admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-05T19:00:26.677795+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-05 19:00:30 +00:00
parent c071aad507
commit 30c49c2b95
59 changed files with 2093 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2021/CVE-2021-38xx/CVE-2021-3882.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3882",
"sourceIdentifier": "security@huntr.dev",
"published": "2021-10-14T09:15:08.427",
"lastModified": "2022-10-27T13:04:07.990",
"lastModified": "2024-02-05T17:14:03.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -116,8 +116,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A2CC6F62-AA97-4E51-A8AD-39EA265C0067"
"criteria": "cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.8.0",
"versionEndExcluding": "1.8.22",
"matchCriteriaId": "FE34EF1E-8A98-462C-8D5F-B095F845B9F6"
}
]
}

6
CVE-2023/CVE-2023-00xx/CVE-2023-0099.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-0099",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-02-13T15:15:20.660",
"lastModified": "2023-11-07T03:59:39.247",
"lastModified": "2024-02-05T17:15:08.383",
"vulnStatus": "Modified",
"descriptions": [
{
@ -53,6 +53,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176983/WordPress-Simple-URLs-Cross-Site-Scripting.html",
"source": "contact@wpscan.com"
},
{
"url": "https://wpscan.com/vulnerability/fd50f2d6-e420-4220-b485-73f33227e8f8",
"source": "contact@wpscan.com",

8
CVE-2023/CVE-2023-357xx/CVE-2023-35759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35759",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T20:15:09.307",
"lastModified": "2023-07-03T16:24:39.053",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-05T17:15:08.490",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -65,6 +65,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176978/WhatsUp-Gold-2022-22.1.0-Build-39-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
},
{
"url": "https://community.progress.com/s/article/Product-Alert-Bulletin-June-2023",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-360xx/CVE-2023-36085.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36085",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:28.223",
"lastModified": "2023-10-31T15:22:17.323",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-05T17:15:08.577",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -70,6 +70,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176991/SISQUAL-WFM-7.1.319.103-Host-Header-Injection.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/omershaik0/Handmade_Exploits/tree/main/SISQUALWFM-Host-Header-Injection-CVE-2023-36085",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-373xx/CVE-2023-37307.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37307",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T17:15:09.800",
"lastModified": "2024-01-09T03:07:46.333",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-05T17:15:08.680",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -65,6 +65,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176975/MISP-2.4.171-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/MISP/MISP/commit/286c84fab0047726a6a396ceefaae1bb666fc485",
"source": "cve@mitre.org",

63
CVE-2023/CVE-2023-375xx/CVE-2023-37518.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-37518",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-30T16:15:46.330",
"lastModified": "2024-01-30T20:49:05.470",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:21:28.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker could inject arbitrary code and execute within the context of the running user.\n"
},
{
"lang": "es",
"value": "HCL BigFix ServiceNow es vulnerable a la inyecci\u00f3n de c\u00f3digo arbitrario. Un atacante malicioso autorizado podr\u00eda inyectar c\u00f3digo arbitrario y ejecutarlo dentro del contexto del usuario que lo ejecuta."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -34,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_servicenow_data_flow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "E2D1633B-A3AB-454A-A0CC-8A768CC4EAB4"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110202",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-375xx/CVE-2023-37571.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37571",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T01:15:58.803",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:26:05.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "Softing TH SCOPE hasta 3,70 permite XSS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softing:th_scope:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.70.1",
"matchCriteriaId": "968D0EBF-12CA-47FB-9204-C38D03D377FA"
}
]
}
]
}
],
"references": [
{
"url": "https://industrial.softing.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/2024/syt-2024-1.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-405xx/CVE-2023-40551.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40551",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-29T17:15:08.970",
"lastModified": "2024-01-29T17:39:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:18:17.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en el formato binario MZ en Shim. Es posible que se produzca una lectura fuera de los l\u00edmites, lo que provocar\u00e1 un bloqueo o una posible exposici\u00f3n de datos confidenciales durante la fase de inicio del sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -46,14 +80,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:shim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.8",
"matchCriteriaId": "01639865-3664-4034-BCFB-F4E09AF37F28"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-40551",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-432xx/CVE-2023-43261.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43261",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-04T12:15:10.627",
"lastModified": "2023-11-07T04:21:19.010",
"lastModified": "2024-02-05T17:15:08.780",
"vulnStatus": "Modified",
"descriptions": [
{
@ -210,6 +210,10 @@
"Product"
]
},
{
"url": "http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html",
"source": "cve@mitre.org"
},
{
"url": "http://ur5x.com",
"source": "cve@mitre.org",

