admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-18T19:00:24.565357+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-18 19:00:28 +00:00
parent a83a66a0e4
commit 3051043523
47 changed files with 4764 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2022/CVE-2022-343xx/CVE-2022-34328.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34328",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-06-23T17:15:18.703",
"lastModified": "2022-06-29T22:13:31.537",
"lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E981975-6C97-4667-BDE0-AD97761BED46"
"criteria": "cpe:2.3:a:sigb:pmb:7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD81A48-F3BF-4BD6-98B4-F62D59AFDFD8"
}
]
}

1807
CVE-2023/CVE-2023-205xx/CVE-2023-20573.json
View File

File diff suppressed because it is too large Load Diff

6
CVE-2023/CVE-2023-247xx/CVE-2023-24733.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24733",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.080",
"lastModified": "2023-03-13T15:29:43.207",
"lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA"
"criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24734.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24734",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.130",
"lastModified": "2023-03-13T15:30:54.503",
"lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA"
"criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24735.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24735",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.183",
"lastModified": "2023-03-13T15:31:30.227",
"lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA"
"criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24736.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24736",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.237",
"lastModified": "2023-03-13T15:31:39.343",
"lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA"
"criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
}
]
}

6
CVE-2023/CVE-2023-247xx/CVE-2023-24737.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24737",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.290",
"lastModified": "2023-03-13T15:31:51.257",
"lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA"
"criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
}
]
}

55
CVE-2023/CVE-2023-289xx/CVE-2023-28900.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28900",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-01-18T17:15:13.737",
"lastModified": "2024-01-18T17:15:13.737",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/cve-2023-28900",
"source": "cve@asrg.io"
}
]
}

55
CVE-2023/CVE-2023-289xx/CVE-2023-28901.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28901",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-01-18T17:15:14.003",
"lastModified": "2024-01-18T17:15:14.003",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/cve-2023-28901/",
"source": "cve@asrg.io"
}
]
}

62
CVE-2023/CVE-2023-310xx/CVE-2023-31001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31001",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-11T03:15:09.413",
"lastModified": "2024-01-11T13:57:26.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:06:28.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "8D82D2F9-DC94-4E53-B39F-FC4F70FF7FC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "983FC857-A6E9-40CB-9FC9-A0298685DA96"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254653",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7106586",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-310xx/CVE-2023-31003.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31003",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-11T03:15:09.617",
"lastModified": "2024-01-11T13:57:26.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:06:42.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +80,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "8D82D2F9-DC94-4E53-B39F-FC4F70FF7FC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "983FC857-A6E9-40CB-9FC9-A0298685DA96"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254658",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7106586",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-312xx/CVE-2023-31274.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31274",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-18T18:15:08.253",
"lastModified": "2024-01-18T18:15:08.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service condition.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-772"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34348.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34348",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-18T18:15:08.457",
"lastModified": "2024-01-18T18:15:08.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-703"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

64
CVE-2023/CVE-2023-501xx/CVE-2023-50120.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50120",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-10T09:15:44.290",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:18:05.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Se descubri\u00f3 que MP4Box GPAC versi\u00f3n 2.3-DEV-rev636-gfbd7e13aa-master contiene un bucle infinito en la funci\u00f3n av1_uvlc en media_tools/av_parsers.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo MP4 manipulado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3:dev:*:*:*:*:*:*",
"matchCriteriaId": "0099B624-674B-4F45-9270-DD638617A1D1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2698",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

74
CVE-2023/CVE-2023-501xx/CVE-2023-50159.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-50159",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.070",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:56:59.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed."
},
{
"lang": "es",
"value": "En el agente ScaleFusion (aplicaci\u00f3n de escritorio de Windows) v10.5.2, las restricciones de la aplicaci\u00f3n en modo quiosco se pueden omitir permitiendo la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scalefusion:scalefusion:10.5.2:*:*:*:*:windows:*:*",
"matchCriteriaId": "B6D78BD9-C7BC-4669-8C06-7CA51F0C46BB"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-506xx/CVE-2023-50671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50671",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T17:15:08.557",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:54:54.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "En exiftags 1.01, nikon_prop1 en nikon.c tiene un desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria (escritura de tama\u00f1o 28) porque snprintf puede escribir en una direcci\u00f3n inesperada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aertherwide:exiftags:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "079E1C88-D076-45D8-AB81-D96FA3618C60"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.yulun.ac.cn/posts/2023/fuzzing-exiftags/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://johnst.org/sw/exiftags/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

