From 3d7b724268575911ba73f83ec13580b10989ce3f Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 14 Aug 2024 14:03:13 +0000 Subject: [PATCH] Auto-Update: 2024-08-14T14:00:17.450433+00:00 --- CVE-2024/CVE-2024-15xx/CVE-2024-1576.json | 74 +++++++- CVE-2024/CVE-2024-15xx/CVE-2024-1577.json | 74 +++++++- CVE-2024/CVE-2024-16xx/CVE-2024-1659.json | 74 +++++++- CVE-2024/CVE-2024-200xx/CVE-2024-20082.json | 8 +- CVE-2024/CVE-2024-200xx/CVE-2024-20083.json | 8 +- CVE-2024/CVE-2024-259xx/CVE-2024-25949.json | 80 +++++++- CVE-2024/CVE-2024-274xx/CVE-2024-27443.json | 190 ++++++++++++++++++- CVE-2024/CVE-2024-289xx/CVE-2024-28986.json | 8 +- CVE-2024/CVE-2024-335xx/CVE-2024-33533.json | 195 +++++++++++++++++++- CVE-2024/CVE-2024-335xx/CVE-2024-33535.json | 195 +++++++++++++++++++- CVE-2024/CVE-2024-335xx/CVE-2024-33536.json | 195 +++++++++++++++++++- CVE-2024/CVE-2024-361xx/CVE-2024-36136.json | 8 +- CVE-2024/CVE-2024-373xx/CVE-2024-37373.json | 8 +- CVE-2024/CVE-2024-373xx/CVE-2024-37399.json | 8 +- CVE-2024/CVE-2024-384xx/CVE-2024-38483.json | 4 +- CVE-2024/CVE-2024-386xx/CVE-2024-38652.json | 8 +- CVE-2024/CVE-2024-386xx/CVE-2024-38653.json | 8 +- CVE-2024/CVE-2024-393xx/CVE-2024-39397.json | 56 ++++++ CVE-2024/CVE-2024-393xx/CVE-2024-39398.json | 56 ++++++ CVE-2024/CVE-2024-393xx/CVE-2024-39399.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39400.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39401.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39402.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39403.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39404.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39405.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39406.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39407.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39408.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39409.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39410.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39411.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39412.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39413.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39414.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39415.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39416.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39417.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39418.json | 56 ++++++ CVE-2024/CVE-2024-394xx/CVE-2024-39419.json | 56 ++++++ CVE-2024/CVE-2024-418xx/CVE-2024-41858.json | 8 +- CVE-2024/CVE-2024-418xx/CVE-2024-41860.json | 8 +- CVE-2024/CVE-2024-418xx/CVE-2024-41861.json | 8 +- CVE-2024/CVE-2024-418xx/CVE-2024-41862.json | 8 +- CVE-2024/CVE-2024-418xx/CVE-2024-41863.json | 8 +- CVE-2024/CVE-2024-418xx/CVE-2024-41864.json | 8 +- CVE-2024/CVE-2024-43xx/CVE-2024-4389.json | 8 +- CVE-2024/CVE-2024-53xx/CVE-2024-5313.json | 75 +++++++- CVE-2024/CVE-2024-65xx/CVE-2024-6532.json | 4 +- CVE-2024/CVE-2024-75xx/CVE-2024-7588.json | 8 +- CVE-2024/CVE-2024-77xx/CVE-2024-7728.json | 8 +- CVE-2024/CVE-2024-77xx/CVE-2024-7729.json | 8 +- CVE-2024/CVE-2024-77xx/CVE-2024-7731.json | 8 +- CVE-2024/CVE-2024-77xx/CVE-2024-7732.json | 8 +- README.md | 61 +++++- _state.csv | 87 +++++---- 56 files changed, 2630 insertions(+), 126 deletions(-) create mode 100644 CVE-2024/CVE-2024-393xx/CVE-2024-39397.json create mode 100644 CVE-2024/CVE-2024-393xx/CVE-2024-39398.json create mode 100644 CVE-2024/CVE-2024-393xx/CVE-2024-39399.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39400.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39401.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39402.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39403.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39404.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39405.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39406.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39407.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39408.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39409.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39410.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39411.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39412.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39413.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39414.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39415.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39416.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39417.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39418.json create mode 100644 CVE-2024/CVE-2024-394xx/CVE-2024-39419.json diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1576.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1576.json index 4a8de8ce308..0fb34596321 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1576.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1576.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1576", "sourceIdentifier": "cvd@cert.pl", "published": "2024-06-12T14:15:10.487", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:55:57.477", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,9 +59,41 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "cvd@cert.pl", "type": "Secondary", @@ -73,22 +105,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:megabip:megabip:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.09", + "matchCriteriaId": "EAA02B55-31B3-4027-BBF6-7E2D201B2D43" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.pl/en/posts/2024/06/CVE-2024-1576/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://cert.pl/posts/2024/06/CVE-2024-1576/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://megabip.pl/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Product" + ] }, { "url": "https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznej", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Press/Media Coverage" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-15xx/CVE-2024-1577.json b/CVE-2024/CVE-2024-15xx/CVE-2024-1577.json index f8393b49d07..e26b6f71d6e 100644 --- a/CVE-2024/CVE-2024-15xx/CVE-2024-1577.json +++ b/CVE-2024/CVE-2024-15xx/CVE-2024-1577.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1577", "sourceIdentifier": "cvd@cert.pl", "published": "2024-06-12T14:15:10.683", - "lastModified": "2024-06-18T13:15:51.627", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:56:31.627", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,9 +59,41 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + }, { "source": "cvd@cert.pl", "type": "Secondary", @@ -73,22 +105,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:megabip:megabip:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.11.2", + "matchCriteriaId": "8F6DA36F-518E-4F83-B106-126ADB3E42CC" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.pl/en/posts/2024/06/CVE-2024-1576/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://cert.pl/posts/2024/06/CVE-2024-1576/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://megabip.pl/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Product" + ] }, { "url": "https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznej", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Press/Media Coverage" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-16xx/CVE-2024-1659.json b/CVE-2024/CVE-2024-16xx/CVE-2024-1659.json index 41a20f667a8..61fbccb11d0 100644 --- a/CVE-2024/CVE-2024-16xx/CVE-2024-1659.json +++ b/CVE-2024/CVE-2024-16xx/CVE-2024-1659.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1659", "sourceIdentifier": "cvd@cert.pl", "published": "2024-06-12T14:15:10.803", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:57:00.260", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -59,9 +59,41 @@ "baseSeverity": "CRITICAL" } } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, { "source": "cvd@cert.pl", "type": "Secondary", @@ -73,22 +105,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:megabip:megabip:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.10", + "matchCriteriaId": "E2C3E317-2A05-4D60-B3B3-78BAC02E55BF" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.pl/en/posts/2024/06/CVE-2024-1576/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://cert.pl/posts/2024/06/CVE-2024-1576/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://megabip.pl/", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Product" + ] }, { "url": "https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznej", - "source": "cvd@cert.pl" + "source": "cvd@cert.pl", + "tags": [ + "Press/Media Coverage" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20082.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20082.json index 124e0210dca..5551d669050 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20082.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20082.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20082", "sourceIdentifier": "security@mediatek.com", "published": "2024-08-14T03:15:04.120", - "lastModified": "2024-08-14T03:15:04.120", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:48.243", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529." + }, + { + "lang": "es", + "value": "En Modem, existe una posible corrupci\u00f3n de la memoria debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: MOLY01182594; ID del problema: MSV-1529." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-200xx/CVE-2024-20083.json b/CVE-2024/CVE-2024-200xx/CVE-2024-20083.json index d2f11df5d68..cb57abee6bd 100644 --- a/CVE-2024/CVE-2024-200xx/CVE-2024-20083.json +++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20083.json @@ -2,13 +2,17 @@ "id": "CVE-2024-20083", "sourceIdentifier": "security@mediatek.com", "published": "2024-08-14T03:15:04.280", - "lastModified": "2024-08-14T03:15:04.280", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:48.243", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502." + }, + { + "lang": "es", + "value": "En caso contrario, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda llevar a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08810810 / ALPS08805789; ID del problema: MSV-1502." } ], "metrics": {}, diff --git a/CVE-2024/CVE-2024-259xx/CVE-2024-25949.json b/CVE-2024/CVE-2024-259xx/CVE-2024-25949.json index 91d489f5e3b..316e92369b8 100644 --- a/CVE-2024/CVE-2024-259xx/CVE-2024-25949.json +++ b/CVE-2024/CVE-2024-259xx/CVE-2024-25949.json @@ -2,8 +2,8 @@ "id": "CVE-2024-25949", "sourceIdentifier": "security_alert@emc.com", "published": "2024-06-12T13:15:49.977", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:27:15.653", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.5.3.0", + "versionEndExcluding": "10.5.3.10", + "matchCriteriaId": "91888D0E-835E-4243-B185-946E52FFFB12" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.5.4.0", + "versionEndExcluding": "10.5.4.11", + "matchCriteriaId": "36A70FD6-8934-4B8F-9482-5001A4EB46F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:networking_os10:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.5.5.0", + "versionEndExcluding": "10.5.5.8", + "matchCriteriaId": "1BAC1BA4-1C45-4602-8EDC-4AB561190E60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dell:networking_os10:10.5.6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F5CC42A8-A9F2-4ECA-A83B-289D5BA9E1E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000225922/dsa-2024-087-security-update-for-dell-networking-os10-vulnerability", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-274xx/CVE-2024-27443.json b/CVE-2024/CVE-2024-274xx/CVE-2024-27443.json index 50e6207f70e..e31e92e0197 100644 --- a/CVE-2024/CVE-2024-274xx/CVE-2024-27443.json +++ b/CVE-2024/CVE-2024-274xx/CVE-2024-27443.