diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47084.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47084.json new file mode 100644 index 00000000000..f30fff74e1a --- /dev/null +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47084.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47084", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T22:15:10.263", + "lastModified": "2024-10-10T22:15:10.263", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability is related to **CORS origin validation**, where the Gradio server fails to validate the request origin when a cookie is present. This allows an attacker\u2019s website to make unauthorized requests to a local Gradio server. Potentially, attackers can upload files, steal authentication tokens, and access user data if the victim visits a malicious website while logged into Gradio. This impacts users who have deployed Gradio locally and use basic authentication. Users are advised to upgrade to `gradio>4.44` to address this issue. As a workaround, users can manually enforce stricter CORS origin validation by modifying the `CustomCORSMiddleware` class in their local Gradio server code. Specifically, they can bypass the condition that skips CORS validation for requests containing cookies to prevent potential exploitation." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-3c67-5hwx-f6wx", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47164.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47164.json new file mode 100644 index 00000000000..f2affe19240 --- /dev/null +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47164.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47164", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T22:15:10.437", + "lastModified": "2024-10-10T22:15:10.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of directory traversal checks** within the `is_in_or_equal` function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that manipulate file paths using `..` (parent directory) sequences. Attackers could potentially access restricted files if they are able to exploit this flaw, although the difficulty is high. This primarily impacts users relying on Gradio\u2019s blocklist or directory access validation, particularly when handling file uploads. Users are advised to upgrade to `gradio>=5.0` to address this issue. As a workaround, users can manually sanitize and normalize file paths in their Gradio deployment before passing them to the `is_in_or_equal` function. Ensuring that all file paths are properly resolved and absolute can help mitigate the bypass vulnerabilities caused by the improper handling of `..` sequences or malformed paths." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 2.3, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-77xq-6g77-h274", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47165.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47165.json new file mode 100644 index 00000000000..fb298b8fe61 --- /dev/null +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47165.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47165", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T22:15:10.680", + "lastModified": "2024-10-10T22:15:10.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **CORS origin validation accepting a null origin**. When a Gradio server is deployed locally, the `localhost_aliases` variable includes \"null\" as a valid origin. This allows attackers to make unauthorized requests from sandboxed iframes or other sources with a null origin, potentially leading to data theft, such as user authentication tokens or uploaded files. This impacts users running Gradio locally, especially those using basic authentication. Users are advised to upgrade to `gradio>=5.0` to address this issue. As a workaround, users can manually modify the `localhost_aliases` list in their local Gradio deployment to exclude \"null\" as a valid origin. By removing this value, the Gradio server will no longer accept requests from sandboxed iframes or sources with a null origin, mitigating the potential for exploitation." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-89v2-pqfv-c5r9", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47166.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47166.json new file mode 100644 index 00000000000..58ebf5e7406 --- /dev/null +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47166.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47166", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T22:15:10.833", + "lastModified": "2024-10-10T22:15:10.833", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **one-level read path traversal** in the `/custom_component` endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by manipulating the file path in the request. Although the traversal is limited to a single directory level, it could expose proprietary or sensitive code that developers intended to keep private. This impacts users who have developed custom Gradio components and are hosting them on publicly accessible servers. Users are advised to upgrade to `gradio>=4.44` to address this issue. As a workaround, developers can sanitize the file paths and ensure that components are not stored in publicly accessible directories." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 2.3, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-37qc-qgx6-9xjv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47167.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47167.json new file mode 100644 index 00000000000..cc7059c0a27 --- /dev/null +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47167.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47167", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T22:15:11.000", + "lastModified": "2024-10-10T22:15:11.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradio\u2019s `async_save_url_to_cache` function allows attackers to force the Gradio server to send HTTP requests to user-controlled URLs. This could enable attackers to target internal servers or services within a local network and possibly exfiltrate data or cause unwanted internal requests. Additionally, the content from these URLs is stored locally, making it easier for attackers to upload potentially malicious files to the server. This impacts users deploying Gradio servers that use components like the Video component which involve URL fetching. Users are advised to upgrade to `gradio>=5` to address this issue. As a workaround, users can disable or heavily restrict URL-based inputs in their Gradio applications to trusted domains only. Additionally, implementing stricter URL validation (such as allowinglist-based validation) and ensuring that local or internal network addresses cannot be requested via the `/queue/join` endpoint can help mitigate the risk of SSRF attacks." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-576c-3j53-r9jj", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-471xx/CVE-2024-47168.json b/CVE-2024/CVE-2024-471xx/CVE-2024-47168.json new file mode 100644 index 00000000000..b77511d7823 --- /dev/null +++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47168.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47168", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T22:15:11.173", + "lastModified": "2024-10-10T22:15:11.173", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves data exposure due to the enable_monitoring flag not properly disabling monitoring when set to False. Even when monitoring is supposedly disabled, an attacker or unauthorized user can still access the monitoring dashboard by directly requesting the /monitoring endpoint. This means that sensitive application analytics may still be exposed, particularly in environments where monitoring is expected to be disabled. Users who set enable_monitoring=False to prevent unauthorized access to monitoring data are impacted. Users are advised to upgrade to gradio>=4.44 to address this issue. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 2.3, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-670" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-hm3c-93pg-4cxw", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47867.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47867.json new file mode 100644 index 00000000000..9e2318a757e --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47867.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47867", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T23:15:02.640", + "lastModified": "2024-10-10T23:15:02.