75
CVE-2023/CVE-2023-45xx/CVE-2023-4550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4550",
"sourceIdentifier": "security@opentext.com",
"published": "2024-01-29T21:15:08.670",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:30:53.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -54,10 +84,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "21.2",
"versionEndExcluding": "23.2",
"matchCriteriaId": "8F278A97-1D94-451A-8563-6ADB44E5EBAB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Permissions Required"
]
}
]
}

4
CVE-2023/CVE-2023-473xx/CVE-2023-47355.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47355",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T16:15:54.910",
"lastModified": "2024-02-05T16:15:54.910",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-490xx/CVE-2023-49084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49084",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-21T23:15:09.337",
"lastModified": "2023-12-29T19:09:31.373",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-05T17:15:08.910",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -88,6 +88,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp",
"source": "security-advisories@github.com",

8
CVE-2023/CVE-2023-490xx/CVE-2023-49085.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49085",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T17:15:07.990",
"lastModified": "2023-12-29T18:48:22.363",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-05T17:15:09.060",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,6 +89,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176995/Cacti-pollers.php-SQL-Injection-Remote-Code-Execution.html",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/pollers.php#L451",
"source": "security-advisories@github.com",

64
CVE-2023/CVE-2023-518xx/CVE-2023-51813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51813",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T01:15:58.873",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:39:54.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Vulnerabilidad de Cross Site Request Forgery (CSRF) en Free Open-Source Inventory Management System v.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro staff_list en el componente index.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:free_and_open_source_inventory_management_system_project:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4E30A0-0847-427A-9B08-FB699FCC7958"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xxxxfang/CVE-Apply/blob/main/csrf-1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-518xx/CVE-2023-51837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51837",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T01:15:58.920",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:26:18.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,80 @@
"value": "Ylianst MeshCentral 1.1.16 es vulnerable a la falta de validaci\u00f3n del certificado SSL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meshcentral:meshcentral:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "D0850EE8-C5B7-4024-B48F-D0E4D2626AA9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Ylianst/MeshCentral/blob/master/mpsserver.js",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/tianjk99/Cryptographic-Misuses/blob/main/Bug_MeshCentral.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-51837.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-518xx/CVE-2023-51843.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51843",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T01:15:58.967",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:54:19.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,80 @@
"value": "react-dashboard 1.4.0 es vulnerable a Cross Site Scripting (XSS) ya que httpOnly no est\u00e1 configurado."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flatlogic:react_dashboard:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD546A44-7F1A-4D13-9AF4-2D04C0BA7F7F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/flatlogic/react-dashboard",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/flatlogic/react-dashboard/issues/65",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-51843.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-518xx/CVE-2023-51885.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-51885",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T17:15:08.257",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T17:43:38.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de b\u00fafer en Mathtex v.1.05 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la longitud del componente de cadena LaTeX."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ctan:mathtex:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05",
"matchCriteriaId": "813741B4-82DA-4CEF-AC14-13D54FA54A13"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://blog.yulun.ac.cn/posts/2023/fuzzing-mathtex/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-518xx/CVE-2023-51886.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-51886",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T17:15:08.313",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T17:38:03.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote attacker to cause a denial of service when using \\convertpath."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de b\u00fafer en la funci\u00f3n main() en Mathtex 1.05 y anteriores permite a un atacante remoto provocar una denegaci\u00f3n de servicio al utilizar \\convertpath."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ctan:mathtex:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05",
"matchCriteriaId": "813741B4-82DA-4CEF-AC14-13D54FA54A13"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://blog.yulun.ac.cn/posts/2023/fuzzing-mathtex/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-518xx/CVE-2023-51887.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-51887",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T17:15:08.360",
"lastModified": "2024-01-24T18:45:34.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T17:29:49.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de comandos en Mathtex v.1.05 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena manipulada en la URL de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ctan:mathtex:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.05",
"matchCriteriaId": "813741B4-82DA-4CEF-AC14-13D54FA54A13"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://blog.yulun.ac.cn/posts/2023/fuzzing-mathtex/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-521xx/CVE-2023-52138.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52138",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-05T15:15:08.393",
"lastModified": "2024-02-05T15:15:08.393",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:58.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-60xx/CVE-2023-6028.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6028",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-02-05T18:15:51.670",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A reflected\ncross-site scripting (XSS) vulnerability exists in the SVG version of System\nDiagnostics Manager of B&R Automation Runtime versions <= G4.93 that\nenables a remote attacker to execute arbitrary JavaScript code in the context\nof the attacked user\u2019s browser session.\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cybersecurity@ch.abb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.br-automation.com/fileadmin/SA23P018_SDM_Web_interface_vulnerable_to_XSS-1d75bee8.pdf",
"source": "cybersecurity@ch.abb.com"
}
]
}