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27443", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T15:15:20.283", - "lastModified": "2024-08-13T17:20:53.960", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:18:33.117", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -58,6 +58,13 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.0.0", + "versionEndExcluding": "10.0.7", + "matchCriteriaId": "4CE0029A-44EA-4774-879D-5FA2D35F09BD" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*", @@ -65,8 +72,183 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zimbra:collaboration:10.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "C00D9622-8149-417F-95AB-9397D2DF71A7" + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p0:*:*:*:*:*:*", + "matchCriteriaId": "5E4DF01A-1AA9-47E8-82FD-65A02ECA1376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "BDE59185-B917-4A81-8DE4-C65A079F52FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "BA3ED95F-95F2-4676-8EAF-B4B9EB64B260" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "4BB93336-CC3C-4B7F-B194-7DED036ABBAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "876F1675-F65C-4E86-ADBD-36EB8D8A997D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "2306F526-9C56-4A57-AA9B-02F2D6058C97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "F9EA2A61-67AA-4B7E-BC6E-80EB1363EF85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "C77A35B7-96F6-43A7-A747-C6AEEDE961E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "DC35882B-E709-42D8-8800-F1B734CEAFC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7A47276-F241-4A68-9458-E1481EBDC5E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "12D0D469-6C9B-4B66-9581-DC319773238A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "40629BEB-DF4B-4FB8-8D3D-7BAC43C90766" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "9503131F-CC23-4545-AE9C-9714B287CC25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "B4CE2D12-AD31-4FED-AD0F-ADF64E92E1B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "8113A4E3-AA96-4382-815D-6FD88BA42EC5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24.1:*:*:*:*:*:*", + "matchCriteriaId": "DC8C28E0-6C51-41EE-A7B2-DB185D1D8FD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "BC19F11D-23D9-429D-A957-D67F23A40A01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "AAFA2EE7-C965-4F27-8CAE-E607A9F202AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "1D09DCF6-1C8F-4CA1-B7D4-AFDD4EB35771" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "C52705E6-2C6B-47BC-A0CD-F6AAE0BFC302" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "FD1DCE2B-D944-43AE-AD0E-9282DE6D618F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "2079B9F8-128B-487D-A965-E8B37FDF6304" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "9679FD62-815E-47A8-8552-D28CE48B82B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "D659AE6A-591E-4D5B-9781-9648250F5576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "E4054E3E-561C-4B1C-A615-3CCE5CB69D77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4FA0E9C4-25E4-4CD6-B88A-02B413385866" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "5D6F7CA3-C36A-466C-8FAD-D0B3CEF01F0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "9684AC81-B557-4292-8402-AE55CB2E613C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "32A352C4-0E9C-436F-ADA7-D93492A18037" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "33F50D8C-7027-4A8D-8E95-98C224283772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "82000BA4-1781-4312-A7BD-92EC94D137AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4B52D301-2559-457A-8FFB-F0915299355A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "7215AE2C-8A33-4AB9-88D5-7C8CD11E806C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7.1:*:*:*:*:*:*", + "matchCriteriaId": "8D859F77-8E39-4D46-BC90-C5C1D805A666" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "CDC810C7-45DA-4BDF-9138-2D3B2750243E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "E09D95A4-764D-4E0B-8605-1D94FD548AB2" } ] } diff --git a/CVE-2024/CVE-2024-289xx/CVE-2024-28986.json b/CVE-2024/CVE-2024-289xx/CVE-2024-28986.json index 68e15b35aa5..e1db258cbd5 100644 --- a/CVE-2024/CVE-2024-289xx/CVE-2024-28986.json +++ b/CVE-2024/CVE-2024-289xx/CVE-2024-28986.json @@ -2,13 +2,17 @@ "id": "CVE-2024-28986", "sourceIdentifier": "psirt@solarwinds.com", "published": "2024-08-13T23:15:16.627", - "lastModified": "2024-08-14T02:07:05.410", + "lastModified": "2024-08-14T12:15:23.987", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. \n\n\n\nWhile it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. \u00a0\n\n\n\nHowever, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available." + "value": "SolarWinds Web Help Desk was susceptible to a Java Deserialization Remote Code Execution that would allow access to run commands on the host machine." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que SolarWinds Web Help Desk era susceptible a una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de deserializaci\u00f3n de Java que, si se explota, permitir\u00eda a un atacante ejecutar comandos en la m\u00e1quina host. Si bien se inform\u00f3 como una vulnerabilidad no autenticada, SolarWinds no pudo reproducirla sin autenticaci\u00f3n despu\u00e9s de pruebas exhaustivas. Sin embargo, por precauci\u00f3n, recomendamos a todos los clientes de Web Help Desk que apliquen el parche, que ya est\u00e1 disponible." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33533.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33533.json index f46e9ae42e2..f8f0884fbe6 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33533.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33533.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33533", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T15:15:20.480", - "lastModified": "2024-08-13T17:20:47.593", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:18:35.633", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -58,6 +58,13 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.0.0", + "versionEndExcluding": "10.0.8", + "matchCriteriaId": "A5BC091A-EE5A-4D34-9D2E-754D3C2FCA3F" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*", @@ -65,8 +72,188 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zimbra:collaboration:10.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "C00D9622-8149-417F-95AB-9397D2DF71A7" + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p0:*:*:*:*:*:*", + "matchCriteriaId": "5E4DF01A-1AA9-47E8-82FD-65A02ECA1376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "BDE59185-B917-4A81-8DE4-C65A079F52FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "BA3ED95F-95F2-4676-8EAF-B4B9EB64B260" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "4BB93336-CC3C-4B7F-B194-7DED036ABBAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "876F1675-F65C-4E86-ADBD-36EB8D8A997D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "2306F526-9C56-4A57-AA9B-02F2D6058C97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "F9EA2A61-67AA-4B7E-BC6E-80EB1363EF85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "C77A35B7-96F6-43A7-A747-C6AEEDE961E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "DC35882B-E709-42D8-8800-F1B734CEAFC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7A47276-F241-4A68-9458-E1481EBDC5E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "12D0D469-6C9B-4B66-9581-DC319773238A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "40629BEB-DF4B-4FB8-8D3D-7BAC43C90766" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "9503131F-CC23-4545-AE9C-9714B287CC25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "B4CE2D12-AD31-4FED-AD0F-ADF64E92E1B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "8113A4E3-AA96-4382-815D-6FD88BA42EC5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24.1:*:*:*:*:*:*", + "matchCriteriaId": "DC8C28E0-6C51-41EE-A7B2-DB185D1D8FD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "BC19F11D-23D9-429D-A957-D67F23A40A01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "AAFA2EE7-C965-4F27-8CAE-E607A9F202AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "1D09DCF6-1C8F-4CA1-B7D4-AFDD4EB35771" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "C52705E6-2C6B-47BC-A0CD-F6AAE0BFC302" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "FD1DCE2B-D944-43AE-AD0E-9282DE6D618F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "2079B9F8-128B-487D-A965-E8B37FDF6304" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "9679FD62-815E-47A8-8552-D28CE48B82B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "D659AE6A-591E-4D5B-9781-9648250F5576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "E4054E3E-561C-4B1C-A615-3CCE5CB69D77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4FA0E9C4-25E4-4CD6-B88A-02B413385866" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "5D6F7CA3-C36A-466C-8FAD-D0B3CEF01F0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "9684AC81-B557-4292-8402-AE55CB2E613C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "32A352C4-0E9C-436F-ADA7-D93492A18037" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "ABCA8698-AB88-4A6D-BD2B-DB22AEED6536" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "33F50D8C-7027-4A8D-8E95-98C224283772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "82000BA4-1781-4312-A7BD-92EC94D137AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4B52D301-2559-457A-8FFB-F0915299355A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "7215AE2C-8A33-4AB9-88D5-7C8CD11E806C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7.1:*:*:*:*:*:*", + "matchCriteriaId": "8D859F77-8E39-4D46-BC90-C5C1D805A666" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "CDC810C7-45DA-4BDF-9138-2D3B2750243E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "E09D95A4-764D-4E0B-8605-1D94FD548AB2" } ] } diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33535.