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity check** on the downloaded FRP client, which could potentially allow attackers to introduce malicious code. If an attacker gains access to the remote URL from which the FRP client is downloaded, they could modify the binary without detection, as the Gradio server does not verify the file's checksum or signature. Any users utilizing the Gradio server's sharing mechanism that downloads the FRP client could be affected by this vulnerability, especially those relying on the executable binary for secure data tunneling. There is no direct workaround for this issue without upgrading. However, users can manually validate the integrity of the downloaded FRP client by implementing checksum or signature verification in their own environment to ensure the binary hasn't been tampered with." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 2.1, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-8c87-gvhj-xm8m", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47868.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47868.json new file mode 100644 index 00000000000..5a042867852 --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47868.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47868", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T23:15:02.797", + "lastModified": "2024-10-10T23:15:02.797", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This is a **data validation vulnerability** affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected input constraints. This issue could lead to sensitive files being exposed to unauthorized users, especially when combined with other vulnerabilities, such as issue TOB-GRADIO-15. The components most at risk are those that return or handle file data. Vulnerable Components: 1. **String to FileData:** DownloadButton, Audio, ImageEditor, Video, Model3D, File, UploadButton. 2. **Complex data to FileData:** Chatbot, MultimodalTextbox. 3. **Direct file read in preprocess:** Code. 4. **Dictionary converted to FileData:** ParamViewer, Dataset. Exploit Scenarios: 1. A developer creates a Dropdown list that passes values to a DownloadButton. An attacker bypasses the allowed inputs, sends an arbitrary file path (like `/etc/passwd`), and downloads sensitive files. 2. An attacker crafts a malicious payload in a ParamViewer component, leaking sensitive files from a server through the arbitrary file leak. This issue has been resolved in `gradio>5.0`. Upgrading to the latest version will mitigate this vulnerability. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-4q3c-cj7g-jcwf", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47869.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47869.json new file mode 100644 index 00000000000..a1d50df7647 --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47869.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47869", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T23:15:02.930", + "lastModified": "2024-10-10T23:15:02.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **timing attack** in the way Gradio compares hashes for the `analytics_dashboard` function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response time of different requests to infer the correct hash byte-by-byte. This can lead to unauthorized access to the analytics dashboard, especially if the attacker can repeatedly query the system with different keys. Users are advised to upgrade to `gradio>4.44` to mitigate this issue. To mitigate the risk before applying the patch, developers can manually patch the `analytics_dashboard` dashboard to use a **constant-time comparison** function for comparing sensitive values, such as hashes. Alternatively, access to the analytics dashboard can be disabled." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 2.3, + "baseSeverity": "LOW" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-j757-pf57-f8r4", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47870.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47870.json new file mode 100644 index 00000000000..27b82eeffb8 --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47870.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47870", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T23:15:03.070", + "lastModified": "2024-10-10T23:15:03.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **race condition** in the `update_root_in_config` function, allowing an attacker to modify the `root` URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect user traffic to a malicious server. This could lead to the interception of sensitive data such as authentication credentials or uploaded files. This impacts all users who connect to a Gradio server, especially those exposed to the internet, where malicious actors could exploit this race condition. Users are advised to upgrade to `gradio>=5` to address this issue. There are no known workarounds for this issue." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 7.1, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-xh2x-3mrm-fwqm", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47871.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47871.json new file mode 100644 index 00000000000..2c47c5d4988 --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47871.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47871", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T23:15:03.187", + "lastModified": "2024-10-10T23:15:03.187", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **insecure communication** between the FRP (Fast Reverse Proxy) client and server when Gradio's `share=True` option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and read files uploaded to the Gradio server, as well as modify responses or data sent between the client and server. This impacts users who are sharing Gradio demos publicly over the internet using `share=True` without proper encryption, exposing sensitive data to potential eavesdroppers. Users are advised to upgrade to `gradio>=5` to address this issue. As a workaround, users can avoid using `share=True` in production environments and instead host their Gradio applications on servers with HTTPS enabled to ensure secure communication." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 8.2, + "baseSeverity": "HIGH" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-311" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-279j-x4gx-hfrh", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-478xx/CVE-2024-47872.json b/CVE-2024/CVE-2024-478xx/CVE-2024-47872.json new file mode 100644 index 00000000000..6c349ec70a5 --- /dev/null +++ b/CVE-2024/CVE-2024-478xx/CVE-2024-47872.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-47872", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-10-10T23:15:03.303", + "lastModified": "2024-10-10T23:15:03.303", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves **Cross-Site Scripting (XSS)** on any Gradio server that allows file uploads. Authenticated users can upload files such as HTML, JavaScript, or SVG files containing malicious scripts. When other users download or view these files, the scripts will execute in their browser, allowing attackers to perform unauthorized actions or steal sensitive information from their sessions. This impacts any Gradio server that allows file uploads, particularly those using components that process or display user-uploaded files. Users are advised to upgrade to `gradio>=5` to address this issue. As a workaround, users can restrict the types of files that can be uploaded to the Gradio server by limiting uploads to non-executable file types such as images or text. Additionally, developers can implement server-side validation to sanitize uploaded files, ensuring that HTML, JavaScript, and SVG files are properly handled or rejected before being stored or displayed to users." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gradio-app/gradio/security/advisories/GHSA-gvv6-33j7-884g", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9487.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9487.json new file mode 100644 index 00000000000..70269439453 --- /dev/null +++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9487.json @@ -0,0 +1,90 @@ +{ + "id": "CVE-2024-9487", + "sourceIdentifier": "product-cna@github.com", + "published": "2024-10-10T22:15:11.357", + "lastModified": "2024-10-10T22:15:11.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be enabled, and the attacker would require direct network access as well as a signed SAML response or metadata document. