d3240e7e870e27c18875,2024-02-28T14:06:45.783000 @@ -187181,11 +187181,11 @@ CVE-2021-47037,0,0,846334603095ecf75466453c0700d4a8384cc0d9fdb90f70529b2ee3448a4 CVE-2021-47038,0,0,025e67360a9f572b4902ace2dee7cbbf7fb70e9cf24fbb95db8e519abfa48a50,2024-02-28T14:06:45.783000 CVE-2021-47039,0,0,4f42838382af37c13fc22878afd6cfca1df4937c423a67f85fd12850bd812680,2024-02-28T14:06:45.783000 CVE-2021-47040,0,0,84ff3bafb4df71a01a584cf0d1216a5dc4f656f10350ce702f9885829de3d270,2024-02-28T14:06:45.783000 -CVE-2021-47041,0,0,5bbef1bda2211d11616202302db5de2eb2b211978d2a678bbdf26df255371c69,2024-02-28T14:06:45.783000 -CVE-2021-47042,0,0,4837a63de577c894fb1e2d57b5556538bb59eb7b609f368c9d56694f7cab2b82,2024-02-28T14:06:45.783000 +CVE-2021-47041,0,1,6a0f035255b6b042a61f23563d301f0db881f6bc2a7f6d666be6fcd81e6f0e46,2024-12-06T18:41:12.523000 +CVE-2021-47042,0,1,f62e43eb2094bfd4929dbf432cc8f4f5e957ec60be7a215df23a5a27bc84c40f,2024-12-06T18:41:24.943000 CVE-2021-47043,0,0,a30aae0e86cae1f5c5dc4f207b2e3c34cd30973ca644656944c78b3bb7967ca8,2024-02-28T14:06:45.783000 CVE-2021-47044,0,0,1e5d1e4d770c8ee1cc95c9eb8184f91bbfbe0dbc488a180598dbb2e7b19a3d6e,2024-11-04T17:35:01.323000 -CVE-2021-47045,0,0,7d850b3bf5b32401514a226ef2231c9e572882fdaee826d8ee2f4d904b6a3ed2,2024-02-28T14:06:45.783000 +CVE-2021-47045,0,1,e12b71e92d92cceb4b5bf1346393f1a4c79e1d92869176ced4bfae375468f342,2024-12-06T18:41:37.933000 CVE-2021-47046,0,0,c6e0c7a9d3ccf4567bd445327f70a7b7d6b7a1f8e55d897a4862451a7c7d41ee,2024-02-28T14:06:45.783000 CVE-2021-47047,0,0,a5be49f7ba267bddcbda30bf54b32c88976252fbacf1f803efbd8e0bfc5c96bc,2024-02-28T14:06:45.783000 CVE-2021-47048,0,0,2f7c31fe4dff982a3ddd5f4b873e8a24d48bc4269849eaece40abf460424cc75,2024-02-28T14:06:45.783000 @@ -195078,7 +195078,7 @@ CVE-2022-2588,0,0,1834e0ebe2937bbf3392a2abb9a6f9314526d56a18e3c4779029ab2ac2b6e2 CVE-2022-25880,0,0,a1abc59cdded501d3b98383e5c308e69602d3cc70fcaeaab56fa3086a9f505c4,2024-11-21T06:53:09.350000 CVE-2022-25881,0,0,0113241b6a0219133c886d52582facad96711330aa8d36f38f09b4118065ac9a,2023-11-07T03:44:51.800000 CVE-2022-25882,0,0,cc2e9e64fce1daa6e7128976be7a9dd9d17b8df7c338f770ad33ea9d283c4847,2023-11-07T03:44:51.890000 -CVE-2022-25883,0,0,c6d1d5f0d94a121a0937d6e83902c8c43b7b9892e18710a8744255a225ae4615,2023-11-07T03:44:51.993000 +CVE-2022-25883,0,1,6f83b2ca5c014fe212d0f88d9bc2235d7bef4288d21b4a6c7e892fe7db010bb1,2024-12-06T17:15:07.260000 CVE-2022-25885,0,0,ca141c60f6e0ab3b77d3ebf07c9947c4407b54626676108d5dab971ad74067fd,2022-11-01T19:20:57.707000 CVE-2022-25887,0,0,9ceac36e1e21f6ecffab65b62fd2716359ab40185c0d36108bc68a140791b861,2023-08-08T14:22:24.967000 CVE-2022-25888,0,0,098b75af78358995ac297cf351f0e81567a4cfa55560640d751294a738118a02,2022-08-25T20:34:47.787000 @@ -222982,7 +222982,7 @@ CVE-2023-29696,0,0,ad47b1017ee3882dda5badb29f8d466021d82ec50670cee3885ecbf5ff0f9 CVE-2023-2970,0,0,2b7020bb6c703932449eb5e20f78853da80702e98d8c6e97d9f41d55e7f91662,2024-05-17T02:23:24.100000 CVE-2023-29707,0,0,ade6d9145c8a6668f1be4e824cb2ec45ddf263f919b00bb8b1efeec9e5cd74a5,2023-06-30T14:03:49.057000 CVE-2023-29708,0,0,2ef629bbba32361455e83eeb77c74c9941283b0b7802b7d5259db5da833e264e,2023-06-30T15:36:24.177000 -CVE-2023-29709,0,0,0d3454667a2df7a2a70a25d926debcba2c94e2a7781c9c8ebd08c22bd46d4d6f,2023-06-30T16:33:44.100000 +CVE-2023-29709,0,1,1919d1c002a9f96ee0c8c1546cfa07ff60386e39621ffac1bbf1b005f52a1602,2024-12-06T17:15:07.473000 CVE-2023-2971,0,0,09c2688d8062b1336023fa5f5864b213c7e8b49cb91b2f58bd689f1e380ea4b7,2023-08-24T20:19:37.060000 CVE-2023-29711,0,0,591e483f87a1474275bf4c86b6ff389de838a21b92775df763c50acbd1bb8690,2023-06-28T15:33:24.683000 CVE-2023-29712,0,0,0442ca4dd3114603002d9279c837146613d74a48dc43af16ea80dc6be3703cce,2023-06-16T17:30:06.723000 @@ -225734,7 +225734,7 @@ CVE-2023-33284,0,0,0589d43d58da123dbb992aef99776f9f974bf20e01de87297815cc061ff5a CVE-2023-33285,0,0,346fa2aebff3b26e0dce2415d6b55e51dd2abe88b804a2ec163b1e68a3cbbeee,2024-05-01T01:15:06.050000 CVE-2023-33287,0,0,70d0ca72b61a84f71b61b504883cf3dfcdbe7867b29c7e605eb36ca8df5fefa5,2023-06-08T01:26:27.440000 CVE-2023-33288,0,0,6e9d4ead552c3a0ba41f51c29d0a89ad413f57965894731b38b2e51f2a1622af,2023-11-07T04:14:48.630000 -CVE-2023-33289,0,0,332faade8248ed04cde9e44917be14c9483113c17b05cf9f234a56b4d5484390,2023-06-28T16:44:05.340000 +CVE-2023-33289,0,1,81b9a7ccdd1d1899e2a8c8e51b7a3bb58676862a80f4b492e1bfa278e066f540,2024-12-06T18:15:20.427000 CVE-2023-3329,0,0,e05aa6061a406908952f348db2436efeb6f700b85bc2d9a87e8c493b2a301257,2024-10-29T18:35:02.750000 CVE-2023-33290,0,0,53581d74a4614054c7e40cff2a64bb5baac85c4040f2c05262fe63d04e3e8a25,2023-06-21T16:06:56.787000 CVE-2023-33291,0,0,e9db5278b53d838c69e38b9c0ca1574d9600832eb966ddf8cf2cff4260f638e5,2023-06-03T04:27:48.593000 @@ -225816,7 +225816,7 @@ CVE-2023-3339,0,0,84e78bdfc21d46341e060aaa5cae0e080748624955cf675ab7f45da1c31225 CVE-2023-33394,0,0,affdaeb9897cd90454fadf5508a08d7ae84a4154c7e10c58b57a2b8ae652b0d4,2023-06-02T15:53:51.300000 CVE-2023-3340,0,0,941fbff9b1c2b2a87090788e4b7a5e476037645a41e3075aa6aa091e6248eab5,2024-05-17T02:27:26.817000 CVE-2023-33404,0,0,e12e1740fa125d846db04bf41c3659492b4af42e3ee2d6d989ac32253c1873cf,2023-07-05T17:35:32.947000 -CVE-2023-33405,0,0,ec9d4cf3826cafe87e8255c77efca1f4e17957c448765743dbbe9d94abbc13af,2023-06-28T15:46:39.587000 +CVE-2023-33405,0,1,4ffc9ed6899a82157392aaa5892cf9cb52b24d07dacf07cc60fb49ff4b70c63c,2024-12-06T18:15:21.373000 CVE-2023-33408,0,0,ddff4b81e4543af2f850a783f08a1b5650db56187a603fd6da7d175a65aaeafc,2023-06-09T22:47:21.147000 CVE-2023-33409,0,0,0b4fb4674ddd3cf0cb958d0bd999901b16254cac81180fd4f0811b3efcefda9f,2023-06-09T22:45:58.233000 CVE-2023-3341,0,0,2db05ae079a6425ca3a60c465b88b59e78fbf6b262931b9f7d8b6ea9bb17fcd6,2024-02-16T18:39:05.933000 @@ -225906,7 +225906,7 @@ CVE-2023-3358,0,0,12e8757394b39f03915a68fdab7c57a08d2dd1a06e5f61eff9ec3fcd54fa48 CVE-2023-33580,0,0,b896a7d26da1c4a99df4635960a09e8061b54d8b1045b27b06cfff27cfdd8bba,2024-05-14T13:14:08.210000 CVE-2023-33584,0,0,a1f261b95d9793aa4dc94db58be1fdcb1978b62cb448302d23854fb5713a34a5,2024-08-01T13:43:52.090000 CVE-2023-3359,0,0,7f349026bdb808074eb0d523a222b94708cd05b6ac1c81f8f322d6dac7c8427f,2023-07-06T16:56:35.407000 -CVE-2023-33591,0,0,6954bee932d8b941e70bef242e7fc267053992ca325a9cd1ce96449a755b6a30,2023-06-28T15:47:35.893000 +CVE-2023-33591,0,1,ff986afc0316a9e18af2b67e930a74090c24895de581e443e4716ade8f2865dd,2024-12-06T18:15:21.610000 CVE-2023-33592,0,0,7c4409bdba2c84ea3ca29a0763e3041ef6a52fd88856d82842982b89ccd016b7,2023-09-25T16:46:20.430000 CVE-2023-33595,0,0,19502ac295e04fcf8d557ffbd986db2151a6dec4a5cefc4c08841ec858587476,2023-12-08T17:03:53.690000 CVE-2023-33599,0,0,575cada57d7e314cc5d44e1e295a6e5cbc363afe311c25b006614746e112f4f0,2023-11-07T04:15:05.850000 @@ -225983,7 +225983,7 @@ CVE-2023-33719,0,0,450b3f74d20642955335edfe77816a12bbb2c40a8b1ae774383693d5e2704 CVE-2023-3372,0,0,68d1098617404817f4e5350551062310b0a88bf9ec086161c7a68ef4d7de2adb,2024-01-22T20:46:01.150000 CVE-2023-33720,0,0,bd002ce00d39dff72e37668c224da664c636d40cf75dc74db05d99abe895de9a,2023-06-02T15:59:21.680000 CVE-2023-33722,0,0,0a85402b41d6693e594ee41084f5c08f016dc2f68dc25ae14def187250e40a11,2023-06-08T02:52:01.370000 -CVE-2023-33725,0,0,9a402ac023367a060333a8fafbb6adb24e548f0438df1059edbf7fddae22a092,2023-07-05T15:52:44.110000 +CVE-2023-33725,0,1,501441fd8c0850dda7db2b5cbc4c50d99063609270f88ed8b5e1f563ad958019,2024-12-06T18:15:21.850000 CVE-2023-3373,0,0,3ae2b2a541f3a9d4488c14796246eb0b42ba0bc51e411beeb51c315f04cdb0d2,2023-08-10T14:59:52.507000 CVE-2023-33730,0,0,4b4bc5fcfc855f4596b2c9d258e91b15fd87fbef42c38e7513620ad5ef2c198c,2023-06-08T01:24:53.397000 CVE-2023-33731,0,0,86c6cfe3520968ad0c151b75214e1695dbbbd8e688c3cb3e3186a1e32ed1f42a,2023-06-09T16:49:46.597000 @@ -243080,7 +243080,7 @@ CVE-2024-10477,0,0,ec5d3377a9eba885093e83f0ffc2c5214a9fc83d05d2bcf419cfa0429899b