74
CVE-2023/CVE-2023-517xx/CVE-2023-51748.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-51748",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.123",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:45:55.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used."
},
{
"lang": "es",
"value": "ScaleFusion 10.5.2 no limita adecuadamente a los usuarios a la aplicaci\u00f3n Edge porque se pueden usar Ctrl-O y Ctrl-S."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scalefusion:scalefusion:10.5.2:*:*:*:*:windows:*:*",
"matchCriteriaId": "B6D78BD9-C7BC-4669-8C06-7CA51F0C46BB"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-517xx/CVE-2023-51749.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-51749",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.167",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:54:46.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip."
},
{
"lang": "es",
"value": "ScaleFusion 10.5.2 no limita adecuadamente a los usuarios a la aplicaci\u00f3n Edge porque se puede realizar una b\u00fasqueda desde una informaci\u00f3n sobre herramientas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scalefusion:scalefusion:10.5.2:*:*:*:*:windows:*:*",
"matchCriteriaId": "B6D78BD9-C7BC-4669-8C06-7CA51F0C46BB"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-62xx/CVE-2023-6242.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6242",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T15:15:08.040",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:13:53.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.4 (for Pro) & 2.2.7 (for Free). This is due to missing or incorrect nonce validation on the evo_eventpost_update_meta function. This makes it possible for unauthenticated attackers to update arbitrary post metadata via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento EventON - WordPress Virtual Event Calendar Plugin para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta 4.5.4 (para Pro) y 2.2.7 (gratis), incluidas. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta en la funci\u00f3n evo_eventpost_update_meta. Esto hace posible que atacantes no autenticados actualicen metadatos de publicaciones arbitrarias a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -34,18 +58,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.5.5",
"matchCriteriaId": "E1574D07-2D5A-4157-80E0-113580C14106"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:eventon-lite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.8",
"matchCriteriaId": "85475E8F-96A3-4AB2-9B65-2AD335BDBD1A"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.myeventon.com/documentations/eventon-changelog/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3017578/eventon-lite/trunk/includes/admin/class-admin-ajax.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8e9a333-a6b7-4b5e-93c1-b95566e5d6fb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

109
CVE-2023/CVE-2023-64xx/CVE-2023-6476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6476",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-09T22:15:43.610",
"lastModified": "2024-01-17T21:15:11.600",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-18T18:16:25.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -50,22 +80,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "486B3F69-1551-4F8B-B25B-A5864248811B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0195",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0207",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6476",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253994",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-65xx/CVE-2023-6553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6553",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-12-15T11:15:47.837",
"lastModified": "2023-12-21T19:24:54.533",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-18T17:15:14.300",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,6 +89,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Remote-Command-Execution.html",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L118",
"source": "security@wordfence.com",

76
CVE-2023/CVE-2023-65xx/CVE-2023-6554.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-6554",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-11T16:15:54.300",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:35:46.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "When access to the \"admin\" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.\n\n\n\n"
},
{
"lang": "es",
"value": "Cuando el acceso a la carpeta \"admin\" no est\u00e1 protegido por algunos mecanismos de autorizaci\u00f3n externos, por ejemplo, Apache Basic Auth, cualquier usuario puede descargar informaci\u00f3n protegida, como las respuestas de los ex\u00e1menes."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -23,18 +60,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.1.0",
"matchCriteriaId": "64321385-1070-4132-822B-8711C20D749A"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-6554/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-6554/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://tcexam.org/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Product"
]
}
]
}