59
CVE-2023/CVE-2023-68xx/CVE-2023-6874.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-6874",
"sourceIdentifier": "product-security@silabs.com",
"published": "2024-02-05T18:15:51.877",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://community.silabs.com/069Vm000000WXaOIAW",
"source": "product-security@silabs.com"
},
{
"url": "https://github.com/SiliconLabs/gecko_sdk",
"source": "product-security@silabs.com"
}
]
}

69
CVE-2023/CVE-2023-72xx/CVE-2023-7200.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-7200",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-29T15:15:09.943",
"lastModified": "2024-01-29T16:19:11.720",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T17:53:25.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The EventON WordPress plugin before 4.4.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
},
{
"lang": "es",
"value": "El complemento EventON de WordPress anterior a 4.4.1 no sanitiza ni escapa un par\u00e1metro antes de devolverlo a la p\u00e1gina, lo que genera cross site scripting reflejado que podr\u00eda usarse contra usuarios con privilegios elevados, como el administrador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.4.1",
"matchCriteriaId": "8CC72007-9F65-4225-8741-89CDDF3B6528"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/586cf0a5-515c-43ea-8c03-f2f47ed13c2c/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-72xx/CVE-2023-7216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7216",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-02-05T15:15:08.903",
"lastModified": "2024-02-05T15:15:08.903",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2024/CVE-2024-03xx/CVE-2024-0323.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-0323",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2024-02-05T16:15:54.980",
"lastModified": "2024-02-05T16:15:54.980",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The FTP server used on the B&R\nAutomation Runtime supports unsecure encryption mechanisms, such as SSLv3,\nTLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct\nman-in-the-middle attacks or to decrypt communications between the affected product\nclients. \u00a0\n\n\n\n\n\n\n\n"
"value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation Automation Runtime (SDM modules).\n\n\n\nThe FTP server used on the B&R\nAutomation Runtime supports unsecure encryption mechanisms, such as SSLv3,\nTLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct\nman-in-the-middle attacks or to decrypt communications between the affected product\nclients. \u00a0\n\nThis issue affects Automation Runtime: from 14.0 before 14.93.\n\n"
}
],
"metrics": {

20
CVE-2024/CVE-2024-09xx/CVE-2024-0953.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-0953",
"sourceIdentifier": "security@mozilla.org",
"published": "2024-02-05T17:15:09.320",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1837916",
"source": "security@mozilla.org"
}
]
}

64
CVE-2024/CVE-2024-10xx/CVE-2024-1016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1016",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-29T18:15:07.800",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T17:25:50.500",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexbyte:solar_ftp_server:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C665670B-DF79-46E6-B9A4-94B984FB7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexbyte:solar_ftp_server:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B5182FD-2DED-42A0-99A3-C202127388D6"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/176675/Solar-FTP-Server-2.1.2-Denial-Of-Service.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.252286",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252286",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-10xx/CVE-2024-1018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1018",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-29T20:15:15.197",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:33:53.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pbootcms:pbootcms:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDF9D3D-6DA4-4E0F-B5EF-E6424FF557A7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/1MurasaKi/PboostCMS_XSS/blob/main/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.252288",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252288",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-10xx/CVE-2024-1032.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1032",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T14:15:47.577",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:31:07.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252307."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en openBI hasta 1.0.8 y clasificada como cr\u00edtica. La funci\u00f3n testConnection del archivo /application/index/controller/Databasesource.php del componente Test Connection Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a la deserializaci\u00f3n. El ataque se puede lanzar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-252307."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbi_project:openbi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "4D40C68D-DE97-41EC-AFF0-76E4EBCE8D51"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/6ISYe2urjlkI",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.252307",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.252307",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