CVE-2024-10478,0,0,a63bf38a8bfa46322ffe79a3260a2e62e4168a517fb088dc75202387c0a46091,2024-10-29T14:34:04.427000 CVE-2024-10479,0,0,2cf095341510f03aced116cfbd158587751b5caab0b78f9cc79bac97953009f3,2024-10-29T14:34:04.427000 CVE-2024-1048,0,0,2f01cec4b27d0961417641b66cfc5a0fef8e061182b01c0d7a954dc28bdc8a2f,2024-09-16T16:15:12.907000 -CVE-2024-10480,0,1,f31711823acd53a5250be270a13f4ebe8a87237cf4947b48b387b1518ffaaebd,2024-12-06T16:15:19.917000 +CVE-2024-10480,0,0,f31711823acd53a5250be270a13f4ebe8a87237cf4947b48b387b1518ffaaebd,2024-12-06T16:15:19.917000 CVE-2024-10484,0,0,cfc6eede1df3b39f4709d402340f7fd6c7b0dde4f6a05c7bc473a031666f3752,2024-12-03T06:15:07.617000 CVE-2024-10486,0,0,6b6a9c7c1d7688efbd788cfa89c1b8eec85247981e0e8dab673908aaadf969ce,2024-11-19T21:57:32.967000 CVE-2024-10487,0,0,78655a991e24aa9dd082cd3faff3773a1cc1b0ed3ddfc55ae09b7e96ee30ac89,2024-11-01T12:57:35.843000 @@ -243129,7 +243129,7 @@ CVE-2024-10544,0,0,d84fa7aeaabdc2cfe5861efef74c5b30022ed51487865228c56366868169c CVE-2024-10546,0,0,fe7c4bb80388357d2012de9abcf9bdb2510a4d8644b958f5e63299c9a417e4c8,2024-11-01T12:57:03.417000 CVE-2024-10547,0,0,dd2ca02968fac3313f4dd9066814c9e75a14176f7b83142b042cd18e8be62972,2024-11-12T13:56:24.513000 CVE-2024-1055,0,0,ccc78f7d4bd63bcc448b5e62f7789de0e1a26ab036272b89eca521cba41a35e3,2024-02-14T18:59:33.780000 -CVE-2024-10551,0,1,b6d76955dc70352256b7b76c51a61e46f5cbf1ded31b071e2e374abc84c68762,2024-12-06T16:15:20.160000 +CVE-2024-10551,0,0,b6d76955dc70352256b7b76c51a61e46f5cbf1ded31b071e2e374abc84c68762,2024-12-06T16:15:20.160000 CVE-2024-10556,0,0,9e890aa0736585c2680fcc04ab1fac9d39c575c83d0f2617bdc1a9e76edbcf53,2024-11-01T20:51:35.617000 CVE-2024-10557,0,0,916270a9974bff554871e6150633c47888d2f31193bcd036f4a8e8f28cf81721,2024-11-01T20:48:56.980000 CVE-2024-10559,0,0,f02de87419b06f79046e87a4e20909e93937f86137fa0aad3ef812234236acf4,2024-11-01T20:43:41.070000 @@ -243391,7 +243391,7 @@ CVE-2024-10898,0,0,29bba6e208449ebd52631361f4bdc8eca3c372d754cd58876d30ee6c07372 CVE-2024-10899,0,0,3af5ea7b90e5da0230215c5076c9eff9b3749f9f5f947443d89625612842d08a,2024-11-26T21:01:21.643000 CVE-2024-1090,0,0,2d0b80c82d6d153c4e0b5412c3fcf892da86ac73a72da4cbf84bfbb064bdcb0c,2024-02-29T13:49:29.390000 CVE-2024-10900,0,0,5438023601d5947725ce57a2b51b24b31a697395c49ac1553534945223b38a58,2024-11-29T20:58:31.967000 -CVE-2024-10905,0,0,7ab946a463733040c5ae2766680065e1c15ce88e4480098cb5a21b2e3355a734,2024-12-04T17:15:11.697000 +CVE-2024-10905,0,1,98e243c9c6d3626765a0f5bec050b58ca35d0a0d124978428fd582cb710fa7ee,2024-12-06T18:15:22.207000 CVE-2024-10909,0,0,00227ca76b39b55bef99d9504795505a9497d8e3a535166b14e71132892a99b8,2024-12-06T10:15:05.107000 CVE-2024-1091,0,0,54ee7e9ca708166212a73aaa10e4715176fe17b55fbce1ee0ea8f95d289d46a5,2024-02-29T13:49:29.390000 CVE-2024-10913,0,0,4e9b29333972ed20a30c4eccde2c9645761370bd1f3d0211dcdd27a3f9c3d9cf,2024-11-20T14:15:17.253000 @@ -243572,7 +243572,7 @@ CVE-2024-11150,0,0,a42c681646aa4974b2ce83b0b93c5af4c26316891f1e3dd7bf6a226e6b2cf CVE-2024-11154,0,0,9c2f24e5b2c6bb0a1acf0aba74e4e593d635b23a924a1df484d24fc0dc0da623,2024-11-20T14:15:17.500000 CVE-2024-11155,0,0,3141a4c3b16589023c0d58ce63678a7d08b24b7d9f52724b10132ecdbf56081e,2024-12-05T18:15:20.933000 CVE-2024-11156,0,0,06cc28f3fdf4eafe724151e70cccd2e253f75b6a4b1a92b35065fa80954c8225,2024-12-05T18:15:21.103000 -CVE-2024-11158,0,0,972d238793f3738c1182d87bd077c2f01dbe60c146ec2b3626aa1cbfb5265b13,2024-12-05T18:15:21.243000 +CVE-2024-11158,0,1,48960fb25d56a6f5fe66ada28bf0702100971a20e78d8e9e7c0b57aea8116164,2024-12-06T17:15:07.970000 CVE-2024-11159,0,0,40c853846b1f5260f445d8196c4d1f6aec01e81777411e7a4839d765e27bfc1a,2024-11-26T22:15:17.720000 CVE-2024-1116,0,0,4196b5c71a0d802f4c1e9b3a43ac71c958f929e96b26e1ebb01241c6bd176fa3,2024-05-17T02:35:14.983000 CVE-2024-11160,0,0,c2a00c83ebfc94083c99410ffbf76862f5cddeb9d6f2530e0ed9a430c75b3087,2024-11-27T18:15:08.620000 @@ -243614,6 +243614,7 @@ CVE-2024-11215,0,0,fb8a71cad5204690d7fc24b1c1787d6360fda1c469df5e0270b5ef3894a49 CVE-2024-11217,0,0,5d4ed802680b391d1dbfc3e3b561791ea824d61f478d755424e831d8c9d2195c,2024-11-18T17:11:56.587000 CVE-2024-11219,0,0,adb818c3439dd08f9efd035590aa0488dddb5fa007778c12bea179a71bd79105,2024-11-27T06:15:18.110000 CVE-2024-1122,0,0,0daea6a9b881beb2ea9e563443c7905c114cf68ea1093ef9f6fd6cdf2c48aad7,2024-02-15T19:17:26.630000 +CVE-2024-11220,1,1,8bf258914e007e8314e9874abf0f82d1b435bec757c99ae036914153c845e345,2024-12-06T18:15:22.407000 CVE-2024-11224,0,0,14b47c721b9a9c90a723c9ae6778fdcb98c55c7926f245bac226fd6a6bd6741b,2024-11-19T21:57:32.967000 CVE-2024-11227,0,0,6d038a3f0b3d06ec6f77c9f28005d0fa682c840cdcdc2f7651d65c97ec36da46,2024-11-23T10:15:04.083000 CVE-2024-11228,0,0,9fc5ec42228f59de6756223b2f66605b831df8cf5121ac71cae8165002d20d23,2024-11-23T12:15:18.577000 @@ -243911,7 +243912,7 @@ CVE-2024-11676,0,0,6ef36de52dd97ba26f79b4f6c2236d5c5f7317f446d492a904b809bcb2fcc CVE-2024-11677,0,0,87a6177c5b391fe3e3720d37e67024bea5a041e744a962c7b6d3c8e2d9ea86f7,2024-12-04T20:33:13.023000 CVE-2024-11678,0,0,fce9fb7e025c917df93cde2de1c865701af156abefa3010e32d19624bfee04c2,2024-12-04T20:39:07.400000 CVE-2024-1168,0,0,b74b0b0c267c02c66f0f474186eac7335d29517290a9638a292d9de8edcd7c5d,2024-07-11T02:52:36.687000 -CVE-2024-11680,0,0,1415befe3c792193abfef469dafa7463a81c8604ddd2ae59420450f5f0258ce0,2024-12-04T02:00:02.410000 +CVE-2024-11680,0,1,413293c09da5679a3e6b3bb9a6bdd26dd9245aca40b801761cabf7d2cf810aa4,2024-12-06T18:42:17.390000 CVE-2024-11684,0,0,9f2fe09eb8e335ba8391a949cbf48c636db8bb7de80a47009590f5cdfa3e8218,2024-11-28T09:15:04.793000 CVE-2024-11685,0,0,2626aaa1c85fe00c7037f15a9af93889a5b226726b04ceaddbef8ece377d16ab,2024-11-28T09:15:04.950000 CVE-2024-11687,0,0,84514bb98732ffc9ca2906ea8e96ab481d88f84c1648da7b939544b1044de35c,2024-12-06T09:15:07.303000 @@ -243942,7 +243943,7 @@ CVE-2024-11729,0,0,2827c895dedc0ed4dd965773a11bae36af1e873ca6340b82c6f253a207f9b CVE-2024-1173,0,0,d3495940fb5216c0fbed831a88233211893c24cb888781ac48f1d76bb3bc26ba,2024-05-02T18:00:37.360000 CVE-2024-11730,0,0,1c75a29ac86330ee59ce7e562964d19e5b2f34b817b5e3f64dd6b06aec3955ea,2024-12-06T11:15:08.033000 CVE-2024-11732,0,0,9ac5f8faeb8d3d023aef30c0e1c16293895e21fbeef4db588eecb4bcce0a9632,2024-12-03T08:15:06.383000 -CVE-2024-11738,1,1,5803102c629088a1a2da01b2d25c2140a03e3f90be532f5ab04ee726320c55e3,2024-12-06T15:15:07.723000 +CVE-2024-11738,0,0,5803102c629088a1a2da01b2d25c2140a03e3f90be532f5ab04ee726320c55e3,2024-12-06T15:15:07.723000 CVE-2024-1174,0,0,1a20d0936daa8c05ea33a8dfff3a4c4c734ee1e57e74d832a558685298d668aa,2024-08-28T21:35:03.473000 CVE-2024-11742,0,0,159958446bfcddf210e603d44dd5e0653c4d00985f509f964ecd8fded8c95573,2024-12-04T21:04:48.830000 CVE-2024-11743,0,0,f820c67dcaaaf23a6b1da5f22e8dfaf3af6e92af3da2964cdf1cbb12adde80f2,2024-12-04T21:07:20.510000 @@ -244121,7 +244122,7 @@ CVE-2024-12235,0,0,38f1b3feacaad948f40ac9e8f67e1ff40424da9b6b0097b46c94da1cb9b5c CVE-2024-1224,0,0,5ae6c514ac328cf1da04b8ed0644857500ebf34ce993b80e4e918efec900b252,2024-03-06T15:18:08.093000 CVE-2024-12247,0,0,d5c2fdaf4ab27cb3f776fad80cd63211a094668755f28e461521a00bf1e54442,2024-12-05T16:15:25.243000 CVE-2024-1225,0,0,a853f4976fb83c6334355e0444e701230a93393d2963cd320d17d46d82664837,2024-05-17T02:35:19.560000 -CVE-2024-12254,1,1,72443992ee8f7a657553874aecd90824c4142b4c6567b99a5817df1abf95aba0,2024-12-06T16:15:20.623000 +CVE-2024-12254,0,0,72443992ee8f7a657553874aecd90824c4142b4c6567b99a5817df1abf95aba0,2024-12-06T16:15:20.623000 CVE-2024-1226,0,0,8468709c7e5985706a02eafa0534a9ca6154e724547969096693c3d6c6d57a0a,2024-03-12T16:02:33.900000 CVE-2024-1227,0,0,3107f30bc54f20049fdac9a8d2aa05cabbd90f7d48a70b5eb8ee4219e193157c,2024-03-12T16:02:33.900000 CVE-2024-1228,0,0,7825d19ed2188a2970b084912b8143b5f7a1bb071f403c915e1ea5b67d97522b,2024-06-12T17:54:10.157000 @@ -244685,11 +244686,11 @@ CVE-2024-1822,0,0,d3338217ebea9fb35a562bced306fdd327dfa4cb5bd43514437e68a1ee06ba