From 4a9247405b0a8cc4dc9890046880fcadd501be0b Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 4 Dec 2024 17:04:08 +0000 Subject: [PATCH] Auto-Update: 2024-12-04T17:00:55.533514+00:00 --- CVE-2019/CVE-2019-118xx/CVE-2019-11881.json | 13 +- CVE-2023/CVE-2023-212xx/CVE-2023-21208.json | 27 +- CVE-2023/CVE-2023-271xx/CVE-2023-27199.json | 29 +- CVE-2023/CVE-2023-326xx/CVE-2023-32622.json | 36 +- CVE-2023/CVE-2023-72xx/CVE-2023-7236.json | 43 +- CVE-2024/CVE-2024-06xx/CVE-2024-0638.json | 500 +++++++++++++++- CVE-2024/CVE-2024-116xx/CVE-2024-11643.json | 64 +++ CVE-2024/CVE-2024-117xx/CVE-2024-11703.json | 18 +- CVE-2024/CVE-2024-119xx/CVE-2024-11959.json | 103 +++- CVE-2024/CVE-2024-119xx/CVE-2024-11960.json | 103 +++- CVE-2024/CVE-2024-119xx/CVE-2024-11962.json | 86 ++- CVE-2024/CVE-2024-119xx/CVE-2024-11963.json | 86 ++- CVE-2024/CVE-2024-119xx/CVE-2024-11964.json | 86 ++- CVE-2024/CVE-2024-119xx/CVE-2024-11965.json | 86 ++- CVE-2024/CVE-2024-119xx/CVE-2024-11966.json | 86 ++- CVE-2024/CVE-2024-120xx/CVE-2024-12056.json | 78 +++ CVE-2024/CVE-2024-17xx/CVE-2024-1742.json | 500 +++++++++++++++- CVE-2024/CVE-2024-17xx/CVE-2024-1764.json | 31 +- CVE-2024/CVE-2024-207xx/CVE-2024-20761.json | 67 ++- CVE-2024/CVE-2024-207xx/CVE-2024-20762.json | 65 ++- CVE-2024/CVE-2024-207xx/CVE-2024-20763.json | 65 ++- CVE-2024/CVE-2024-207xx/CVE-2024-20764.json | 67 ++- CVE-2024/CVE-2024-207xx/CVE-2024-20795.json | 68 ++- CVE-2024/CVE-2024-207xx/CVE-2024-20796.json | 68 ++- CVE-2024/CVE-2024-207xx/CVE-2024-20797.json | 68 ++- CVE-2024/CVE-2024-210xx/CVE-2024-21073.json | 55 +- CVE-2024/CVE-2024-210xx/CVE-2024-21075.json | 55 +- CVE-2024/CVE-2024-210xx/CVE-2024-21077.json | 55 +- CVE-2024/CVE-2024-221xx/CVE-2024-22114.json | 146 ++++- CVE-2024/CVE-2024-221xx/CVE-2024-22116.json | 134 ++++- CVE-2024/CVE-2024-223xx/CVE-2024-22335.json | 82 ++- CVE-2024/CVE-2024-223xx/CVE-2024-22336.json | 82 ++- CVE-2024/CVE-2024-261xx/CVE-2024-26122.json | 50 +- CVE-2024/CVE-2024-273xx/CVE-2024-27324.json | 82 ++- CVE-2024/CVE-2024-273xx/CVE-2024-27325.json | 78 ++- CVE-2024/CVE-2024-273xx/CVE-2024-27326.json | 78 ++- CVE-2024/CVE-2024-273xx/CVE-2024-27327.json | 86 ++- CVE-2024/CVE-2024-273xx/CVE-2024-27328.json | 78 ++- CVE-2024/CVE-2024-273xx/CVE-2024-27329.json | 78 ++- CVE-2024/CVE-2024-288xx/CVE-2024-28824.json | 500 +++++++++++++++- CVE-2024/CVE-2024-288xx/CVE-2024-28826.json | 565 +++++++++++++++++- CVE-2024/CVE-2024-288xx/CVE-2024-28827.json | 600 +++++++++++++++++++- CVE-2024/CVE-2024-288xx/CVE-2024-28830.json | 588 ++++++++++++++++++- CVE-2024/CVE-2024-288xx/CVE-2024-28831.json | 318 ++++++++++- CVE-2024/CVE-2024-288xx/CVE-2024-28832.json | 588 ++++++++++++++++++- CVE-2024/CVE-2024-302xx/CVE-2024-30275.json | 61 +- CVE-2024/CVE-2024-302xx/CVE-2024-30281.json | 62 +- CVE-2024/CVE-2024-375xx/CVE-2024-37574.json | 29 + CVE-2024/CVE-2024-375xx/CVE-2024-37575.json | 29 + CVE-2024/CVE-2024-388xx/CVE-2024-38857.json | 595 ++++++++++++++++++- CVE-2024/CVE-2024-391xx/CVE-2024-39165.json | 34 +- CVE-2024/CVE-2024-407xx/CVE-2024-40744.json | 33 ++ CVE-2024/CVE-2024-407xx/CVE-2024-40745.json | 33 ++ CVE-2024/CVE-2024-424xx/CVE-2024-42451.json | 22 +- CVE-2024/CVE-2024-424xx/CVE-2024-42452.json | 18 +- CVE-2024/CVE-2024-424xx/CVE-2024-42453.json | 18 +- CVE-2024/CVE-2024-424xx/CVE-2024-42457.json | 18 +- CVE-2024/CVE-2024-430xx/CVE-2024-43091.json | 18 +- CVE-2024/CVE-2024-452xx/CVE-2024-45207.json | 18 +- CVE-2024/CVE-2024-466xx/CVE-2024-46624.json | 43 +- CVE-2024/CVE-2024-475xx/CVE-2024-47554.json | 33 +- CVE-2024/CVE-2024-487xx/CVE-2024-48783.json | 40 +- CVE-2024/CVE-2024-513xx/CVE-2024-51365.json | 68 +++ CVE-2024/CVE-2024-513xx/CVE-2024-51366.json | 68 +++ CVE-2024/CVE-2024-513xx/CVE-2024-51378.json | 4 +- CVE-2024/CVE-2024-531xx/CVE-2024-53126.json | 29 + CVE-2024/CVE-2024-531xx/CVE-2024-53127.json | 33 ++ CVE-2024/CVE-2024-531xx/CVE-2024-53128.json | 25 + CVE-2024/CVE-2024-531xx/CVE-2024-53129.json | 33 ++ CVE-2024/CVE-2024-531xx/CVE-2024-53130.json | 33 ++ CVE-2024/CVE-2024-531xx/CVE-2024-53131.json | 33 ++ CVE-2024/CVE-2024-531xx/CVE-2024-53132.json | 25 + CVE-2024/CVE-2024-531xx/CVE-2024-53133.json | 25 + CVE-2024/CVE-2024-531xx/CVE-2024-53134.json | 29 + CVE-2024/CVE-2024-531xx/CVE-2024-53135.json | 33 ++ CVE-2024/CVE-2024-531xx/CVE-2024-53136.json | 33 ++ CVE-2024/CVE-2024-531xx/CVE-2024-53137.json | 25 + CVE-2024/CVE-2024-531xx/CVE-2024-53138.json | 33 ++ CVE-2024/CVE-2024-531xx/CVE-2024-53139.json | 29 + CVE-2024/CVE-2024-531xx/CVE-2024-53140.json | 33 ++ CVE-2024/CVE-2024-534xx/CVE-2024-53432.json | 60 ++ CVE-2024/CVE-2024-536xx/CVE-2024-53614.json | 25 + CVE-2024/CVE-2024-540xx/CVE-2024-54002.json | 56 ++ CVE-2024/CVE-2024-541xx/CVE-2024-54132.json | 82 +++ CVE-2024/CVE-2024-541xx/CVE-2024-54134.json | 78 +++ CVE-2024/CVE-2024-546xx/CVE-2024-54661.json | 31 +- CVE-2024/CVE-2024-546xx/CVE-2024-54664.json | 18 +- CVE-2024/CVE-2024-74xx/CVE-2024-7488.json | 14 +- CVE-2024/CVE-2024-88xx/CVE-2024-8843.json | 63 +- CVE-2024/CVE-2024-88xx/CVE-2024-8844.json | 63 +- CVE-2024/CVE-2024-88xx/CVE-2024-8845.json | 63 +- CVE-2024/CVE-2024-88xx/CVE-2024-8846.json | 58 +- CVE-2024/CVE-2024-88xx/CVE-2024-8847.json | 58 +- CVE-2024/CVE-2024-88xx/CVE-2024-8848.json | 58 +- CVE-2024/CVE-2024-88xx/CVE-2024-8849.json | 58 +- README.md | 88 +-- _state.csv | 216 ++++--- 97 files changed, 9040 insertions(+), 485 deletions(-) create mode 100644 CVE-2024/CVE-2024-116xx/CVE-2024-11643.json create mode 100644 CVE-2024/CVE-2024-120xx/CVE-2024-12056.json create mode 100644 CVE-2024/CVE-2024-375xx/CVE-2024-37574.json create mode 100644 CVE-2024/CVE-2024-375xx/CVE-2024-37575.json create mode 100644 CVE-2024/CVE-2024-407xx/CVE-2024-40744.json create mode 100644 CVE-2024/CVE-2024-407xx/CVE-2024-40745.json create mode 100644 CVE-2024/CVE-2024-513xx/CVE-2024-51365.json create mode 100644 CVE-2024/CVE-2024-513xx/CVE-2024-51366.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53126.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53127.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53128.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53129.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53130.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53131.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53132.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53133.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53134.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53135.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53136.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53137.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53138.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53139.json create mode 100644 CVE-2024/CVE-2024-531xx/CVE-2024-53140.json create mode 100644 CVE-2024/CVE-2024-534xx/CVE-2024-53432.json create mode 100644 CVE-2024/CVE-2024-536xx/CVE-2024-53614.json create mode 100644 CVE-2024/CVE-2024-540xx/CVE-2024-54002.json create mode 100644 CVE-2024/CVE-2024-541xx/CVE-2024-54132.json create mode 100644 CVE-2024/CVE-2024-541xx/CVE-2024-54134.json diff --git a/CVE-2019/CVE-2019-118xx/CVE-2019-11881.json b/CVE-2019/CVE-2019-118xx/CVE-2019-11881.json index 2254029aed2..d815c8d2fdf 100644 --- a/CVE-2019/CVE-2019-118xx/CVE-2019-11881.json +++ b/CVE-2019/CVE-2019-118xx/CVE-2019-11881.json @@ -2,12 +2,13 @@ "id": "CVE-2019-11881", "sourceIdentifier": "cve@mitre.org", "published": "2019-06-10T20:29:01.090", - "lastModified": "2024-11-21T04:21:56.987", + "lastModified": "2024-12-04T15:15:07.187", "vulnStatus": "Modified", + "cveTags": [], "descriptions": [ { "lang": "en", - "value": "A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a \"This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading\" message." + "value": "A vulnerability exists in Rancher before 2.2.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a \"This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading\" message." }, { "lang": "es", @@ -100,6 +101,14 @@ "Third Party Advisory" ] }, + { + "url": "https://github.com/rancher/rancher/blob/v2.2.4/pkg/auth/providers/saml/saml_client.go#L282", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/rancher/rancher/commit/e59adbc7565251919d84d6e353421104be8da06e", + "source": "cve@mitre.org" + }, { "url": "https://github.com/rancher/rancher/issues/20216", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-212xx/CVE-2023-21208.json b/CVE-2023/CVE-2023-212xx/CVE-2023-21208.json index 25644fed4a6..f14a398ef59 100644 --- a/CVE-2023/CVE-2023-212xx/CVE-2023-21208.json +++ b/CVE-2023/CVE-2023-212xx/CVE-2023-21208.json @@ -2,8 +2,8 @@ "id": "CVE-2023-21208", "sourceIdentifier": "security@android.com", "published": "2023-06-28T18:15:15.913", - "lastModified": "2023-07-05T20:35:19.113", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-04T16:15:20.150", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -26,9 +28,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 4.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 0.8, "impactScore": 3.6 @@ -45,6 +45,16 @@ "value": "CWE-125" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] } ], "configurations": [ @@ -71,6 +81,13 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://source.android.com/security/bulletin/pixel/2023-06-01", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-271xx/CVE-2023-27199.json b/CVE-2023/CVE-2023-271xx/CVE-2023-27199.json index e3f764399ad..5443b7ab2f6 100644 --- a/CVE-2023/CVE-2023-271xx/CVE-2023-27199.json +++ b/CVE-2023/CVE-2023-271xx/CVE-2023-27199.json @@ -2,7 +2,7 @@ "id": "CVE-2023-27199", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-05T20:15:10.127", - "lastModified": "2024-04-23T14:15:08.290", + "lastModified": "2024-12-04T16:15:20.393", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -26,9 +28,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 0.8, "impactScore": 5.9 @@ -45,6 +45,16 @@ "value": "NVD-CWE-Other" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-290" + } + ] } ], "configurations": [ @@ -87,6 +97,17 @@ { "url": "https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2023/", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27199.md", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://wr3nchsr.github.io/pax-paydroid-vulnerabilities-advisory-2023/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32622.