73
CVE-2024/CVE-2024-10xx/CVE-2024-1033.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1033",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T14:15:47.853",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:25:49.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected by this issue is the function agent of the file /application/index/controller/Datament.php. The manipulation of the argument api leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252308."
},
{
"lang": "es",
"value": "Una vulnerabilidad clasificada como problem\u00e1tica fue encontrada en openBI hasta 1.0.8. La funci\u00f3n agente del archivo /application/index/controller/Datament.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento api conduce a la divulgaci\u00f3n de informaci\u00f3n. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-252308."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -61,8 +85,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +105,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbi_project:openbi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "4D40C68D-DE97-41EC-AFF0-76E4EBCE8D51"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/nD654ot6zRQZ",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.252308",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252308",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-10xx/CVE-2024-1034.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1034",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T15:15:08.933",
"lastModified": "2024-01-30T15:22:14.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:35:52.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadFile of the file /application/index/controller/File.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252309 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en openBI hasta 1.0.8 y clasificada como cr\u00edtica. Esto afecta la funci\u00f3n uploadFile del archivo /application/index/controller/File.php. La manipulaci\u00f3n conduce a una carga sin restricciones. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-252309."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +105,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbi_project:openbi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "4D40C68D-DE97-41EC-AFF0-76E4EBCE8D51"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/ABYkFE4wRPW5",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.252309",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252309",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-10xx/CVE-2024-1035.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-1035",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-30T16:15:47.350",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:30:58.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function uploadIcon of the file /application/index/controller/Icon.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252310 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en openBI hasta 1.0.8 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n uploadIcon del archivo /application/index/controller/Icon.php. La manipulaci\u00f3n del argumento image conduce a una carga sin restricciones. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-252310 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbi_project:openbi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.8",
"matchCriteriaId": "4D40C68D-DE97-41EC-AFF0-76E4EBCE8D51"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/AIbnbytIW9Bq",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.252310",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252310",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-10xx/CVE-2024-1061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1061",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-01-30T09:15:48.367",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:21:08.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.5.25",
"matchCriteriaId": "C6AAA38F-4C05-4095-83D1-764D7F94D738"
}
]
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2024-02",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-10xx/CVE-2024-1063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1063",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2024-01-30T10:15:09.267",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:25:57.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:appwrite:appwrite:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4.13",
"matchCriteriaId": "FA4B7AEE-A673-44D1-92FB-4EDB4A3E0682"
}
]
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/research/tra-2024-03",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2024/CVE-2024-216xx/CVE-2024-21626.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21626",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-31T22:15:53.780",
"lastModified": "2024-02-02T12:15:49.553",
"lastModified": "2024-02-05T17:15:09.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -55,6 +55,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html",
"source": "security-advisories@github.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/01/1",
"source": "security-advisories@github.com"