74
CVE-2023/CVE-2023-66xx/CVE-2023-6637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6637",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:50.753",
"lastModified": "2024-01-11T13:57:26.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:09:32.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,22 +58,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:daan:complete_analytics_optimization_suite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.7.15",
"matchCriteriaId": "C65FDD90-696B-431A-BA76-E6D94312B822"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/host-analyticsjs-local/tags/4.7.12/includes/class-caos.php#L414",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3008878/host-analyticsjs-local#file8",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3009011/host-analyticsjs-local#file5",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ec1fd03-f865-4f58-b63b-e70c0c7e701d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-66xx/CVE-2023-6638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6638",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:50.920",
"lastModified": "2024-01-11T13:57:26.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:16:43.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gutengeek:gg_woo_feed:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "70E25181-D330-44E8-972B-B32E01FC7587"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gg-woo-feed/trunk/inc/Admin/Admin.php?rev=2933599#L199",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce6b9b0a-e82e-459a-bddf-1c9354bcec00?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-67xx/CVE-2023-6751.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6751",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:51.817",
"lastModified": "2024-01-11T13:57:09.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:46:25.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hostinger:hostinger:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.9.7",
"matchCriteriaId": "63F308AA-42EC-4821-8279-02CE5AC994FF"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010008%40hostinger%2Ftrunk&old=3010004%40hostinger%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d89cf759-5e5f-43e2-90a9-a8e554653ee1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-69xx/CVE-2023-6934.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6934",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:53.417",
"lastModified": "2024-01-11T13:57:09.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:01:12.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.25.26",
"matchCriteriaId": "FD2EB5C0-4AFF-4A05-AE54-AB65BE769BF8"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.svn.wordpress.org/limit-login-attempts-reloaded/trunk/core/Shortcodes.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012447%40limit-login-attempts-reloaded%2Ftrunk&old=2995934%40limit-login-attempts-reloaded%2Ftrunk&sfp_email=&sfph_mail=#file2",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/906049c0-4710-47aa-bf44-cdf29032dc1f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-69xx/CVE-2023-6979.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6979",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:53.670",
"lastModified": "2024-01-11T13:57:09.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:04:44.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,26 +58,71 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cusrev:customer_reviews_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.38.9",
"matchCriteriaId": "2157BCF5-AA22-4AD3-BE5B-214FE6C4AE49"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.proton.me/urls/K4R2HDQBS0#iuTPm3NqZEdz",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/customer-reviews-woocommerce/trunk/includes/import-export/class-cr-reviews-importer.php#L35",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3016708%40customer-reviews-woocommerce&new=3016708%40customer-reviews-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3018507%40customer-reviews-woocommerce&new=3018507%40customer-reviews-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4af801db-44a6-4cd3-bd1a-3125490c8c48?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-69xx/CVE-2023-6988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6988",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:53.910",
"lastModified": "2024-01-11T13:57:09.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:13:30.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:extendthemes:colibri_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.239",
"matchCriteriaId": "3327623A-C2E0-48CC-9389-7456E5B997F6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.svn.wordpress.org/colibri-page-builder/trunk/extend-builder/shortcodes/render-js.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3013337%40colibri-page-builder&new=3013337%40colibri-page-builder&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-69xx/CVE-2023-6990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6990",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:54.173",
"lastModified": "2024-01-11T13:57:09.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:34:58.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.3.0",
"matchCriteriaId": "F59C021B-5840-41D4-ACF1-94B678A59246"
}
]
}
]
}
],
"references": [
{
"url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=212828%40weaver-xtreme&new=212828%40weaver-xtreme&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc7384d7-c2fd-4d63-9b80-bb5bde9a23d5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-70xx/CVE-2023-7071.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7071",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:55.540",
"lastModified": "2024-01-11T13:57:09.767",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:36:11.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.4.6",
"matchCriteriaId": "930A9E1A-0BBA-4D12-9783-C4CC15C65641"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-blocks/trunk/blocks/TableOfContents.php#L138",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3018547/essential-blocks/tags/4.4.7/blocks/TableOfContents.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f969cb24-734f-46e5-a74d-fddf8e61e096?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-72xx/CVE-2023-7226.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7226",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T21:15:12.030",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:56:22.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +105,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meiyou:big_whale:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB11D59C-4742-4B29-96BA-476A63EADC66"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/meetyoucrop/big-whale/issues/I6N31K",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250232",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250232",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-02xx/CVE-2024-0227.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0227",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2024-01-11T20:15:44.003",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:32:10.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tinfoilsecurity:devise-two-factor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"matchCriteriaId": "DF8EF295-A0A5-43B8-8439-5D2D24124D07"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/devise-two-factor/devise-two-factor/security/advisories/GHSA-chcr-x7hc-8fp8",
"source": "disclosure@synopsys.com"
"source": "disclosure@synopsys.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