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32622.json index 5bc0f9cdd50..6f6285c53d5 100644 --- a/CVE-2023/CVE-2023-326xx/CVE-2023-32622.json +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32622.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32622", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-06-30T05:15:09.667", - "lastModified": "2023-07-06T23:39:37.940", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-04T16:15:22.143", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -19,6 +19,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -26,9 +28,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.2, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.2, "impactScore": 5.9 @@ -45,6 +45,16 @@ "value": "NVD-CWE-Other" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] } ], "configurations": [ @@ -93,6 +103,22 @@ "Patch", "Product" ] + }, + { + "url": "https://jvn.jp/en/jp/JVN78634340/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://www.wavlink.com/en_us/firmware/details/932108ffc5.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-72xx/CVE-2023-7236.json b/CVE-2023/CVE-2023-72xx/CVE-2023-7236.json index 5c3627f9669..b2559773ff8 100644 --- a/CVE-2023/CVE-2023-72xx/CVE-2023-7236.json +++ b/CVE-2023/CVE-2023-72xx/CVE-2023-7236.json @@ -2,7 +2,7 @@ "id": "CVE-2023-7236", "sourceIdentifier": "contact@wpscan.com", "published": "2024-03-18T19:15:06.207", - "lastModified": "2024-03-18T19:40:00.173", + "lastModified": "2024-12-04T15:15:08.850", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,50 @@ "value": "El complemento Backup Bolt de WordPress hasta la versi\u00f3n 1.3.0 es vulnerable a la exposici\u00f3n de la informaci\u00f3n a trav\u00e9s del acceso desprotegido a los registros de depuraci\u00f3n. Esto hace posible que atacantes no autenticados recuperen el registro de depuraci\u00f3n que puede contener informaci\u00f3n como errores del sistema que podr\u00edan contener informaci\u00f3n confidencial." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", + "baseScore": 4.7, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/2a4557e2-b764-4678-a6d6-af39dd1ba76b/", "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/2a4557e2-b764-4678-a6d6-af39dd1ba76b/", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0638.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0638.json index 9b6797c782a..56324f12705 100644 --- a/CVE-2024/CVE-2024-06xx/CVE-2024-0638.json +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0638.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0638", "sourceIdentifier": "security@checkmk.com", "published": "2024-03-22T11:15:46.183", - "lastModified": "2024-03-22T12:45:36.130", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T17:00:07.247", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.2, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,12 +32,30 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.2, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.5, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 } ] }, @@ -49,12 +69,480 @@ "value": "CWE-272" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/16232", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/16232", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-116xx/CVE-2024-11643.json b/CVE-2024/CVE-2024-116xx/CVE-2024-11643.json new file mode 100644 index 00000000000..1d14e6a1ec9 --- /dev/null +++ b/CVE-2024/CVE-2024-116xx/CVE-2024-11643.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-11643", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-12-04T16:15:24.177", + "lastModified": "2024-12-04T16:15:24.177", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Accessibility by AllAccessible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'AllAccessible_save_settings' function in all versions up to, and including, 1.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/allaccessible/trunk/allaccessible.php#L249", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3202017/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb65d916-7d9e-4562-ab9b-c7ba012a08fb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-117xx/CVE-2024-11703.json b/CVE-2024/CVE-2024-117xx/CVE-2024-11703.json index ddbd68f2bc2..45f24fc6850 100644 --- a/CVE-2024/CVE-2024-117xx/CVE-2024-11703.json +++ b/CVE-2024/CVE-2024-117xx/CVE-2024-11703.json @@ -2,7 +2,7 @@ "id": "CVE-2024-11703", "sourceIdentifier": "security@mozilla.org", "published": "2024-11-26T14:15:19.810", - "lastModified": "2024-12-02T18:15:09.087", + "lastModified": "2024-12-04T15:15:09.437", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -22,19 +22,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", - "baseScore": 9.1, - "baseSeverity": "CRITICAL", - "attackVector": "NETWORK", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", + "baseScore": 5.7, + "baseSeverity": "MEDIUM", + "attackVector": "PHYSICAL", "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 0.5, "impactScore": 5.2 } ] @@ -46,7 +46,7 @@ "description": [ { "lang": "en", - "value": "CWE-276" + "value": "CWE-522" } ] } diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11959.