115
CVE-2024/CVE-2024-219xx/CVE-2024-21985.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-21985",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2024-01-26T16:15:22.597",
"lastModified": "2024-01-26T16:33:07.620",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:32:52.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 \nand 9.13.1P4 are susceptible to a vulnerability which could allow an \nauthenticated user with multiple remote accounts with differing roles to\n perform actions via REST API beyond their intended privilege. Possible \nactions include viewing limited configuration details and metrics or \nmodifying limited settings, some of which could result in a Denial of \nService (DoS).\n\n\n\n"
},
{
"lang": "es",
"value": "Las versiones de ONTAP 9 anteriores a 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 y 9.13.1P4 son susceptibles a una vulnerabilidad que podr\u00eda permitir a un usuario autenticado con m\u00faltiples cuentas remotas con diferentes roles realizar acciones a trav\u00e9s de la API REST m\u00e1s all\u00e1 de su privilegio pretendido. Las posibles acciones incluyen ver m\u00e9tricas y detalles de configuraci\u00f3n limitados o modificar configuraciones limitadas, algunas de las cuales podr\u00edan resultar en una denegaci\u00f3n de servicio (DoS)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
},
{
"source": "security-alert@netapp.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-alert@netapp.com",
"type": "Secondary",
@ -46,10 +80,85 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndExcluding": "9.9.1",
"matchCriteriaId": "C1096408-669B-4944-A3C7-CDD8FB3215BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.10.0",
"versionEndExcluding": "9.10.1",
"matchCriteriaId": "D9AB5E20-70A4-412E-B0CE-8D56666D2FFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.11.0",
"versionEndExcluding": "9.11.1",
"matchCriteriaId": "002B4EC4-81D8-4449-A225-3137D37796E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.12.0",
"versionEndExcluding": "9.12.1",
"matchCriteriaId": "46A8E230-FCE4-44CA-9FEC-E4994970776E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.13.0",
"versionEndExcluding": "9.13.1",
"matchCriteriaId": "18E30F09-FA25-4B94-9372-5B5FFC4528C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "E0284DC1-9FAA-4979-82C3-AB7347614C80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.10.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F1A4278F-D9A9-4C39-AC53-AB35DB921E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.11.1:-:*:*:*:*:*:*",
"matchCriteriaId": "366B49CA-EB3B-44A1-9DB4-9D24A0F427E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DD223C45-CF1B-4931-9753-503923FCFE25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.13.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6E1CD626-B5E9-4166-A539-09305A5B9696"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240126-0001/",
"source": "security-alert@netapp.com"
"source": "security-alert@netapp.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-225xx/CVE-2024-22523.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22523",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T09:15:48.573",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:45:22.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "La vulnerabilidad de Directory Traversal en Qiyu iFair versi\u00f3n 23.8_ad0 y anteriores permite a atacantes remotos obtener informaci\u00f3n confidencial a trav\u00e9s del componente de carga de im\u00e1genes."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fuwushe:ifair:*:*:*:*:*:*:*:*",
"versionEndIncluding": "23.8_ad0",
"matchCriteriaId": "C72E8BD0-367B-44D4-90E9-A9BFE20E7CA4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.yuque.com/for82/vdzwqe/sc8ictw8poo8v5gl",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-230xx/CVE-2024-23054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23054",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T16:15:55.437",
"lastModified": "2024-02-05T16:15:55.437",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-231xx/CVE-2024-23108.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23108",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-02-05T14:15:57.827",
"lastModified": "2024-02-05T14:15:57.827",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:58.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-231xx/CVE-2024-23109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23109",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-02-05T14:15:59.100",
"lastModified": "2024-02-05T14:15:59.100",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:58.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

80
CVE-2024/CVE-2024-233xx/CVE-2024-23334.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23334",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-29T23:15:08.563",
"lastModified": "2024-02-05T02:15:47.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:44:40.053",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,22 +70,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aiohttp:aiohttp:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.5",
"versionEndExcluding": "3.9.2",
"matchCriteriaId": "CC18B2A9-9D80-4A6E-94E7-8FC010D8FC70"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/aio-libs/aiohttp/commit/1c335944d6a8b1298baf179b7c0b3069f10c514b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/aio-libs/aiohttp/pull/8079",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-5h86-8mv2-jq9f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXWVZIVAYWEBHNRIILZVB3R3SDQNNAA7/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
}
]
}

60
CVE-2024/CVE-2024-234xx/CVE-2024-23441.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23441",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2024-01-29T16:15:09.203",
"lastModified": "2024-01-29T16:19:11.720",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:41:43.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the 0x2220A7 IOCTL code of the Vba32m64.sys driver."
},
{
"lang": "es",
"value": "Vba32 Antivirus v3.36.0 es afectado por una vulnerabilidad de denegaci\u00f3n de servicio al activar el c\u00f3digo IOCTL 0x2220A7 del controlador Vba32m64.sys."
}
],
"metrics": {
@ -36,8 +40,18 @@
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +60,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:anti-virus:vba32:3.36.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00ECDEA3-9AF7-405E-B0BB-1EA693E52ACF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/rollins/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.anti-virus.by/vba32",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