60
CVE-2024/CVE-2024-04xx/CVE-2024-0411.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0411",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T17:15:08.617",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:46:08.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dsmall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.1.0",
"matchCriteriaId": "838F429A-CC3F-492C-8605-559E8BE2E507"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/9G6K6RBjS4M4",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250431",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.250431",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

63
CVE-2024/CVE-2024-04xx/CVE-2024-0419.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0419",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T19:15:13.293",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:27:23.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,22 +95,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:httpdx_project:httpdx:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5.4",
"matchCriteriaId": "7800939E-B43E-4806-8B3D-C3C8244E1A06"
}
]
}
]
}
],
"references": [
{
"url": "https://cxsecurity.com/issue/WLB-2024010027",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250439",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250439",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=6dAWGH0-6TY",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}
]
}

52
CVE-2024/CVE-2024-04xx/CVE-2024-0429.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0429",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-11T16:15:54.683",
"lastModified": "2024-01-11T16:34:20.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:26:20.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A denial service vulnerability has been found on \u00a0Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler (SEH) records resulting in a service shutdown."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio en Hex Workshop que afecta a la versi\u00f3n 6.7, un atacante podr\u00eda enviar argumentos de un archivo de l\u00ednea de comando y controlar los registros del Structured Exception Handler (SEH), lo que resultar\u00eda en el cierre del servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +70,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bpsoft:hex_workshop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.0",
"versionEndIncluding": "6.7.3",
"matchCriteriaId": "6DF2435B-859F-477A-8565-37B606A7FD2A"
}
]
}
]
}
],
"references": [
{
"url": "https://https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-hex-workshop",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Broken Link"
]
}
]
}

15
CVE-2024/CVE-2024-06xx/CVE-2024-0694.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2024-0694",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T18:15:08.647",
"lastModified": "2024-01-18T18:15:08.647",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6620. Reason: This candidate is a reservation duplicate of CVE-2023-6620. Notes: All CVE users should reference CVE-2023-6620 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

397
CVE-2024/CVE-2024-216xx/CVE-2024-21612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21612",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:49.457",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:59:32.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,373 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.2",
"matchCriteriaId": "9C14B5A6-597A-4181-8C42-392A2E4605BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "620B0CDD-5566-472E-B96A-31D2C12E3120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "4EC38173-44AB-43D5-8C27-CB43AD5E0B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5A4DD04A-DE52-46BE-8C34-8DB47F7500F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "FEE0E145-8E1C-446E-90ED-237E3B9CAF47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "0F26369D-21B2-4C6A-98C1-492692A61283"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "24003819-1A6B-4BDF-B3DF-34751C137788"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "BF8D332E-9133-45B9-BB07-B33C790F737A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "3E2A4377-D044-4E43-B6CC-B753D7F6ABD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8DAEC4F4-5748-4D36-A72B-4C62A0A30E38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "C76DA7A5-9320-4E21-96A2-ACE70803A1CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "703C73EB-2D63-4D4F-8129-239AE1E96B2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "8F67CE3C-3A06-487C-90DE-D5B3B1EC08A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C16434C0-21A7-4CE5-92E1-7D60A35EF5D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "236E23E5-8B04-4081-9D97-7300DF284000"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "5FC96EA7-90A7-4838-B95D-60DBC88C7BC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "97541867-C52F-40BB-9AAE-7E87ED23D789"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "85CF6664-E35A-4E9B-95C0-CDC91F7F331A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "E048A05D-882F-4B1C-BA32-3BBA3FEA31A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "47E8D51D-1424-4B07-B036-E3E195F21AC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "6F3C82ED-5728-406F-ACF6-D7411B0AB6C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "1475A58F-1515-4492-B5A3-BE40C30E5B14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75753",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
}
]
}