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11959.json index 37d16624f03..ca01369041a 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11959.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11959.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11959", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-28T15:15:18.003", - "lastModified": "2024-11-28T15:15:18.003", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:52:55.150", + "vulnStatus": "Analyzed", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en D-Link DIR-605L 2.13B01, que ha sido clasificada como cr\u00edtica. Afecta a la funci\u00f3n formResetStatistic del archivo /goform/formResetStatistic. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { @@ -83,6 +87,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -114,7 +138,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -125,32 +149,93 @@ "value": "CWE-120" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-605l_firmware:2.13b01:*:*:*:*:*:*:*", + "matchCriteriaId": "47A17995-9117-42E4-938E-D18F605DD0FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-605l:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CD4E3AA2-EC1C-4219-8E13-B52D30A7FA06" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/offshore0315/loT-vulnerable/blob/main/D-Link/formResetStatistic.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10393", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.286341", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.286341", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.447484", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.dlink.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11960.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11960.json index 9b47f1406df..ebebca27909 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11960.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11960.json @@ -2,8 +2,8 @@ "id": "CVE-2024-11960", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-28T15:15:18.347", - "lastModified": "2024-11-28T15:15:18.347", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:52:34.413", + "vulnStatus": "Analyzed", "cveTags": [ { "sourceIdentifier": "cna@vuldb.com", @@ -16,6 +16,10 @@ { "lang": "en", "value": "A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en D-Link DIR-605L 2.13B01. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n formSetPortTr del archivo /goform/formSetPortTr. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -83,6 +87,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -114,7 +138,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -125,32 +149,93 @@ "value": "CWE-120" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-605l_firmware:2.13b01:*:*:*:*:*:*:*", + "matchCriteriaId": "47A17995-9117-42E4-938E-D18F605DD0FE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-605l:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CD4E3AA2-EC1C-4219-8E13-B52D30A7FA06" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/offshore0315/loT-vulnerable/blob/main/D-Link/formSetPortTr.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10393", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.286342", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.286342", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.447485", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.dlink.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11962.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11962.json index 15c5c71081c..e4e81732379 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11962.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11962.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11962", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-28T16:15:06.307", - "lastModified": "2024-11-28T16:15:06.307", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:51:47.007", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Simple Car Rental System 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /login.php. La manipulaci\u00f3n del argumento uname conduce a una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -107,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -118,28 +142,74 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:simple_car_rental_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D80D0581-09FD-4CE1-9327-CF580DF49354" + } + ] + } + ] } ], "references": [ { "url": "https://code-projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/w0r1dtr33/cve/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.286345", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.286345", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.452084", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11963.