58
CVE-2024/CVE-2024-238xx/CVE-2024-23822.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-23822",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-29T16:15:09.437",
"lastModified": "2024-01-29T16:19:11.720",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:04:52.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Thruk is a multibackend monitoring webinterface. Prior to 3.12, the Thruk web monitoring application presents a vulnerability in a file upload form that allows a threat actor to arbitrarily upload files to the server to any path they desire and have permissions for. This vulnerability is known as Path Traversal or Directory Traversal. Version 3.12 fixes the issue.\n"
},
{
"lang": "es",
"value": "Thruk es una interfaz web de monitoreo multibackend. Antes de la versi\u00f3n 3.12, la aplicaci\u00f3n de monitoreo web Thruk presenta una vulnerabilidad en un formulario de carga de archivos que permite a un actor de amenazas cargar archivos arbitrariamente al servidor en cualquier ruta que desee y para la que tenga permisos. Esta vulnerabilidad se conoce como Path Traversal o Directory Traversal. La versi\u00f3n 3.12 soluciona el problema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thruk:thruk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.12",
"matchCriteriaId": "1BA8DF0F-A05A-4BAA-840F-F4CEF38641E0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sni/Thruk/commit/1aa9597cdf2722a69651124f68cbb449be12cc39",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sni/Thruk/security/advisories/GHSA-4mrh-mx7x-rqjx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