161
CVE-2024/CVE-2024-216xx/CVE-2024-21614.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21614",
"sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:49.837",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:56:50.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
@ -50,14 +80,137 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"
}
]
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA75755",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net"
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
}
]
}

180
CVE-2024/CVE-2024-217xx/CVE-2024-21773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21773",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.560",
"lastModified": "2024-01-11T13:57:26.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:08:43.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,27 +14,191 @@
"value": "M\u00faltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red con acceso al producto ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware Deco X50 anteriores a \"Deco X50(JP)_V1_1.4.1 Build 20231122\" y versiones de firmware Deco XE200 anteriores a \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "5E511835-B9F8-48F6-85D0-92BD9EF6B93C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60E38020-7C23-4B8E-B04C-DCC67A386004"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "116BFAEE-8C19-4101-9754-CD55C951AA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76D439C9-D0A9-40C5-A91A-3FE205A0139D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_x50_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.1",
"matchCriteriaId": "49F92855-4C16-4785-BCB0-DF648574AE5B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_x50:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B07192F7-E04C-43BA-9452-B970EF8796A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_xe200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.5",
"matchCriteriaId": "1E38052E-2386-4DE1-9E3C-E6C39B2720A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_xe200:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92D840AF-F273-4B48-B8A2-4081E3D484A6"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

147
CVE-2024/CVE-2024-218xx/CVE-2024-21821.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21821",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.633",
"lastModified": "2024-01-11T13:57:26.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T17:08:35.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,156 @@
"value": "M\u00faltiples productos TP-LINK permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware de Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", versiones de firmware de Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\" y firmware de Archer AXE75 versiones anteriores a \"Archer AXE75(JP)_V1_231115\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "5E511835-B9F8-48F6-85D0-92BD9EF6B93C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60E38020-7C23-4B8E-B04C-DCC67A386004"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "116BFAEE-8C19-4101-9754-CD55C951AA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76D439C9-D0A9-40C5-A91A-3FE205A0139D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.9",
"matchCriteriaId": "A08D2944-9064-46DC-91AC-9E6BC1BA274A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_axe75:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB55E594-03BC-425B-8CED-A7DC00A2DCBD"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

213
CVE-2024/CVE-2024-218xx/CVE-2024-21833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21833",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.683",
"lastModified": "2024-01-11T13:57:26.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-18T18:26:59.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,226 @@
"value": "M\u00faltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red con acceso al producto ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware de Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware de Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware de Archer AXE75 anteriores a \"Archer AXE75(JP)_V1_231115\", versiones de firmware Deco X50 anteriores a \"Deco X50(JP)_V1_1.4.1 Build 20231122\" y versiones de firmware Deco XE200 anteriores a \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "5E511835-B9F8-48F6-85D0-92BD9EF6B93C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60E38020-7C23-4B8E-B04C-DCC67A386004"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "116BFAEE-8C19-4101-9754-CD55C951AA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76D439C9-D0A9-40C5-A91A-3FE205A0139D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_x50_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.1",
"matchCriteriaId": "49F92855-4C16-4785-BCB0-DF648574AE5B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_x50:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B07192F7-E04C-43BA-9452-B970EF8796A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_xe200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.5",
"matchCriteriaId": "1E38052E-2386-4DE1-9E3C-E6C39B2720A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_xe200:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92D840AF-F273-4B48-B8A2-4081E3D484A6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.9",
"matchCriteriaId": "A08D2944-9064-46DC-91AC-9E6BC1BA274A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_axe75:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB55E594-03BC-425B-8CED-A7DC00A2DCBD"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