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11963.json index a8ba72d3b36..1d9950c8fbd 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11963.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11963.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11963", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-28T16:15:06.993", - "lastModified": "2024-11-28T16:15:06.993", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:51:21.440", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in code-projects Responsive Hotel Site 1.0. Affected by this issue is some unknown functionality of the file /admin/room.php. The manipulation of the argument troom leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Responsive Hotel Site 1.0. Este problema afecta a una funcionalidad desconocida del archivo /admin/room.php. La manipulaci\u00f3n del argumento troom provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -107,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -118,28 +142,74 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:responsive_hotel_site:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "E1C10207-0B0E-455F-B5AE-2CAA6C98BA15" + } + ] + } + ] } ], "references": [ { "url": "https://code-projects.org/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/w0r1dtr33/cve/issues/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.286346", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.286346", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.452106", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11964.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11964.json index 9a4bd6d4b28..788df3c0622 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11964.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11964.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11964", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-28T17:15:18.500", - "lastModified": "2024-11-28T17:15:18.500", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:50:38.423", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management system 1.0. This affects an unknown part of the file /user/index.php. The manipulation of the argument emailid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Complaint Management system 1.0. Afecta a una parte desconocida del archivo /user/index.php. La manipulaci\u00f3n del argumento emailid provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -107,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -118,28 +142,74 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:complaint_management_system:1.0:*:*:*:-:*:*:*", + "matchCriteriaId": "CAB40780-3F18-4A8D-9033-32EF5A7327D5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/Aurora0x1/CVE/issues/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.286347", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.286347", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.452471", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11965.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11965.json index 52ffecf0dee..d66241850ec 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11965.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11965.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11965", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-28T17:15:19.383", - "lastModified": "2024-11-28T17:15:19.383", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:50:20.197", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en PHPGurukul Complaint Management system 1.0 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /user/reset-password.php. La manipulaci\u00f3n del argumento email conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -107,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -118,28 +142,74 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:complaint_management_system:1.0:*:*:*:-:*:*:*", + "matchCriteriaId": "CAB40780-3F18-4A8D-9033-32EF5A7327D5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/Aurora0x1/CVE/issues/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.286348", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.286348", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.452472", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-119xx/CVE-2024-11966.json b/CVE-2024/CVE-2024-119xx/CVE-2024-11966.json index b5557540b66..bd618f7fb5d 100644 --- a/CVE-2024/CVE-2024-119xx/CVE-2024-11966.json +++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11966.json @@ -2,13 +2,17 @@ "id": "CVE-2024-11966", "sourceIdentifier": "cna@vuldb.com", "published": "2024-11-28T18:15:07.547", - "lastModified": "2024-11-28T18:15:07.547", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:50:01.657", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in PHPGurukul Complaint Management system 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en PHPGurukul Complaint Management system 1.0 y se ha clasificado como cr\u00edtica. Este problema afecta a algunos procesos desconocidos del archivo /admin/index.php. La manipulaci\u00f3n del argumento username provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse." } ], "metrics": { @@ -76,6 +80,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -107,7 +131,7 @@ "weaknesses": [ { "source": "cna@vuldb.