CVE-2024-1823,0,0,bc40ee6def2096397277259f2c87f4cce8e67327f079668d1eed732237ff5870,2024-05-17T02:35:37.780000 CVE-2024-1824,0,0,ad2a7bf090b861f97d4813ba1c9ca7e736c2450e66a5946f4013518d94817777,2024-12-06T14:44:58.437000 CVE-2024-1825,0,0,94224c598383aeea43f74621bfb1622acdf3624bba639eb6baf3398ac6cb0efd,2024-12-06T14:39:05.777000 -CVE-2024-1826,0,1,a58e3fd5fb891070638c22770316b0ef5dc8eb76c467c9672c359a1ade2daf28,2024-12-06T16:28:47.783000 -CVE-2024-1827,0,1,f49379b1b555d677aa2cc2899455214fd3826f16bf75308bcb24e428f1e2bcf1,2024-12-06T16:27:35.863000 -CVE-2024-1828,0,1,b6976ed94d57f1336064fc79323390eec3658f16d0aa2744f892fad62b7ea32e,2024-12-06T16:22:23.323000 -CVE-2024-1829,0,1,1d902f6ab55a48ce8679b9555af4f7400a09e1e8a88e9a612ee93d6a137b7279,2024-12-06T16:20:39.807000 -CVE-2024-1830,0,1,d45cda4b1d5ed84f256382444c2274c6c644ab1eafdc8f3894a05d999338ff31,2024-12-06T16:15:12.410000 +CVE-2024-1826,0,0,a58e3fd5fb891070638c22770316b0ef5dc8eb76c467c9672c359a1ade2daf28,2024-12-06T16:28:47.783000 +CVE-2024-1827,0,0,f49379b1b555d677aa2cc2899455214fd3826f16bf75308bcb24e428f1e2bcf1,2024-12-06T16:27:35.863000 +CVE-2024-1828,0,0,b6976ed94d57f1336064fc79323390eec3658f16d0aa2744f892fad62b7ea32e,2024-12-06T16:22:23.323000 +CVE-2024-1829,0,0,1d902f6ab55a48ce8679b9555af4f7400a09e1e8a88e9a612ee93d6a137b7279,2024-12-06T16:20:39.807000 +CVE-2024-1830,0,0,d45cda4b1d5ed84f256382444c2274c6c644ab1eafdc8f3894a05d999338ff31,2024-12-06T16:15:12.410000 CVE-2024-1831,0,0,fe4f04ca4f16299df863c45f808c333b9c936fe3926d83057306e36aa427a769,2024-05-17T02:35:38.537000 CVE-2024-1832,0,0,40b533f1b9e7e762441c8d0b18d62d1866d4ae3b96379e93c2ebc82b48b3a435,2024-05-17T02:35:38.633000 CVE-2024-1833,0,0,8ecca19d319dba1492e91c31d7c82fa386f577400ebaa6011fbdbda7cad95a40,2024-05-17T02:35:38.727000 @@ -245731,17 +245732,17 @@ CVE-2024-21045,0,0,918bd035aa1d6211c105c0b035415fa2c831f7eef3679326aa8e323c6a0fd CVE-2024-21046,0,0,6cd7417a9fe1dad42e5e390bd73f6c59f847ce1b22a979e6a850a74e46589580,2024-11-05T16:35:11.803000 CVE-2024-21047,0,0,2bc5d014697923ab8f9837dde11c202b28c9635338e1429d1d2707b2d34f9717,2024-04-26T09:15:10.500000 CVE-2024-21048,0,0,0740c7f75430ed630e47ca8538d7654b46da3ebd0ee4b5951500b7c74c4ef781,2024-04-17T12:48:31.863000 -CVE-2024-21049,0,1,cf8e525df33a5a24e132d334ba49c1d8589866044b454cf887fd0c37f2d4ee7c,2024-12-06T16:58:16.557000 -CVE-2024-21050,0,1,d173dd80a3b3f9296826239fbb7cfc39b495adb10b6903e9be9cef4381abc447,2024-12-06T16:54:42.740000 -CVE-2024-21051,0,1,46890b252f7ba446eaade23158ee1163d17c95e1ad5c2ab10a42960a70fec69e,2024-12-06T16:52:07.510000 +CVE-2024-21049,0,0,cf8e525df33a5a24e132d334ba49c1d8589866044b454cf887fd0c37f2d4ee7c,2024-12-06T16:58:16.557000 +CVE-2024-21050,0,0,d173dd80a3b3f9296826239fbb7cfc39b495adb10b6903e9be9cef4381abc447,2024-12-06T16:54:42.740000 +CVE-2024-21051,0,0,46890b252f7ba446eaade23158ee1163d17c95e1ad5c2ab10a42960a70fec69e,2024-12-06T16:52:07.510000 CVE-2024-21052,0,0,e3949841d9fa67edbdcab968c6ac42d301424c98f18703ad9fe9bea56c30002d,2024-12-03T17:15:08.950000 CVE-2024-21053,0,0,7fef0dc012419ed4a2e2c8a891096cd3e5ba1da6901d2a12026f2e7f8894c29a,2024-07-03T01:46:26.233000 CVE-2024-21054,0,0,835b9f20e0e5a67456e3f5d7374f40411fa327258971531851fde9f6c745e99a,2024-07-03T01:46:26.957000 -CVE-2024-21055,0,1,d4afb9e6bb181154a1ad9917994cbb43e5de61ba54936a846e9305ea59fb30c8,2024-12-06T16:46:49.543000 -CVE-2024-21056,0,1,0dcc32d0c18d4896c290f310ef243843a5682e36aa06dd914c35764b4ac46885,2024-12-06T16:37:56.173000 +CVE-2024-21055,0,0,d4afb9e6bb181154a1ad9917994cbb43e5de61ba54936a846e9305ea59fb30c8,2024-12-06T16:46:49.543000 +CVE-2024-21056,0,0,0dcc32d0c18d4896c290f310ef243843a5682e36aa06dd914c35764b4ac46885,2024-12-06T16:37:56.173000 CVE-2024-21057,0,0,c1217f83633c24cb2e62e95ffd4860f165c284aba6906919eece4336c921ccc6,2024-07-03T01:46:27.783000 CVE-2024-21058,0,0,95646a257ae328a0139e5511bd8e67fc9779535c8be9025ba07f17d27758c921,2024-11-19T21:35:04.083000 -CVE-2024-21059,0,1,ed97a0e890f735671a9459c7363a548ec82a50c3aae747ff5d1cfaf4b1055cce,2024-12-06T16:35:57.460000 +CVE-2024-21059,0,0,ed97a0e890f735671a9459c7363a548ec82a50c3aae747ff5d1cfaf4b1055cce,2024-12-06T16:35:57.460000 CVE-2024-2106,0,0,213f924b1030e277957ab3251c0a5e0aaf21bb221bf06ebf6920975bdeafa568,2024-03-13T18:15:58.530000 CVE-2024-21060,0,0,5dad82251c69460b0dcc342dbc8fe5f30ffd6435784fefca48a78f953ddd6047,2024-10-31T16:35:05.517000 CVE-2024-21061,0,0,acce4a5f468dca01931c32e50c6611a1e683c3d9c025ec493bafb29e16c7fe5f,2024-04-26T09:15:11.143000 @@ -245754,7 +245755,7 @@ CVE-2024-21067,0,0,3c1db72abc041e4cd640c75884818bbbf8c687caa8093bb33878c33da44b6 CVE-2024-21068,0,0,5397ed6276bc380474002ef2f826d2dbb33ae28ef93eb95352209ca8f93abe8f,2024-04-26T09:15:11.273000 CVE-2024-21069,0,0,e8fb038125081aee0289d623e5836cee4ae9c0f693a34e8e6777594462628a90,2024-04-26T09:15:11.350000 CVE-2024-2107,0,0,902766287c54c3e88a205ae58fbc93817b4ac63ce16c76170f3874ff8989f8ce,2024-03-13T12:33:51.697000 -CVE-2024-21070,0,0,dcb32bdff97d714fae397a13993c70a847f7c7a724f9c49c152268eff8babf0e,2024-04-17T12:48:31.863000 +CVE-2024-21070,0,1,807e11fcc6c0d1a17c94bd4836d34e814dc45e31d77cf2ffdb260697704a7b3c,2024-12-06T17:08:50.733000 CVE-2024-21071,0,0,ef4afb1893071bf9afc8d2a6252fd27efdd4f53ba3c0df579c63b35c35843417,2024-04-17T12:48:31.863000 CVE-2024-21072,0,0,7f673ab379e3c8685bed2a1be8717cabd60284c4e7f85a16930c542ef012a340,2024-04-17T12:48:31.863000 CVE-2024-21073,0,0,6fab5dcf6f6b2dd06f1784f0d55406ff6087734f2ac6cbb318793cd2479feb81,2024-12-04T16:28:30.120000 @@ -245779,7 +245780,7 @@ CVE-2024-2109,0,0,94fea5557ca85707a8add26a16c9667c38681a6051b37cb4d81c4a444a805f CVE-2024-21090,0,0,37a9329ca4ea88e58f19a40c712804df6aad8d3af015ccd127f2e694328d8e16,2024-04-17T12:48:31.863000 CVE-2024-21091,0,0,9a3043aa88572c51cb2bee778e3b5eee6044532371caffcb433155119b6a18eb,2024-07-03T01:46:31.737000 CVE-2024-21092,0,0,d2fdff9310eaf3a230419f3c20427d9eba344e874f04b2824493cef292340925,2024-04-17T12:48:31.863000 -CVE-2024-21093,0,0,b977c1a3632396c2108f82732e10aeb173821bd3e9b429f6849aa20ee47b0c97,2024-04-17T12:48:31.863000 +CVE-2024-21093,0,1,2fea1427f4d1c2a380d0e5f0866f8b6a1791c0bd93eb8c4d628196af71b84640,2024-12-06T17:03:13.813000 CVE-2024-21094,0,0,263056239ff6ad0bc667e8c6542629ef5df05fe8ce26e38409cfe58bcbaf0d28,2024-07-03T01:46:32.570000 CVE-2024-21095,0,0,71837bbaf2bea328402990b14e523963606d49d2731911e5f425e34df69f4f33,2024-07-03T01:46:33.287000 CVE-2024-21096,0,0,6aea65a83e2d5b0b6b2c176040905d4617084dd4a49f2855ae52e067c47fcfb6,2024-06-18T02:15:09.823000 @@ -247380,7 +247381,7 @@ CVE-2024-23235,0,0,d147655623feed7f676315427c134a6bbfb5863ecb6102302089b527b673a CVE-2024-23236,0,0,35e1e8394e7b9f6ad4331abd77ccd4bc245703e2c3f094e21b2b9f6f0cc432ae,2024-07-03T01:47:39.753000 CVE-2024-23237,0,0,6dc8609157dba9ce55eaf57b67c4721681fe5ea22e8e490a9221bb71f875db28,2024-09-23T19:53:51.170000 CVE-2024-23238,0,0,e055da92b65437a98bc321c417e70a8f6a5157addb3c81c8dcfe9f4937312e89,2024-12-05T20:03:43.247000 -CVE-2024-23239,0,1,58f7142106a452f97f9ff8329c3c4a416eedf8e675ababe58dd9f9ea7e426641,2024-12-06T15:19:55.447000 +CVE-2024-23239,0,0,58f7142106a452f97f9ff8329c3c4a416eedf8e675ababe58dd9f9ea7e426641,2024-12-06T15:19:55.447000 CVE-2024-2324,0,0,a32ac9b03f44a6b6199f75f2e494024d5620e1a8d468eb3441202d4c5501e3ef,2024-05-02T18:00:37.360000 CVE-2024-23240,0,0,cfcc74bc9a2561f234f2e09cc9a15ccb46db6ecf3cf7382531a3931cd8b2b580,2024-12-06T02:23:48.297000 CVE-2024-23241,0,0,2df8eefc5a5d3e8f7e71fdef3cf0685aae5531508958f5f579f425799516c24b,2024-12-06T02:19:38.083000 @@ -247400,11 +247401,11 @@ CVE-2024-23253,0,0,6fee2e03ec17eb24d88c1bed52c44c23ae4ef97327ff874a2890eaaa17222 CVE-2024-23254,0,0,3ad832d7c7a0a8a8df5739c11dd6d63a4415039b0e1baa027b884d9d2dd50195,2024-12-06T02:54:01.530000 CVE-2024-23255,0,0,7bd882417f214059f6dfc15001b2afab0607fe28723d0b0944187e5c1a7be405,2024-12-06T02:51:33.217000 