20
CVE-2024/CVE-2024-226xx/CVE-2024-22601.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22601",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.417",
"lastModified": "2024-01-18T17:15:14.417",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ljw11e/cms/blob/main/5.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-226xx/CVE-2024-22603.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22603",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.480",
"lastModified": "2024-01-18T17:15:14.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ljw11e/cms/blob/main/4.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-228xx/CVE-2024-22817.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22817",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.530",
"lastModified": "2024-01-18T17:15:14.530",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mafangqian/cms/blob/main/1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-228xx/CVE-2024-22818.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22818",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.577",
"lastModified": "2024-01-18T17:15:14.577",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mafangqian/cms/blob/main/3.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-228xx/CVE-2024-22819.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22819",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.623",
"lastModified": "2024-01-18T17:15:14.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mafangqian/cms/blob/main/2.md",
"source": "cve@mitre.org"
}
]
}

85
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-18T17:00:24.680887+00:00
2024-01-18T19:00:24.565357+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-18T16:54:56.383000+00:00
2024-01-18T18:59:32.627000+00:00
```
### Last Data Feed Release
@ -29,59 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236306
236316
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `10`
* [CVE-2021-33630](CVE-2021/CVE-2021-336xx/CVE-2021-33630.json) (`2024-01-18T15:15:08.653`)
* [CVE-2021-33631](CVE-2021/CVE-2021-336xx/CVE-2021-33631.json) (`2024-01-18T15:15:08.860`)
* [CVE-2023-40051](CVE-2023/CVE-2023-400xx/CVE-2023-40051.json) (`2024-01-18T15:15:09.060`)
* [CVE-2023-40052](CVE-2023/CVE-2023-400xx/CVE-2023-40052.json) (`2024-01-18T15:15:09.247`)
* [CVE-2023-7153](CVE-2023/CVE-2023-71xx/CVE-2023-7153.json) (`2024-01-18T15:15:09.430`)
* [CVE-2024-22548](CVE-2024/CVE-2024-225xx/CVE-2024-22548.json) (`2024-01-18T15:15:09.623`)
* [CVE-2024-22549](CVE-2024/CVE-2024-225xx/CVE-2024-22549.json) (`2024-01-18T15:15:09.670`)
* [CVE-2024-22568](CVE-2024/CVE-2024-225xx/CVE-2024-22568.json) (`2024-01-18T15:15:09.717`)
* [CVE-2024-22591](CVE-2024/CVE-2024-225xx/CVE-2024-22591.json) (`2024-01-18T15:15:09.763`)
* [CVE-2024-22592](CVE-2024/CVE-2024-225xx/CVE-2024-22592.json) (`2024-01-18T15:15:09.813`)
* [CVE-2024-22593](CVE-2024/CVE-2024-225xx/CVE-2024-22593.json) (`2024-01-18T15:15:09.853`)