67
CVE-2024/CVE-2024-238xx/CVE-2024-23825.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-23825",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-30T17:15:11.180",
"lastModified": "2024-01-30T20:48:58.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:46:02.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TablePress is a table plugin for Wordpress. For importing tables, TablePress makes external HTTP requests based on a URL that is provided by the user. That user input is filtered insufficiently, which makes it is possible to send requests to unintended network locations and receive responses. On sites in a cloud environment like AWS, an attacker can potentially make GET requests to the instance's metadata REST API. If the instance's configuration is insecure, this can lead to the exposure of internal data, including credentials. This vulnerability is fixed in 2.2.5."
},
{
"lang": "es",
"value": "TablePress es un complemento de tablas para Wordpress. Para importar tablas, TablePress realiza solicitudes HTTP externas basadas en una URL proporcionada por el usuario. Esa entrada del usuario no se filtra lo suficiente, lo que hace posible enviar solicitudes a ubicaciones de red no deseadas y recibir respuestas. En sitios en un entorno de nube como AWS, un atacante puede potencialmente realizar solicitudes GET a la API REST de metadatos de la instancia. Si la configuraci\u00f3n de la instancia no es segura, esto puede provocar la exposici\u00f3n de datos internos, incluidas las credenciales. Esta vulnerabilidad se solucion\u00f3 en 2.2.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tablepress:tablepress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.5",
"matchCriteriaId": "0B3AFBC2-9363-4181-8CFE-E00D51043CAD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/TablePress/TablePress/commit/62aab50e7a9c486caaeff26dff4dc01e059ecb91",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/TablePress/TablePress/security/advisories/GHSA-x8rf-c8x6-mrpg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-241xx/CVE-2024-24135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24135",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-29T19:15:08.990",
"lastModified": "2024-01-30T14:18:33.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-05T18:10:12.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Product Name y Product Code en la secci\u00f3n 'Add Product' de Sourcecodester Product Inventory with Export to Excel 1.0 son vulnerables a ataques XSS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rems:product_inventory_with_export_to_excel:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38441714-1CB7-40F6-AD5E-9065DC2DB6FB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BurakSevben/2024_Product_Inventory_with_Export_to_Excel_XSS/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24258.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24258",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.083",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24259.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24259",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.133",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "mupdf v1.23.9 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24260.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24260",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.187",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_subscribe_remove function at /uac/sip-uac-subscribe.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yinluming13579/media-server_defects/blob/main/media-server_1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24262.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24262",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.230",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_uac_stop_timer function at /uac/sip-uac-transaction.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LuMingYinDetect/media-server_detect/blob/main/media_server_detect_1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24263.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24263",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.277",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the response_append_status_line function at /lotos/src/response.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LuMingYinDetect/lotos_detects/blob/main/lotos_detect_1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24265.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24265",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.327",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yinluming13579/gpac_defects/blob/main/gpac_1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24266.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24266",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.380",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yinluming13579/gpac_defects/blob/main/gpac_2.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24267.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24267",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T18:15:52.427",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yinluming13579/gpac_defects/blob/main/gpac_3.md",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-243xx/CVE-2024-24397.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24397",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T16:15:55.493",
"lastModified": "2024-02-05T16:15:55.493",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-244xx/CVE-2024-24468.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24468",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T16:15:55.543",
"lastModified": "2024-02-05T16:15:55.543",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-244xx/CVE-2024-24469.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24469",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-05T16:15:55.597",