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.15 and was fixed in versions 3.11.16, 3.12.10, 3.13.5, and 3.14.2. This vulnerability was reported via the GitHub Bug Bounty program." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "product-cna@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:C/RE:M/U:Red", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "HIGH", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "HIGH", + "subsequentSystemAvailability": "LOW", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "USER", + "valueDensity": "CONCENTRATED", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "RED", + "baseScore": 9.5, + "baseSeverity": "CRITICAL" + } + } + ] + }, + "weaknesses": [ + { + "source": "product-cna@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-347" + } + ] + } + ], + "references": [ + { + "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.16", + "source": "product-cna@github.com" + }, + { + "url": "https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.10", + "source": "product-cna@github.com" + }, + { + "url": "https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.5", + "source": "product-cna@github.com" + }, + { + "url": "https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.2", + "source": "product-cna@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9814.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9814.json new file mode 100644 index 00000000000..84f375e4b3f --- /dev/null +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9814.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-9814", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-10T22:15:11.570", + "lastModified": "2024-10-10T22:15:11.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in Codezips Pharmacy Management System 1.0. Affected is an unknown function of the file product/update.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ppp-src/CVE/issues/11", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.279966", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.279966", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.418905", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9815.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9815.json new file mode 100644 index 00000000000..24aa0dbd783 --- /dev/null +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9815.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-9815", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-10T22:15:11.917", + "lastModified": "2024-10-10T22:15:11.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/create-package.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ppp-src/CVE/issues/12", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.279967", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.279967", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.418917", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9816.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9816.json new file mode 100644 index 00000000000..51fcb728a12 --- /dev/null +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9816.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2024-9816", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-10T22:15:12.230", + "lastModified": "2024-10-10T22:15:12.230", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Codezips Tourist Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.4, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ppp-src/CVE/issues/13", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.279968", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.279968", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.418918", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9817.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9817.json new file mode 100644 index 00000000000..0a89ef89eb0 --- /dev/null +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9817.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-9817", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-10T23:15:03.410", + "lastModified": "2024-10-10T23:15:03.410", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Blood Bank System 1.0. It has been classified as critical. This affects an unknown part of the file /update.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/RonenWen/cve/blob/main/sql6-update-name.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.279969", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.279969", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.421134", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9818.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9818.json new file mode 100644 index 00000000000..ac7f1885666 --- /dev/null +++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9818.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-9818", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-10-10T23:15:03.680", + "lastModified": "2024-10-10T23:15:03.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in SourceCodester Online Veterinary Appointment System 1.0. Affected is an unknown function of the file /admin/categories/manage_category.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/fezzyang/CVE_report/blob/main/online-veterinary-appointment-system/SQLi.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.279972", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.279972", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.421548", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index cc49cae5423..9b3ed9da4ae 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-10T22:00:17.541767+00:00 +2024-10-10T23:55:17.373111+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-10T21:51:56.040000+00:00 +2024-10-10T23:15:03.680000+00:00 ``` ### Last Data Feed Release @@ -33,51 +33,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -265269 +265287 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `18` -- [CVE-2024-9180](CVE-2024/CVE-2024-91xx/CVE-2024-9180.json) (`2024-10-10T21:15:05.010`) -- [CVE-2024-9808](CVE-2024/CVE-2024-98xx/CVE-2024-9808.json) (`2024-10-10T20:15:05.003`) -- [CVE-2024-9809](CVE-2024/CVE-2024-98xx/CVE-2024-9809.json) (`2024-10-10T20:15:05.267`) -- [CVE-2024-9810](CVE-2024/CVE-2024-98xx/CVE-2024-9810.json) (`2024-10-10T20:15:05.517`) -- [CVE-2024-9811](CVE-2024/CVE-2024-98xx/CVE-2024-9811.json) (`2024-10-10T21:15:05.383`) -- [CVE-2024-9812](CVE-2024/CVE-2024-98xx/CVE-2024-9812.json) (`2024-10-10T21:15:05.677`) -- [CVE-2024-9813](CVE-2024/CVE-2024-98xx/CVE-2024-9813.json) (`2024-10-10T21:15:05.963`) +- [CVE-2024-47084](CVE-2024/CVE-2024-470xx/CVE-2024-47084.json) (`2024-10-10T22:15:10.263`) +- [CVE-2024-47164](CVE-2024/CVE-2024-471xx/CVE-2024-47164.json) (`2024-10-10T22:15:10.437`) +- [CVE-2024-47165](CVE-2024/CVE-2024-471xx/CVE-2024-47165.json) (`2024-10-10T22:15:10.680`) +- [CVE-2024-47166](CVE-2024/CVE-2024-471xx/CVE-2024-47166.json) (`2024-10-10T22:15:10.833`) +- [CVE-2024-47167](CVE-2024/CVE-2024-471xx/CVE-2024-47167.json) (`2024-10-10T22:15:11.000`) +- [CVE-2024-47168](CVE-2024/CVE-2024-471xx/CVE-2024-47168.json) (`2024-10-10T22:15:11.173`) +- [CVE-2024-47867](CVE-2024/CVE-2024-478xx/CVE-2024-47867.json) (`2024-10-10T23:15:02.640`) +- [CVE-2024-47868](CVE-2024/CVE-2024-478xx/CVE-2024-47868.json) (`2024-10-10T23:15:02.797`) +- [CVE-2024-47869](CVE-2024/CVE-2024-478xx/CVE-2024-47869.json) (`2024-10-10T23:15:02.930`) +- [CVE-2024-47870](CVE-2024/CVE-2024-478xx/CVE-2024-47870.json) (`2024-10-10T23:15:03.070`) +- [CVE-2024-47871](CVE-2024/CVE-2024-478xx/CVE-2024-47871.json) (`2024-10-10T23:15:03.187`) +- [CVE-2024-47872](CVE-2024/CVE-2024-478xx/CVE-2024-47872.json) (`2024-10-10T23:15:03.303`) +- [CVE-2024-9487](CVE-2024/CVE-2024-94xx/CVE-2024-9487.json) (`2024-10-10T22:15:11.357`) +- [CVE-2024-9814](CVE-2024/CVE-2024-98xx/CVE-2024-9814.json) (`2024-10-10T22:15:11.570`) +- [CVE-2024-9815](CVE-2024/CVE-2024-98xx/CVE-2024-9815.json) (`2024-10-10T22:15:11.917`) +- [CVE-2024-9816](CVE-2024/CVE-2024-98xx/CVE-2024-9816.json) (`2024-10-10T22:15:12.230`) +- [CVE-2024-9817](CVE-2024/CVE-2024-98xx/CVE-2024-9817.json) (`2024-10-10T23:15:03.410`) +- [CVE-2024-9818](CVE-2024/CVE-2024-98xx/CVE-2024-9818.json) (`2024-10-10T23:15:03.680`) ### CVEs modified in the last Commit -Recently modified CVEs: `48` +Recently modified CVEs: `0` -- [CVE-2023-5136](CVE-2023/CVE-2023-51xx/CVE-2023-5136.json) (`2024-10-10T21:15:04.303`) -- [CVE-2024-23609](CVE-2024/CVE-2024-236xx/CVE-2024-23609.json) (`2024-10-10T21:15:04.623`) -- [CVE-2024-23612](CVE-2024/CVE-2024-236xx/CVE-2024-23612.json) (`2024-10-10T21:15:04.753`) -- [CVE-2024-30464](CVE-2024/CVE-2024-304xx/CVE-2024-30464.json) (`2024-10-10T20:24:02.920`) -- [CVE-2024-30465](CVE-2024/CVE-2024-304xx/CVE-2024-30465.json) (`2024-10-10T20:20:21.643`) -- [CVE-2024-42812](CVE-2024/CVE-2024-428xx/CVE-2024-42812.json) (`2024-10-10T20:18:11.100`) -- [CVE-2024-45115](CVE-2024/CVE-2024-451xx/CVE-2024-45115.json) (`2024-10-10T21:51:56.040`) -- [CVE-2024-45116](CVE-2024/CVE-2024-451xx/CVE-2024-45116.json) (`2024-10-10T21:47:27.763`) -- [CVE-2024-45117](CVE-2024/CVE-2024-451xx/CVE-2024-45117.json) (`2024-10-10T21:47:11.257`) -- [CVE-2024-45118](CVE-2024/CVE-2024-451xx/CVE-2024-45118.json) (`2024-10-10T21:47:00.927`) -- [CVE-2024-45119](CVE-2024/CVE-2024-451xx/CVE-2024-45119.json) (`2024-10-10T21:37:39.153`) -- [CVE-2024-45120](CVE-2024/CVE-2024-451xx/CVE-2024-45120.json) (`2024-10-10T21:37:20.763`) -- [CVE-2024-45121](CVE-2024/CVE-2024-451xx/CVE-2024-45121.json) (`2024-10-10T21:37:08.743`) -- [CVE-2024-45122](CVE-2024/CVE-2024-451xx/CVE-2024-45122.json) (`2024-10-10T21:35:53.717`) -- [CVE-2024-45123](CVE-2024/CVE-2024-451xx/CVE-2024-45123.json) (`2024-10-10T21:34:32.123`) -- [CVE-2024-47651](CVE-2024/CVE-2024-476xx/CVE-2024-47651.json) (`2024-10-10T21:01:39.413`) -- [CVE-2024-4890](CVE-2024/CVE-2024-48xx/CVE-2024-4890.json) (`2024-10-10T20:11:44.610`) -- [CVE-2024-8804](CVE-2024/CVE-2024-88xx/CVE-2024-8804.json) (`2024-10-10T20:56:49.403`) -- [CVE-2024-9349](CVE-2024/CVE-2024-93xx/CVE-2024-9349.json) (`2024-10-10T20:25:57.580`) -- [CVE-2024-9368](CVE-2024/CVE-2024-93xx/CVE-2024-9368.json) (`2024-10-10T20:30:51.240`) -- [CVE-2024-9372](CVE-2024/CVE-2024-93xx/CVE-2024-9372.json) (`2024-10-10T20:36:28.020`) -- [CVE-2024-9375](CVE-2024/CVE-2024-93xx/CVE-2024-9375.json) (`2024-10-10T20:44:02.900`) -- [CVE-2024-9384](CVE-2024/CVE-2024-93xx/CVE-2024-9384.json) (`2024-10-10T20:52:33.333`) -- [CVE-2024-9421](CVE-2024/CVE-2024-94xx/CVE-2024-9421.json) (`2024-10-10T20:59:01.600`) -- [CVE-2024-9445](CVE-2024/CVE-2024-94xx/CVE-2024-9445.json) (`2024-10-10T20:58:04.907`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 9fa79afbc9c..a42eb120f71 100644 --- a/_state.csv +++ b/_state.csv @@ -207938,14 +207938,14 @@ CVE-2022-42435,0,0,5b246c6c18fc19038c4864427b9e9c3c306bdcad03a1c27de868d67711e51 CVE-2022-42436,0,0,b997d5c87821579454aecf44a8cc02fb254274033b571b0563305dbc11c78fea,2023-11-07T03:53:18.533000 CVE-2022-42438,0,0,4b58f2c9000c194a398d779258a3939247ce7d1a77b6ec479119f29a20ef7e3f,2023-11-07T03:53:18.610000 CVE-2022-42439,0,0,479c91e805a8b4f14d241d42dea79c91c3c7482fe8da6dc12128a93e22c6ca7e,2023-11-07T03:53:18.810000 -CVE-2022-4244,0,1,c23d60e46aaa280e433c32352757899e7e464077a97832d207409abb7d53cc4e,2024-10-10T20:04:34.603000 +CVE-2022-4244,0,0,c23d60e46aaa280e433c32352757899e7e464077a97832d207409abb7d53cc4e,2024-10-10T20:04:34.603000 CVE-2022-42442,0,0,0e9576f158d8154a50a24bc63c42a0fb79bc4d6e0d1b61221507fa5650bab92a,2023-08-08T14:22:24.967000 CVE-2022-42443,0,0,dae5cf3e2ebed8d192355532d6836aeeebef2cbcab2491ddfa1f66e95e920749,2024-02-20T19:50:53.960000 CVE-2022-42444,0,0,72f5ea427357cee3a7056dc3a752323aacc96f5a6151d3389a2c6d09b3b26480,2023-11-07T03:53:19.093000 CVE-2022-42445,0,0,e295339bba1f3487f2025ef56dc96f11beb0a1486e3cdf407bd3b450306dd43a,2023-11-07T03:53:19.370000 CVE-2022-42446,0,0,c60a97003a7f84c5f64fd596f87eab38f4c8f947f640f4977d97bb6854cb1f7d,2023-11-07T03:53:19.593000 CVE-2022-42447,0,0,0c5fa8c1d300f2b622eb4e0bf02de8273e45049e45b90fdf1b77dffdbc17b887,2023-11-07T03:53:19.810000 -CVE-2022-4245,0,1,2f8a836729a2b28af01fd381acbb262fa1c36c272f02aeece53c3f8b33d50d4d,2024-10-10T20:02:34.187000 +CVE-2022-4245,0,0,2f8a836729a2b28af01fd381acbb262fa1c36c272f02aeece53c3f8b33d50d4d,2024-10-10T20:02:34.187000 CVE-2022-42451,0,0,78a6921f84537121f07974459490058285256afbe4a71f2e3fe4d8f2c19d5ff8,2023-10-23T15:02:36.410000 CVE-2022-42452,0,0,b66ad06c8e49a9d8c43cd7b8918f7497d8729a8e0f307d4a7cab0bda4a8dc2bc,2023-11-07T03:53:20.100000 CVE-2022-42453,0,0,8eb505e13c81a58ec1537abc098389b013e90e9754080b524d417f996725afb1,2023-11-07T03:53:20.307000 @@ -216565,7 +216565,7 @@ CVE-2023-22339,0,0,dcf71a642458c5317f40076c67856645a6973b302f8283f4ec4c15a1dd6c2 CVE-2023-2234,0,0,f24858bfcbc0c3f15004081c0f9f7174dc852ca174c94d5399d0e063fd48b540,2023-08-28T15:32:49.990000 CVE-2023-22340,0,0,74e97020a45c9071521c452a62a93be457e2c7acaf90115076848c52917ff646,2023-11-07T04:06:50.923000 CVE-2023-22341,0,0,555dc5ee3ed489849aa3044d26b08dc240341cd1f3968fd462f21d9ef7a3ee89,2023-11-07T04:06:51.017000 -CVE-2023-22342,0,1,a886c397a69edac887424f011cec8b436924a6ece82af17708fccaf23da8ba0e,2024-10-10T21:28:04.290000 +CVE-2023-22342,0,0,a886c397a69edac887424f011cec8b436924a6ece82af17708fccaf23da8ba0e,2024-10-10T21:28:04.290000 CVE-2023-22344,0,0,27632eb3785128950306d8c572b2056533d3f8f6a8d901fa895563b5fc395a7d,2023-03-13T17:54:43.867000 CVE-2023-22345,0,0,4888cb3955d300978246cd3812e3711ef5f0f46282dec6661b35f067bbe75b56,2023-02-27T14:57:47.960000 CVE-2023-22346,0,0,9120ce9af60b9406c088db3a6bfaf81f5f0456e98b118510f132581c86ebc2e2,2023-02-27T15:05:48.123000 @@ -216614,7 +216614,7 @@ CVE-2023-22387,0,0,7bd49b9c29b21308d84519d3dc1e7306591bef2af129eb58c26f6d3f7aaa6 CVE-2023-22388,0,0,e37ce7b888eabe18248987344f451a5e23489799647a80125f7ab0ae62c97bfe,2024-04-12T17:16:54.123000 CVE-2023-22389,0,0,f691e050bc1738239a086ff765d8375f9b4302b6eb151b78dafb667f7574018c,2023-11-07T04:06:52.610000 CVE-2023-2239,0,0,82d1b60db8acff7eafdd4d4e4b90765cb182848630b39712d794bc2b4f89aeab,2023-04-28T03:47:23.527000 -CVE-2023-22390,0,1,f21d595fca0f27d96c896721b6236041da2d09de79881796089f445e7f44f109,2024-10-10T21:27:55.377000 +CVE-2023-22390,0,0,f21d595fca0f27d96c896721b6236041da2d09de79881796089f445e7f44f109,2024-10-10T21:27:55.377000 CVE-2023-22391,0,0,b96c0f7520c820864973b7ce286bb7316049e1efbf58304577d73a77d780f326,2023-01-24T18:44:00.530000 CVE-2023-22392,0,0,c7e5d6867191fdebc8b45f4d5ec9df3345e79b2776810a69d8526999f7673a3e,2024-02-21T20:08:50.277000 CVE-2023-22393,0,0,232101f0fa551fbc54a282c3aa64abd629c879af47f5fdcd9921ac3d6ab1bbc4,2023-01-24T18:46:14.963000 @@ -217016,7 +217016,7 @@ CVE-2023-22844,0,0,9f317de85823ed06761d9a78a45b6ed458126e22af9fd7359df7bf8e54e47 CVE-2023-22845,0,0,14be039ff213a3d18757ba7ac946f3d22dd764d18ce6cd8b47de41211c1c2b55,2023-04-05T13:39:14.847000 CVE-2023-22846,0,0,68ee63a6bcfae95eafaa56475436f7471d2e77a8f5bf094917056c6d391f6fc6,2023-05-02T01:32:29.167000 CVE-2023-22847,0,0,0d574b1acc76a206795e17f0407f1d9fa39bb84090c706c69f670f1706414339,2023-03-14T17:47:44.390000 -CVE-2023-22848,0,1,ba16e574782f5e66855809cd48899588e88b8ba7d2d4a89178e1e90457662fd6,2024-10-10T21:27:48.390000 +CVE-2023-22848,0,0,ba16e574782f5e66855809cd48899588e88b8ba7d2d4a89178e1e90457662fd6,2024-10-10T21:27:48.390000 CVE-2023-22849,0,0,1ec90b3782c54cf7d25f2fc54dd95845eb57a5fe4b10bf22607705dfdce90254,2023-11-07T04:07:28.167000 CVE-2023-2285,0,0,712d17a882fd0eec6f9635d1caf062c9ccca23c863ce0521fbd5deb46a961221,2023-11-07T04:12:19.670000 CVE-2023-22850,0,0,49262dd40bbc8fa6e4951becd4af6c9b4de61f99ed12ec03c0353d3546d4ef6f,2023-01-25T18:00:22.203000 @@ -218220,7 +218220,7 @@ CVE-2023-24459,0,0,d1d67fec2efd9a996e5576ce94342b072bcb017ade11692e5e156b795c03b CVE-2023-2446,0,0,77d18032db2a2d43ca89e72b2e146e40e8a0da023a9aef63f9cb1c4d6b04ffb6,2023-11-30T05:27:35.683000 CVE-2023-24460,0,0,5ccd25a0d63901a60a327bbeab4e8552530d89c34ffd5e4dea964340b6deb428,2024-05-17T18:36:31.297000 CVE-2023-24461,0,0,62ff32018786cbd664dd775fa7e246988d63a708d58a1d9ccf821bd2c7675d01,2023-05-10T18:29:52.117000 -CVE-2023-24463,0,1,b46683916100e46f365d58ccd93c2a4f791ace066fe666d3b7557e3e7b9bbe97,2024-10-10T21:27:39.470000 +CVE-2023-24463,0,0,b46683916100e46f365d58ccd93c2a4f791ace066fe666d3b7557e3e7b9bbe97,2024-10-10T21:27:39.470000 CVE-2023-24464,0,0,d7153b45d5e2416034e94fb0fe49853263968a99bbc8787aceee4a9dd602fa45,2023-04-18T02:21:48.263000 CVE-2023-24465,0,0,12a9995d739af115b1d8d73fad1cdb92d72ceb9ea3e09374ae0104d16290e87e,2024-09-09T12:21:53.383000 CVE-2023-24468,0,0,25ae46b121e2327b504523595446d1da3211da3edc7536696bf537ff2f660cfb,2024-09-13T18:08:15.267000 @@ -218238,7 +218238,7 @@ CVE-2023-24478,0,0,2854da322060ae3aa5136cdc270dd3e7cfe41b008077c5f73f7fb78201ae3 CVE-2023-24479,0,0,7211e9c69437501b3a8e7b9a9efd614e2106314128fbf7e75fec6228445328c8,2023-10-12T22:25:43.207000 CVE-2023-2448,0,0,698462a131ff71655a9da6cdc5a6c28ccc47ebf9f4d9a3e2f8a3a28a96eadbbf,2023-12-04T17:38:31.713000 CVE-2023-24480,0,0,a28078a70d43f9a1bf0600372a78d5ec55720dca9c0041faad26a292adbf161b,2024-04-22T16:15:12.637000 -CVE-2023-24481,0,1,0c23556363c833feb2475dd64ff598c3fb9830615d54f6ae182ffd08bf7016d7,2024-10-10T21:27:32.037000 +CVE-2023-24481,0,0,0c23556363c833feb2475dd64ff598c3fb9830615d54f6ae182ffd08bf7016d7,2024-10-10T21:27:32.037000 CVE-2023-24482,0,0,6c32cf12341531b0652a27ee9d708ebe2edf4eb372830c6ca7843cd64a3d3d8c,2023-02-22T15:43:48.470000 