CVE-2024-23256,0,0,4ea578b20137f41639da60d4790de798cbf85fd6e17c481c4d3ab161fae0f632,2024-12-05T17:05:54.973000 -CVE-2024-23257,0,1,1467811b3c7f8cf950ef1db91c554bcbf97ae8444c35241cda16dc8b09cb98b0,2024-12-06T15:07:41.487000 -CVE-2024-23258,0,1,eba9c68188ca56a6ed74a451e7dab749f607b390492bf516b3fa96413ebc51e7,2024-12-06T15:15:59.713000 +CVE-2024-23257,0,0,1467811b3c7f8cf950ef1db91c554bcbf97ae8444c35241cda16dc8b09cb98b0,2024-12-06T15:07:41.487000 +CVE-2024-23258,0,0,eba9c68188ca56a6ed74a451e7dab749f607b390492bf516b3fa96413ebc51e7,2024-12-06T15:15:59.713000 CVE-2024-23259,0,0,32180f50b016e600303bef490f7c44972cd0819551854177dd2a129ee13314e5,2024-03-13T21:15:57.180000 CVE-2024-2326,0,0,3c8b37146da325cce38aec51267ca4284760cd42c72a832b281add7789332b70,2024-03-25T01:51:01.223000 -CVE-2024-23260,0,1,86bee0d3b6e536addbecc74ccb792fb0e6df91f3c5ef6f2caee278d7f60aa344,2024-12-06T15:21:05.480000 +CVE-2024-23260,0,0,86bee0d3b6e536addbecc74ccb792fb0e6df91f3c5ef6f2caee278d7f60aa344,2024-12-06T15:21:05.480000 CVE-2024-23261,0,0,cb385d380ceee0a391bebc04ab3ceaec4703efa7ff238216caba5cb7d16d9096,2024-08-12T15:38:36.130000 CVE-2024-23262,0,0,62d9ca66899810aa5c6562616e9cb31025a85566f240255b691a56f330edff70,2024-03-13T23:15:46.790000 CVE-2024-23263,0,0,d226157fc33b45c7e307e7b0bb570cfcc69dc1555ae79726ac7dbaf98cfcacab,2024-07-03T01:47:42.140000 @@ -248121,7 +248122,7 @@ CVE-2024-24189,0,0,4341dec91a6c4ea964ce95e8e93498362b7b635156f701f9e5b916d3cca9d CVE-2024-2419,0,0,5fcca91de88b5162a5d5aeb9dd468155ecc506341b89e036ecb778a50946c5eb,2024-04-17T16:15:08.470000 CVE-2024-24192,0,0,ffe5606e736de78358a35de5802afc887da00a939731a521ccce7da2b6dd6b9e,2024-11-01T19:35:16.720000 CVE-2024-24194,0,0,6e4b565f8b358bea94fb9302f51a0554b1c64f689126d61ef7288c2abd366315,2024-08-23T19:35:08.380000 -CVE-2024-24195,0,1,4898a975de7673640d9ec781f21729307866b67dc17433dc051edc2c7e5a2219,2024-12-06T15:15:08.130000 +CVE-2024-24195,0,0,4898a975de7673640d9ec781f21729307866b67dc17433dc051edc2c7e5a2219,2024-12-06T15:15:08.130000 CVE-2024-24198,0,0,39f33744c61d2e76f2c7469ba1022b9888286a16828e50cdd605cda74a0f7595,2024-11-19T21:35:04.337000 CVE-2024-24199,0,0,956558a019bced3cdab8f2f4bfd9c9e973ec8d8e5d916df7bdc663228c5b2420,2024-10-29T19:26:03.577000 CVE-2024-2420,0,0,13b83832dbf3c227f1bb0a786d7224f8bb2d919ddb4e3730a2d048cbbb3f3674,2024-05-30T18:18:58.870000 @@ -249472,16 +249473,16 @@ CVE-2024-2615,0,0,96fccb91db04540134f2e85737f4c1b81249de0dc9bd5a3d73e2ffbfd4e263 CVE-2024-26150,0,0,724a23f6f5cd2b08e078faf9766b70ef43f45650f38390687bb0597c880332b3,2024-02-23T19:31:25.817000 CVE-2024-26151,0,0,e1dc838a6d430f2f3bb000afc8645752ee52070eab909d9c789d043adb639eb1,2024-02-23T02:42:54.547000 CVE-2024-26152,0,0,be8646b007362130f2d7e4b19e1e011379a1ee505dd31fab682fd492bc0e9a97,2024-02-23T02:42:54.547000 -CVE-2024-26158,0,1,bb699382dd6add8b1ffa424dc9def1213e75d3424ea850b8560917a60113c6de,2024-12-06T15:40:50.143000 +CVE-2024-26158,0,0,bb699382dd6add8b1ffa424dc9def1213e75d3424ea850b8560917a60113c6de,2024-12-06T15:40:50.143000 CVE-2024-26159,0,0,74a66efe68adbec642f5d04cf56c7ff71c274a7e0567a329cd0963c884afdcf0,2024-12-05T03:06:07.380000 CVE-2024-2616,0,0,9b15179cd9c13063a987e4bea66929da17ee47340fd2e08c233e9c68e7f7a332,2024-11-04T17:35:14.147000 CVE-2024-26160,0,0,a5ba5256c33bdbaacb3171d5280616afee8699c566f2ab3b8302aeb6de79cfee,2024-04-11T20:15:33.553000 CVE-2024-26161,0,0,89563409800fbffebcb197091c745615b33e6199d314ab3dd15f0aac42b18b88,2024-12-05T03:13:28.823000 CVE-2024-26162,0,0,6db79e02ea9ccfbdf9b6ec43f0dee2ca0f4b40a961c561698caa8afa95c0a1fd,2024-12-05T23:02:38.947000 CVE-2024-26163,0,0,1cec6fd5081dd6336471bb2c93b29cc598ec8cf690b6a4f047866b54bc86ed44,2024-06-11T16:15:19.610000 -CVE-2024-26164,0,0,97e84461485204919561d873bba734d2b5d91bb4f6ec5c1ad6eb15a94be78498,2024-04-11T20:15:33.877000 +CVE-2024-26164,0,1,955f43c621335a0915ed0ccd09771b1791419f5f5b5d2b4566de2ffe6ff42e0d,2024-12-06T17:14:53.333000 CVE-2024-26165,0,0,83eab2c0875e9b88a1f7ce329398a5e0cce759e0512193fa6f5822a067798b74,2024-06-11T16:15:19.780000 -CVE-2024-26166,0,0,2dced7e6cfb444dab6a8949445585382808844907087fc776f21c6d4c672ba6a,2024-04-11T20:15:33.987000 +CVE-2024-26166,0,1,e18f80ad40f8bc6f793bad005879d5e5b9993daac689d33724d3bc73a70a370a,2024-12-06T17:13:11.063000 CVE-2024-26167,0,0,8855bcc7e86d2bfb321c97571f709e8374a60be9ce3b496dc4c11c762f54238c,2024-11-29T20:40:52.990000 CVE-2024-26168,0,0,79980e86f7902cdfbf2750e2f70229d42c3911a1aa52728ae4a317e89b62a526,2024-04-10T13:24:00.070000 CVE-2024-26169,0,0,1019f2fc447e0f9753156720ba4d1d39073dcb9223b8501955c81cf0a85bd6ec,2024-11-29T16:24:31.767000 @@ -249515,18 +249516,18 @@ CVE-2024-26194,0,0,11c479afbc9197da02f6a4aa14d5718e799cccfb9f0ca6804619eeb622290 CVE-2024-26195,0,0,f9685945e615e0cfe189b9bd1c92904f15fea6beba07eb018c4de9659528b4d4,2024-04-10T13:24:00.070000 CVE-2024-26196,0,0,5f4e2e1bad9203c90db925095545affe695f5e0a89ae7500f6ce9ad4c0ae2786,2024-06-11T15:16:04.943000 CVE-2024-26197,0,0,17802ef5eb9da6620279f331b4f31440afdafbfe5f1c96a05e8675951f498bb5,2024-04-11T20:15:35.027000 -CVE-2024-26198,0,0,c640ad8fdf6b1e0f6e54261ca31938b6e4e1ae57627b56557d0b7cbe5bd0367d,2024-05-29T00:15:37.817000 -CVE-2024-26199,0,0,c9978735a3f6ce87d3319d01223a224fc7f6e1a9aa60777ff0cc956753d96c40,2024-05-29T00:15:37.927000 +CVE-2024-26198,0,1,e84246f9a50ce130b577ac09bbb53f0b839bbe0b88ca56ac36c78356e6403593,2024-12-06T17:12:07.640000 +CVE-2024-26199,0,1,de92fa6956c0375e1cc6cc07bb193dcb58ea6bd7f5ca90a22b99af62ae11f509,2024-12-06T17:12:27.343000 CVE-2024-2620,0,0,6b28b9b94555efb0bd77a33772efab8d47252168659c55a4b3eb4d7da91e6f3a,2024-05-17T02:38:21.923000 CVE-2024-26200,0,0,9d7a115de166490e50bd5473853818e51a79fb30fc7cb5a97e8a9c7f136c2b8f,2024-04-10T13:24:00.070000 -CVE-2024-26201,0,0,03f60732492af59de76093d425aed5f55032c3a69f667bad6c2edfa38eeec7d1,2024-04-11T20:15:35.327000 +CVE-2024-26201,0,1,b695a22668f344c6a5009b94534cd93f805e4d96d32a3c9c05b50b0be3b8117d,2024-12-06T17:02:30.493000 CVE-2024-26202,0,0,a5c2e2210ecb762f4f431f8c31a0449def3d4a06e7306daece755d13af1b1911,2024-04-10T13:24:00.070000 CVE-2024-26203,0,0,cf1f7e55a2051c4ba6190287f70eddfceea395e873869918ffc6ade58f52855c,2024-04-11T20:15:35.420000 CVE-2024-26204,0,0,9d80b436c75dd5f1da0507f1090d98f268aec7442d15345801e6673fedf166ad,2024-04-11T20:15:35.527000 CVE-2024-26205,0,0,32e802bb107fe1a9f639d66e07851cd645300e51bf8330d5cb128fe2c3881c30,2024-04-10T13:24:00.070000 CVE-2024-26207,0,0,eebd3198eee2d220773a7a6c3806203e4676eeda6560419c6378b5c07dbbc748,2024-04-10T13:24:00.070000 -CVE-2024-26208,0,1,c546b7ba6fe9738cfb1a6d5077c2f4c407e24a16222e2a17068cdcf4f76a6419,2024-12-06T15:39:42.890000 -CVE-2024-26209,0,1,079303da558aa9eef55bdbe0038fa18e334cab0e7233447eb24a997dfebe5593,2024-12-06T15:37:15.937000 +CVE-2024-26208,0,0,c546b7ba6fe9738cfb1a6d5077c2f4c407e24a16222e2a17068cdcf4f76a6419,2024-12-06T15:39:42.890000 +CVE-2024-26209,0,0,079303da558aa9eef55bdbe0038fa18e334cab0e7233447eb24a997dfebe5593,2024-12-06T15:37:15.937000 CVE-2024-2621,0,0,3706442027ec8371e4c938f5d9a813d037caf3980d1ca0ec9e941adc0a9a6c02,2024-05-17T02:38:22.030000 CVE-2024-26210,0,0,80668a0088efda63c0156312b85125604fcb808022ff6ecf79973436c0b409ba,2024-12-06T14:42:44.433000 CVE-2024-26211,0,0,a71137a808631f005ea74a6e19924c3ddb403ca8859f05d513b3b1abad73046f,2024-04-10T13:24:00.070000 @@ -250415,7 +250416,7 @@ CVE-2024-2722,0,0,3d547fbfae7104f0dbf6c0b76ddd02751536ed8c09a63381f891ff8e3f28de CVE-2024-27220,0,0,9e42cc406e1b16ddffbd424b62b76586911d68db1ef5ee823133d22916298517,2024-08-26T16:35:06.173000 CVE-2024-27221,0,0,0b9e9b937a1b9e138bd27417c292991204813b235d6b5129744f85ce4729872d,2024-08-27T21:35:16.047000 CVE-2024-27222,0,0,628d34a7a6bc07d71cb2e1c85581ef034de82cd46a15b7c424080a08ed0a02c0,2024-08-05T18:35:10.287000 -CVE-2024-27223,0,0,fc9cd51cab8f4da67c2e7794cf7ee5a6f1936f992a7ebb2975acb9d55a9e0abb,2024-11-15T21:35:13.053000 +CVE-2024-27223,0,1,283aa61b55edbc74ad1b108ccc338916be832878191513c86027a30e87f5829d,2024-12-06T18:15:24.070000 CVE-2024-27224,0,0,a3ab635f09865455059477937ba40dabd5c75c049ca5d090f69e7a764213aabe,2024-08-01T13:48:20.053000 CVE-2024-27225,0,0,4066fc479d85e41bfc3a21ed1b56d094f7f8c2b2d6dbe050f5934705a2ae1195,2024-11-07T16:35:14.340000 CVE-2024-27226,0,0,09f15816885dbcfaf6362ca8e72640a49144f9653a0b3d4a746337108ce37a78,2024-08-27T15:35:10.130000 @@ -250427,7 +250428,7 @@ CVE-2024-27230,0,0,88b39cd1454faf6416d3a6ba7200a6d0a1063eefbd9e9f88e3222f1d6afdc CVE-2024-27231,0,0,d8b2d97e5660ff4673b72a0d9d6ef48029433941ff7be081ddb1db8348a72ddf,2024-11-25T16:15:12.423000 CVE-2024-27232,0,0,64ecd9a830c9b30b766707b244dd77aa970adc2152fb16fddd12d23820aced02,2024-04-08T18:49:25.863000 CVE-2024-27233,0,0,4f805b66de1371a2d4417bd116c04ac1324a59b0f4fedad25c9d0195537442f4,2024-08-05T18:35:11.120000 -CVE-2024-27234,0,0,1b0ad16da90d4d5fdb81d47fff8f9573f537fbee16c19c1920ac4110156ba7b1,2024-11-04T17:35:12.957000 +CVE-2024-27234,0,1,7ad82767be5d7562c531c72087745b5f3d61bf551f09b828a0cb7c43f3329dd4,2024-12-06T18:15:24.243000 CVE-2024-27235,0,0,dda2fe44faf4df1b9d613a056bf0fb67b816bf4db9564d1ea4606c019daa6c18,2024-11-06T16:35:13.410000 CVE-2024-27236,0,0,42db3b0d6114a0f284786f77acfa731b447b1bbb3d017aeb40a796e6668e1514,2024-08-27T15:35:10.943000 CVE-2024-27237,0,0,229917a4428117370a5145466e677b0c72a40fdcb37122ac8c08e36ef5d19033,2024-03-12T12:40:13.500000 @@ -252468,7 +252469,7 @@ CVE-2024-30124,0,0,40a4254bc1bc6d9de977773d0f614d8309c4c262777ba96571bd84dac137c CVE-2024-30125,0,0,967c3bfd100afb2f9224f4a02a5fadb13adf29c3b227e11d52a6e3184d1fe4c3,2024-11-12T21:35:19.700000 CVE-2024-30126,0,0,6fc62f044a7f0651037fa78da0350df1d81591508f3d5a2909dd34802958ba70,2024-10-30T17:35:02.160000 CVE-2024-30128,0,0,c924b379265c859e8daf7f44eeec6d1dc40d7540b45d81bbd3137e5592a1e7b5,2024-09-26T13:32:02.803000 -CVE-2024-30129,1,1,7491db076049a9ae59d854723701462c6cbec16758c19138a31ce47740010b5f,2024-12-06T16:15:20.777000 +CVE-2024-30129,0,0,7491db076049a9ae59d854723701462c6cbec16758c19138a31ce47740010b5f,2024-12-06T16:15:20.777000 CVE-2024-3013,0,0,6f68abb10d211d077c48c60372c20fba216cedafa08cc66982d3e5be234b2590,2024-05-17T02:39:40.710000 CVE-2024-30130,0,0,8448ce55a01a9b4e45eabf08a2080330d22dcd23bef5d840e0a0228a0f910b0f,2024-07-19T13:01:44.567000 CVE-2024-30132,0,0,2755ce31fca62f5cb6c9467e2e9dd0f46b1eb8e96cf72e2eba3ab725581a0713,2024-10-29T21:35:05.643000 @@ -255422,7 +255423,7 @@ CVE-2024-34049,0,0,3df614830d71e8ac5fba93ebf68fe707e589f258fbe295336d0f23b1e1107 CVE-2024-3405,0,0,1a36e7936640d8ee3b950dcf5e1524049898a441fb6f4e16f7e747a8431e73fe,2024-05-15T16:40:19.330000 CVE-2024-34050,0,0,44c48f4071fada74be495a02e6832030ef2b56f478d8d3c41b6b32ec804128b6,2024-08-01T13:52:14.410000 CVE-2024-34051,0,0,a8120ee635d56801294cebdedb69db5ed1626c2ec52a245c57ea4ea12a675bfb,2024-08-20T16:35:10.510000 -CVE-2024-34055,0,1,8274f9e7a90c6f83eb90e85ee1cbe197a9f9dbbde048ebfd3348f3e044958db4,2024-12-06T15:15:08.330000 +CVE-2024-34055,0,0,8274f9e7a90c6f83eb90e85ee1cbe197a9f9dbbde048ebfd3348f3e044958db4,2024-12-06T15:15:08.330000 CVE-2024-34057,0,0,144833c264b8d13b78d4b5938239b0da10202219948b3f1de2d39cbfc6aa2bc9,2024-09-25T17:08:16.017000 CVE-2024-34058,0,0,cfbb8590d55f48cefc143414c8f3d439d56763f898de84d852e391cab57a6cc6,2024-07-03T01:59:19.210000 CVE-2024-3406,0,0,43419e68856488b4b180d817f6df1b0507098cc5d23fc41e4c9ff5a45a3194f6,2024-08-12T19:35:11.330000 @@ -258705,7 +258706,7 @@ CVE-2024-38329,0,0,515bd4f8a6975d0242eb5160bb598bf35297ce9bdbe7a3832edd58be7833a CVE-2024-3833,0,0,d8bd7ba32ab0c5df93ed1bc71c84eca78bd804cb628236293c000739d365ad50,2024-08-01T13:56:42.740000 CVE-2024-38330,0,0,33b4b1d171beda816ad627337fb5495a328e7dcd46af2bf62178f6a78527c9e7,2024-07-11T14:53:16.417000 CVE-2024-3834,0,0,a26b5bbbf7ca8a185b9797b4c7859f6535301f1ab4b8908e1c720ae8be2c469e,2024-07-03T02:06:36.447000 -CVE-2024-38344,0,0,9ab5a9367a4478293ac2379112f78ca200a2cb316c550e5b0a6b06a397872c02,2024-07-05T12:55:51.367000 +CVE-2024-38344,0,1,c3f614f414d62cde3a55726244e500e4dd08719f2cd9a8082171daa986ea9b20,2024-12-06T18:15:24.490000 CVE-2024-38345,0,0,52f2293d17b88d6e356144e0e15c86a25194f7d79ea68829ed7fb7a553e8b4d2,2024-07-09T16:22:44.523000 CVE-2024-38346,0,0,689d401df5aa75c70def7483ddda9de7aa5563e129adce9d2b51b58b0f05d227,2024-07-08T15:48:17.710000 CVE-2024-38347,0,0,0d1068ef932ec6d98ae8718125de6f9e1999f5db75d75126f90312b4a6428d62,2024-08-01T13:54:48 @@ -261309,7 +261310,7 @@ CVE-2024-4218,0,0,dff7b6ef5b1eda10e25547a7c58ff59e7141627798ff1eb390bbb04c101af4 CVE-2024-42188,0,0,26a3c898c2312a232bd54c8511f8d7fef66ee727dbf7a729f62cb44bd166d795,2024-11-15T13:58:08.913000 CVE-2024-4219,0,0,e67747b1814e30f9a57aa2d5fada7a64c70b8e2f4229bf1bd72194f6b14072cc,2024-06-11T17:06:50.963000 CVE-2024-42195,0,0,24c8d833c1c5353a32957af21cf58fb5abea810bbea0a2ddb49349ee879086f7,2024-12-05T05:15:06.923000 -CVE-2024-42196,1,1,65182770c23cd11d73c454cc968033cfa06221b25c73c39160ff3362b03d4e57,2024-12-06T15:15:08.550000 +CVE-2024-42196,0,0,65182770c23cd11d73c454cc968033cfa06221b25c73c39160ff3362b03d4e57,2024-12-06T15:15:08.550000 CVE-2024-4220,0,0,046e30c2acea51afb217826bab01d9bc8062f3ae27d0f03889e044f9dcbfad10,2024-06-11T17:05:35.203000 CVE-2024-42218,0,0,331226ea49af1a2f92292f364b4fd8bc3c26a90f49d1b9421ad0db0c509189fd,2024-08-12T18:27:54.660000 CVE-2024-42219,0,0,6d72ad1f1e2233036625c33df60f051fc9699cbd96bd0caf5f28288f63cee194,2024-08-12T18:30:21.627000 @@ -261581,6 +261582,7 @@ CVE-2024-4249,0,0,20dbadf05c38d413ed14f5d424310da5ffa119a0ccbbcb5b690e0c54ceac34 CVE-2024-42490,0,0,c74b5a356197cfdd591b442b14ff2431ae7b9dd31d3d19cabc69311edc084829,2024-08-23T16:18:28.547000 CVE-2024-42491,0,0,f29a442764e941cf16c1143e20ac825cd384b5c08683995678d650efdc59327b,2024-09-06T12:08:21.290000 CVE-2024-42493,0,0,62acde285327354a8bf885be4a4449e2ac155d363ca62a755a0d6560a4377c67,2024-08-29T14:24:14.373000 +CVE-2024-42494,1,1,174afee03bc0f6df01c04bdcd464bd5ee2c9a29ff917f7e745d38da74ad1e872,2024-12-06T18:15:24.707000 CVE-2024-42495,0,0,9abc7330eac6d6df1f12abde56401fb389a89e85bdfac6db206d32a19ef64c3e,2024-10-04T14:37:36.703000 CVE-2024-42496,0,0,82629bcd722b8cb6d341bed3916823c994361fb6b4946b9099c29ac012cbc5a4,2024-09-30T12:45:57.823000 CVE-2024-42497,0,0,6c95277a74b4240375f9e65f5c21a104fec038817af68c50a8b421844638164c,2024-10-16T20:05:09.183000 @@ -262881,7 +262883,7 @@ CVE-2024-4419,0,0,918f3c0166609f9f9b771eac1f6aa12d317d90973a2d5ca4b8b94efa19c281 CVE-2024-44190,0,0,5081ce2fbdd1649caaed595db236986bbee24e3cff5adfb1ad5f115afe6eab20,2024-09-24T18:02:25.313000 CVE-2024-44191,0,0,d240f1b8433a5ce6dbe87e65698049b28e8c35859d01c776684fda07dd899ed0,2024-12-02T15:00:03.333000 CVE-2024-44193,0,0,f17ea6ad74232cbfafb0dc23bcf4b401977d8786ab1d3a877fc57ebc775c3168,2024-10-04T13:50:43.727000 -CVE-2024-44194,0,1,789113f0658a6ddde1f6417d93be90ede379c24f3199a65cf3b83f7069f1c9c3,2024-12-06T15:15:08.690000 +CVE-2024-44194,0,0,789113f0658a6ddde1f6417d93be90ede379c24f3199a65cf3b83f7069f1c9c3,2024-12-06T15:15:08.690000 CVE-2024-44196,0,0,37fcda4793ee95ace3154d44d1f0e6b9e5246a54065c19ee694bcd44652d1ff0,2024-11-14T02:15:57.873000 CVE-2024-44197,0,0,f746b509d706404ace80e693c7eefa6d920f13c2319518fec36693551eaae5de,2024-11-14T02:16:23.927000 CVE-2024-44198,0,0,a791372ee4d27381da793bfaa9ff3602c34f52c134516fb46328053cb2cef47f,2024-09-24T15:45:32.787000 @@ -262912,10 +262914,10 @@ CVE-2024-44237,0,0,0ccb96caec122e6d60ce17ba18063b0a9447d8c20c9511ccf57f0112e5d38 CVE-2024-44239,0,0,b1c500a5855b33a0e31116488aa95188674fbdd2e0bd8c5e593700ad4ae3c2e9,2024-10-30T21:35:07.853000 CVE-2024-4424,0,0,f0ec85c26b242f03f1dda01796c703344a9d3cb93681b5b37fa83e955b9558c1,2024-05-14T16:11:39.510000 CVE-2024-44240,0,0,e5ba92ee4549f224efe1d86523187caae6bf204f299f708564698d6b997335ba,2024-10-29T20:35:28.870000 -CVE-2024-44244,0,1,573c6be3aefd70d7c10a9a2e90a39d7e9b0481351a0f285c1fb9ad7116e70d3d,2024-12-06T15:15:08.857000 +CVE-2024-44244,0,0,573c6be3aefd70d7c10a9a2e90a39d7e9b0481351a0f285c1fb9ad7116e70d3d,2024-12-06T15:15:08.857000 CVE-2024-44247,0,0,defcbc0b3d225705e42d0820ed116fe0437d4039aabcb45092438de3ff44467c,2024-10-30T17:49:05.693000 CVE-2024-4425,0,0,42da9fd06b4c286cf2ec4b279ef4c006e94043f167bd5abbfb6b02300a24e0e6,2024-07-03T02:07:33.267000 -CVE-2024-44251,0,1,efd4484ccf413da27c840a1b5bfcdb39f987aa1d7f3c00dd48ad7085440ccce1,2024-12-06T16:15:20.907000 +CVE-2024-44251,0,0,efd4484ccf413da27c840a1b5bfcdb39f987aa1d7f3c00dd48ad7085440ccce1,2024-12-06T16:15:20.907000 CVE-2024-44252,0,0,2900e8eb4277894e96511252705f846cc73aa1b0f9912fe369b4487a3fa26418,2024-10-30T18:11:48.300000 CVE-2024-44253,0,0,01e966eee405f221b488cb25f8d9ee6d573dd4b0a37fa1e86a62a29fe8989257,2024-10-30T19:35:20 CVE-2024-44254,0,0,b932471c7b72b296626acaae1c1c1c65f96f253ebe16cc5535f9abf466bf2610,2024-10-30T21:35:08.673000 @@ -262957,7 +262959,7 @@ CVE-2024-44296,0,0,ce190bc6ecab48c9648d12ed82ec9ef15eb86a0c5bf224e9ce5cc6a37626f CVE-2024-44297,0,0,79b1a7724e5e5ef3ea1a90918f341220daf2a3cd7bb65b3a989c955fd834b7c9,2024-10-30T15:35:17.777000 CVE-2024-4430,0,0,137066e4356a4d04e3ad731fb42c3579f278eca0ad3e41ea882926334c71093f,2024-05-14T16:11:39.510000 CVE-2024-44301,0,0,e57f1a12cf8c57ae2bf8a0deda4abbc44e17e7c3ec00ae41ee84335bdf9af805,2024-10-30T19:35:22.447000 -CVE-2024-44302,0,1,8e2df0f8c8bbf990ae9e0c0188d5dc060a503901afef39bb207c003562ed13c7,2024-12-06T15:15:09.050000 +CVE-2024-44302,0,0,8e2df0f8c8bbf990ae9e0c0188d5dc060a503901afef39bb207c003562ed13c7,2024-12-06T15:15:09.050000 CVE-2024-44306,0,0,30e6b62b20cb4827539838b9ad1117b1c4caf5a6a100e3fa44a4d9f09dbdd63c,2024-11-20T16:35:23.177000 CVE-2024-44307,0,0,9e70c08c83168f1b166f0adb0f44da27d930f75021e34e9c4988cb0e1544104b,2024-11-20T16:35:24.267000 CVE-2024-44308,0,0,acc369578912d118b4a89ca8ee5987b89635f4149292d31f719e55be8c103584,2024-11-27T19:35:10.147000 @@ -263031,7 +263033,7 @@ CVE-2024-44555,0,0,79d5d49bf1bc4597ba26a6e2f4eac2577a558d608cab5b3b630e57ceed479 CVE-2024-44556,0,0,21b8f75a124871754bd554a0be835972bd8bdd87368ef911fa1d52b55f7f8dc7,2024-08-27T14:28:03.540000 CVE-2024-44557,0,0,86b422667de9a5a113f22597ca61434642bafb87eec96c0dd71c14a0dd05cdc3,2024-08-27T14:30:17.523000 CVE-2024-44558,0,0,6d87f392eda09922944831aa9fc2790f469b514dece92bfccefe48ebd558f473,2024-08-27T14:28:17.290000 -CVE-2024-4456,0,0,4944908816b0dabd168db28a33c87155bafc589f1ccdd7f87c25aad569cea442,2024-05-08T13:15:00.690000 +CVE-2024-4456,0,1,9e256113ce6b5f434b1029225d9b7c490634452bbac2479c1f026431fd87fe33,2024-12-06T18:15:25.450000 CVE-2024-44563,0,0,6dbd76e0f089d60e056938eea08be0958b9b4b0e2739be9b2567dba585143e70,2024-08-27T13:43:26.300000 CVE-2024-44565,0,0,e25f465e010d5d48f951ee0faaea27800251f5ba71d3aee72b61ca7f81604b74,2024-08-27T13:43:46.897000 CVE-2024-44570,0,0,f31dd0f16dce6578a9c7f72b7c19d2bcd61b4bcd828f5dded7771736a6590860,2024-09-12T12:35:54.013000 @@ -264482,6 +264484,7 @@ CVE-2024-47034,0,0,558e2a7d5a936fa44ec7effaff8334ac5e14654558ea39c45a930fd9a21cf CVE-2024-47035,0,0,4e91a9b948b2436f3e1ce65f21bd6916987ebeb91709f80af87e58910e21de45,2024-10-31T00:05:18.113000 CVE-2024-4704,0,0,9637a93e192a5f32142e05687e31ff3688b029254561fc4728d18bbfa1666d6b,2024-07-03T02:07:57.433000 CVE-2024-47041,0,0,3bc2a3bddc8da3842b6c1f5b193d4833f879c6d95295752a7854f136b776b81b,2024-11-04T22:16:13.793000 +CVE-2024-47043,1,1,ff7306b21eb859e0c607701debc2adf8fe538056615ae8e43dc87871d3e434a5,2024-12-06T18:15:24.853000 CVE-2024-47044,0,0,ee5fa186fb8ea19ca537298bbe2b5e712b21f44e9ac5aca4b5f7e41e68f91755,2024-10-17T02:15:02.840000 CVE-2024-47045,0,0,f477b3cad8608c11a6f4e2c578041877872bac107a164ee977d83ddf752336b4,2024-09-26T15:35:29.950000 CVE-2024-47046,0,0,7869fbf4e097ddf562d122b002ca5484caa2f32ab0ccc92f893d14cc4f35f687,2024-10-10T12:56:30.817000 @@ -264852,6 +264855,7 @@ CVE-2024-47534,0,0,3fdf39e9d60bdd61b891053803d0cdd86e1d9b2f1594fae7730f1f0f0b99a CVE-2024-47535,0,0,63a4302cce4cbc5b98965ded88b399629f71758bc7b059f3ca8923cf2603f89c,2024-11-13T17:01:58.603000 CVE-2024-47536,0,0,353df15c5abe486c0bd2000eeee4b00375b2403ebe72a10be7f49c66f18c4bd4,2024-10-04T13:51:25.567000 CVE-2024-4754,0,0,43efa3a5287d05b500ecfcf4503ad62e1b41a22939150352bf102c1b98a3511a,2024-06-24T12:57:36.513000 +CVE-2024-47547,1,1,081f2a643932182c4582a662d72f550c1782b69dab411145cef30411116f0f4a,2024-12-06T18:15:25.017000 CVE-2024-47549,0,0,113d97e5056ed200778519e504bac77f5b27816ee70d3059de963f972da95681,2024-11-05T19:40:52.070000 CVE-2024-4755,0,0,ca5306e45de4985a027d64d4740785092288eb6abbd1ab6d1fda3377d88d4e7e,2024-07-03T02:08:01.477000 CVE-2024-47553,0,0,2212e0c73d31ee4117260b14c09959b86700d87277dc600c8b069eb02d73b59b,2024-10-11T20:04:08.623000 @@ -265465,6 +265469,7 @@ CVE-2024-4869,0,0,c966893d60f3d2b834063ff6490a8006deca39b71769e89345f5be1133a2f1 CVE-2024-48694,0,0,2e009f14e5cbf39d16504c271f784eb7e84a1c73a35a7c09efc86b05213cdcaa,2024-11-19T21:56:45.533000 CVE-2024-4870,0,0,34dc62fe0d9ee09fd087b0b9ccdcdae4c15125668207018dedb4b3cfd451baf0,2024-06-04T16:57:41.053000 CVE-2024-48700,0,0,498b6c948c1fef5839fe542228c950391a625f976434be0997a68c56eb15e0ef,2024-10-29T19:35:24.643000 +CVE-2024-48703,1,1,cbb963c725ee16afc9bb3e0a7bba740b511791c150428794c0c5ac739f44f0d0,2024-12-06T18:15:25.170000 CVE-2024-48706,0,0,e747f2815f744d2574a2c914482979e92abcb175ce526e54d28ad054b049d395,2024-10-25T18:58:35.380000 CVE-2024-48707,0,0,fd9b1d38f6684577739099dad2b9e541d52b6b52c575d76793119672c0ee0220,2024-10-25T19:11:54.310000 CVE-2024-48708,0,0,117d10f4a9b96b209a6f5e6f3097728d8a65264e256ad998e6bda4d438b21882,2024-10-25T19:10:08.457000 @@ -265541,12 +265546,19 @@ CVE-2024-48845,0,0,a9adabe8c1d84c64215d49bf6bd399f5996da7b5bdf7d692f3c99c7e67e80 CVE-2024-48846,0,0,ccc7c46d4f5e64480770367787fe85ce80d70171b9f36ac6d92b68817ba9cc26,2024-12-05T13:15:06.983000 CVE-2024-48847,0,0,21b8361accc5c1e859a7b7eeaa84b6d272d3a8ba5bfec01e1eade8f83592c364,2024-12-05T13:15:07.150000 CVE-2024-4885,0,0,2608f2aa7fb5189467bda7bb610d4e03f1b43256b775a84e60ba9a3b8ac9b260,2024-09-06T22:44:27.840000 +CVE-2024-48859,1,1,6dbe7c77c0dd21b21da6ae254d415ac65906e964dbc1b362bf9cec4eb3d58f55,2024-12-06T17:15:08.350000 CVE-2024-4886,0,0,d27ca09c7d3a0108a7cfa4692eb479eab6127452085468fbf17d7a45144cc1ee,2024-06-11T17:14:56.323000 CVE-2024-48860,0,0,fce4ab90de3f31aa417781e2a22f57a29767d4462689a48ef32fb1b2a5d6d0ef,2024-11-22T16:15:28.337000 CVE-2024-48861,0,0,50e1cc3bd3f31422b5f2c9e47aa2a056da5a94b30ecf7b586667714f0a5b09dd,2024-11-22T16:15:28.483000 CVE-2024-48862,0,0,76b95a0a77ce0ef631a469fbe3d231a7804e0bfa2c6d983bf85a900faf0f995b,2024-11-22T16:15:28.623000 +CVE-2024-48863,1,1,d914642cc6d776659b184189597c528e8d013e4f66705329b05a06774dde5083,2024-12-06T17:15:08.533000 +CVE-2024-48865,1,1,748981eb277522820a55c89200ba3381718596b4a6d024a29ae18a13cddf122b,2024-12-06T17:15:08.653000 +CVE-2024-48866,1,1,e178d391d79ff60f89e93eb969450b2ca84f2cf3ab5dcdeb44b3ced7f28f9379,2024-12-06T17:15:08.800000 +CVE-2024-48867,1,1,c24b894cbb0d9e167e34009f58850fd60856e1c8d3699d6a2cfc3c928b85d3e4,2024-12-06T17:15:08.940000 +CVE-2024-48868,1,1,41f17ea2659971b245068f0a103eb545185fe33239be1a650c24f0f5a90d5da2,2024-12-06T17:15:09.063000 CVE-2024-4887,0,0,a9fcb128c464af9b649411220acdd6815488462c8e19ba3fbbc0069b693c8d04,2024-10-29T19:52:44.863000 CVE-2024-48870,0,0,b84b2a0a996d006ee4f5fea8401898b5086223eb9bced7a7565798c7f43b1d69,2024-11-05T19:34:38.287000 +CVE-2024-48871,1,1,d8d57074234f1bf2940ee6f4e89a8459a4126d030b25c54a1289e01a065e9f8e,2024-12-06T18:15:25.267000 CVE-2024-48878,0,0,2b15f82c5be65c88d261c3882a75397babc580305d6a252ad1dbf2de5b50020f,2024-11-05T19:44:58.650000 CVE-2024-4888,0,0,ad5e456877e6c4225b3f983ebfcea1f0af64a03667e43f1cd6a0842bed4216c0,2024-11-03T17:15:14.137000 CVE-2024-4889,0,0,98c988bc305180dfde4233cdb25b83940a2a23ecd5fc7825e58f1cc0fbfe5628,2024-10-15T19:00:09.633000 @@ -266662,7 +266674,11 @@ CVE-2024-50381,0,0,cc4c78182ccb5412150348a074c0f3fe64b48452294aba2fc4de16da81547 