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -118,28 +142,74 @@ "value": "CWE-89" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:complaint_management_system:1.0:*:*:*:-:*:*:*", + "matchCriteriaId": "CAB40780-3F18-4A8D-9033-32EF5A7327D5" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/Aurora0x1/CVE/issues/3", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.286349", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.286349", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?submit.452476", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-120xx/CVE-2024-12056.json b/CVE-2024/CVE-2024-120xx/CVE-2024-12056.json new file mode 100644 index 00000000000..7ab174abce8 --- /dev/null +++ b/CVE-2024/CVE-2024-120xx/CVE-2024-12056.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-12056", + "sourceIdentifier": "87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932", + "published": "2024-12-04T15:15:09.700", + "lastModified": "2024-12-04T15:15:09.700", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Client secret is not checked when using the OAuth Password grant type.\n\nBy exploiting this vulnerability, an attacker could connect to a web server using a client application not explicitly authorized as part of the OAuth deployment.\nExploitation requires valid credentials and does not permit the attacker to bypass user privileges." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:M/U:Green", + "baseScore": 2.3, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "LOW", + "subsequentSystemIntegrity": "LOW", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NO", + "recovery": "USER", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "MODERATE", + "providerUrgency": "GREEN" + } + } + ] + }, + "weaknesses": [ + { + "source": "87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-358" + } + ] + } + ], + "references": [ + { + "url": "https://www.pcvue.com/security/security/#SB2024-4", + "source": "87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1742.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1742.json index 8011c439613..cc8b8b073d2 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1742.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1742.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1742", "sourceIdentifier": "security@checkmk.com", "published": "2024-03-22T11:15:46.457", - "lastModified": "2024-03-22T12:45:36.130", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:50:05.197", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", + "baseScore": 3.8, + "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,12 +32,30 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.8, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.0, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 } ] }, @@ -49,12 +69,480 @@ "value": "CWE-214" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/16234", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/16234", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1764.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1764.json index 33bcc456362..f3df14b37a0 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1764.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1764.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1764", "sourceIdentifier": "security@devolutions.net", "published": "2024-03-05T22:15:46.947", - "lastModified": "2024-03-06T15:18:08.093", + "lastModified": "2024-12-04T16:15:24.527", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,7 +15,30 @@ "value": "La gesti\u00f3n inadecuada de privilegios en el m\u00f3dulo de elevaci\u00f3n Justo a tiempo (JIT) en Devolutions Server 2023.3.14.0 y versiones anteriores permite que un usuario contin\u00fae usando el privilegio elevado incluso despu\u00e9s de su vencimiento en circunstancias espec\u00edficas." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, "weaknesses": [ { "source": "security@devolutions.net", @@ -32,6 +55,10 @@ { "url": "https://devolutions.net/security/advisories/DEVO-2024-0002", "source": "security@devolutions.net" + }, + { + "url": "https://devolutions.net/security/advisories/DEVO-2024-0002", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20761.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20761.json index 9ea897d9247..c477f0b1900 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20761.