CVE-2023-24483,0,0,911fe608335ab8f98794e01cca66be320ab453e365d2ecbb8325edaa3c579cfa,2023-02-24T19:44:41.067000 CVE-2023-24484,0,0,dd8de6aa3440219adf79a79684619e217480bb8ef75da13f9a5e8d3139feb157,2023-02-24T19:28:17.107000 @@ -218304,7 +218304,7 @@ CVE-2023-24538,0,0,2538c871415036033c2c54e92711449c2c81b9684c6db978f1f1766c42473 CVE-2023-24539,0,0,e19e54e6bbf68c23781cbc35cb676a356b68a0a5a0b11df604e959f7e4a7b292,2023-11-07T04:08:32.030000 CVE-2023-2454,0,0,0ef6cbf471f90e338775a317f257d53e0b1652f70136b501611043b30e2cb3d4,2023-07-06T19:15:10.143000 CVE-2023-24540,0,0,522cc078ed479232a2461f858ea33ed1045a1bd6437b87778e3cee50478273d1,2023-11-07T04:08:32.233000 -CVE-2023-24542,0,1,c2a515582fa5eac330b8e2b66f04b425d97bb55957a7c7233215a48a112d0994,2024-10-10T21:27:25.523000 +CVE-2023-24542,0,0,c2a515582fa5eac330b8e2b66f04b425d97bb55957a7c7233215a48a112d0994,2024-10-10T21:27:25.523000 CVE-2023-24544,0,0,7d109185a5bad3b163eb8bfc76bdebfeb7f6c52fda3ebb84f0920821e3bc4a49,2023-04-18T19:36:20.460000 CVE-2023-24545,0,0,928a7f77ac9bee5cc5d4efa9b9d91dc7acfcea786728099161748392f777bca5,2023-04-21T15:09:02.267000 CVE-2023-24546,0,0,85ec05e5779d19477aaf79e3e0cf8ae72a395fcef6c09cf3ec5712afb4ef172b,2023-11-07T04:08:32.397000 @@ -218352,7 +218352,7 @@ CVE-2023-24585,0,0,c8ee2e9c8b780def5e641522eaff370fb6421ab70b5edac2142c09adf10ea CVE-2023-24586,0,0,7d505e08609c01397535dd24cd61e101d6d22032087576f537df01938c0a60ee,2023-05-17T16:23:17.587000 CVE-2023-24587,0,0,71f2a7d7639015266e4390781c2f3ce069b5200d3e90f15c01a7c20d915eb4d8,2023-11-28T17:01:41.183000 CVE-2023-24588,0,0,2ef36532565eb3be85b9be1d03ea17dba2ff521388a0b1d5e9f24cd0fb5ff556,2023-11-28T17:00:16.913000 -CVE-2023-24589,0,1,a8570d1496a12370184415bfaaf30a6185d91001fda6cb8951fe6ab851e6a5df,2024-10-10T21:27:18.237000 +CVE-2023-24589,0,0,a8570d1496a12370184415bfaaf30a6185d91001fda6cb8951fe6ab851e6a5df,2024-10-10T21:27:18.237000 CVE-2023-2459,0,0,87d0f3af5d9f2f16840cc7c27d343b6c8aa37b4163a5005ca8c8359b9978213f,2023-10-20T20:54:50.567000 CVE-2023-24590,0,0,7d131b3c6d25d723156ac81026080a6db7e78a83c9e0f7a66c7fac1f0c270f4a,2024-01-05T18:33:26.597000 CVE-2023-24591,0,0,79dd70555de28073a9e21ecb9f6a1d70538293fc45723b3df3ea9015ecfcfb09,2024-02-14T15:02:01.453000 @@ -219293,7 +219293,7 @@ CVE-2023-25765,0,0,8b8fe850a03e900a1d8f97ccc307849225ff3db9168a53a9b04c8b3f0742c CVE-2023-25766,0,0,31ba38e58cf3118b6db5f7c61d70f8629b43d743233674a011f16afbdc21f74a,2023-11-03T02:06:20.837000 CVE-2023-25767,0,0,483e68ff22a520b288e94cfaf3a1e25c90ebae527bb530eabc8f0a019be643cd,2023-11-03T02:02:37.800000 CVE-2023-25768,0,0,dc57492108f61f9e7c41acb03012978cbf466261cc9a2ddfea49f357ef0b05e3,2023-11-03T02:04:03.650000 -CVE-2023-25769,0,1,b43313a130296829e55468ab6b36272a9a19130abc7c2f7a33a0aeb86098a386,2024-10-10T21:27:08.520000 +CVE-2023-25769,0,0,b43313a130296829e55468ab6b36272a9a19130abc7c2f7a33a0aeb86098a386,2024-10-10T21:27:08.520000 CVE-2023-25770,0,0,c196f3f59a9ed379f3033392f5332da695ce96226441cec597553d40d2c90803,2024-04-22T16:15:12.870000 CVE-2023-25771,0,0,0a40ade9e4b633e2e25c64b41412f6cf20b10475ee3b92ce849eec7e304b725e,2023-11-07T04:09:10.947000 CVE-2023-25772,0,0,a0a863d580e53f497e70eeff0d4bd28ff51b949ec7490c2b052c7aaa57fffae7,2023-11-07T04:09:11.190000 @@ -219301,8 +219301,8 @@ CVE-2023-25773,0,0,c8a4a4c116ed5d896279b6cb93fadbf0a6a145a41b80291e643b9b92633bb CVE-2023-25774,0,0,50f00eb85c9a6f3939ad3ac3d2f8701f08cab7d7ec6691ef9981e83d63419194,2023-10-18T17:53:08.367000 CVE-2023-25775,0,0,9e0931d7bb83de9c26f9ad076dcda45420d6c5a1e995b56352243c3259380610,2024-01-11T21:15:10.030000 CVE-2023-25776,0,0,a5c9a6507e4e8061236842380ca8385e80281fc571d20401f84423392270b8fa,2023-11-07T04:09:11.693000 -CVE-2023-25777,0,1,f27b58950c89804e69aa68f336146b6b2e279c13c9d95190f3adaf0fdd13910b,2024-10-10T21:26:52.387000 -CVE-2023-25779,0,1,a45eb3ceaeac210511f31ab57eba3435f1fe39e20c612e5ccb2ede2582be2ff0,2024-10-10T21:26:44.253000 +CVE-2023-25777,0,0,f27b58950c89804e69aa68f336146b6b2e279c13c9d95190f3adaf0fdd13910b,2024-10-10T21:26:52.387000 +CVE-2023-25779,0,0,a45eb3ceaeac210511f31ab57eba3435f1fe39e20c612e5ccb2ede2582be2ff0,2024-10-10T21:26:44.253000 CVE-2023-2578,0,0,25def0f9973e4fd487f0bc4b5b8f93479b0628080fba7ffabca5d3428cfb73a2,2023-11-07T04:12:54.380000 CVE-2023-25780,0,0,125e6cf3293c902b54297f6fca692c8324cb7894208bb988b405b415df34b9cb,2023-06-09T18:10:20.373000 CVE-2023-25781,0,0,8bc7a82840fd6d46c330010cc1b910d5481474ebd1bb4f8ff65031cde3c07833,2023-06-01T02:18:46.477000 @@ -220028,18 +220028,18 @@ CVE-2023-26581,0,0,63b903fc02e85a087dd48bcf223e2d0919627f15fd80dd3fc9edf78472c1d CVE-2023-26582,0,0,12c32dcd82d637dcdedca56ca84b2864fc50eca2ce0d9d634578eaab32f2046b,2023-10-28T03:20:40.767000 CVE-2023-26583,0,0,c619025a8a287d6b9878acaa1d9ce72e24537dc38a39411e99d1856c96ad1c52,2023-10-28T03:20:44.597000 CVE-2023-26584,0,0,ebecbb1954e68aaca87b211a6a732faed82b38f5d9d39a0a0adb0aa435f6f45c,2023-10-28T03:20:48.837000 -CVE-2023-26585,0,1,6a169d64030402114baa96977dc7f44050b20734c207e4738fbb9a1f046a7b26,2024-10-10T21:26:36.277000 +CVE-2023-26585,0,0,6a169d64030402114baa96977dc7f44050b20734c207e4738fbb9a1f046a7b26,2024-10-10T21:26:36.277000 CVE-2023-26586,0,0,5975e2524d7ffa4f54f064e0e975bd8974bd474947eba7cbdf2beeae8120f0a2,2024-02-14T15:01:55.963000 CVE-2023-26587,0,0,68f5d814568994653ae044c5e6f08404578310edae7342625238728fb686b87f,2023-11-07T04:09:40.973000 CVE-2023-26588,0,0,8d09e7de4a8174ad99c8db79151914941653e52f8e566e080f9908dd283d2aa8,2023-04-18T19:37:21.610000 CVE-2023-26589,0,0,4644ea6b391eb80feae3f8ad1321a56d547bc438f6de7ff9a9ab5f2c9ac10df8,2023-11-20T20:50:48.007000 CVE-2023-2659,0,0,a7e0e2e45c53a9d48958a2dd6e206b9e8d661b24a9b3927e750cb3cc7d0e6e0c,2024-05-17T02:23:07.997000 CVE-2023-26590,0,0,c5a2875bb9bc780f8046f77a77b5c8dc96bc1db20aa6d1dd1f39bd9eebc993db,2023-11-07T04:09:41.067000 -CVE-2023-26591,0,1,fc905af4d317a2e2e12c7fdea2fb2a102ea8dd08978c81f6614718a54826ac25,2024-10-10T21:26:20.080000 -CVE-2023-26592,0,1,0d613c2ffd26c9a9c065a7367d606eb418fcc0cd155960bd1e1b647743908463,2024-10-10T21:26:03.067000 +CVE-2023-26591,0,0,fc905af4d317a2e2e12c7fdea2fb2a102ea8dd08978c81f6614718a54826ac25,2024-10-10T21:26:20.080000 +CVE-2023-26592,0,0,0d613c2ffd26c9a9c065a7367d606eb418fcc0cd155960bd1e1b647743908463,2024-10-10T21:26:03.067000 CVE-2023-26593,0,0,2fa151bf1bcfb5ec278d23e91e644a672e5591270133bbf61d18ef8d6296261f,2023-04-21T03:47:41.653000 CVE-2023-26595,0,0,e352e29d11788219d973ff84053c285ca23f5de07c08995f0a9e245c6cec861a,2023-05-31T00:18:47.900000 -CVE-2023-26596,0,1,6eb6f212b5509bfa7843dd6eb07f189aa9df454ebe7ba2544bfc7581f0ddd95a,2024-10-10T21:26:27.180000 +CVE-2023-26596,0,0,6eb6f212b5509bfa7843dd6eb07f189aa9df454ebe7ba2544bfc7581f0ddd95a,2024-10-10T21:26:27.180000 CVE-2023-26597,0,0,cbc64381955284e295ea616d4d21ff75908dd618cab3eebdc42467109717eee8,2024-04-22T16:15:13.033000 CVE-2023-26599,0,0,7c7b4139779b9b50cb394fc5005279d2487de98e856d279208a6b81c27e1fd3c,2023-04-28T19:14:36.293000 CVE-2023-2660,0,0,723e93e831dbf011a2b25b3234aa39a595b815de2cf1990a716fe549232b16e3,2024-05-17T02:23:08.140000 @@ -220421,14 +220421,14 @@ CVE-2023-27295,0,0,2b35ba9c23ec3dc889df00063b1455884aad22232738faa01bb0bf1854195 CVE-2023-27296,0,0,65e6521a95e84cdf103e2a85baf1c64de8cc6d432144f2229f3d951a61ea39ca,2023-11-07T04:09:53.790000 CVE-2023-27298,0,0,8bddc45578699197351b23ab0fdfb8ded3b03ac7d83cd4217eac4097302905ee,2023-11-07T04:09:53.857000 CVE-2023-2730,0,0,dd1d0188c4d0b52d9edc97402eec83c6293a8bdf8db32c0db8927e99022b2050,2023-05-22T17:20:52.117000 -CVE-2023-27300,0,1,99f876ece91964344f0eebd6d8c2cb263e6e1b21447c6d7d46fcd9bc2f97ebc6,2024-10-10T21:25:40.267000 -CVE-2023-27301,0,1,a9be9d918b52b944c1c5881c467ec114b3231f638526dbd2f60d5091efde6c26,2024-10-10T21:25:31.953000 -CVE-2023-27303,0,1,a5d4f576b18630c14afd989e450b435f6c526821e5759f7df608333d129a5f28,2024-10-10T21:25:20.277000 +CVE-2023-27300,0,0,99f876ece91964344f0eebd6d8c2cb263e6e1b21447c6d7d46fcd9bc2f97ebc6,2024-10-10T21:25:40.267000 +CVE-2023-27301,0,0,a9be9d918b52b944c1c5881c467ec114b3231f638526dbd2f60d5091efde6c26,2024-10-10T21:25:31.953000 +CVE-2023-27303,0,0,a5d4f576b18630c14afd989e450b435f6c526821e5759f7df608333d129a5f28,2024-10-10T21:25:20.277000 CVE-2023-27304,0,0,fd8b19bbed1afa774cac561ceb7864a241903e5d93b08469085fc3feda1a4e4f,2023-05-31T00:15:42.713000 CVE-2023-27305,0,0,337d4755adebe99b5be5fcc6844d64d1eab7368efd2e7050a942b20afe15c767,2024-05-16T21:15:51.200000 CVE-2023-27306,0,0,017cfc1c304d0cf36360c01f49f53391dbd7916ce02ee97aa10d1b8a6e15f5fd,2023-11-30T17:12:52.813000 -CVE-2023-27307,0,1,eded8d9a40e151cde674709fe2495acb7f42844156fe3da062ce7ec403d13c38,2024-10-10T21:25:08.423000 -CVE-2023-27308,0,1,8ce91dc73cb89af30577806d9a1bbb78f466e4429ae2e00816e85c9072abf0f1,2024-10-10T21:24:47.837000 +CVE-2023-27307,0,0,eded8d9a40e151cde674709fe2495acb7f42844156fe3da062ce7ec403d13c38,2024-10-10T21:25:08.423000 +CVE-2023-27308,0,0,8ce91dc73cb89af30577806d9a1bbb78f466e4429ae2e00816e85c9072abf0f1,2024-10-10T21:24:47.837000 CVE-2023-27309,0,0,8d8b6d37141c5b83e40edb1e5bd629b83b8c8b0959de8aceeb468c117678c397,2023-03-17T17:01:45.057000 CVE-2023-2731,0,0,c4564c57c22bd85647ed5c9520a3f4fc4c16778b1b8e8f63e5b69eb7060ec95e,2023-07-03T16:15:09.727000 CVE-2023-27310,0,0,336d0d04f900b8ce4174cc4c050d6e1dc1f15757af5f506b5d1ceb2a09a8e3c9,2023-03-17T17:05:38.383000 @@ -229498,7 +229498,7 @@ CVE-2023-39015,0,0,25fc598084867b96c0280d9306f465af2d748b9ae6cd27a2361f7fee764a7 CVE-2023-39016,0,0,35309eb607975f9807b0a3d46f45f594c74574b329619228c80e35abf31e9dac,2024-07-30T14:55:53.803000 CVE-2023-39017,0,0,bd324813bcb37b44b5c9b86e7f9af2851a7fb2396edf48b6d794a7c804d10e9b,2024-08-02T18:16:00.607000 CVE-2023-39018,0,0,ea38700ac0106541c2c0e802f28b361ffa64625da709c9a04a7040996e0d9efb,2024-08-02T18:16:00.720000 -CVE-2023-39020,0,1,4db3a3ed638f5fcfab6dda6e46bc7370c77d08a7cf3a2d2f632a9af19a5dab0c,2024-10-10T20:22:41.110000 +CVE-2023-39020,0,0,4db3a3ed638f5fcfab6dda6e46bc7370c77d08a7cf3a2d2f632a9af19a5dab0c,2024-10-10T20:22:41.110000 CVE-2023-39021,0,0,1daa275404241d65a134d5888edc30e2578947020a64fb6904413c08cae8f49f,2023-08-03T18:00:28.377000 CVE-2023-39022,0,0,46d034f33003b0a75b30179828a254a5a33fd70313cfcbe8c03c1d56ac2bc01f,2023-08-03T17:59:21.500000 CVE-2023-39023,0,0,ea60fcd815fb6276948389da49e06d579f2efb722975b79f244a61bb0761dd9d,2023-08-03T17:55:41.163000 @@ -236998,7 +236998,7 @@ CVE-2023-49436,0,0,cb2c7d03ae542d20beb71599481e05436316817b1f0a251d7191758cce818 CVE-2023-49437,0,0,b98499f0fc6d72b24cae71d4c0b436b9d90121d8a152e00c72ac90016c12523a,2023-12-09T04:44:23.637000 CVE-2023-49438,0,0,cec353ac8048387053a1e78da72250e5790a2e25d604e9c82347777babef2e98,2024-01-14T02:15:46.610000 CVE-2023-4944,0,0,8e082bf033e059811bf61b7c20b20437f74bade06cd8e13deae185d73f7b5bc7,2023-11-07T04:23:12.343000 -CVE-2023-49441,0,1,58eba0170dd4985f3285f96fd638762bf0b3a7dc42b9238f4b989aec7f21c7a3,2024-10-10T20:00:44.307000 +CVE-2023-49441,0,0,58eba0170dd4985f3285f96fd638762bf0b3a7dc42b9238f4b989aec7f21c7a3,2024-10-10T20:00:44.307000 CVE-2023-49442,0,0,60c44a7653f91852e79c87d5ad7c1bb04768e117ff057c008ea325715b330134,2024-01-10T20:26:06.417000 CVE-2023-49443,0,0,1ff94a19f669074045a4a6976326e62e4f816926a6471dbb8b1ef66b72d524d8,2023-12-11T19:12:46.117000 CVE-2023-49444,0,0,86d0aff6c754bc433a1f4a035cb97e7fca539c8a303486d7b37dcbcc4bf55682,2023-12-11T19:11:35.700000 @@ -238097,7 +238097,7 @@ CVE-2023-51350,0,0,4fe74226c6650427bea058f5dcb3e9e14dec7050b3bfa501bbdef4580b9b0 CVE-2023-51354,0,0,8a82dd65edf20609d8562e1873a2e9f73efc4655891eb6f414050aedd03313b1,2024-01-05T16:21:13.340000 CVE-2023-51356,0,0,23823337bc925443b717b8041fff9767a4ae92659ce744669517b57c4703d451,2024-05-17T18:36:05.263000 CVE-2023-51358,0,0,a682898023b1e1a2c1d59aaa6c1097e476f318de4e515eea5a5b8fa8fdabf27b,2024-01-05T16:20:52.507000 -CVE-2023-5136,0,1,d402cdd3608e4311d795127fe97e752624571816c34ee0e3afa13781c37b037d,2024-10-10T21:15:04.303000 +CVE-2023-5136,0,0,d402cdd3608e4311d795127fe97e752624571816c34ee0e3afa13781c37b037d,2024-10-10T21:15:04.303000 CVE-2023-51361,0,0,ba54ccebbed10dc03d1df5016391e1e4912facf1264383768104a7e94a69841e,2024-01-05T04:52:30.367000 CVE-2023-51363,0,0,c603f2d1ac67a022ac5d7a06ed6265eb7080a88729cf3e6dc9c173f519db3812,2024-02-20T18:52:19.997000 CVE-2023-51364,0,0,66f24a5548b6e0407e1db99b943e553d1f8b2fb0236c73b021ff05abfe96f73b,2024-04-26T15:32:22.523000 @@ -245652,11 +245652,11 @@ CVE-2024-23605,0,0,993b32c134fe8e64779e31a8d8adbe06f4e772dba085157d02460be0663b1 CVE-2024-23606,0,0,c208009da6a506f2cb89bfd3fdf2f90ab6038e888471cbfef093e4e7011305cc,2024-04-02T15:15:53.133000 CVE-2024-23607,0,0,d3e5b2cf0208dbd94423f33f1f1d830e5379284a1b054e1dac0f1142dda2bcdb,2024-02-14T18:04:45.380000 CVE-2024-23608,0,0,50dc0674b07e73ec8c46f1968864ab20402f5761f50f996f4b7f041b1d2be763,2024-03-12T12:40:13.500000 -CVE-2024-23609,0,1,3b1abf752b3d423bc6f5438ce61f2cd61b2e2a95458e8a7d8eeff140a78cb160,2024-10-10T21:15:04.623000 +CVE-2024-23609,0,0,3b1abf752b3d423bc6f5438ce61f2cd61b2e2a95458e8a7d8eeff140a78cb160,2024-10-10T21:15:04.623000 CVE-2024-2361,0,0,dcdcbdd2e2dfcbfc5e289c7242a337c223a46cf5b5f53777e6d8d9a1b7d862b7,2024-05-16T13:03:05.353000 CVE-2024-23610,0,0,911507017e2d1adda1f4152b49b667ed899063fa3626c265dcd8fbea70e8b461,2024-03-12T12:40:13.500000 CVE-2024-23611,0,0,9602e165d5f6e778bafbe1412b34e6984b52aae9b91c33ef6488637f8a688ffa,2024-03-12T12:40:13.500000 -CVE-2024-23612,0,1,235f707bf347b024f46132ff79e6c28397a7c61dd4cb5fc018efb1c522e5dc32,2024-10-10T21:15:04.753000 +CVE-2024-23612,0,0,235f707bf347b024f46132ff79e6c28397a7c61dd4cb5fc018efb1c522e5dc32,2024-10-10T21:15:04.753000 CVE-2024-23613,0,0,205b218b4ed34eb16278c267b2edbefc505e012507afece91157be751ea225fa,2024-01-31T19:22:48.627000 CVE-2024-23614,0,0,a09a0a776351f6475779200c70724fec277932c5bd6e08a57ab40fb75ac3e44e,2024-01-31T19:54:08.847000 CVE-2024-23615,0,0,17e991130729493812abb446c7f3aa0d8051e8feca1aa848bb32263383d505cc,2024-01-31T23:46:44.913000 @@ -250647,8 +250647,8 @@ CVE-2024-3046,0,0,ce4396e69b4b786c3e2210aa0d6581bc9ae569c532ea967f0d2c2bf94fc2c2 CVE-2024-30460,0,0,a54d600ed6445054e9dab2d0cafc2dcec0517bfb59656b61a5ced816c746fec3,2024-04-01T01:12:59.077000 CVE-2024-30462,0,0,fa4e2b1af314ce2e88871da6eb031da97cbd47c1b73c07089c2d4c9a5abd7cbc,2024-04-01T01:12:59.077000 CVE-2024-30463,0,0,99f9e7e4f688ebeab5fbfb1fb18c574f016eb4a992191f046d8ba02d781779c5,2024-04-01T01:12:59.077000 -CVE-2024-30464,0,1,51c3215b149dd8d8f4ee5583809245d75be185a8663332a1359ccf52187b49b3,2024-10-10T20:24:02.920000 -CVE-2024-30465,0,1,8ea95640addbc6959bc5fa5b61712e681faa8fafb6d05c1e8f9d26987e2e742c,2024-10-10T20:20:21.643000 +CVE-2024-30464,0,0,51c3215b149dd8d8f4ee5583809245d75be185a8663332a1359ccf52187b49b3,2024-10-10T20:24:02.920000 +CVE-2024-30465,0,0,8ea95640addbc6959bc5fa5b61712e681faa8fafb6d05c1e8f9d26987e2e742c,2024-10-10T20:20:21.643000 CVE-2024-30466,0,0,1a487d41e703b208486280f81412430be4a5ff438fff64a93f583a78b9d17194,2024-10-08T21:04:44.047000 CVE-2024-30467,0,0,d05648dadb8ea488cbcafc6ce9793af38aa7b19ed7bda4077db928d381418b15,2024-10-08T21:09:50.460000 CVE-2024-30468,0,0,657b19720c7a7f72ce29247c42940126c9b095c85b3af6afa14cec4927288c40,2024-04-01T01:12:59.077000 @@ -259066,7 +259066,7 @@ CVE-2024-42797,0,0,6c0c474eaef042d41b079574b5e1792319b47174bba66d6e575baee191b55 CVE-2024-42798,0,0,68babf70e14ff8990491ab0b6e91e013a701f9cc0e2160ba92b41cfc564ee267,2024-09-20T12:31:20.110000 CVE-2024-4280,0,0,f46c38f13eff52b4d020fb374e18f92e6528a4bade2042627b2165ccf7b62772,2024-05-14T16:11:39.510000 CVE-2024-4281,0,0,cb48c26c252b1c83fb4810210335ce05e1fcbd94e5804419418b4f73b9d5c028,2024-05-08T13:15:00.690000 -CVE-2024-42812,0,1,5004482ab060d12928a1d563b5c5dacbbbdd48ef5a3cb8b0e65730030005a510,2024-10-10T20:18:11.100000 +CVE-2024-42812,0,0,5004482ab060d12928a1d563b5c5dacbbbdd48ef5a3cb8b0e65730030005a510,2024-10-10T20:18:11.100000 CVE-2024-42813,0,0,ac2ce0206860ac49c7a00dc981456912113a83f39c5bd8ad9fc9aeb5495f6bf9,2024-08-20T15:44:20.567000 CVE-2024-42815,0,0,fa939825da2520b0805320da8ef3bf06e37d61d20e773887864a50a3aa224eef,2024-09-03T21:15:16.197000 CVE-2024-42816,0,0,8dd1ae8820cfa39b8949229a5b0a0fd0a511af977924a1929a9dcb8553f95dec,2024-08-27T14:35:07.077000 @@ -260322,16 +260322,16 @@ CVE-2024-4511,0,0,4d9dcedc762dab13753e2b0a6fba06d0880c8f0afe543668ff587ed1c4cea3 CVE-2024-45111,0,0,9fb0acaa2cfe1365ae260bae686a5d90e02d1dda50ec2516e7d6462b0987e021,2024-09-13T17:20:53.993000 CVE-2024-45112,0,0,fe220e89b9c90418cf9256ec0d1a61e1fb615761854b12c59226a9746bbe3106,2024-09-19T14:56:53.697000 CVE-2024-45113,0,0,9a4e89176a7b5c7d3845f7aafd6d39f3276ba5c23e86960f62b502204f186b6b,2024-09-13T16:56:53.673000 -CVE-2024-45115,0,1,c0d15d25834ccb11679279795695c8759dc5ffb68b58ffd67cc86ab12fbd63c9,2024-10-10T21:51:56.040000 -CVE-2024-45116,0,1,2e8417cf57660c41680a54b516a33af6bfa2655d4dea438d8f60db1721185df0,2024-10-10T21:47:27.763000 -CVE-2024-45117,0,1,50d3dab3d642d911df75864a2ffed044ab39b8438579d9a2b5ce56b55f3a5bc7,2024-10-10T21:47:11.257000 -CVE-2024-45118,0,1,f90980a9912fa334efade6e42cedaace6acb3f9bd4c108202dbb504666d50155,2024-10-10T21:47:00.927000 -CVE-2024-45119,0,1,7aa5ebebfc5cff150936b3197a45a460050c652be9abff4e3934364bac4209e6,2024-10-10T21:37:39.153000 +CVE-2024-45115,0,0,c0d15d25834ccb11679279795695c8759dc5ffb68b58ffd67cc86ab12fbd63c9,2024-10-10T21:51:56.040000 +CVE-2024-45116,0,0,2e8417cf57660c41680a54b516a33af6bfa2655d4dea438d8f60db1721185df0,2024-10-10T21:47:27.763000 +CVE-2024-45117,0,0,50d3dab3d642d911df75864a2ffed044ab39b8438579d9a2b5ce56b55f3a5bc7,2024-10-10T21:47:11.257000 +CVE-2024-45118,0,0,f90980a9912fa334efade6e42cedaace6acb3f9bd4c108202dbb504666d50155,2024-10-10T21:47:00.927000 +CVE-2024-45119,0,0,7aa5ebebfc5cff150936b3197a45a460050c652be9abff4e3934364bac4209e6,2024-10-10T21:37:39.153000 CVE-2024-4512,0,0,26a6b6bccaf4c25a8f55831184ccf900ec4db9044766abdc62f8dfefbc7cb546,2024-06-04T19:20:40.540000 -CVE-2024-45120,0,1,5f0561f7069ac7696eeae13e26e558a6f6aedeb818e919517eb26d4bc1abbd6e,2024-10-10T21:37:20.763000 -CVE-2024-45121,0,1,2cee5e70ae658dedd8711e83034e604c9000553a071e8889c7492bbfbaeaf164,2024-10-10T21:37:08.743000 -CVE-2024-45122,0,1,416d7bdef3f05aa6196af57a7e46b71f393ea5306a521a39da2e865d3196eec6,2024-10-10T21:35:53.717000 -CVE-2024-45123,0,1,ce142fe257e2af522fabc394413dafdbd35cd8a9472574877f35e8bbc986e8ea,2024-10-10T21:34:32.123000 +CVE-2024-45120,0,0,5f0561f7069ac7696eeae13e26e558a6f6aedeb818e919517eb26d4bc1abbd6e,2024-10-10T21:37:20.763000 +CVE-2024-45121,0,0,2cee5e70ae658dedd8711e83034e604c9000553a071e8889c7492bbfbaeaf164,2024-10-10T21:37:08.743000 +CVE-2024-45122,0,0,416d7bdef3f05aa6196af57a7e46b71f393ea5306a521a39da2e865d3196eec6,2024-10-10T21:35:53.717000 +CVE-2024-45123,0,0,ce142fe257e2af522fabc394413dafdbd35cd8a9472574877f35e8bbc986e8ea,2024-10-10T21:34:32.123000 CVE-2024-45124,0,0,bec64ffcf043df0a92fcb7cc0c5b3c82830729882dc6bfcd467c53a8f38619b5,2024-10-10T12:51:56.987000 CVE-2024-45125,0,0,ede6671d15a517794ae07074f4e9d649201a75139dfe0347b3a19346fb3aa93a,2024-10-10T12:51:56.987000 CVE-2024-45127,0,0,e7d9a81ef8156b45b7d402ad5392b77bcc2bfd4622b7748e1ca5c53270a55e1a,2024-10-10T12:51:56.987000 @@ -261277,6 +261277,7 @@ CVE-2024-47079,0,0,d8ccb016ae09801690996b7754595e296560f1a65a763da55e97f54fd5c7b CVE-2024-4708,0,0,c271dbf72bf72946f8191932c0e7ad58bd2ebed6dfb7e2f3f6882e8c7f0da7d3,2024-08-29T19:31:56.517000 CVE-2024-47082,0,0,1308a2a31af2cc56619224d4839a59b43bea81793244865a2d1ff9a5500281b8,2024-10-01T20:01:13.367000 CVE-2024-47083,0,0,9f0f8f8e78b5ed1a065825a55f34b3ef3e9db7af7ca41f6fc7c1cda9271f0e45,2024-10-03T15:11:29.913000 +CVE-2024-47084,1,1,55fcdb108250db28e47344f2b1475cbdfe5eb4e73c55ecad892e73789442299b,2024-10-10T22:15:10.263000 CVE-2024-47085,0,0,52609fda0dd3268fb54a4c4835942301029b5f82b7a9256b81c2395928ebbe9b,2024-09-26T15:30:47.787000 CVE-2024-47086,0,0,170e19d2a5f94228d179fe1c43d4342418d894a17ee62d0745e0ba04130a0c3e,2024-09-26T15:29:47.233000 CVE-2024-47087,0,0,00c0418dcbaa10bdb3121773be01ff0430232cec071716dead5062981f005e75,2024-09-26T15:25:51.467000 @@ -261309,6 +261310,11 @@ CVE-2024-4716,0,0,17dd73abada87214ed7c4da9787dcdd43aa5089416e4d3395c3029d4b8a776 CVE-2024-47160,0,0,c1aad4fed9b1c25a1ac730f435c0afe6164d933ac9e43b9a1caf75e24768ef64,2024-09-24T18:03:48.370000 CVE-2024-47161,0,0,de6bba3702bf92ae2f58bf77de3cccf9472850d7f360e20d58c4fe881348c53d,2024-10-10T12:56:30.817000 CVE-2024-47162,0,0,322233fc16cb60b7afacb06e9a8b8faccd2cf3bd8a5ab8537cf655de3bfbfae0,2024-09-24T17:57:43.827000 +CVE-2024-47164,1,1,5859bc42ffdd144898177fea7518c38f0b763cb9f31d761bb56378ffa2f03ff9,2024-10-10T22:15:10.437000 +CVE-2024-47165,1,1,6068da0b880a9925adbf77cd58fd288fd51574aa798be6053315e56aaf5343e3,2024-10-10T22:15:10.680000 +CVE-2024-47166,1,1,45dd77a5d784d42ac99f334f6e944f20835acee188dd734009ffff9f00441e48,2024-10-10T22:15:10.833000 +CVE-2024-47167,1,1,5377ac66e1da2ed4cfc0180d5eafdd7a42c84a72740b0a07f5f17e274bc46ea6,2024-10-10T22:15:11 +CVE-2024-47168,1,1,a2425ae1889cb373d5d81ba24b3402b237e1bb3b52a1f88187929aa1b1939e18,2024-10-10T22:15:11.173000 CVE-2024-47169,0,0,3d7d577c82be13838843013d038c262ca65c719ce4179d733fb886eea7d8c747,2024-09-30T12:46:20.237000 CVE-2024-4717,0,0,7921e256cd1b57dcd690590999b44ca8d29db58a18405deda5f12fdfca691aaa,2024-05-17T02:40:34.317000 CVE-2024-47170,0,0,5b51e77bbaf0aa4d73aaed7035aaf98c0f3c0e8a355756474eeb1aa8a1be9c4f,2024-09-30T12:46:20.237000 @@ -261547,7 +261553,7 @@ CVE-2024-47647,0,0,7716a0ae18142ae56901b805b3add32c3ed7fb51591ce35c85552affb5ded CVE-2024-47648,0,0,38ca133ebdd26d7310fc58b771105a72f4adf8394bf849f97ad77530c58416a6,2024-10-10T19:15:17.067000 CVE-2024-4765,0,0,2cc9c7bf1e2c28194496aab966e3be262d91c35cfd4edb32adc2df596a464b78,2024-08-29T21:35:11.807000 CVE-2024-47650,0,0,9afef3be3c031099cbe7cbfa5812d4fd5a6f96ce9539e691bb6d557c122e6c41,2024-10-07T17:47:48.410000 -CVE-2024-47651,0,1,2a67e121f3a9ddab317c97af10a93f430699735ffe494d2404661e90ec37663c,2024-10-10T21:01:39.413000 +CVE-2024-47651,0,0,2a67e121f3a9ddab317c97af10a93f430699735ffe494d2404661e90ec37663c,2024-10-10T21:01:39.413000 CVE-2024-47652,0,0,0106178cdc2d236f6bd6fb41168a986de53675f8839d6b1fc83ef0e66c837bbc,2024-10-04T13:50:43.727000 CVE-2024-47653,0,0,9abed72960a84ca31096d60eaeacc7bd22cfefab657976224976c20e44cb9674,2024-10-04T13:50:43.727000 CVE-2024-47654,0,0,c063b2ef86115a996655e38ded9b00a5dbd609aea4e515001d1d61acc0e2d78e,2024-10-04T13:50:43.727000 @@ -261631,7 +261637,13 @@ CVE-2024-47850,0,0,9d437471ee4f1be7fe8d8f91eb2162f8d4a45526c516c7abe8fcc5930f99b CVE-2024-47854,0,0,31b9ee1e6861649c0043a7af7c7a50d8ef5e295b98593959cd182d2901e547c2,2024-10-06T21:15:12.920000 CVE-2024-47855,0,0,ff52cc8efd16010ace1ca5c24f7c166f3d1a0b5862371f0cb96dbe810ee6ad58,2024-10-04T13:50:43.727000 CVE-2024-4786,0,0,bbc8c5b9b549878acd4ee1e5896d7add0ba995b55e84e619083dd37cca26f8f1,2024-07-29T14:12:08.783000 +CVE-2024-47867,1,1,6eadabfe91df88c97c0e1a0fb1fa01e28883385b26daf6d957ea0c9d42e524e4,2024-10-10T23:15:02.640000 +CVE-2024-47868,1,1,b0619b2c65e030ddd510d181f9450313afade796596784ff9b7bbfaa3597cb58,2024-10-10T23:15:02.797000 +CVE-2024-47869,1,1,821c67165014173e6a65555efe63004db60f2f69d0170d2918b3537cbf1a7c15,2024-10-10T23:15:02.930000 CVE-2024-4787,0,0,6e9b8652de9328ef9248746b2fe52f715cb97566c59048ae6277a1aaed304f45,2024-06-20T12:44:01.637000 +CVE-2024-47870,1,1,67440b65a260801b69dd4b36e2659045709b26a62ba343a9258c4e21ff3805ba,2024-10-10T23:15:03.070000 +CVE-2024-47871,1,1,4598420fb90bc720fd4ef6c3c6d6760832c25f6aa06e45d621b9a1ef226d8d4c,2024-10-10T23:15:03.187000 +CVE-2024-47872,1,1,8471c34cf55992e157ff7eba332e41edd983c92bf011e2e751c8d26e7ec94000,2024-10-10T23:15:03.303000 CVE-2024-4788,0,0,036e4ce9e476328c73022572d41365684f416f1f77ea3a1f5e72bdd2454ce2ec,2024-08-05T20:23:52.467000 CVE-2024-4789,0,0,991c3c0809892f7a4ebcc223f96155782fc07af160e30bd64d5fbc63735bec50,2024-05-17T18:35:35.070000 CVE-2024-4790,0,0,96aecd7cd4f769c190cdd6309a2627db4d493e5cf9efda536a135cb9a7f4eb96,2024-06-20T20:15:19.883000 @@ -261739,7 +261751,7 @@ CVE-2024-4886,0,0,d27ca09c7d3a0108a7cfa4692eb479eab6127452085468fbf17d7a45144cc1 CVE-2024-4887,0,0,cd16cdbf0d661e24b4ec24b0cab770c7eb42c6fb6d3f727954351a4e0884953b,2024-06-07T14:56:05.647000 CVE-2024-4888,0,0,fec1e03b9425eafa3abf9c794b417e5dd9f4ec5c0ccb57ecd621528833d262c0,2024-06-07T14:56:05.647000 CVE-2024-4889,0,0,e1db15d22cd014db7823bf12ffdd16045472c9266c0e44b11059f83de00383eb,2024-06-07T14:56:05.647000 -CVE-2024-4890,0,1,ee7720239380ab5c638f0803999a779457a74687c16e858d2acf0798605f57a2,2024-10-10T20:11:44.610000 +CVE-2024-4890,0,0,ee7720239380ab5c638f0803999a779457a74687c16e858d2acf0798605f57a2,2024-10-10T20:11:44.610000 CVE-2024-48902,0,0,a199409fe89d504d5aac3fbfd93ec8ade919d8618d3b520517113fdc75e03121,2024-10-10T12:51:56.987000 CVE-2024-4891,0,0,f3940d673165429e16eea192398cf8ad711af9d91140d48fc15ea6e438b5c077,2024-05-20T13:00:34.807000 CVE-2024-4892,0,0,86d55410ceaf3ecac0b7906bf27b918d65f0ae499a5475505564f001e752dae0,2024-06-13T18:36:09.013000 @@ -264867,7 +264879,7 @@ CVE-2024-8800,0,0,b88b8f7c810715332a6e73818f131e31a19db28192358d6bd8977fecaf9914 CVE-2024-8801,0,0,b5bc4f982a594acb6aaf56b2e8a82653b32de0b2ae7bfdf440e37c28bdd34de7,2024-09-30T14:23:46.140000 CVE-2024-8802,0,0,8bf5ff4db31e0529cbd08652ac36154d0a1e65a032bdeeb095aa4e8638ac0548,2024-10-08T21:49:10.173000 CVE-2024-8803,0,0,1e0c20c4da3042f287bedde6aa980588230b643699023347d741bb81db132ef8,2024-10-02T17:15:12.677000 -CVE-2024-8804,0,1,08d968e195b0f36220a0a723a12b9b939996510ce1ddcb52b8152a63b9728d80,2024-10-10T20:56:49.403000 +CVE-2024-8804,0,0,08d968e195b0f36220a0a723a12b9b939996510ce1ddcb52b8152a63b9728d80,2024-10-10T20:56:49.403000 CVE-2024-8850,0,0,60f99c260767f82bf00cc7954ec3e058985003b965020b8d3dac7a45b3ea5f64,2024-09-25T18:49:53.397000 CVE-2024-8853,0,0,b5a3b0675f8f2657c7381537f08c47ae3a3694c18acf1b18976370e35c278f0e,2024-09-25T17:49:25.653000 CVE-2024-8858,0,0,a55a2b45b2b7a3f3c60e0d8077307a88defc4d63f2b498893a25b1463c90c22f,2024-10-02T18:41:29.067000 @@ -265046,7 +265058,7 @@ CVE-2024-9172,0,0,061cdfe5504cd57ff23c615d7882c5ec428decc2bc25b474b7bdd44e1c6c93 CVE-2024-9173,0,0,35b89a81311ca677fe554b85f50232d9274c2631e7208ee1d074802a8dbdb506,2024-10-01T14:12:41.293000 CVE-2024-9174,0,0,70fba8b83f62f6c4709cde03a07baa90e2b7205b145527e48fd4fbdcbf5b21e3,2024-10-04T13:50:43.727000 