CVE-2024-50382,0,0,f0709ea17e5f95032091a174ec66193a9596281fe9af192634610c6cbe74c173,2024-10-25T12:56:36.827000 CVE-2024-50383,0,0,e2190fcc52d7d22ac332b0c05a25a337fdc4e67265af4d4eac38727251637b62,2024-10-25T12:56:36.827000 CVE-2024-50386,0,0,e8a2dfb379d3c33fde3d10d50a34e7ed2697dcee8b987f61d477faa743f65676,2024-11-12T15:48:59.103000 +CVE-2024-50387,1,1,6a0b3d908f67c59fbcba406812d1e4c1f6c49049baa6f0c482ebf4caab1da676,2024-12-06T17:15:09.247000 +CVE-2024-50388,1,1,9c7c3470c31ad574d772d29b68ded571ac6b9408c223cd85592f4bd226b0f45f,2024-12-06T17:15:09.373000 +CVE-2024-50389,1,1,727e4186c62449349a98338cc28c23d49f0a3b834ffa3beaf41a2390bc613459,2024-12-06T17:15:09.510000 CVE-2024-5039,0,0,d4eca04aa1b7f16d8be388592f13108d7bb098b959dcbbbcd1cb04ce7429f2b9,2024-05-29T15:18:26.427000 +CVE-2024-50393,1,1,8fca2961983dcaf15cf316a1efe7514ec918c4014162f4b5ecb0b9a9d042196c,2024-12-06T17:15:09.637000 CVE-2024-50395,0,0,44a8bd55d56964d49e213e43af6eecdeb7e6702f1cb149a4de668a73f48488cd,2024-11-22T16:15:32.417000 CVE-2024-50396,0,0,5adfd4e67a8212c6ecb7ca74d795f06b94f687df693a6423df3758db490e4aa7,2024-11-22T16:15:32.540000 CVE-2024-50397,0,0,46fdbe59e96a8a40ad6c2294fd4c78a24e211f2f4e8facd38f9cc902e850ea8e,2024-11-22T16:15:32.700000 @@ -266671,6 +266687,9 @@ CVE-2024-50399,0,0,e903478d441032d0386af5436dbc2525cebc341da32d94ea6898c02580cfd CVE-2024-5040,0,0,28e80b4d31908c888f58e8aabf481f59f60dc445c02b92b96b8990cba6ed3432,2024-05-22T12:46:53.887000 CVE-2024-50400,0,0,d5226d6dd7648d87c3bc01b3ceb2e3f08d4a06fd73c00bf62c5723c142d1153c,2024-11-22T16:15:33.157000 CVE-2024-50401,0,0,2e298f2fdf993c626b98aceb2b7ca95adafb0e005556bbc0fd766fcc3da02d76,2024-11-22T16:15:33.300000 +CVE-2024-50402,1,1,5af30813f384ec4c9d2217c99948a20e3393d4f2e88e5dd47b5ea028324ceb1c,2024-12-06T17:15:09.757000 +CVE-2024-50403,1,1,26ed8fdf38b0d4e40dbb2bd2d08a06028e67faaabb7350daf754c787f6d97361,2024-12-06T17:15:09.900000 +CVE-2024-50404,1,1,c26246bcc85902f0a605c118b5860ed1f6c78e689fcd0e5666bae790ab4bd108,2024-12-06T17:15:10.043000 CVE-2024-50407,0,0,4fb5f00a58beefd4cfac77c8419361c961ad849f2db4f958a95f873505b783a5,2024-11-07T20:28:22.860000 CVE-2024-50408,0,0,42895de3e084cedaf6647f131c47bd546b78f0bd37cacbb2a46053fdc5504c96,2024-10-29T16:01:08.447000 CVE-2024-50409,0,0,decf8c1f911e116f8cd8eaed54dfebb80d0d98a1eb5c9f1827ad8919ae8e2e9d,2024-11-07T20:28:43.577000 @@ -266891,7 +266910,7 @@ CVE-2024-50667,0,0,0dcbd7b35b311fe7a681d780dcbe2293327603709e31a27594acb760866d0 CVE-2024-5067,0,0,7a5f09523c1a14d6651905f1f8853395c32eebb526caa99a81fddc9a443e16ea,2024-09-05T17:29:32.287000 CVE-2024-50671,0,0,99782c17088a8d91d172d01f5a082085329526fd6f7189288ae0f91a8aaa1a9a,2024-12-04T17:15:14.860000 CVE-2024-50672,0,0,85b0d6db9be373a6fa69359f08bb412793e42f226dea70f6b5078fe3734ab9e1,2024-11-27T17:15:12.563000 -CVE-2024-50677,1,1,58e82c86e43d4c1c1cbd8275876db2f332dbe9bd788512f5d81aabd5f43357e6,2024-12-06T16:15:21.117000 +CVE-2024-50677,0,1,54ff67392f620dccd9eeb53d31061bc888e708182d6ec73491b20cd570e10405,2024-12-06T17:15:10.180000 CVE-2024-5069,0,0,9472ccb93cc67e368452ccbd7690fcdac2e9c6bf3a0a4c1febdda7b23dc05b96,2024-06-04T19:20:58.080000 CVE-2024-5071,0,0,1e84a840bf7fe6d05a333c61daff03721e2399762594abd260e8b415b74d49eb,2024-10-28T21:35:22.430000 CVE-2024-5072,0,0,85aed93503872c17702aba727bb062c3ccc667233546a70047ce6a70e5d2f498,2024-11-19T22:35:11.960000 @@ -267136,7 +267155,7 @@ CVE-2024-51366,0,0,8cb37b642efd94f1ef2cb009c97c3b6b6785b34318fa56f7821210d8849df CVE-2024-51367,0,0,321834f3c68e231d48212ed0455e22a6133cdcee14f287745838cf2ad31fdf76,2024-11-27T17:15:13.207000 CVE-2024-5137,0,0,1c94e90fa849c62df03c5c4f490c71de8dac579e548f5eda16234216f611cd2a,2024-06-04T19:21:01.370000 CVE-2024-51377,0,0,cf00c0a6e7d0ac48895095961c732d7f23ec2a7e49679df67603156d82aefffb,2024-11-14T23:23:52.997000 -CVE-2024-51378,0,0,c112e67f93aea3688dd7d3a538393e08bb33f1f3860c14181073b3142dcbcfb3,2024-12-05T02:00:01.677000 +CVE-2024-51378,0,1,60b518476e0f52f1f42de1d9edd060a172f8f183ad7a51b636d39c5e7781b145,2024-12-06T18:17:17.377000 CVE-2024-51379,0,0,2ac9e22a4ada4c046a62bb7cfce4898a690b6639726f7e96ec64275e3571bb6f,2024-11-06T18:17:17.287000 CVE-2024-5138,0,0,47c03094386326d2315f3415dc7d3ef94b00cbe65c94e42ace003fc1a8714791,2024-09-06T20:35:18.950000 CVE-2024-51380,0,0,f14cbfd3bfbc558498abdac43f5bd2dd3434adc287319fdcc829b18876bf6370,2024-11-06T18:17:17.287000 @@ -267410,6 +267429,7 @@ CVE-2024-51720,0,0,d935c89d678e6c2465c73b44d2acf8e765a514a71ed8384e14cba8904616d CVE-2024-51721,0,0,180a180febf9a6891635b908522e8114d1418c02626388536e7361dbc23f9485,2024-11-13T17:01:16.850000 CVE-2024-51722,0,0,989ca169c6c454e742dc9963e9f58bdb1051de913d3f85c7e971d36fba8be826,2024-11-13T17:01:16.850000 CVE-2024-51723,0,0,396a4757f193559d2a6f1b55a74b8b296d1e7f05a9e82fc3b3e447007f68add4,2024-11-25T19:15:11.050000 +CVE-2024-51727,1,1,2e8cc5de30f7e735c132767cc5298500934c1a30f75e63a8d70cdf72fd95df2a,2024-12-06T18:15:25.580000 CVE-2024-5173,0,0,e808cbd0ff507575dfa32503bcc3a2123c9461298f1a4a4ef8cd294367da6464,2024-06-26T12:44:29.693000 CVE-2024-51734,0,0,1cd13d8635d39c437cbb33b350735ec8f4fced2309825670ef2275f584df030b,2024-11-05T20:35:26.167000 CVE-2024-51735,0,0,4d68a755141918a79130284871e942292c9f37924aba0b94103b08a16b1df114,2024-11-06T18:17:17.287000 @@ -267735,6 +267755,7 @@ CVE-2024-52316,0,0,ff532393fbb3fe055624e3ec9b4317af0a9f5c80b8d099f274ce380979ad2 CVE-2024-52317,0,0,8dd9cf0b2675d0151da3af6e2ac3dfaef7e6c1fd135283d8e3e44d96c5be783e,2024-11-18T17:11:17.393000 CVE-2024-52318,0,0,2bba437e59239c6e36ab9227be3e173d0f3c7cc38d614e024ac840e507a6b100,2024-11-18T17:11:17.393000 CVE-2024-5232,0,0,8d68905f3b69b3dadb32694d2c73f30dc32ad3c794d56bacf5b1c8bfed3d3bb6,2024-06-04T19:21:02.890000 +CVE-2024-52320,1,1,6062509fc208a00daf069ed5c4dcacc7c699ea7bde09213a5af6a89b7e432764,2024-12-06T18:15:25.737000 CVE-2024-52323,0,0,4140a8efee2487f8a0ab9781f1095192b3a647c23a2a9eaba3cf214b9a3b68db,2024-11-27T15:15:26.377000 CVE-2024-5233,0,0,d230ff373762a089849cb791769c151d4d1eb1a364270894bffa0dbac945e679,2024-06-04T19:21:02.993000 CVE-2024-52335,0,0,67cb6fd051960e0d43068da517ea954ddbbef4d3acfef3df39a8dfefdedc4271,2024-12-06T14:15:21.230000 @@ -267953,6 +267974,7 @@ CVE-2024-52552,0,0,2f96ac448bf9b00ee8139fe2b1f83755e1d5e7ee62e44cc3e0f2925f12d3f CVE-2024-52553,0,0,11348c28b862f60d8b3c8dc11ab0fb5f1e53e1358b82b1f8a97199c0de1f5907,2024-11-15T14:00:09.720000 CVE-2024-52554,0,0,6589eaee43c4794afc2869f1e1fb69f264d40d3a38b215d2e67a517b5a3abbef,2024-11-15T13:58:08.913000 CVE-2024-52555,0,0,c97d8ff69d857d692c46704b7ff49ed428a5a26328d189c8729b526799d5895f,2024-11-18T17:11:56.587000 +CVE-2024-52558,1,1,8cac690cf76c334f27661c083286128d1e25d1df7e898ac18ce84c031446f9fc,2024-12-06T18:15:26.007000 CVE-2024-5256,0,0,c0c79be075ef53b66bd4c726b840e366d70c6f0c56013178c0440e2e2bf91c1e,2024-09-24T18:41:40.007000 CVE-2024-52564,0,0,18983955880ef907ed28cbb37a105d98746b8b276ab26ada4169cdb5d146ec41,2024-12-05T10:31:40.663000 CVE-2024-52565,0,0,fac10903d391ff827ff014e5a95deca40d1f2e18da523c49b30be0512dcf1829,2024-11-20T14:33:29.197000 @@ -268314,6 +268336,7 @@ CVE-2024-53675,0,0,01989df42cc3673d2d670cddd166ccee1a501522f5e01720638d33a9f30ef CVE-2024-53676,0,0,f7ef49b888a4eed0585ba7b9f7899002a769200a6ac0008e5a7b61bb2e49d171,2024-11-27T01:15:05.250000 CVE-2024-5368,0,0,769eef522c880c8dc2093ffee3167938a54b59c296f29ac57c1d46dc08bc9b95,2024-06-04T19:21:06.887000 CVE-2024-5369,0,0,29d3079c2fa6a7da6972686f223f9055b777de966536d115ae3b502886660c79,2024-06-07T20:15:12.487000 +CVE-2024-53691,1,1,b02dcac6ac33cf1ecee08a76e847ef09817a29f039984322c9675d4acf93429b,2024-12-06T17:15:10.520000 CVE-2024-5370,0,0,8d5901c25d38686248547e2a8832556411ad40480084c4770850db2b44d5a57a,2024-06-04T19:21:06.980000 CVE-2024-53701,0,0,f4abe9649c710b202319e22139a56475c551199e0e3e57f7ccc2eaf6ea401cc5,2024-11-29T06:15:07.327000 