* [CVE-2024-0408](CVE-2024/CVE-2024-04xx/CVE-2024-0408.json) (`2024-01-18T16:15:08.380`)
* [CVE-2024-0409](CVE-2024/CVE-2024-04xx/CVE-2024-0409.json) (`2024-01-18T16:15:08.593`)
* [CVE-2024-0607](CVE-2024/CVE-2024-06xx/CVE-2024-0607.json) (`2024-01-18T16:15:08.690`)
* [CVE-2024-22699](CVE-2024/CVE-2024-226xx/CVE-2024-22699.json) (`2024-01-18T16:15:09.020`)
* [CVE-2023-28900](CVE-2023/CVE-2023-289xx/CVE-2023-28900.json) (`2024-01-18T17:15:13.737`)
* [CVE-2023-28901](CVE-2023/CVE-2023-289xx/CVE-2023-28901.json) (`2024-01-18T17:15:14.003`)
* [CVE-2023-31274](CVE-2023/CVE-2023-312xx/CVE-2023-31274.json) (`2024-01-18T18:15:08.253`)
* [CVE-2023-34348](CVE-2023/CVE-2023-343xx/CVE-2023-34348.json) (`2024-01-18T18:15:08.457`)
* [CVE-2024-22601](CVE-2024/CVE-2024-226xx/CVE-2024-22601.json) (`2024-01-18T17:15:14.417`)
* [CVE-2024-22603](CVE-2024/CVE-2024-226xx/CVE-2024-22603.json) (`2024-01-18T17:15:14.480`)
* [CVE-2024-22817](CVE-2024/CVE-2024-228xx/CVE-2024-22817.json) (`2024-01-18T17:15:14.530`)
* [CVE-2024-22818](CVE-2024/CVE-2024-228xx/CVE-2024-22818.json) (`2024-01-18T17:15:14.577`)
* [CVE-2024-22819](CVE-2024/CVE-2024-228xx/CVE-2024-22819.json) (`2024-01-18T17:15:14.623`)
* [CVE-2024-0694](CVE-2024/CVE-2024-06xx/CVE-2024-0694.json) (`2024-01-18T18:15:08.647`)
### CVEs modified in the last Commit
Recently modified CVEs: `35`
Recently modified CVEs: `36`
* [CVE-2023-37932](CVE-2023/CVE-2023-379xx/CVE-2023-37932.json) (`2024-01-18T15:50:39.943`)
* [CVE-2023-5770](CVE-2023/CVE-2023-57xx/CVE-2023-5770.json) (`2024-01-18T15:54:37.647`)
* [CVE-2023-6938](CVE-2023/CVE-2023-69xx/CVE-2023-6938.json) (`2024-01-18T15:57:39.827`)
* [CVE-2023-5118](CVE-2023/CVE-2023-51xx/CVE-2023-5118.json) (`2024-01-18T16:01:37.653`)
* [CVE-2023-6782](CVE-2023/CVE-2023-67xx/CVE-2023-6782.json) (`2024-01-18T16:11:09.587`)
* [CVE-2023-6875](CVE-2023/CVE-2023-68xx/CVE-2023-6875.json) (`2024-01-18T16:11:25.827`)
* [CVE-2023-6244](CVE-2023/CVE-2023-62xx/CVE-2023-6244.json) (`2024-01-18T16:13:00.490`)
* [CVE-2023-6776](CVE-2023/CVE-2023-67xx/CVE-2023-6776.json) (`2024-01-18T16:24:38.070`)
* [CVE-2023-6781](CVE-2023/CVE-2023-67xx/CVE-2023-6781.json) (`2024-01-18T16:24:52.810`)
* [CVE-2023-6878](CVE-2023/CVE-2023-68xx/CVE-2023-6878.json) (`2024-01-18T16:34:53.617`)
* [CVE-2023-6924](CVE-2023/CVE-2023-69xx/CVE-2023-6924.json) (`2024-01-18T16:42:06.183`)
* [CVE-2023-6882](CVE-2023/CVE-2023-68xx/CVE-2023-6882.json) (`2024-01-18T16:43:49.213`)
* [CVE-2024-22942](CVE-2024/CVE-2024-229xx/CVE-2024-22942.json) (`2024-01-18T15:15:47.273`)
* [CVE-2024-23057](CVE-2024/CVE-2024-230xx/CVE-2024-23057.json) (`2024-01-18T15:16:24.097`)
* [CVE-2024-23058](CVE-2024/CVE-2024-230xx/CVE-2024-23058.json) (`2024-01-18T15:16:50.140`)
* [CVE-2024-23059](CVE-2024/CVE-2024-230xx/CVE-2024-23059.json) (`2024-01-18T15:17:14.453`)
* [CVE-2024-23060](CVE-2024/CVE-2024-230xx/CVE-2024-23060.json) (`2024-01-18T15:17:35.587`)
* [CVE-2024-23061](CVE-2024/CVE-2024-230xx/CVE-2024-23061.json) (`2024-01-18T15:18:14.357`)