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33535.json index d8c289e23c7..4c5181ae071 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33535.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33535.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33535", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T15:15:20.570", - "lastModified": "2024-08-13T17:20:39.890", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:18:38.770", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -58,6 +58,13 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.0.0", + "versionEndExcluding": "10.0.8", + "matchCriteriaId": "A5BC091A-EE5A-4D34-9D2E-754D3C2FCA3F" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*", @@ -65,8 +72,188 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zimbra:collaboration:10.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "C00D9622-8149-417F-95AB-9397D2DF71A7" + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p0:*:*:*:*:*:*", + "matchCriteriaId": "5E4DF01A-1AA9-47E8-82FD-65A02ECA1376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "BDE59185-B917-4A81-8DE4-C65A079F52FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "BA3ED95F-95F2-4676-8EAF-B4B9EB64B260" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "4BB93336-CC3C-4B7F-B194-7DED036ABBAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "876F1675-F65C-4E86-ADBD-36EB8D8A997D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "2306F526-9C56-4A57-AA9B-02F2D6058C97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "F9EA2A61-67AA-4B7E-BC6E-80EB1363EF85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "C77A35B7-96F6-43A7-A747-C6AEEDE961E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "DC35882B-E709-42D8-8800-F1B734CEAFC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7A47276-F241-4A68-9458-E1481EBDC5E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "12D0D469-6C9B-4B66-9581-DC319773238A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "40629BEB-DF4B-4FB8-8D3D-7BAC43C90766" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "9503131F-CC23-4545-AE9C-9714B287CC25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "B4CE2D12-AD31-4FED-AD0F-ADF64E92E1B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "8113A4E3-AA96-4382-815D-6FD88BA42EC5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24.1:*:*:*:*:*:*", + "matchCriteriaId": "DC8C28E0-6C51-41EE-A7B2-DB185D1D8FD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "BC19F11D-23D9-429D-A957-D67F23A40A01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "AAFA2EE7-C965-4F27-8CAE-E607A9F202AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "1D09DCF6-1C8F-4CA1-B7D4-AFDD4EB35771" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "C52705E6-2C6B-47BC-A0CD-F6AAE0BFC302" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "FD1DCE2B-D944-43AE-AD0E-9282DE6D618F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "2079B9F8-128B-487D-A965-E8B37FDF6304" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "9679FD62-815E-47A8-8552-D28CE48B82B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "D659AE6A-591E-4D5B-9781-9648250F5576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "E4054E3E-561C-4B1C-A615-3CCE5CB69D77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4FA0E9C4-25E4-4CD6-B88A-02B413385866" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "5D6F7CA3-C36A-466C-8FAD-D0B3CEF01F0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "9684AC81-B557-4292-8402-AE55CB2E613C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "32A352C4-0E9C-436F-ADA7-D93492A18037" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "ABCA8698-AB88-4A6D-BD2B-DB22AEED6536" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "33F50D8C-7027-4A8D-8E95-98C224283772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "82000BA4-1781-4312-A7BD-92EC94D137AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4B52D301-2559-457A-8FFB-F0915299355A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "7215AE2C-8A33-4AB9-88D5-7C8CD11E806C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7.1:*:*:*:*:*:*", + "matchCriteriaId": "8D859F77-8E39-4D46-BC90-C5C1D805A666" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "CDC810C7-45DA-4BDF-9138-2D3B2750243E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "E09D95A4-764D-4E0B-8605-1D94FD548AB2" } ] } diff --git a/CVE-2024/CVE-2024-335xx/CVE-2024-33536.json b/CVE-2024/CVE-2024-335xx/CVE-2024-33536.json index 609e2b52488..e877343f078 100644 --- a/CVE-2024/CVE-2024-335xx/CVE-2024-33536.json +++ b/CVE-2024/CVE-2024-335xx/CVE-2024-33536.json @@ -2,8 +2,8 @@ "id": "CVE-2024-33536", "sourceIdentifier": "cve@mitre.org", "published": "2024-08-12T15:15:20.657", - "lastModified": "2024-08-13T17:20:23.953", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:18:41.847", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -58,6 +58,13 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.0.0", + "versionEndExcluding": "10.0.8", + "matchCriteriaId": "A5BC091A-EE5A-4D34-9D2E-754D3C2FCA3F" + }, { "vulnerable": true, "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*", @@ -65,8 +72,188 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:zimbra:collaboration:10.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "C00D9622-8149-417F-95AB-9397D2DF71A7" + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p0:*:*:*:*:*:*", + "matchCriteriaId": "5E4DF01A-1AA9-47E8-82FD-65A02ECA1376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "BDE59185-B917-4A81-8DE4-C65A079F52FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "BA3ED95F-95F2-4676-8EAF-B4B9EB64B260" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "4BB93336-CC3C-4B7F-B194-7DED036ABBAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "876F1675-F65C-4E86-ADBD-36EB8D8A997D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "2306F526-9C56-4A57-AA9B-02F2D6058C97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "F9EA2A61-67AA-4B7E-BC6E-80EB1363EF85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "C77A35B7-96F6-43A7-A747-C6AEEDE961E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "DC35882B-E709-42D8-8800-F1B734CEAFC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7A47276-F241-4A68-9458-E1481EBDC5E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "12D0D469-6C9B-4B66-9581-DC319773238A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "40629BEB-DF4B-4FB8-8D3D-7BAC43C90766" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "9503131F-CC23-4545-AE9C-9714B287CC25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "B4CE2D12-AD31-4FED-AD0F-ADF64E92E1B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "8113A4E3-AA96-4382-815D-6FD88BA42EC5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p24.1:*:*:*:*:*:*", + "matchCriteriaId": "DC8C28E0-6C51-41EE-A7B2-DB185D1D8FD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "BC19F11D-23D9-429D-A957-D67F23A40A01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "AAFA2EE7-C965-4F27-8CAE-E607A9F202AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "1D09DCF6-1C8F-4CA1-B7D4-AFDD4EB35771" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "C52705E6-2C6B-47BC-A0CD-F6AAE0BFC302" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "FD1DCE2B-D944-43AE-AD0E-9282DE6D618F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "2079B9F8-128B-487D-A965-E8B37FDF6304" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "9679FD62-815E-47A8-8552-D28CE48B82B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "D659AE6A-591E-4D5B-9781-9648250F5576" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "E4054E3E-561C-4B1C-A615-3CCE5CB69D77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4FA0E9C4-25E4-4CD6-B88A-02B413385866" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "5D6F7CA3-C36A-466C-8FAD-D0B3CEF01F0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "9684AC81-B557-4292-8402-AE55CB2E613C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "32A352C4-0E9C-436F-ADA7-D93492A18037" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "ABCA8698-AB88-4A6D-BD2B-DB22AEED6536" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "33F50D8C-7027-4A8D-8E95-98C224283772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "82000BA4-1781-4312-A7BD-92EC94D137AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4B52D301-2559-457A-8FFB-F0915299355A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "7215AE2C-8A33-4AB9-88D5-7C8CD11E806C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7.1:*:*:*:*:*:*", + "matchCriteriaId": "8D859F77-8E39-4D46-BC90-C5C1D805A666" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "CDC810C7-45DA-4BDF-9138-2D3B2750243E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "E09D95A4-764D-4E0B-8605-1D94FD548AB2" } ] } diff --git a/CVE-2024/CVE-2024-361xx/CVE-2024-36136.json b/CVE-2024/CVE-2024-361xx/CVE-2024-36136.json index b9b37c62228..55982463760 100644 --- a/CVE-2024/CVE-2024-361xx/CVE-2024-36136.json +++ b/CVE-2024/CVE-2024-361xx/CVE-2024-36136.json @@ -2,13 +2,17 @@ "id": "CVE-2024-36136", "sourceIdentifier": "support@hackerone.com", "published": "2024-08-14T03:15:04.390", - "lastModified": "2024-08-14T03:15:04.390", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:48.243", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS." + }, + { + "lang": "es", + "value": "Un error de uno en uno en WLInfoRailService en Ivanti Avalanche 6.3.1 permite que un atacante remoto no autenticado bloquee el servicio, lo que resulta en un DoS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-373xx/CVE-2024-37373.json b/CVE-2024/CVE-2024-373xx/CVE-2024-37373.json index c0170431e14..e12b6ade865 100644 --- a/CVE-2024/CVE-2024-373xx/CVE-2024-37373.json +++ b/CVE-2024/CVE-2024-373xx/CVE-2024-37373.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37373", "sourceIdentifier": "support@hackerone.com", "published": "2024-08-14T03:15:04.667", - "lastModified": "2024-08-14T03:15:04.667", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:48.243", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE." + }, + { + "lang": "es", + "value": "La validaci\u00f3n de entrada incorrecta en el almac\u00e9n de archivos central en Ivanti Avalanche 6.3.1 permite que un atacante remoto autenticado con derechos de administrador logre RCE." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-373xx/CVE-2024-37399.json b/CVE-2024/CVE-2024-373xx/CVE-2024-37399.json index 5951439a8cd..bf0dc8b46b9 100644 --- a/CVE-2024/CVE-2024-373xx/CVE-2024-37399.json +++ b/CVE-2024/CVE-2024-373xx/CVE-2024-37399.json @@ -2,13 +2,17 @@ "id": "CVE-2024-37399", "sourceIdentifier": "support@hackerone.com", "published": "2024-08-14T03:15:04.850", - "lastModified": "2024-08-14T03:15:04.850", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS." + }, + { + "lang": "es", + "value": "Una desreferencia de puntero NULL en WLAvalancheService en Ivanti Avalanche 6.3.1 permite que un atacante remoto no autenticado bloquee el servicio, lo que resulta en un DoS." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json b/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json index 73141650aac..b2e48f9e9d0 100644 --- a/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json +++ b/CVE-2024/CVE-2024-384xx/CVE-2024-38483.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38483", "sourceIdentifier": "security_alert@emc.com", "published": "2024-08-14T10:15:06.623", - "lastModified": "2024-08-14T10:15:06.623", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38652.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38652.json index d0b366ed796..37c64c18beb 100644 --- a/CVE-2024/CVE-2024-386xx/CVE-2024-38652.json +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38652.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38652", "sourceIdentifier": "support@hackerone.com", "published": "2024-08-14T03:15:05.020", - "lastModified": "2024-08-14T03:15:05.020", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion." + }, + { + "lang": "es", + "value": "El path traversal en el componente de gesti\u00f3n de aspectos de Ivanti Avalanche 6.3.1 permite a un atacante remoto no autenticado lograr una denegaci\u00f3n de servicio mediante la eliminaci\u00f3n arbitraria de archivos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38653.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38653.json index 67c8727bfbb..cc19adb4c9a 100644 --- a/CVE-2024/CVE-2024-386xx/CVE-2024-38653.json +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38653.json @@ -2,13 +2,17 @@ "id": "CVE-2024-38653", "sourceIdentifier": "support@hackerone.com", "published": "2024-08-14T03:15:05.200", - "lastModified": "2024-08-14T03:15:05.200", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server." + }, + { + "lang": "es", + "value": "XXE en SmartDeviceServer en Ivanti Avalanche 6.3.1 permite que un atacante remoto no autenticado lea archivos arbitrarios en el servidor." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39397.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39397.json new file mode 100644 index 00000000000..ec0815825db --- /dev/null +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39397.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39397", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:24.123", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file which can then be executed on the server. Exploitation of this issue does not require user interaction, but attack complexity is high and scope is changed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.2, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39398.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39398.json new file mode 100644 index 00000000000..f0e35087cf7 --- /dev/null +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39398.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39398", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:24.377", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to perform brute force attacks and potentially gain unauthorized access to accounts. Exploitation of this issue does not require user interaction, but attack complexity is high." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-307" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-393xx/CVE-2024-39399.json b/CVE-2024/CVE-2024-393xx/CVE-2024-39399.json new file mode 100644 index 00000000000..74e92e66bf2 --- /dev/null +++ b/CVE-2024/CVE-2024-393xx/CVE-2024-39399.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39399", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:24.607", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. A low-privileged attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39400.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39400.json new file mode 100644 index 00000000000..615d1d3ea56 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39400.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39400", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:24.863", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an admin attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. Exploitation of this issue requires user interaction, such as convincing a victim to click on a malicious link. Confidentiality and integrity impact is high as it affects other admin accounts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39401.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39401.json new file mode 100644 index 00000000000..004d34b3ec6 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39401.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39401", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:25.097", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. Exploitation of this issue requires user interaction and scope is changed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39402.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39402.json new file mode 100644 index 00000000000..17781adf8c7 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39402.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39402", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:25.317", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. Exploitation of this issue requires user interaction and scope is changed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39403.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39403.json new file mode 100644 index 00000000000..2274b4e2c1f --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39403.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39403", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:25.540", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. Confidentiality impact is high due to the attacker being able to exfiltrate sensitive information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39404.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39404.json new file mode 100644 index 00000000000..63521c0c1d5 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39404.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39404", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:25.760", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39405.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39405.json new file mode 100644 index 00000000000..29858745f27 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39405.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39405", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:26.013", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39406.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39406.json new file mode 100644 index 00000000000..8968c6fcedc --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39406.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39406", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:26.243", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39407.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39407.json new file mode 100644 index 00000000000..46b85833ada --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39407.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39407", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:26.483", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39408.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39408.json new file mode 100644 index 00000000000..deded462af9 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39408.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39408", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:26.703", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39409.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39409.json new file mode 100644 index 00000000000..6e8f65308ca --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39409.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39409", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:26.937", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39410.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39410.json new file mode 100644 index 00000000000..cd75c0e1779 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39410.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39410", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:27.177", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39411.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39411.json new file mode 100644 index 00000000000..309a6a96ea0 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39411.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39411", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:27.407", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39412.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39412.json new file mode 100644 index 00000000000..6ed88877def --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39412.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39412", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:27.650", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39413.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39413.json new file mode 100644 index 00000000000..ff13b9c6c8e --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39413.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39413", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:27.890", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39414.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39414.json new file mode 100644 index 00000000000..a7f86877a62 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39414.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39414", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:28.107", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39415.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39415.json new file mode 100644 index 00000000000..36bb55c939e --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39415.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39415", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:28.327", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39416.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39416.json new file mode 100644 index 00000000000..b4f7fb25da6 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39416.