CVE-2024-53702,0,0,fefd61abb610cbd4ae8298ddd1a5340c18b419e8dd9d9d4a1829bc4f85421878,2024-12-05T16:15:26.077000 @@ -268466,8 +268489,8 @@ CVE-2024-53899,0,0,ca94e39391001349829a2f872ca5d1d0c6ef0f2f07a2a901a4f8c2f87ada2 CVE-2024-5390,0,0,577e03013c579fd5ea5c07b95a092cd4d32be3fa4130d25da9e61ffe468007ab,2024-06-04T19:21:08.020000 CVE-2024-53900,0,0,0f97d412cd34f05b1034ca5cdea562aa28c01c093581f7334d64c64b3b6f83bb,2024-12-04T04:15:04.573000 CVE-2024-53901,0,0,52cbcc170c451b305e90c5f0e2a88558d86a9bc5446c93579e76a9aa43a0081d,2024-11-26T19:52:01.653000 -CVE-2024-53907,0,0,962cc7878123310731233fe4e866e8b82aa91ffc46cf7ad305067594376d40c3,2024-12-06T12:15:17.730000 -CVE-2024-53908,0,0,f47c460fed802133c8321dffc2075e166f59a97fc72832548075843311ea9b97,2024-12-06T12:15:18.583000 +CVE-2024-53907,0,1,680e37726bc304c47af65c929b193be4e85ff36fd833b9d81afa753ed60cff3f,2024-12-06T17:15:12.007000 +CVE-2024-53908,0,1,aa03eec4994e72c356aa8b598643fc5257caa885058f4489a446dab5470fbfa2,2024-12-06T17:15:12.350000 CVE-2024-53909,0,0,f496b480d61110aca5ba4afaa8506ac48e157eddeacabdc9f46723c429d54992,2024-11-29T20:54:47.700000 CVE-2024-5391,0,0,a7c29f93c1b76aed47351138468a6c5b251b9f9a4ad39cf688118719a36ed1c7,2024-06-07T20:15:12.687000 CVE-2024-53910,0,0,b42cc0f8352ffa3f12c2a867329f0f66efd78292ca02cc30bc8a41459e9297ac,2024-11-29T20:54:55.080000 @@ -268538,12 +268561,13 @@ CVE-2024-54130,0,0,d743b97b688f1889df506833c19b059d59c521aa9cf19eb794486082f55f5 CVE-2024-54131,0,0,4b4918afa2a4261da20afce1984c24b92c3cd8c05c3ee6659db317d6cf1d35a8,2024-12-03T21:15:08.127000 CVE-2024-54132,0,0,173178d6ece3c7447fdd5c5581bec00491b47d845f420e9310f497032a9cb26a,2024-12-04T16:15:26.730000 CVE-2024-54134,0,0,01f811a321fb67f4c86b325bd0e972a7966de74270807e150473381d1bf3fa29,2024-12-04T16:15:26.883000 -CVE-2024-54135,1,1,0a2cd21806eae801f971086127a29556a7e3e1448341f7576c0282d14711f088,2024-12-06T16:15:22.340000 -CVE-2024-54136,1,1,499a307987eec79e106783431cd8038cf4759db782e329074f0e22c59914a1f2,2024-12-06T16:15:22.500000 -CVE-2024-54137,1,1,c52dc1a700c39db2c2a7dc26eb7ebeb074edff80b1086b0f3730e91009071739,2024-12-06T16:15:22.637000 +CVE-2024-54135,0,0,0a2cd21806eae801f971086127a29556a7e3e1448341f7576c0282d14711f088,2024-12-06T16:15:22.340000 +CVE-2024-54136,0,0,499a307987eec79e106783431cd8038cf4759db782e329074f0e22c59914a1f2,2024-12-06T16:15:22.500000 +CVE-2024-54137,0,0,c52dc1a700c39db2c2a7dc26eb7ebeb074edff80b1086b0f3730e91009071739,2024-12-06T16:15:22.637000 CVE-2024-5414,0,0,08acc305e6c9bea4a9589fa3dba157ea62649fb0f8c0ee74aad6ddc09386f1c2,2024-05-28T14:59:09.827000 CVE-2024-54140,0,0,8089c07e8d24ae695a65dc50ad4895d2855db2c27552ab3d877fefc4a4616391,2024-12-05T22:15:20.400000 -CVE-2024-54141,1,1,cccdffdc8f5f1070d803102d25f081a5358e87a7ff5e92c23b2c390688c3c88f,2024-12-06T15:15:09.530000 +CVE-2024-54141,0,0,cccdffdc8f5f1070d803102d25f081a5358e87a7ff5e92c23b2c390688c3c88f,2024-12-06T15:15:09.530000 +CVE-2024-54143,1,1,0cb9e25bfd6b776e292df2dd338185d8cbf760b38994745321b9c5de3cd5059e,2024-12-06T17:15:12.687000 CVE-2024-5415,0,0,d8ba178a70f3cfb2a3911a07d12ef045cc2ca261b5b8d85db5edc9c9636eef1e,2024-05-28T14:59:09.827000 CVE-2024-54153,0,0,fe748b404c05f0f3b478581c42b273c9674060ff9a7f772d2c51f053c33a523f,2024-12-04T12:15:19.853000 CVE-2024-54154,0,0,90e5f722e743af34caa289867c96183a78347ae32cd2d8a629d65a02c19e6b39,2024-12-04T12:15:20.047000 @@ -268615,7 +268639,7 @@ CVE-2024-54664,0,0,79dc396dc6c5b3917fb202a8de4cee0534c56602cdfe210a713783011dd6c CVE-2024-5467,0,0,d5f2177f9d3ea444dfbcd8018e7c02f38607b067be38c512aaf8da3b2751677c,2024-08-27T14:35:48.977000 CVE-2024-54674,0,0,545e92efc26fab029b2ecd902e6764f6f53f740b5b32d49c4c8440f2592a5a00,2024-12-05T19:15:08.947000 CVE-2024-54675,0,0,14b4e742326580d47a2a009f3e3f65a46d84415cc785ea77b3a28630132c9018,2024-12-05T19:15:09.100000 -CVE-2024-54679,0,1,1352bc7d3303e31cc1eba61d636c7de6848f963f9cc382e93a7603c6d67be68e,2024-12-06T15:15:09.693000 +CVE-2024-54679,0,0,1352bc7d3303e31cc1eba61d636c7de6848f963f9cc382e93a7603c6d67be68e,2024-12-06T15:15:09.693000 CVE-2024-5468,0,0,a9b6881473aab66cd93b6151044b19528c011d8001f0e2556b425e826958e7fb,2024-06-13T18:36:09.010000 CVE-2024-5469,0,0,2b1f02bc4b651b767de9138333ca1493d00343771be32540c7c4d36f10b2a10e,2024-08-30T14:15:16.703000 CVE-2024-5470,0,0,6ad8fffdbc9fc3c2ca94bc381d3be223e310676e26148212c497e243b6c17473,2024-07-12T16:52:52.883000 @@ -268623,10 +268647,11 @@ CVE-2024-5471,0,0,b5058f52e9634b68f4d4000cb97858db03cd2fac3d75cd140cb047a19da1c6 CVE-2024-5472,0,0,cbeafb08776655e35d6e47fe8a75d08cb39135639adca55be0cfb4cff69e0ec6,2024-08-01T13:59:47.140000 CVE-2024-5473,0,0,7a9289264d1a834c0b8e9151c353ddcb7a22a22f6b7d360897c02053aaaeb88c,2024-07-03T02:08:57.860000 CVE-2024-5474,0,0,20b2c41a331598795f754fc38fbdf69c26a3bdc540877e8ec1d3dfd8d963cecf,2024-11-15T17:00:35.697000 -CVE-2024-54745,1,1,149e668d67e2ee220311de22f3198ab71254f215d4a9fda2f3e71cc0870cfc51,2024-12-06T16:15:22.787000 -CVE-2024-54747,1,1,7f7ac262b9ec7b55931e0937131abeaf8ddbaf8f39f3996b2767aa21818fdec0,2024-12-06T16:15:22.893000 +CVE-2024-54745,0,0,149e668d67e2ee220311de22f3198ab71254f215d4a9fda2f3e71cc0870cfc51,2024-12-06T16:15:22.787000 +CVE-2024-54747,0,0,7f7ac262b9ec7b55931e0937131abeaf8ddbaf8f39f3996b2767aa21818fdec0,2024-12-06T16:15:22.893000 +CVE-2024-54749,1,1,60c5d58a38ce5b1b844dc93f7d24310fe1da8cc65902ed7376739adbcef51199,2024-12-06T17:15:12.983000 CVE-2024-5475,0,0,e09a66bd4d026df38a62a9d0642b82f2a5b9bf49c6a2d9e0e1e141414790fdd3,2024-07-03T02:08:58.050000 -CVE-2024-54750,1,1,5506bbd1df963bfd3267c41ccdffdae6f7aa2ec030a61b949e0fab60b41c7a4a,2024-12-06T16:15:23.013000 +CVE-2024-54750,0,1,e8c5c7ee4c0815bc9ca8d745cba9ee22458b717920032c223e5c213761edebc0,2024-12-06T17:15:13.300000 CVE-2024-5478,0,0,c601a39452cb705e9035daa72131a8a960693dee4deccdae668f9ad5d8466d4f,2024-07-19T18:29:50.137000 CVE-2024-5479,0,0,7bf7a94732a4ce28b83209c9d21f799503dcb5933696ba21b8f4bc98737c6d69,2024-07-09T18:19:14.047000 CVE-2024-5480,0,0,dcddee05a122e48deec7dd054d03a98cfc3767234733af70ab63ade31364815f,2024-10-02T16:15:10.913000 @@ -268676,6 +268701,7 @@ CVE-2024-5523,0,0,d7a88b58421b5d1ae546562c97be2066f98eb204a278a9729ed09f63f682e1 CVE-2024-5524,0,0,acc6c718843a634b3681eccc60375ca60bf82b8427b94da2351e444fa46af424,2024-05-31T13:01:46.727000 CVE-2024-5525,0,0,02c49ace47b04c4d76443f16f3ee0a6fe51259c43b6dd84bf29c79a7efe72454,2024-05-31T13:01:46.727000 CVE-2024-5526,0,0,60bf48d4ea40ca252e5afebf1dc1ad6e5a4db01756ddf2bd31cc94e151a8720b,2024-06-11T17:25:55.677000 +CVE-2024-55268,1,1,5815256b8e419074b7aab8269ee552c3d91f4b9bc4fce363634cc58739f7ce61,2024-12-06T17:15:13.690000 CVE-2024-5527,0,0,331ae87f67986356dc980ea3627872b6fdf17356300466b2fa99a93693833df1,2024-08-16T20:24:34.470000 CVE-2024-5529,0,0,937974f4dc8452080813e8845278bacd700ec1506795ce300b5e02849590121d,2024-07-25T15:21:02.647000 CVE-2024-5530,0,0,c11f1d7738a3ef2fbe260923ece5c37664d50f681ba992e1f901b970619d3d58,2024-06-11T13:54:12.057000 @@ -269643,7 +269669,7 @@ CVE-2024-6596,0,0,8001cefbd18b27b44dffd25d89889cfeadffdcc6d2b877cab97cdf4b131700 CVE-2024-6598,0,0,fb802128b1cfc176540749693b684b4374936099ab1c7948c1ec819266291908,2024-07-09T18:19:14.047000 CVE-2024-6599,0,0,6a69a16a0a8781527f95db9310983c42c357e28a72f780fd79d80c9654364b86,2024-07-18T12:28:43.707000 CVE-2024-6600,0,0,d38b8e15b440ec379e5d4dcf9d0495a2b72fd02b3eb8c13111cb9109e149894f,2024-10-29T20:35:38.603000 -CVE-2024-6601,0,0,1b3b880d323fbc5730a980592d9133d50798789725a5a19bb934e3d6e9a6650b,2024-10-30T20:35:39.587000 +CVE-2024-6601,0,1,eded72d3e710f3b0e57e4ae9a4dbc32b9eafdb732a3580497d546896b6e588ae,2024-12-06T18:15:27.460000 CVE-2024-6602,0,0,c299be732b5faae250c40cde3291efaa02e222cbecd5822e3c0ccdb13fb63ebe,2024-11-26T14:15:21.740000 CVE-2024-6603,0,0,69cec991ec6c96faca0e6549878f06a74d4f5b721edfdd20399a8cd286528c4f,2024-07-16T18:15:08.990000 CVE-2024-6604,0,0,9069e1e4303827c6bac2a3f980520353e2df4612754e7a70e6afd1b8541d78f4,2024-11-12T16:35:25.143000