* [CVE-2024-0461](CVE-2024/CVE-2024-04xx/CVE-2024-0461.json) (`2024-01-18T15:36:57.897`)
* [CVE-2024-0462](CVE-2024/CVE-2024-04xx/CVE-2024-0462.json) (`2024-01-18T15:37:50.997`)
* [CVE-2024-0463](CVE-2024/CVE-2024-04xx/CVE-2024-0463.json) (`2024-01-18T15:38:05.047`)
* [CVE-2024-0467](CVE-2024/CVE-2024-04xx/CVE-2024-0467.json) (`2024-01-18T15:38:31.063`)
* [CVE-2024-22317](CVE-2024/CVE-2024-223xx/CVE-2024-22317.json) (`2024-01-18T15:50:54.810`)
* [CVE-2024-22191](CVE-2024/CVE-2024-221xx/CVE-2024-22191.json) (`2024-01-18T16:15:08.920`)
* [CVE-2024-22199](CVE-2024/CVE-2024-221xx/CVE-2024-22199.json) (`2024-01-18T16:54:56.383`)
* [CVE-2023-6554](CVE-2023/CVE-2023-65xx/CVE-2023-6554.json) (`2024-01-18T17:35:46.637`)
* [CVE-2023-7071](CVE-2023/CVE-2023-70xx/CVE-2023-7071.json) (`2024-01-18T17:36:11.930`)
* [CVE-2023-20573](CVE-2023/CVE-2023-205xx/CVE-2023-20573.json) (`2024-01-18T17:39:02.430`)
* [CVE-2023-6751](CVE-2023/CVE-2023-67xx/CVE-2023-6751.json) (`2024-01-18T17:46:25.627`)
* [CVE-2023-50159](CVE-2023/CVE-2023-501xx/CVE-2023-50159.json) (`2024-01-18T17:56:59.883`)
* [CVE-2023-24733](CVE-2023/CVE-2023-247xx/CVE-2023-24733.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-24734](CVE-2023/CVE-2023-247xx/CVE-2023-24734.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-24735](CVE-2023/CVE-2023-247xx/CVE-2023-24735.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-24736](CVE-2023/CVE-2023-247xx/CVE-2023-24736.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-24737](CVE-2023/CVE-2023-247xx/CVE-2023-24737.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-6242](CVE-2023/CVE-2023-62xx/CVE-2023-6242.json) (`2024-01-18T18:13:53.840`)
* [CVE-2023-6476](CVE-2023/CVE-2023-64xx/CVE-2023-6476.json) (`2024-01-18T18:16:25.947`)
* [CVE-2023-51748](CVE-2023/CVE-2023-517xx/CVE-2023-51748.json) (`2024-01-18T18:45:55.020`)
* [CVE-2023-51749](CVE-2023/CVE-2023-517xx/CVE-2023-51749.json) (`2024-01-18T18:54:46.507`)
* [CVE-2023-50671](CVE-2023/CVE-2023-506xx/CVE-2023-50671.json) (`2024-01-18T18:54:54.863`)
* [CVE-2023-7226](CVE-2023/CVE-2023-72xx/CVE-2023-7226.json) (`2024-01-18T18:56:22.977`)
* [CVE-2024-21821](CVE-2024/CVE-2024-218xx/CVE-2024-21821.json) (`2024-01-18T17:08:35.830`)
* [CVE-2024-21773](CVE-2024/CVE-2024-217xx/CVE-2024-21773.json) (`2024-01-18T17:08:43.260`)
* [CVE-2024-0429](CVE-2024/CVE-2024-04xx/CVE-2024-0429.json) (`2024-01-18T17:26:20.573`)
* [CVE-2024-21833](CVE-2024/CVE-2024-218xx/CVE-2024-21833.json) (`2024-01-18T18:26:59.627`)
* [CVE-2024-0419](CVE-2024/CVE-2024-04xx/CVE-2024-0419.json) (`2024-01-18T18:27:23.807`)
* [CVE-2024-0227](CVE-2024/CVE-2024-02xx/CVE-2024-0227.json) (`2024-01-18T18:32:10.307`)
* [CVE-2024-0411](CVE-2024/CVE-2024-04xx/CVE-2024-0411.json) (`2024-01-18T18:46:08.967`)
* [CVE-2024-21614](CVE-2024/CVE-2024-216xx/CVE-2024-21614.json) (`2024-01-18T18:56:50.410`)
* [CVE-2024-21612](CVE-2024/CVE-2024-216xx/CVE-2024-21612.json) (`2024-01-18T18:59:32.627`)
## Download and Usage