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39416", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:28.560", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39417.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39417.json new file mode 100644 index 00000000000..d384ed2cca1 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39417.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39417", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:28.780", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39418.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39418.json new file mode 100644 index 00000000000..db165325ea2 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39418.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39418", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:29.010", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-394xx/CVE-2024-39419.json b/CVE-2024/CVE-2024-394xx/CVE-2024-39419.json new file mode 100644 index 00000000000..434c95d97a4 --- /dev/null +++ b/CVE-2024/CVE-2024-394xx/CVE-2024-39419.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-39419", + "sourceIdentifier": "psirt@adobe.com", + "published": "2024-08-14T12:15:29.283", + "lastModified": "2024-08-14T13:00:25.793", + "vulnStatus": "Undergoing Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@adobe.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", + "source": "psirt@adobe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41858.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41858.json index 15d0161606b..de1bab26978 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41858.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41858.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41858", "sourceIdentifier": "psirt@adobe.com", "published": "2024-08-14T09:15:12.450", - "lastModified": "2024-08-14T09:15:12.450", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 18.5.2, 19.4 y anteriores de InCopy se ven afectadas por una vulnerabilidad de desbordamiento de enteros o envoltura que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41860.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41860.json index 6fe9c6dbaac..87b18b1f472 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41860.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41860.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41860", "sourceIdentifier": "psirt@adobe.com", "published": "2024-08-14T09:15:12.850", - "lastModified": "2024-08-14T09:15:12.850", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Substance3D - Sampler las versiones 4.5 y anteriores se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41861.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41861.json index bd33d0cb9d5..5841fd8b24f 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41861.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41861.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41861", "sourceIdentifier": "psirt@adobe.com", "published": "2024-08-14T09:15:13.100", - "lastModified": "2024-08-14T09:15:13.100", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Substance3D - Sampler las versiones 4.5 y anteriores se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41862.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41862.json index 17c73b084df..eaef0a260b0 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41862.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41862.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41862", "sourceIdentifier": "psirt@adobe.com", "published": "2024-08-14T09:15:13.320", - "lastModified": "2024-08-14T09:15:13.320", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Substance3D - Sampler las versiones 4.5 y anteriores se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41863.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41863.json index 0fa1cb2ede0..3cb13c0897d 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41863.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41863.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41863", "sourceIdentifier": "psirt@adobe.com", "published": "2024-08-14T09:15:13.557", - "lastModified": "2024-08-14T09:15:13.557", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Substance3D - Sampler versions 4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Substance3D - Sampler las versiones 4.5 y anteriores se ven afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-418xx/CVE-2024-41864.json b/CVE-2024/CVE-2024-418xx/CVE-2024-41864.json index a87447aa178..b8ea2924aa8 100644 --- a/CVE-2024/CVE-2024-418xx/CVE-2024-41864.json +++ b/CVE-2024/CVE-2024-418xx/CVE-2024-41864.json @@ -2,13 +2,17 @@ "id": "CVE-2024-41864", "sourceIdentifier": "psirt@adobe.com", "published": "2024-08-14T09:15:13.783", - "lastModified": "2024-08-14T09:15:13.783", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Substance3D - Designer las versiones 13.1.2 y anteriores se ven afectadas por una vulnerabilidad de escritura fuera de los l\u00edmites que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-43xx/CVE-2024-4389.json b/CVE-2024/CVE-2024-43xx/CVE-2024-4389.json index 9022b61351a..181317acfde 100644 --- a/CVE-2024/CVE-2024-43xx/CVE-2024-4389.json +++ b/CVE-2024/CVE-2024-43xx/CVE-2024-4389.json @@ -2,13 +2,17 @@ "id": "CVE-2024-4389", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-14T09:15:14.007", - "lastModified": "2024-08-14T09:15:14.007", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadFile function in all versions up to, and including, 3.1.1. This makes it possible for authenticated attackers, with contributor access or higher, to upload arbitrary files on the affected site's server which may make remote code execution possible." + }, + { + "lang": "es", + "value": "El complemento Slider and Carousel slider by Depicter para WordPress es vulnerable a cargas de archivos arbitrarias debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n uploadFile en todas las versiones hasta la 3.1.1 incluida. Esto hace posible que atacantes autenticados, con acceso de colaborador o superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-53xx/CVE-2024-5313.json b/CVE-2024/CVE-2024-53xx/CVE-2024-5313.json index b3f8b9e34a0..9990e7e3475 100644 --- a/CVE-2024/CVE-2024-53xx/CVE-2024-5313.json +++ b/CVE-2024/CVE-2024-53xx/CVE-2024-5313.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5313", "sourceIdentifier": "cybersecurity@se.com", "published": "2024-06-12T13:15:50.343", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-08-14T13:40:02.907", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -17,6 +17,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -41,8 +61,18 @@ }, "weaknesses": [ { - "source": "cybersecurity@se.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "cybersecurity@se.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +81,47 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:schneider-electric:evlink_home_firmware:2.0.3.8.2_128:*:*:*:*:*:*:*", + "matchCriteriaId": "3B763346-0129-441A-9024-D2B425E38B18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:schneider-electric:evlink_home_firmware:2.0.4.1.2_131:*:*:*:*:*:*:*", + "matchCriteriaId": "E0D983AB-A039-4006-B164-25EFBF6C07D0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:schneider-electric:evlink_home:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7266ADD9-9F0F-4E95-9CB6-14550F920CBC" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-03.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-65xx/CVE-2024-6532.json b/CVE-2024/CVE-2024-65xx/CVE-2024-6532.json index b362419cd8a..d9c30584678 100644 --- a/CVE-2024/CVE-2024-65xx/CVE-2024-6532.json +++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6532.json @@ -2,8 +2,8 @@ "id": "CVE-2024-6532", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-14T10:15:06.997", - "lastModified": "2024-08-14T10:15:06.997", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/CVE-2024/CVE-2024-75xx/CVE-2024-7588.json b/CVE-2024/CVE-2024-75xx/CVE-2024-7588.json index 17455f43939..3429c14960e 100644 --- a/CVE-2024/CVE-2024-75xx/CVE-2024-7588.json +++ b/CVE-2024/CVE-2024-75xx/CVE-2024-7588.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7588", "sourceIdentifier": "security@wordfence.com", "published": "2024-08-14T05:15:13.063", - "lastModified": "2024-08-14T05:15:13.063", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Gutenberg Blocks, Page Builder \u2013 ComboBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Accordion block in all versions up to, and including, 2.2.87 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + }, + { + "lang": "es", + "value": "El complemento Gutenberg Blocks, Page Builder \u2013 ComboBlocks para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del bloque Accordion del complemento en todas las versiones hasta la 2.2.87 incluida debido a una desinfecci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7728.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7728.json index f0af3a7239f..67a4943ecee 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7728.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7728.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7728", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-14T04:15:06.757", - "lastModified": "2024-08-14T04:15:06.757", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a remote attacker with administrator privileges to inject OS commands into the specific parameter and execute them on the remote server." + }, + { + "lang": "es", + "value": "El CGI espec\u00edfico del CMS de CAYIN Technology no valida adecuadamente la entrada del usuario, lo que permite a un atacante remoto con privilegios de administrador inyectar comandos del sistema operativo en el par\u00e1metro espec\u00edfico y ejecutarlos en el servidor remoto." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7729.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7729.json index 39278f5e7ed..a1fb79c901e 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7729.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7729.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7729", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-14T04:15:07.150", - "lastModified": "2024-08-14T04:15:07.150", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files." + }, + { + "lang": "es", + "value": "El CMS de CAYIN Technology carece de un control de acceso adecuado, lo que permite a atacantes remotos no autenticados descargar archivos CGI arbitrarios." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7731.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7731.json index aff3167d247..b75961e6ea6 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7731.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7731.