CVE-2024-9177,0,0,c4277901c0a37ba57d19438c33c0231133f774b6681a96af5a3a31a338af68ef,2024-10-03T14:32:46.150000 -CVE-2024-9180,1,1,9779e65e93417b197f46f5c463aa8866d46d5d3340da4da9b2b9c7085aba9dad,2024-10-10T21:15:05.010000 +CVE-2024-9180,0,0,9779e65e93417b197f46f5c463aa8866d46d5d3340da4da9b2b9c7085aba9dad,2024-10-10T21:15:05.010000 CVE-2024-9189,0,0,589dc859bd1b4dfe4aefe62d286159acb6f430185a125dd81b1568310ee1bb88,2024-10-03T17:26:19.397000 CVE-2024-9194,0,0,94d0f5f267ad180c0cf40bc9b87cc59bf3002f59241057e5b89ba1ec25bacf82,2024-10-04T13:51:25.567000 CVE-2024-9198,0,0,f43e7cbf5ad8264654a856d8df5069cea0145a66becd85052219123b3f2b7d6c,2024-10-02T14:33:52.780000 @@ -265124,21 +265136,21 @@ CVE-2024-9333,0,0,29d3d497691b594c7c49948d48e229bbe8c23108f2eef552b2f92cd89acf1f CVE-2024-9341,0,0,6f06f8dbcaa27a536f49e7e7f0e59eeeae4e39f281abffa47a8e4056674c26ad,2024-10-04T13:51:25.567000 CVE-2024-9344,0,0,d870e129ed50c7683cdbbee07d60a73dcd8b852b9805e9d5932c8a41008c379e,2024-10-08T15:06:57.470000 CVE-2024-9345,0,0,b08be38bdc65e7df784af6af5cf36510583fc49f8a0ab62bc24aed87f83f55d0,2024-10-08T16:10:17.567000 -CVE-2024-9349,0,1,7fb570a958bfb5f024d701411e107c7a9174d92283208cc2689922c41cd2d99b,2024-10-10T20:25:57.580000 +CVE-2024-9349,0,0,7fb570a958bfb5f024d701411e107c7a9174d92283208cc2689922c41cd2d99b,2024-10-10T20:25:57.580000 CVE-2024-9353,0,0,64ddffc3239a0d67e3b79e48af9889b2f8d89027aa9c53de3cc5595dbd6f2fd7,2024-10-08T18:50:51.357000 CVE-2024-9355,0,0,2335659835f921193e44d10d2f6efb8c86e6209b896584e38b7b031dda2058dd,2024-10-04T13:51:25.567000 CVE-2024-9358,0,0,ad1311c8435fb7ce092ff9c8b7c1abe83209465bc92e72b7b733a8ea9fa4bf3c,2024-10-04T13:51:25.567000 CVE-2024-9359,0,0,c3e20cb7feaf9e2d5c48c39f4d484e16226f28d5df197104e70b6a5f0b84dc00,2024-10-04T18:54:12.417000 CVE-2024-9360,0,0,9328fb4e6135929e3835e5c835fd869b8491fb46bae32eb4c5f02c6fc86a7446,2024-10-04T18:53:58.020000 -CVE-2024-9368,0,1,9f09034d1cef896f0488110242b0920a28a4e3f8f0b6f56c7b8ec3c63941f7cb,2024-10-10T20:30:51.240000 -CVE-2024-9372,0,1,8dacc1340b523e83cb4764d42eea980a95a68aef0cadf900c3f45471ba3dc7ad,2024-10-10T20:36:28.020000 -CVE-2024-9375,0,1,232ace92ca49be5c1a33c93abd9a6f17ed5ee21ca74aacf34cd6b513a369ea2a,2024-10-10T20:44:02.900000 +CVE-2024-9368,0,0,9f09034d1cef896f0488110242b0920a28a4e3f8f0b6f56c7b8ec3c63941f7cb,2024-10-10T20:30:51.240000 +CVE-2024-9372,0,0,8dacc1340b523e83cb4764d42eea980a95a68aef0cadf900c3f45471ba3dc7ad,2024-10-10T20:36:28.020000 +CVE-2024-9375,0,0,232ace92ca49be5c1a33c93abd9a6f17ed5ee21ca74aacf34cd6b513a369ea2a,2024-10-10T20:44:02.900000 CVE-2024-9377,0,0,7e92c94153a671db6e3bc46a35701812779a3ebf2498b474df31292a74a22a6c,2024-10-10T12:51:56.987000 CVE-2024-9378,0,0,ced37e1766b174eaa8afe905f70c6bc3776421764713e21471018e4984150c99,2024-10-07T20:15:08.697000 CVE-2024-9379,0,0,516d40ef4e4e63b36e39f0d7901bfa51f0ecb87ed03e2b9d356905dfde91b2d7,2024-10-10T15:53:20.427000 CVE-2024-9380,0,0,1da17b0a78e38ec2972a0d60b36042927447aa25979eb58f6d07718527ed157b,2024-10-10T15:50:03.240000 CVE-2024-9381,0,0,38dc7b42bfe6f81a683e774fe86ddcbec5bce97b381af2229d40d440156c5086,2024-10-10T12:56:30.817000 -CVE-2024-9384,0,1,a6a408c481cce62ffd2afe76e175a7a94a46c764ed46cc8221ec17248ad3b62d,2024-10-10T20:52:33.333000 +CVE-2024-9384,0,0,a6a408c481cce62ffd2afe76e175a7a94a46c764ed46cc8221ec17248ad3b62d,2024-10-10T20:52:33.333000 CVE-2024-9385,0,0,d5290e9b463ce80e3cb0a2758c2b2174c3a3323b0c1b53b476f1fa2df6ded1c1,2024-10-07T17:48:28.117000 CVE-2024-9391,0,0,7d6eba489d698d80c25274418cf61f043b91561cc903d053b7833bff789db601,2024-10-04T13:51:25.567000 CVE-2024-9392,0,0,beca44e590b21e5502ca4e733f60749ac893cd13053addd71013500d8f613300,2024-10-04T13:51:25.567000 @@ -265159,13 +265171,13 @@ CVE-2024-9410,0,0,90cffd2b402803b1ff7e6401238cb515c8bb4e7ed816fe3e9a33e1d435f926 CVE-2024-9411,0,0,09446adc9a52ba88acfc951352e9088b24cfd1cdb8a001643ee070875c43ffef,2024-10-04T13:51:25.567000 CVE-2024-9412,0,0,aa9a3d3cdb3659b02012ef158f2f0c675ff0de511272afae470c48f556502feb,2024-10-10T12:51:56.987000 CVE-2024-9417,0,0,3a253693d9f258d17d8c6435732a7f997d65ff8389871880258fe316da3e8053,2024-10-07T17:48:28.117000 -CVE-2024-9421,0,1,c9b1d003792a28014f7a9846d6ca15c83ef06308c8117d3bc2489a9bd808c180,2024-10-10T20:59:01.600000 +CVE-2024-9421,0,0,c9b1d003792a28014f7a9846d6ca15c83ef06308c8117d3bc2489a9bd808c180,2024-10-10T20:59:01.600000 CVE-2024-9423,0,0,080f0a87d4561f3316974a1b5473f0b3836e39e629c6273c7813cc62b41d4a31,2024-10-04T13:50:43.727000 CVE-2024-9429,0,0,39a47d098a68b52cf32f59e1969df9e75a8cf523aa1e072e6df455fffe62a5c0,2024-10-07T20:15:10.567000 CVE-2024-9435,0,0,c0164287b46d3e8531339252132cc16d0c7cce06943117749d5b9ae676e40cd6,2024-10-08T16:22:40.780000 CVE-2024-9440,0,0,843a4b0691140c8544f03abfab0d72b48e96752c7147156cb98041d58d09b93a,2024-10-04T13:50:43.727000 CVE-2024-9441,0,0,1eef796e7a879df6819e9c253093e433508e2bb2fbba7042830a70bc7a4951a7,2024-10-04T13:50:43.727000 -CVE-2024-9445,0,1,8f3ba5381bff25a0e78ae3572f156125ecb8ba69b50a9e6b24cc0100c7b0aa9b,2024-10-10T20:58:04.907000 +CVE-2024-9445,0,0,8f3ba5381bff25a0e78ae3572f156125ecb8ba69b50a9e6b24cc0100c7b0aa9b,2024-10-10T20:58:04.907000 CVE-2024-9449,0,0,cfb15c20f0e2d2639784936ce05b9d4995f794dc20e1235b71d532f9a502b8fe,2024-10-10T12:51:56.987000 CVE-2024-9451,0,0,bfba756188c29e076bb119887d9bdf6d3874c705a9d59100000802c164b86caa,2024-10-10T12:51:56.987000 CVE-2024-9455,0,0,ca7310e762dfcd09cbb5f1358b0e3644684d54725bcf9d8ec53a1dfcee667610,2024-10-07T17:48:28.117000 @@ -265185,6 +265197,7 @@ CVE-2024-9481,0,0,d47799c935f3894a1eb77a57851e2857614dcde60b18ca54bd2e7df5819c5f CVE-2024-9482,0,0,f3165a4a24a2f9114d882c0f7f29d9fd657c327243b8585b7ba3adb352065c7e,2024-10-04T13:50:43.727000 CVE-2024-9483,0,0,3a05dd369a56fa7d8019ce26b0a40ec5faf2156ca92b0ceaf0493b163c999d00,2024-10-04T13:50:43.727000 CVE-2024-9484,0,0,09a6a45178e5434bfb1cb0415a67ebc11284aea03e94bd83c401b848478b5c91,2024-10-04T13:50:43.727000 +CVE-2024-9487,1,1,be00f607ab07459b01c7648dac82f3c2af8f672daa92e4c79a618b3482e9ac23,2024-10-10T22:15:11.357000 CVE-2024-9513,0,0,8bf69fcd896ef2c6d740d4e3fb7359c13bcd3037f3f5c5ca172d72ee575fdaa7,2024-10-07T21:15:19.450000 CVE-2024-9514,0,0,a0c385c9cad31170054b57880ea14385102aa94e9ee1a9b5619f4982b4ac92e4,2024-10-09T11:19:25.577000 CVE-2024-9515,0,0,b319f60f83e92c55aa0a25714009b76d6e0da4210ce3c744b2eab53a0f6a8b5b,2024-10-09T11:19:00.897000 @@ -265262,9 +265275,14 @@ CVE-2024-9804,0,0,89f8ea72d25f0eddbb8b5a3baea4833631254612ffe4917b0c6293a590d52d CVE-2024-9805,0,0,f93447fea5a871d2a236223dab8ba6d5f2748eefc9e1e41bc80a3cf4d5d96eb7,2024-10-10T18:15:09.440000 CVE-2024-9806,0,0,fab3cf780899402ed265861f091b2b5c5a2f3a65753dc88a57c329dcdda36189,2024-10-10T19:15:17.520000 CVE-2024-9807,0,0,f5649b59fd8fb32d2f9e11414708f6df3b7dcdb3d251afc4ade1b8999c66290b,2024-10-10T19:15:17.797000 -CVE-2024-9808,1,1,12dce1f961995399bd84c517f37b8358d32cac0a693ba8205a0898e2643861b1,2024-10-10T20:15:05.003000 -CVE-2024-9809,1,1,5c1e904326cf3ec1c4ea5c0c061b9e3f46651617b12daa009afc36cd55471c31,2024-10-10T20:15:05.267000 -CVE-2024-9810,1,1,58892cd2ee4e7f061b9d9551b82639bd6ae9bb920a782066b01e5e2437d14039,2024-10-10T20:15:05.517000 -CVE-2024-9811,1,1,a363d0269356f2f6a435a37502557c3e13060bda99e1d3b9d7908a22e8f81531,2024-10-10T21:15:05.383000 -CVE-2024-9812,1,1,84a0a4c7476dad7f04cad89cc3da18e12422227f99bd80a54401a1c004280abc,2024-10-10T21:15:05.677000 -CVE-2024-9813,1,1,82e9ce42aed58de2b77887b19ce10ffb81e9a4959555fe4a3cc0c0c017de09fe,2024-10-10T21:15:05.963000 +CVE-2024-9808,0,0,12dce1f961995399bd84c517f37b8358d32cac0a693ba8205a0898e2643861b1,2024-10-10T20:15:05.003000 +CVE-2024-9809,0,0,5c1e904326cf3ec1c4ea5c0c061b9e3f46651617b12daa009afc36cd55471c31,2024-10-10T20:15:05.267000 +CVE-2024-9810,0,0,58892cd2ee4e7f061b9d9551b82639bd6ae9bb920a782066b01e5e2437d14039,2024-10-10T20:15:05.517000 +CVE-2024-9811,0,0,a363d0269356f2f6a435a37502557c3e13060bda99e1d3b9d7908a22e8f81531,2024-10-10T21:15:05.383000 +CVE-2024-9812,0,0,84a0a4c7476dad7f04cad89cc3da18e12422227f99bd80a54401a1c004280abc,2024-10-10T21:15:05.677000 +CVE-2024-9813,0,0,82e9ce42aed58de2b77887b19ce10ffb81e9a4959555fe4a3cc0c0c017de09fe,2024-10-10T21:15:05.963000 +CVE-2024-9814,1,1,914eadbcb14b3755a1ff05073e839e9ea8592bcea3203beef1a0acaccb769e31,2024-10-10T22:15:11.570000 +CVE-2024-9815,1,1,88a550f6cb92a368ea0bbbf49b20d73379efa44934b30bcb818d49eaa9b3f3f1,2024-10-10T22:15:11.917000 +CVE-2024-9816,1,1,b558749b310662e562a03139cd743ab5e13638cae5288ab2349400fc9e4a8f44,2024-10-10T22:15:12.230000 +CVE-2024-9817,1,1,64961e55de2aecac95e692e2205c7e393510ae0087bb3b78e5af557801c488ea,2024-10-10T23:15:03.410000 +CVE-2024-9818,1,1,4a540b8f9903a9b9420b63ef2490b163dd3b5219ef38e22237dcd7875973e6a1,2024-10-10T23:15:03.680000