"lastModified": "2024-02-05T16:15:55.597",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-247xx/CVE-2024-24762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24762",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-05T15:15:09.260",
"lastModified": "2024-02-05T15:15:09.260",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-247xx/CVE-2024-24768.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-24768",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-05T15:15:09.607",
"lastModified": "2024-02-05T15:15:09.607",
"vulnStatus": "Received",
"lastModified": "2024-02-05T18:25:55.213",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-05T17:00:24.843520+00:00
2024-02-05T19:00:26.677795+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-05T16:50:59.327000+00:00
2024-02-05T18:54:19.030000+00:00
```
### Last Data Feed Release
@ -29,37 +29,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237574
237585
```
### CVEs added in the last Commit
Recently added CVEs: `10`
Recently added CVEs: `11`
* [CVE-2023-52138](CVE-2023/CVE-2023-521xx/CVE-2023-52138.json) (`2024-02-05T15:15:08.393`)
* [CVE-2023-7216](CVE-2023/CVE-2023-72xx/CVE-2023-7216.json) (`2024-02-05T15:15:08.903`)
* [CVE-2023-47355](CVE-2023/CVE-2023-473xx/CVE-2023-47355.json) (`2024-02-05T16:15:54.910`)
* [CVE-2024-24762](CVE-2024/CVE-2024-247xx/CVE-2024-24762.json) (`2024-02-05T15:15:09.260`)
* [CVE-2024-24768](CVE-2024/CVE-2024-247xx/CVE-2024-24768.json) (`2024-02-05T15:15:09.607`)
* [CVE-2024-0323](CVE-2024/CVE-2024-03xx/CVE-2024-0323.json) (`2024-02-05T16:15:54.980`)
* [CVE-2024-23054](CVE-2024/CVE-2024-230xx/CVE-2024-23054.json) (`2024-02-05T16:15:55.437`)
* [CVE-2024-24397](CVE-2024/CVE-2024-243xx/CVE-2024-24397.json) (`2024-02-05T16:15:55.493`)
* [CVE-2024-24468](CVE-2024/CVE-2024-244xx/CVE-2024-24468.json) (`2024-02-05T16:15:55.543`)
* [CVE-2024-24469](CVE-2024/CVE-2024-244xx/CVE-2024-24469.json) (`2024-02-05T16:15:55.597`)
* [CVE-2023-6028](CVE-2023/CVE-2023-60xx/CVE-2023-6028.json) (`2024-02-05T18:15:51.670`)
* [CVE-2023-6874](CVE-2023/CVE-2023-68xx/CVE-2023-6874.json) (`2024-02-05T18:15:51.877`)
* [CVE-2024-0953](CVE-2024/CVE-2024-09xx/CVE-2024-0953.json) (`2024-02-05T17:15:09.320`)
* [CVE-2024-24258](CVE-2024/CVE-2024-242xx/CVE-2024-24258.json) (`2024-02-05T18:15:52.083`)
* [CVE-2024-24259](CVE-2024/CVE-2024-242xx/CVE-2024-24259.json) (`2024-02-05T18:15:52.133`)
* [CVE-2024-24260](CVE-2024/CVE-2024-242xx/CVE-2024-24260.json) (`2024-02-05T18:15:52.187`)
* [CVE-2024-24262](CVE-2024/CVE-2024-242xx/CVE-2024-24262.json) (`2024-02-05T18:15:52.230`)
* [CVE-2024-24263](CVE-2024/CVE-2024-242xx/CVE-2024-24263.json) (`2024-02-05T18:15:52.277`)
* [CVE-2024-24265](CVE-2024/CVE-2024-242xx/CVE-2024-24265.json) (`2024-02-05T18:15:52.327`)
* [CVE-2024-24266](CVE-2024/CVE-2024-242xx/CVE-2024-24266.json) (`2024-02-05T18:15:52.380`)
* [CVE-2024-24267](CVE-2024/CVE-2024-242xx/CVE-2024-24267.json) (`2024-02-05T18:15:52.427`)
### CVEs modified in the last Commit
Recently modified CVEs: `8`
Recently modified CVEs: `47`
* [CVE-2023-7204](CVE-2023/CVE-2023-72xx/CVE-2023-7204.json) (`2024-02-05T16:45:16.630`)
* [CVE-2023-5124](CVE-2023/CVE-2023-51xx/CVE-2023-5124.json) (`2024-02-05T16:48:58.247`)
* [CVE-2024-23388](CVE-2024/CVE-2024-233xx/CVE-2024-23388.json) (`2024-02-05T15:18:21.920`)
* [CVE-2024-21664](CVE-2024/CVE-2024-216xx/CVE-2024-21664.json) (`2024-02-05T16:15:55.207`)
* [CVE-2024-1010](CVE-2024/CVE-2024-10xx/CVE-2024-1010.json) (`2024-02-05T16:27:21.587`)
* [CVE-2024-1011](CVE-2024/CVE-2024-10xx/CVE-2024-1011.json) (`2024-02-05T16:35:15.313`)
* [CVE-2024-1009](CVE-2024/CVE-2024-10xx/CVE-2024-1009.json) (`2024-02-05T16:40:18.130`)
* [CVE-2024-23641](CVE-2024/CVE-2024-236xx/CVE-2024-23641.json) (`2024-02-05T16:50:59.327`)
* [CVE-2024-21626](CVE-2024/CVE-2024-216xx/CVE-2024-21626.json) (`2024-02-05T17:15:09.383`)
* [CVE-2024-1016](CVE-2024/CVE-2024-10xx/CVE-2024-1016.json) (`2024-02-05T17:25:50.500`)
* [CVE-2024-23822](CVE-2024/CVE-2024-238xx/CVE-2024-23822.json) (`2024-02-05T18:04:52.843`)
* [CVE-2024-24135](CVE-2024/CVE-2024-241xx/CVE-2024-24135.json) (`2024-02-05T18:10:12.477`)
* [CVE-2024-1061](CVE-2024/CVE-2024-10xx/CVE-2024-1061.json) (`2024-02-05T18:21:08.577`)
* [CVE-2024-1033](CVE-2024/CVE-2024-10xx/CVE-2024-1033.json) (`2024-02-05T18:25:49.590`)
* [CVE-2024-24762](CVE-2024/CVE-2024-247xx/CVE-2024-24762.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24768](CVE-2024/CVE-2024-247xx/CVE-2024-24768.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-0323](CVE-2024/CVE-2024-03xx/CVE-2024-0323.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-23054](CVE-2024/CVE-2024-230xx/CVE-2024-23054.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24397](CVE-2024/CVE-2024-243xx/CVE-2024-24397.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24468](CVE-2024/CVE-2024-244xx/CVE-2024-24468.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-24469](CVE-2024/CVE-2024-244xx/CVE-2024-24469.json) (`2024-02-05T18:25:55.213`)
* [CVE-2024-1063](CVE-2024/CVE-2024-10xx/CVE-2024-1063.json) (`2024-02-05T18:25:57.167`)
* [CVE-2024-23108](CVE-2024/CVE-2024-231xx/CVE-2024-23108.json) (`2024-02-05T18:25:58.053`)
* [CVE-2024-23109](CVE-2024/CVE-2024-231xx/CVE-2024-23109.json) (`2024-02-05T18:25:58.053`)
* [CVE-2024-1035](CVE-2024/CVE-2024-10xx/CVE-2024-1035.json) (`2024-02-05T18:30:58.720`)
* [CVE-2024-1032](CVE-2024/CVE-2024-10xx/CVE-2024-1032.json) (`2024-02-05T18:31:07.090`)
* [CVE-2024-21985](CVE-2024/CVE-2024-219xx/CVE-2024-21985.json) (`2024-02-05T18:32:52.040`)
* [CVE-2024-1018](CVE-2024/CVE-2024-10xx/CVE-2024-1018.json) (`2024-02-05T18:33:53.527`)
* [CVE-2024-1034](CVE-2024/CVE-2024-10xx/CVE-2024-1034.json) (`2024-02-05T18:35:52.530`)
* [CVE-2024-23441](CVE-2024/CVE-2024-234xx/CVE-2024-23441.json) (`2024-02-05T18:41:43.547`)
* [CVE-2024-23334](CVE-2024/CVE-2024-233xx/CVE-2024-23334.json) (`2024-02-05T18:44:40.053`)
* [CVE-2024-22523](CVE-2024/CVE-2024-225xx/CVE-2024-22523.json) (`2024-02-05T18:45:22.323`)
* [CVE-2024-23825](CVE-2024/CVE-2024-238xx/CVE-2024-23825.json) (`2024-02-05T18:46:02.203`)
## Download and Usage