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7731", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-14T07:15:13.920", - "lastModified": "2024-08-14T07:15:13.920", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents." + }, + { + "lang": "es", + "value": "El sistema de control de acceso Dr.ID de SECOM no valida adecuadamente un par\u00e1metro de p\u00e1gina espec\u00edfico, lo que permite a atacantes remotos no autenticados inyectar comandos SQL para leer, modificar y eliminar contenidos de la base de datos." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-77xx/CVE-2024-7732.json b/CVE-2024/CVE-2024-77xx/CVE-2024-7732.json index ea3719a612d..dbae78f9b9a 100644 --- a/CVE-2024/CVE-2024-77xx/CVE-2024-7732.json +++ b/CVE-2024/CVE-2024-77xx/CVE-2024-7732.json @@ -2,13 +2,17 @@ "id": "CVE-2024-7732", "sourceIdentifier": "twcert@cert.org.tw", "published": "2024-08-14T07:15:16.477", - "lastModified": "2024-08-14T07:15:16.477", - "vulnStatus": "Received", + "lastModified": "2024-08-14T13:00:37.107", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents." + }, + { + "lang": "es", + "value": "El sistema de control de acceso Dr.ID de SECOM no valida adecuadamente un par\u00e1metro de p\u00e1gina espec\u00edfico, lo que permite a atacantes remotos no autenticados inyectar comandos SQL para leer, modificar y eliminar contenidos de la base de datos." } ], "metrics": { diff --git a/README.md b/README.md index 4f7e01a8271..ec6848ac001 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-08-14T12:00:16.616873+00:00 +2024-08-14T14:00:17.450433+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-08-14T10:15:06.997000+00:00 +2024-08-14T13:57:00.260000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,67 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -259890 +259913 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `23` -- [CVE-2024-38483](CVE-2024/CVE-2024-384xx/CVE-2024-38483.json) (`2024-08-14T10:15:06.623`) -- [CVE-2024-6532](CVE-2024/CVE-2024-65xx/CVE-2024-6532.json) (`2024-08-14T10:15:06.997`) +- [CVE-2024-39397](CVE-2024/CVE-2024-393xx/CVE-2024-39397.json) (`2024-08-14T12:15:24.123`) +- [CVE-2024-39398](CVE-2024/CVE-2024-393xx/CVE-2024-39398.json) (`2024-08-14T12:15:24.377`) +- [CVE-2024-39399](CVE-2024/CVE-2024-393xx/CVE-2024-39399.json) (`2024-08-14T12:15:24.607`) +- [CVE-2024-39400](CVE-2024/CVE-2024-394xx/CVE-2024-39400.json) (`2024-08-14T12:15:24.863`) +- [CVE-2024-39401](CVE-2024/CVE-2024-394xx/CVE-2024-39401.json) (`2024-08-14T12:15:25.097`) +- [CVE-2024-39402](CVE-2024/CVE-2024-394xx/CVE-2024-39402.json) (`2024-08-14T12:15:25.317`) +- [CVE-2024-39403](CVE-2024/CVE-2024-394xx/CVE-2024-39403.json) (`2024-08-14T12:15:25.540`) +- [CVE-2024-39404](CVE-2024/CVE-2024-394xx/CVE-2024-39404.json) (`2024-08-14T12:15:25.760`) +- [CVE-2024-39405](CVE-2024/CVE-2024-394xx/CVE-2024-39405.json) (`2024-08-14T12:15:26.013`) +- [CVE-2024-39406](CVE-2024/CVE-2024-394xx/CVE-2024-39406.json) (`2024-08-14T12:15:26.243`) +- [CVE-2024-39407](CVE-2024/CVE-2024-394xx/CVE-2024-39407.json) (`2024-08-14T12:15:26.483`) +- [CVE-2024-39408](CVE-2024/CVE-2024-394xx/CVE-2024-39408.json) (`2024-08-14T12:15:26.703`) +- [CVE-2024-39409](CVE-2024/CVE-2024-394xx/CVE-2024-39409.json) (`2024-08-14T12:15:26.937`) +- [CVE-2024-39410](CVE-2024/CVE-2024-394xx/CVE-2024-39410.json) (`2024-08-14T12:15:27.177`) +- [CVE-2024-39411](CVE-2024/CVE-2024-394xx/CVE-2024-39411.json) (`2024-08-14T12:15:27.407`) +- [CVE-2024-39412](CVE-2024/CVE-2024-394xx/CVE-2024-39412.json) (`2024-08-14T12:15:27.650`) +- [CVE-2024-39413](CVE-2024/CVE-2024-394xx/CVE-2024-39413.json) (`2024-08-14T12:15:27.890`) +- [CVE-2024-39414](CVE-2024/CVE-2024-394xx/CVE-2024-39414.json) (`2024-08-14T12:15:28.107`) +- [CVE-2024-39415](CVE-2024/CVE-2024-394xx/CVE-2024-39415.json) (`2024-08-14T12:15:28.327`) +- [CVE-2024-39416](CVE-2024/CVE-2024-394xx/CVE-2024-39416.json) (`2024-08-14T12:15:28.560`) +- [CVE-2024-39417](CVE-2024/CVE-2024-394xx/CVE-2024-39417.json) (`2024-08-14T12:15:28.780`) +- [CVE-2024-39418](CVE-2024/CVE-2024-394xx/CVE-2024-39418.json) (`2024-08-14T12:15:29.010`) +- [CVE-2024-39419](CVE-2024/CVE-2024-394xx/CVE-2024-39419.json) (`2024-08-14T12:15:29.283`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `31` -- [CVE-2024-0169](CVE-2024/CVE-2024-01xx/CVE-2024-0169.json) (`2024-08-14T10:15:05.883`) +- [CVE-2024-27443](CVE-2024/CVE-2024-274xx/CVE-2024-27443.json) (`2024-08-14T13:18:33.117`) +- [CVE-2024-28986](CVE-2024/CVE-2024-289xx/CVE-2024-28986.json) (`2024-08-14T12:15:23.987`) +- [CVE-2024-33533](CVE-2024/CVE-2024-335xx/CVE-2024-33533.json) (`2024-08-14T13:18:35.633`) +- [CVE-2024-33535](CVE-2024/CVE-2024-335xx/CVE-2024-33535.json) (`2024-08-14T13:18:38.770`) +- [CVE-2024-33536](CVE-2024/CVE-2024-335xx/CVE-2024-33536.json) (`2024-08-14T13:18:41.847`) +- [CVE-2024-36136](CVE-2024/CVE-2024-361xx/CVE-2024-36136.json) (`2024-08-14T13:00:48.243`) +- [CVE-2024-37373](CVE-2024/CVE-2024-373xx/CVE-2024-37373.json) (`2024-08-14T13:00:48.243`) +- [CVE-2024-37399](CVE-2024/CVE-2024-373xx/CVE-2024-37399.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-38483](CVE-2024/CVE-2024-384xx/CVE-2024-38483.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-38652](CVE-2024/CVE-2024-386xx/CVE-2024-38652.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-38653](CVE-2024/CVE-2024-386xx/CVE-2024-38653.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-41858](CVE-2024/CVE-2024-418xx/CVE-2024-41858.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-41860](CVE-2024/CVE-2024-418xx/CVE-2024-41860.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-41861](CVE-2024/CVE-2024-418xx/CVE-2024-41861.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-41862](CVE-2024/CVE-2024-418xx/CVE-2024-41862.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-41863](CVE-2024/CVE-2024-418xx/CVE-2024-41863.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-41864](CVE-2024/CVE-2024-418xx/CVE-2024-41864.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-4389](CVE-2024/CVE-2024-43xx/CVE-2024-4389.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-5313](CVE-2024/CVE-2024-53xx/CVE-2024-5313.json) (`2024-08-14T13:40:02.907`) +- [CVE-2024-6532](CVE-2024/CVE-2024-65xx/CVE-2024-6532.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-7588](CVE-2024/CVE-2024-75xx/CVE-2024-7588.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-7728](CVE-2024/CVE-2024-77xx/CVE-2024-7728.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-7729](CVE-2024/CVE-2024-77xx/CVE-2024-7729.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-7731](CVE-2024/CVE-2024-77xx/CVE-2024-7731.json) (`2024-08-14T13:00:37.107`) +- [CVE-2024-7732](CVE-2024/CVE-2024-77xx/CVE-2024-7732.json) (`2024-08-14T13:00:37.107`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 67682fd0925..2e828da0c87 100644 --- a/_state.csv +++ b/_state.csv @@ -241034,7 +241034,7 @@ CVE-2024-0165,0,0,0543e183269dabb4becd941e04aa0d9b87f3fcaf5d232b1768db81442f61ac CVE-2024-0166,0,0,8a0ff3e9caa45e5a99e0d9a20ceec2f661a8c0beec0bceb2e3113a33a9f6c8bc,2024-02-15T16:55:20.360000 CVE-2024-0167,0,0,744bc993f59ae73af2914a6819025a9b84a9608f7404a5affc347dddf19a5666,2024-02-15T16:55:14.213000 CVE-2024-0168,0,0,b3ed681274021d4ad23f5d3a33ac337cf4d9042b0fec464247a45e1c1e71eb19,2024-02-16T13:40:44.663000 -CVE-2024-0169,0,1,f3c67b7bc44e30be0f91d72e02de3315174c543380b368caf20e16a7ec6999a6,2024-08-14T10:15:05.883000 +CVE-2024-0169,0,0,f3c67b7bc44e30be0f91d72e02de3315174c543380b368caf20e16a7ec6999a6,2024-08-14T10:15:05.883000 CVE-2024-0170,0,0,cad01b4a5afa824941a3be2fdd3602b85ef95f3075f06c5677f74bc8ee9b7c8f,2024-02-15T16:55:09.957000 CVE-2024-0171,0,0,ab9fa7c61d83383287bb7bbcd6eed02e80acab1958549a5d7b5fc932c5395629,2024-06-25T18:50:42.040000 CVE-2024-0172,0,0,e309e09fe60408c3f84daa7e2d14db1e3ae80b43eddc40c52c9068b5a4d6e6ec,2024-04-03T12:38:04.840000 @@ -242344,8 +242344,8 @@ CVE-2024-1572,0,0,ce54662d932d47130273925c29aeed2cfb97655394c2c48a84b3a3915cba5f CVE-2024-1573,0,0,1dca0fc4b174522b059a5ada22a974faf13b9e7ff7169f0c03f3321575fb2f67,2024-07-05T12:55:51.367000 CVE-2024-1574,0,0,72feffe42c72d6830d032663fa96f8a42adaa592b8140c7ff86296f6edebc03d,2024-07-05T12:55:51.367000 CVE-2024-1575,0,0,72640f5ac75448b4b5509a8cb432003a1dfdf54ba22e8912d56e4943fbc2b8dd,2024-07-24T12:55:13.223000 -CVE-2024-1576,0,0,c23835453660139f7857b0dacb818bb46b971294087cf9cf5d13579fcdcdc1ae,2024-06-13T18:36:09.010000 -CVE-2024-1577,0,0,5d0c62ed131f79f6ce7ea196b4835d844cc7ba8a4f503a2d7c230f3cd1e94c89,2024-06-18T13:15:51.627000 +CVE-2024-1576,0,1,5444101344581d3589e93ce2d526b43d94d0797d9cd912b65660866715706816,2024-08-14T13:55:57.477000 +CVE-2024-1577,0,1,7287d7da4767d738b846ccf37b2518c0176c0362f66596066c97cf866de98fa1,2024-08-14T13:56:31.627000 CVE-2024-1579,0,0,b6d8173dad7692a86ca6531cf14391459a611253254c72b5260cedefe5ac123a,2024-04-30T13:11:16.690000 CVE-2024-1580,0,0,07aeb5360f5558bb119a373ba7800ece8f428995a9df074cddda9448e0dd7d45,2024-03-27T18:15:09.063000 CVE-2024-1582,0,0,ed01326ea86a5aee79953e4017f8aa9f576ef158252fee7ae361d02c65156e29,2024-03-13T12:33:51.697000 @@ -242409,7 +242409,7 @@ CVE-2024-1654,0,0,926984352ec2d485bb174e107c84c8a695cc018358d284142861d2235698cd CVE-2024-1655,0,0,6f8f5d96c23f16dd85462488caf0792739b9e6c2291572202cdaf3786063e62e,2024-04-15T13:15:31.997000 CVE-2024-1657,0,0,db1dca61fd86668e15d6de257cffb8827bc48118ce93399dcda0f29a164fb66e,2024-04-25T17:24:59.967000 CVE-2024-1658,0,0,cdf09354b8cecc8c3b3eb229e6889eceb0036447d9401d9215716ef5bb07f428,2024-03-18T19:40:00.173000 -CVE-2024-1659,0,0,4f41cd118a7ec0f572b148c6cc50852ff19807b11bb7671f4099db7035e809bd,2024-06-13T18:36:09.010000 +CVE-2024-1659,0,1,7c5cc8787aa4993a611968f433ba3b6f70cec73be412335113b18f509bf86fb3,2024-08-14T13:57:00.260000 CVE-2024-1660,0,0,f1a7ef3875210067be92212b471afff7e1f14d1fcb7e7247ace79bc190c8f7ad,2024-08-01T13:46:08.063000 CVE-2024-1661,0,0,1418f33a1134b317d73f7a0e51e7103fe6d53caa5820735e8b8d23944c62dc53,2024-05-17T02:35:32.207000 CVE-2024-1662,0,0,7ac244609c0ebd4fed55548ab08a88807988fd96126d0e3368dfb0fac4ac3898,2024-06-11T17:27:19.127000 @@ -242815,8 +242815,8 @@ CVE-2024-20079,0,0,2b8a0e5983dc5248cc97f95dd3191ef3fe114b43595192c541ca56a9b4ab2 CVE-2024-2008,0,0,9a3dfffdf84cbaecec5e4ac83fc5a2438eae99d0d114b1045bad131ec5701236,2024-04-04T12:48:41.700000 CVE-2024-20080,0,0,90f248eed6a75fce7971996f28983ff9968e454d013e84d03f8b65c25bdd5601,2024-08-01T13:46:18.790000 CVE-2024-20081,0,0,c71489cf0f2bedca59bdc5569ddfc23bc345fff8731fd4100ad31f358075b686,2024-07-01T12:37:24.220000 -CVE-2024-20082,0,0,b4763fc7b65dd02fb93c1b12555a9990b7b47e45c7ebf96d8939a4bc9c0f6027,2024-08-14T03:15:04.120000 -CVE-2024-20083,0,0,7e2b5e0b92d8ce20a30e44bbc429b863912ffdf9b5933b3474beb1f7066e5bbb,2024-08-14T03:15:04.280000 +CVE-2024-20082,0,1,d636ebc16d5b5cb6b4dfd8b7abb83e231b75343b33967bc56e8a324dd965d0f1,2024-08-14T13:00:48.243000 +CVE-2024-20083,0,1,52f24323029e3ba78b5348b46f1326d2ec4dbf8da62d0eef76d56966d5671c89,2024-08-14T13:00:48.243000 CVE-2024-2009,0,0,e315bb187496fdfbd237809339603453c22bbf947712d2f37b8c2f26c500e401,2024-05-17T02:37:59.337000 CVE-2024-2011,0,0,b92ed21b7a38ae037309fc5e23b3d331b9bad1dd1ccabe85871093b84aa070ec,2024-06-13T18:36:45.417000 CVE-2024-2012,0,0,a768dd8feced7d799b02ec4f8dc178d2ff6751001567de726b2da481cde0069d,2024-06-13T18:36:45.417000 @@ -246587,7 +246587,7 @@ CVE-2024-25944,0,0,ab1a6f9559c2c17591ef013078bdc7d1074a6939146b74afdf8354c958a2a CVE-2024-25946,0,0,a113fddf4e672678a1d14cda275154cb9972765501ae2bed1e5e6a531e4a4550,2024-03-28T20:53:20.813000 CVE-2024-25947,0,0,e424be7f0ce53c45c14209c7117d2f7bd1c9b9f961d3c210e1144b54ed124595,2024-08-02T13:55:39.323000 CVE-2024-25948,0,0,603d748a842e4c74b636a8395cd9afa74a53fcc868178083d05f3474763bd74b,2024-08-02T13:55:42.040000 -CVE-2024-25949,0,0,cf19f3ab0bbae3d1ff74313cc0fe0f90bdd6c260c977bc35c843079a46627a59,2024-06-13T18:36:09.010000 +CVE-2024-25949,0,1,a69d7296ef20af2e255844294c99126fb35a7d729b2ed47b39f967e84952f5c2,2024-08-14T13:27:15.653000 CVE-2024-2595,0,0,e521c63ef6b03578b7bb7372b5bef2fecd2a3eebcba151ea7fc07a4fe787ff2a,2024-03-18T19:40:00.173000 CVE-2024-25951,0,0,3b1032e7dee2277c1cd9087f14c93f6b15f85f0de6dddc7df9693edc271d4b00,2024-03-11T01:32:39.697000 CVE-2024-25952,0,0,7f7bfb55fe08e9ca1ff9bea5c3aac079af3ae5fdc81938fef34097a2da973ab2,2024-03-28T20:53:20.813000 @@ -247919,7 +247919,7 @@ CVE-2024-2744,0,0,188126b761d1adc13d3573db2ecaebf3ad9dc6b00f329483cd98111bb221e3 CVE-2024-27440,0,0,222fe401370c5e6b38f7e38b434f6e7cc6adedc4a2417abf87261721e80970d8,2024-08-05T14:35:06.543000 CVE-2024-27441,0,0,8627ee176bbd8db9047f0ac2824f85227251736cca8356f59d7164883e7165ed,2024-03-13T15:15:52.083000 CVE-2024-27442,0,0,5a6714ee12b36974ef00849f64ae5912e43c5937f6c447ff74b51191f3d9ecdf,2024-08-13T17:30:36.833000 -CVE-2024-27443,0,0,d07eb5625a7fc8d257c581f995010c4187e224e35f2f73b58426a3d39d0d2a0a,2024-08-13T17:20:53.960000 +CVE-2024-27443,0,1,7aecb82b4d6a874cc366e3b4f6b66673aa00fe0b775009f95b0585ecd80936f9,2024-08-14T13:18:33.117000 CVE-2024-27444,0,0,54cb997d6d9cda9b1d04431678fffc2ca7174de8974a9b13ccc3a98ef52117ae,2024-08-06T16:35:07.500000 CVE-2024-27447,0,0,3b7773fd2d03c5e4f17776fc3b7436eb3cc739bfd15835b19977b12318864384,2024-08-05T16:35:07.727000 CVE-2024-27448,0,0,52a4a9605cdc89d83a0f8cb7ff15b885c4717436d90825e54d7ddf3aa92ec7fa,2024-04-29T20:15:08.397000 @@ -248864,7 +248864,7 @@ CVE-2024-2898,0,0,7dabbc345008f13b8373a1a2d71ee4344db041576d9ae3f0290950d4a3a3f3 CVE-2024-28982,0,0,4cfbf3591cf96f37013314412d2a968313b4953b63ec28142d546cf8f6808f7e,2024-06-27T12:47:19.847000 CVE-2024-28983,0,0,57b7369f9816fa1a55923b116dcbb27a793b7aad06b7761c68b9fcd8c194e8f4,2024-06-27T12:47:19.847000 CVE-2024-28984,0,0,276bc8c54cf8ee7419930c3e9177a9acf5146d6167c989ef6d1387fafadac995,2024-06-27T12:47:19.847000 -CVE-2024-28986,0,0,6ceee0ef36d2b77fccd2e34d4815cd8577b809c30069ab69c36ad91ec20195c6,2024-08-14T02:07:05.410000 +CVE-2024-28986,0,1,225eae8b0f5d8bd88feb1042c5e52128bae4d98282fb78f977dc143e9abbe195,2024-08-14T12:15:23.987000 CVE-2024-2899,0,0,0be0fb50fdcc13228c9b49554460e4a306be4c6e83ee7f9bfb94b945f4f9e595,2024-05-17T02:38:36.220000 CVE-2024-28992,0,0,696c70c13cdfd39478c05c8c040491fa3a08d2263d68b357789c3f03fee2f204,2024-07-18T12:28:43.707000 CVE-2024-28993,0,0,929415671d938543e4980e176019e6c6553f30e59f81cf3d32505fa605110cfe,2024-07-18T12:28:43.707000 @@ -251965,9 +251965,9 @@ CVE-2024-33529,0,0,91064aa32d9fedf772ab62f032798d695b5cf92350be4cf38e5a4910e6c66 CVE-2024-3353,0,0,ce0bc328455f80cf14b93a65517c4acf833c7c445bb8d7418f958bb30757f2de,2024-08-01T13:56:31.790000 CVE-2024-33530,0,0,06dbd90020910883fd649aabf3091f4012b6024bee39b35744993f4679188732,2024-07-03T01:58:25.043000 CVE-2024-33531,0,0,b4f686a17b522487db106a979e75b685d2e11fa9abe95f79b3890bf766d3a008,2024-07-03T01:58:25.220000 -CVE-2024-33533,0,0,5d1f52e69d396f7a38daeb9931041c7af1bef08095580b3fed16e80e682ef47d,2024-08-13T17:20:47.593000 -CVE-2024-33535,0,0,2b9e9579f97fafee4f825cc765b942380088dfc8c6f84af917874e257f50657e,2024-08-13T17:20:39.890000 -CVE-2024-33536,0,0,130b24d050062af1fcffd63f7639bda7a8be3fd814621404ac559059ba53a5a5,2024-08-13T17:20:23.953000 +CVE-2024-33533,0,1,79afb427384c7ff0ab8e5efeef1729a6a32f7ebe71739fbda5a1fbd9277f0456,2024-08-14T13:18:35.633000 +CVE-2024-33535,0,1,737797612ca051bd99307b71c65d0cbede275d1149256eea2fb490b5c875c9a6,2024-08-14T13:18:38.770000 +CVE-2024-33536,0,1,2719a6b08d09457f15309098db50f389e2e5ea9dcdecefa47db1030f14f391dd,2024-08-14T13:18:41.847000 CVE-2024-33537,0,0,998984db2770bafec92fa3ab30e5515c9a54bccbc523df8841567287c8cc6075,2024-04-29T12:42:03.667000 CVE-2024-33538,0,0,7865342cfad47c1b67d79be3df1ae1a1271e2b6d05a75c826f6a59608d5dacd9,2024-04-29T12:42:03.667000 CVE-2024-33539,0,0,2b37529553672d6e78be5b88182cc46dabda1debb810d75a4177cadc04beb2c6,2024-04-29T12:42:03.667000 @@ -253769,7 +253769,7 @@ CVE-2024-3613,0,0,26f9ac2543805748959db0b5d9b33039cf66eba7396fc9c5a9d8ce8ca1f82b CVE-2024-36130,0,0,4671d62b05ac637a601468320fbde1254b9e1ab2c793e3e63f9ae03e57d902ad,2024-08-12T18:52:50.947000 CVE-2024-36131,0,0,feb0f364ef759fb8d3eea9eac580e0d008d6e955a292e95acc00c4f3036190f9,2024-08-12T18:53:18.077000 CVE-2024-36132,0,0,1dce30d4e49190a42dd771e2cd02fc7bcd0f0b6c2d4894583a88755ab208fd59,2024-08-12T18:53:28.710000 -CVE-2024-36136,0,0,d5a5eb48c4dc2a3681a257bf4ba0adc6f9c18a8bdb3f626b5e2c33aa46ab294f,2024-08-14T03:15:04.390000 +CVE-2024-36136,0,1,9c52083f529dc6d5693adf5f30935582d926ed424cc28afe236c60511e7a4526,2024-08-14T13:00:48.243000 CVE-2024-3614,0,0,7d52e3588cbb3715dc858d110e11a928859b665db7d4d54abdbcae84467ecd9e,2024-05-17T02:40:01.707000 CVE-2024-36141,0,0,18db6c112ccc0d71f5b13b30aecab0a5f2370100cf994f0af07b87507f970796,2024-06-14T20:02:18.553000 CVE-2024-36142,0,0,6ae7dd3b3d84d3e60ab36df1a1df499d7a9063449a2d0a679757a0e6ad8f4e57,2024-06-14T20:00:46.803000 @@ -254585,7 +254585,7 @@ CVE-2024-37369,0,0,4a0e873966c59da3f94ba1e845b6380e279da692e22304116efbf6efc4fb0 CVE-2024-3737,0,0,26f370727648bebdbdb4484feb8794c0f4f6f501db44738bd488af3fc5030bc5,2024-05-17T02:40:05.887000 CVE-2024-37370,0,0,8a7076b3e8e134b661d21db6f90c7a50b93b1e481cf692861b0a2c3450767bad,2024-07-01T12:37:24.220000 CVE-2024-37371,0,0,70d55bf05c2eee0a9f3b94ddc604e302a9c39f7d842ab9266b20a4c2d600c9ba,2024-07-01T12:37:24.220000 -CVE-2024-37373,0,0,df321b52decb42d4070ab8ac1e713da572d48e234a75eda0b3428643922aca8d,2024-08-14T03:15:04.667000 +CVE-2024-37373,0,1,cdc4ed2abd57b91709b010a534854daaf5dcae63ee4446ca449f9a78666c5c30,2024-08-14T13:00:48.243000 CVE-2024-3738,0,0,cebdf6c67207ccd8240919e9596b8485c51e6607a12a8dcdfff13f6ddbdbfe32,2024-05-17T02:40:05.977000 CVE-2024-37380,0,0,4ce1330fb679655262ab3b818cd133f9eef1b7c4341268f445fa1434d34f9951,2024-07-24T12:55:13.223000 CVE-2024-37381,0,0,9fe6fde53d8260503255e878e5a3cad14d0e0ad42f178326952eb9a7c509519f,2024-08-01T13:53:31.757000 @@ -254600,7 +254600,7 @@ CVE-2024-37389,0,0,27f7927000cd6a2429ab617761c45ffb27c2f3c3199f49f01b1eda02927e3 CVE-2024-3739,0,0,ba8b07349fdcbf4927f1d53be7924c0ba58d0f09900d65fe34757229d7b34b0f,2024-05-17T02:40:06.067000 CVE-2024-37391,0,0,e99f92be626b4b841a6b299b2728912f45fefbd409010bfee05135471d62af01,2024-07-31T18:33:47.383000 CVE-2024-37393,0,0,b93d796f3c4283b87dfd22c20f36a8116f582a381c44650f39c5ea43e6b806f2,2024-07-03T02:04:18.707000 -CVE-2024-37399,0,0,0e84ee6507bbced7849f8b184f1a6597962dd80902b2ba672f5ebfe482faf98a,2024-08-14T03:15:04.850000 +CVE-2024-37399,0,1,5bd9f9544a3e0d2bcb88a343470cbf11f1a174f0a94d54a99bb86564933d7fc6,2024-08-14T13:00:37.107000 CVE-2024-3740,0,0,cf4cd6bcfe639a4f771a19ddc36f820864da86f0d9d9f91c68694d8633fab251,2024-05-17T02:40:06.170000 CVE-2024-37403,0,0,82a2fe28b07e6e9fe5e86dff02fa8c242d19ac626eea029ca875aeaf76338b4d,2024-08-12T18:55:15.890000 CVE-2024-37405,0,0,a7f42023569aa18cbb4863def372451bd6a310533c03fc36f82684a5a0e2908a,2024-08-01T13:53:37.273000 @@ -255258,7 +255258,7 @@ CVE-2024-3848,0,0,3a1e7dbb50cc54ecdbcc89881c429869965f00f9d2e1eb9f088acc297fe892 CVE-2024-38480,0,0,04c4f9e75ecb94da8a57533882d0899c4c9616c45f6d4f0fa40fb0af2c036f64,2024-07-01T12:37:24.220000 CVE-2024-38481,0,0,a84ef873be05988cbfb5d94abd02b4ab54b65ea0e48ede31f1ebc6095538ede7,2024-08-02T13:54:44.360000 CVE-2024-38482,0,0,8ee6959d7a30823b850064776bf7b0de352ea772f41670edbb7ec14c9ec45a23,2024-08-02T12:59:43.990000 -CVE-2024-38483,1,1,b059e2661f658a4896d6791088fbce3aca7a913cd7785941ef697e36cb61f979,2024-08-14T10:15:06.623000 +CVE-2024-38483,0,1,346ee6cf666cfe21fbcde21f1335df3f9d05684a2adfa16c62ce2951cab89a32,2024-08-14T13:00:37.107000 CVE-2024-38489,0,0,93d5075288eb71dc5e05de45f3028a8abf40e549af9e7f74c8d90c91ab2994de,2024-08-02T13:54:55.697000 CVE-2024-3849,0,0,5306fee696144db88733a07d80a07ecf85ac2a8ec15f60e756615ae8c2f2566c,2024-05-02T18:00:37.360000 CVE-2024-38490,0,0,6064da0857e13bb34f5161ce76072357349aff2d15fba2fd034148c6aa00cdc4,2024-08-02T13:54:51.277000 @@ -255420,8 +255420,8 @@ CVE-2024-38636,0,0,39fe2743512ad3bce5f80041cae8719a346f16bdf419751542e29e8318105 CVE-2024-38637,0,0,73dfe838ab3a4a3bdef26c72205f7e2908e62b38c42443b0d3887f952bc61af5,2024-07-15T07:15:14.093000 CVE-2024-3864,0,0,c7c600ab2d47995fde4727e677425dc294b0dc7019ce4f56ba3ea3d46f02c40c,2024-08-12T17:35:09.733000 CVE-2024-3865,0,0,d6f5dd3766d85f1a043ebf5d3172442b73d2c19e5b446b7220941e0632bb3f23,2024-04-17T12:48:31.863000 -CVE-2024-38652,0,0,d2103516556ea084b4d4a7b438405d763e2b2b0206b8a05a93a896242dd00ff1,2024-08-14T03:15:05.020000 -CVE-2024-38653,0,0,8c9119480a9aca651397193b2b3b7c593e995715b21cf9faa47b92f73a3da4a6,2024-08-14T03:15:05.200000 +CVE-2024-38652,0,1,c08f834acebe85318cc67e6ffc03252f12e08813ca435bde932c42983fccc4e0,2024-08-14T13:00:37.107000 +CVE-2024-38653,0,1,2c7e68f61225ebd10fbc655062bc4d9fb4e738055be0c58ab5038af9572ef86f,2024-08-14T13:00:37.107000 CVE-2024-38659,0,0,7f018343721f0a1816fbc1d0de6ee38bcc05d21743970bb8a1218031b26bafff,2024-07-15T07:15:14.163000 CVE-2024-38661,0,0,b032ab35a3535059aadbe94298691231b9c402b611efa81b633478c3528450c0,2024-06-25T18:50:42.040000 CVE-2024-38662,0,0,587269b0aade9b66f2b27453b59929a1dd57dcfa88975eb87dd718f6e7386b22,2024-06-24T18:34:17.547000 @@ -255773,8 +255773,31 @@ CVE-2024-3938,0,0,9f6aecdfa53fe6eb1c4aca56683969fdb193b03c1b9229add1400e00af205f CVE-2024-3939,0,0,946bcd2da6cf8e6d3629d51459f4ff005d5f6fd111c61e8b42a0b8395ce78a5e,2024-05-28T12:39:28.377000 CVE-2024-39392,0,0,66cfce17bd8b1475fbe1823e0e269e958974fa5e662af0c38bd8aae43df2ebb5,2024-08-02T12:59:43.990000 CVE-2024-39396,0,0,35651f26387fec82c0dfb279ff129f06faad55e21497397f655b21318cdf6ddc,2024-08-02T12:59:43.990000 +CVE-2024-39397,1,1,7a4bb1467b721357a83ff1ce54e381912ad73996e8b30a3daa8bcc67bde902a3,2024-08-14T13:00:37.107000 +CVE-2024-39398,1,1,84d62f5745b320e331cdc25caa43497c890136357f719284f4803224737c40ec,2024-08-14T13:00:37.107000 +CVE-2024-39399,1,1,e4e0804b9ea925ee208bdc842d656d368f453a385fe3adf1ee9a8eaacf4acb11,2024-08-14T13:00:37.107000 CVE-2024-3940,0,0,9b4f68dc6c260883aad4ea511cde5305f79b78a30a9cc16969c94330d4b864d9,2024-05-14T16:11:39.510000 +CVE-2024-39400,1,1,877fdb14d809823068cf1fd2cb91be72c94a1df3324b88e3d9c63e90a79c1281,2024-08-14T13:00:25.793000 +CVE-2024-39401,1,1,a387c43a0e02fa15093536e5f2528c49e561624b5db442849497177e60df843d,2024-08-14T13:00:25.793000 +CVE-2024-39402,1,1,1470fd04a4bc4bd3357ef01ce7343908b6522da3033feed670a5dffa3667e65c,2024-08-14T13:00:25.793000 +CVE-2024-39403,1,1,221789693b4ef3423aeb886cf95b20fdf2823fc80ebad2fc13826674b101c21d,2024-08-14T13:00:25.793000 +CVE-2024-39404,1,1,518e61dd46faa6d5d675ea19799ff729d1f4b9cd563adf76ee0428fe27bbc927,2024-08-14T13:00:25.793000 +CVE-2024-39405,1,1,10a3325884eceac0bbf32fb3a73429e3a377b1c8f057a8c028e8403f0e5be14e,2024-08-14T13:00:25.793000 +CVE-2024-39406,1,1,8ee2ff963d5ec9207c9d644bde3c52014e3a1970585e8a83b5a301651fb2afe2,2024-08-14T13:00:25.793000 +CVE-2024-39407,1,1,2584faaf1fc89e4cb19a7a84373f0c8319136bf9029ee20747528be4dd88a966,2024-08-14T13:00:25.793000 +CVE-2024-39408,1,1,b4126da8f17c58b4aa324fa805ff99bf860196a9c47ad0d5ceb3f7542079257a,2024-08-14T13:00:25.793000 +CVE-2024-39409,1,1,77975c56757973f1f6950858e3cc736432dcfdb588941245a591065260084816,2024-08-14T13:00:25.793000 CVE-2024-3941,0,0,35d6089b62c06226c8a1fbb42f6b4f7549cfd9ebea65fdddb79305777fa7b160,2024-05-14T16:11:39.510000 +CVE-2024-39410,1,1,fc814d5baf9057fd815d7ee632fd07c4d2aff17f9041e476a01898d1f00938b1,2024-08-14T13:00:25.793000 +CVE-2024-39411,1,1,9d064cefc975303f8c1a2f66fd9d6b70f9c3f7c0a7950c3299f4e26121d3391f,2024-08-14T13:00:25.793000 +CVE-2024-39412,1,1,e58906f210f445e001706fe35e9f879ca2c204304d88605969e2e7baeacf35aa,2024-08-14T13:00:25.793000 +CVE-2024-39413,1,1,85ca2ce4f9f32e37fa45b203aefcb10564fc215b0d812663a4475ecd1d96fc6f,2024-08-14T13:00:25.793000 +CVE-2024-39414,1,1,2b2c7d521410c586aec61a3860e70bca804862b5ed5b5169d74ade1f3cf5b003,2024-08-14T13:00:25.793000 +CVE-2024-39415,1,1,d8b6eecd9266791039466f8f6b3f263df175b3e8736dbba6ad409b7197771826,2024-08-14T13:00:25.793000 +CVE-2024-39416,1,1,86363c25df262515e4d3cd45d68bc71c5cfaa663bc2532c7f5d70bcc682ab4b5,2024-08-14T13:00:25.793000 +CVE-2024-39417,1,1,6328c33eaf0aa6451369673e9ae7b4132e54cbd2cef9e2d44c742fb5ceae1f12,2024-08-14T13:00:25.793000 +CVE-2024-39418,1,1,aa929a8cb0018e8f552aa8e5a52b2dbfb876b0433a22ca75ba91a77b63789b46,2024-08-14T13:00:25.793000 +CVE-2024-39419,1,1,76186f5b811c6738dc6cba3264567e70be5c9eae102ac9ece89bbdea9a137026,2024-08-14T13:00:25.793000 CVE-2024-3942,0,0,b71832d6733f7f5db02eb3f159a58495ac978b495e9bfda57b6845f95312f30a,2024-05-02T18:00:37.360000 CVE-2024-39427,0,0,78160e98483fcc3aec226f5c047b3b1c0e863dcf72104b16f54bef5ce01d8702,2024-07-01T12:37:24.220000 CVE-2024-39428,0,0,c278d22063c70f7bf9c06407a2b45919d470d1d910aa9da6476a8683a3973a23,2024-07-01T12:37:24.220000 @@ -256916,13 +256939,13 @@ CVE-2024-4183,0,0,c95eeb02531c25674be296e55025a1bd3e47bb47f078fa8bff79c7eea74c42 CVE-2024-41836,0,0,447eeb0d32c0b3fbb708b5b9d75636c09225896b7443055b6e14477ceb9e8a2d,2024-07-24T12:55:13.223000 CVE-2024-41839,0,0,5fe8ccf2e82b1dbd1e8f5be23a4b35f149d0ed119de3feeae98a9459138645a8,2024-07-24T12:55:13.223000 CVE-2024-4185,0,0,2ebb1e96affd30f65338d1aa453a686ffeaefddcc6c26d6c3c25de17e937fc18,2024-04-30T13:11:16.690000 -CVE-2024-41858,0,0,417da3f7e5827221d719b4720787ee043b0c3cb58e1a3bb3b5dc7c3227c7d2ce,2024-08-14T09:15:12.450000 +CVE-2024-41858,0,1,fc4155e173605a091bf114883179b8d0604e870052e7a0c7c1f11f2b340c3a75,2024-08-14T13:00:37.107000 CVE-2024-4186,0,0,c07cd0df6ca0a9d2dc3c3ba29e1f05004c0a2ac49601b699a13f07e112f9c5ca,2024-05-07T13:39:32.710000 -CVE-2024-41860,0,0,61553b60416d2537a9854e6c55e698892a75185cc70a50457f6f22d88438a326,2024-08-14T09:15:12.850000 -CVE-2024-41861,0,0,411a5ebc1f9ecfce20bde6bfc6aa1b772b8cb79978d5f55ae5a783a0d6ec0b78,2024-08-14T09:15:13.100000 -CVE-2024-41862,0,0,774af4205b8170b655a78f6bb16edf5dab0cc64e183ad36dc5308b93e0bed949,2024-08-14T09:15:13.320000 -CVE-2024-41863,0,0,5628d0d67e34fbe53b747a7542f9317056b1b36e0e9021472d93dc8dee700334,2024-08-14T09:15:13.557000 -CVE-2024-41864,0,0,a587bffd78b552ce37852e33d850dcb37dd4250ecb1d1104530c2675557e13fe,2024-08-14T09:15:13.783000 +CVE-2024-41860,0,1,2460a17735f93102a51e4f503faf4b23171798643d93b92d9c3fa4a065da235b,2024-08-14T13:00:37.107000 +CVE-2024-41861,0,1,d05168da124da2344c34bec62b5ab180f827ad862e30d3b3e188fbcafc9f3b8a,2024-08-14T13:00:37.107000 +CVE-2024-41862,0,1,cd5558e3c83cd132fec9673004979e7015e223e3ae438d2b9f16c11ae1c3695e,2024-08-14T13:00:37.107000 +CVE-2024-41863,0,1,c144d19b1eedc198ab1483cb188b73c14ccd07357a9ef31f3687b5c4b23fc2bc,2024-08-14T13:00:37.107000 +CVE-2024-41864,0,1,6845b6607a5082787744642e7af9a62d0ac0908b22c17c8ae9d790f11ee646d2,2024-08-14T13:00:37.107000 CVE-2024-4187,0,0,6e41c1b7087e8ddcfaf3801328e1ee1bd29a767b33bcf1748327754d0e784ada,2024-08-01T12:42:36.933000 CVE-2024-4188,0,0,5459733739e7d5773814c2ce2922cf5b8b26c5398a641d72cfafdd22a4667489,2024-07-31T12:57:02.300000 CVE-2024-41880,0,0,fb22214cf23b63ecac791ad54f65d75460df9fd80fc112c0736bcd80f342f363,2024-08-01T13:59:12.507000 @@ -257463,7 +257486,7 @@ CVE-2024-4385,0,0,77dea89143b3a0633a6b8d90c0521dc82338402099ab7a378f8d43e8fe04ec CVE-2024-4386,0,0,731d04018d6299c9e1d8f7a212148a53db39578a94a703a0b90337f63dd3089f,2024-05-14T16:11:39.510000 CVE-2024-4387,0,0,e174205a853415a731f22788a3c678b3fe9a7067078ee3c331ab7c9e4e787abd,2024-06-11T10:15:13.637000 CVE-2024-4388,0,0,4ca48ea0d089cba19e1c949c534ac5647f38f1d5d242799ab5ca49dfb89ed80c,2024-07-03T02:07:30.200000 -CVE-2024-4389,0,0,462f4b1bbbe369df5ce34664e9af1018064b107c64d9719bab02e94c74bc2584,2024-08-14T09:15:14.007000 +CVE-2024-4389,0,1,ea54671e2f1f297a2bfa11e14d812b86fa7a7f36f3487a0625bc52be81ee66b3,2024-08-14T13:00:37.107000 CVE-2024-4390,0,0,e7e7976abdd60c38776b1ca6e6489a541123a6d22aaefce9d02ee1d97e2bf9c9,2024-07-17T14:10:55.550000 CVE-2024-4391,0,0,3c50ad807a6efe83c676c20cbd033bdfc9a5c436710b6a08536dff480db62e6d,2024-05-16T13:03:05.353000 CVE-2024-4392,0,0,5c82c123a66d3444e81adbb958bd6b8cf11e432e36668571a78dbfc8c82c1c37,2024-05-14T19:17:55.627000 @@ -258269,7 +258292,7 @@ CVE-2024-5307,0,0,210e0b6b93227469352bb82602f040611feb9af6d8b6ef67dae32c9b146a00 CVE-2024-5310,0,0,be68f6d898e4e59f65162318c0ea0836be8ef675c080dff90d77e5a0c98b0b1e,2024-06-04T19:21:04.583000 CVE-2024-5311,0,0,4e4e9b4edb642fa4d04760ded51b93254fd12f5bde190a96e2c1818c58cf4797,2024-06-03T14:46:24.250000 CVE-2024-5312,0,0,18bbe6bd336686ff14003841f43dce1a45b7d1ab8cfffd6fca5539a180b7243f,2024-05-24T13:03:05.093000 -CVE-2024-5313,0,0,8b6113bc098b0aaf4ac5acf3dde87d7cbb86afbf6c7f36f6a4c85bd2ea28c5c1,2024-06-13T18:36:09.010000 +CVE-2024-5313,0,1,f1cdfb8a50e98ae6ac3af0ea1d50716e060963965a73a7d8f531b777ae15b8ad,2024-08-14T13:40:02.907000 CVE-2024-5314,0,0,a7cdac28c15b59d972bbd1ad7f63aae58232f4c63fcf8544d4cfc91c709ee3db,2024-05-24T13:03:05.093000 CVE-2024-5315,0,0,8579169b825e98cf3238daa1adb0a4d2ea9e4baf40a7a9906b16d52fd8bd309a,2024-05-24T13:03:05.093000 CVE-2024-5317,0,0,ca9413f34c0b442e0ebe516eaf4713c47241a346ee54ab90be673b58c28dbb75,2024-06-11T17:22:08.007000 @@ -259190,7 +259213,7 @@ CVE-2024-6527,0,0,4cbacb620d5954abb73dae2b3bfdb2a8824258a4de25ce8e7c75649e12d818 CVE-2024-6528,0,0,568c43fb32d79fc097335d9307aebc42d71a690423942e01ce8dbade6b5bedb0,2024-07-12T16:37:20.283000 CVE-2024-6529,0,0,39f9da174065ddfb2f1cb6d88de520cca12e78f6992a8df9512aec7d73b21efd,2024-08-01T14:35:13.090000 CVE-2024-6531,0,0,1125a21608be8cb0502ea86867294670584ed16918c5bd752fdbbd37969404b8,2024-07-12T12:49:11.340000 -CVE-2024-6532,1,1,aa70b0fd99f4938a7c3051e44fd5a1421867855153fcf9cfbf036c9a0312049a,2024-08-14T10:15:06.997000 +CVE-2024-6532,0,1,21d26a8f00408d7c0c1c4ea0dfdffc81ca804ea427b5b751972725c0e03a2bc3,2024-08-14T13:00:37.107000 CVE-2024-6535,0,0,d515bd0c9a2788945f1c070eede854437b7a1c58e6a79916f8d2b46233d5b6de,2024-07-25T16:15:04.583000 CVE-2024-6536,0,0,db3a8f54349ce01fbebd842277117fe6b2369b9af6752930ef3e5c8ea43f79f4,2024-07-30T13:32:45.943000 CVE-2024-6539,0,0,81a7a773476044a536e1904849aff55df114add8144e8265b917f8120b92d867,2024-07-11T14:56:20.733000 @@ -259813,7 +259836,7 @@ CVE-2024-7582,0,0,b5d30de3379d4f1314d865a318bcbb3d58683288c246ed462b107435220335 CVE-2024-7583,0,0,b2c70b6258cd9101ea44bd72a9a7bee40fdef17b5833e45029641b6b1054cda6,2024-08-08T20:54:35.117000 CVE-2024-7584,0,0,88e393ed083253249958807c1b676f862629edacea69fa08e833cacac796d57a,2024-08-07T19:09:46.290000 CVE-2024-7585,0,0,5e2ff565ca20d01ef68f8422fbeb35a8929478e27cc3f0f142481fee7317e65c,2024-08-07T19:09:46.290000 -CVE-2024-7588,0,0,d3ef5b569e7366e3ae43cf651880b60c5e17772de13d1a75c9d15e53b5ad4dd4,2024-08-14T05:15:13.063000 +CVE-2024-7588,0,1,5a601951792deb0c1a10bd51703f1f9beff37d3a9397ce091c3662d925878616,2024-08-14T13:00:37.107000 CVE-2024-7589,0,0,aa1647eb6c306ec7b876b5795f9775a883f5cc7b06ae7ba418ac0c8e49665270,2024-08-13T16:58:08.793000 CVE-2024-7590,0,0,c52a6d4cf8dfd970a8fe3a13dd0d7de54ec6ad3618ea0cc5513929656d029f44,2024-08-13T12:58:25.437000 CVE-2024-7593,0,0,957f1f1abb8043dce74bb98f0c89ec94718d03f7f079361879b9b8ac92070cf1,2024-08-14T02:07:05.410000 @@ -259870,10 +259893,10 @@ CVE-2024-7706,0,0,1056fcaa3affff4b3f9a6b703c011337d2adc8c6bdf71227e8310823081947 CVE-2024-7707,0,0,08017af054a9aea4cbec493bee72603fd26524b137f48eec425b10e1c9a2c5ce,2024-08-13T12:58:25.437000 CVE-2024-7709,0,0,9890807a1991d90435fddd18848992ba127ee8603dc9d09cd6e46bfbc80702ff,2024-08-13T12:58:25.437000 CVE-2024-7715,0,0,643ae05734832b0ffcf6472f2acff2b54708732000601789527e246cea7413e5,2024-08-13T12:58:25.437000 -CVE-2024-7728,0,0,acd91398bc720dd7a5a7de34b4eb600c884d4f60d31ada67e3400fb293ebbf11,2024-08-14T04:15:06.757000 -CVE-2024-7729,0,0,d87b98df46246481b0bff7e99c86ff198a5d3767062a90cfe5c84c87d848a213,2024-08-14T04:15:07.150000 -CVE-2024-7731,0,0,bfa4067ebffe005655021441f55e7ca971441a7904525c15616bbceb14a1ee32,2024-08-14T07:15:13.920000 -CVE-2024-7732,0,0,fa0d9c9d1627fc18078b0f65eb433f09324a06b99e9005b8737157c388bc2568,2024-08-14T07:15:16.477000 +CVE-2024-7728,0,1,6e291d9f53263e2fb59ac76ca77cbca952de50403aadce3c0e948994f87ca9a9,2024-08-14T13:00:37.107000 +CVE-2024-7729,0,1,2bbcc23121d3cbbbfd7b7747e3325c391cd14964f404891acd614a24c4694f71,2024-08-14T13:00:37.107000 +CVE-2024-7731,0,1,cc7ade0dcc3d2cb1ff1cf78974d45c78ed00c279543f0c65387d34f0cb1eab8c,2024-08-14T13:00:37.107000 +CVE-2024-7732,0,1,30b8fef0175bd82ab19c0dfbfc7d923e6448da95f0dfa167352fb1136c63ed95,2024-08-14T13:00:37.107000 CVE-2024-7733,0,0,e578a82e7a9ab04c2357599745dc3f12dc0540caf60a9a65f25cb958804090ac,2024-08-14T02:07:05.410000 CVE-2024-7738,0,0,731258ae6f17909ffa785bac8fd19b9e8a09422be2e34dc14bf00c692ff3cd2d,2024-08-14T02:07:05.410000 CVE-2024-7739,0,0,8041b718b3b9fbc6ed6cc2a09398ab01d61f0cdb530bddb8f47e58de44f92652,2024-08-14T02:07:05.410000