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20761.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20761", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:08.487", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:16:10.297", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndExcluding": "23.0.4", + "matchCriteriaId": "BDC43CC1-FD68-4A25-9223-5015D20F9859" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:24.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "EB30B5E5-615F-4DD0-A4DA-5017212A7DD3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20762.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20762.json index 973662e07ea..90cf52d9db1 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20762.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20762.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20762", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:08.777", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:15:52.700", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndExcluding": "23.0.4", + "matchCriteriaId": "BDC43CC1-FD68-4A25-9223-5015D20F9859" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:24.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "EB30B5E5-615F-4DD0-A4DA-5017212A7DD3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20763.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20763.json index 4a91dc53291..48e0ca97530 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20763.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20763.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20763", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:09.017", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:15:36.200", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -51,10 +51,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndExcluding": "23.0.4", + "matchCriteriaId": "BDC43CC1-FD68-4A25-9223-5015D20F9859" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:24.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "EB30B5E5-615F-4DD0-A4DA-5017212A7DD3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20764.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20764.json index 5dce05f6147..d080787d43e 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20764.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20764.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20764", "sourceIdentifier": "psirt@adobe.com", "published": "2024-03-18T18:15:09.237", - "lastModified": "2024-03-18T19:40:00.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:15:25.463", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndExcluding": "23.0.4", + "matchCriteriaId": "BDC43CC1-FD68-4A25-9223-5015D20F9859" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:24.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "EB30B5E5-615F-4DD0-A4DA-5017212A7DD3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-19.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20795.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20795.json index 092e7b5acb0..0c9a1146a9c 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20795.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20795.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20795", "sourceIdentifier": "psirt@adobe.com", "published": "2024-04-11T11:15:47.690", - "lastModified": "2024-04-11T12:47:44.137", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:15:06.780", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,62 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.0.5", + "matchCriteriaId": "B6CCC133-8B73-4F85-879A-2BEFF81ABBF8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.2", + "matchCriteriaId": "0B790007-D58A-45A7-931C-EEF79772F782" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-26.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-26.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20796.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20796.json index a53b20723be..5ff8eaa2a3e 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20796.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20796.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20796", "sourceIdentifier": "psirt@adobe.com", "published": "2024-04-11T11:15:47.893", - "lastModified": "2024-04-11T12:47:44.137", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:06:27.790", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,62 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.0.5", + "matchCriteriaId": "B6CCC133-8B73-4F85-879A-2BEFF81ABBF8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.2", + "matchCriteriaId": "0B790007-D58A-45A7-931C-EEF79772F782" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-26.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-26.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-207xx/CVE-2024-20797.json b/CVE-2024/CVE-2024-207xx/CVE-2024-20797.json index 56368d74217..64281e7e6a3 100644 --- a/CVE-2024/CVE-2024-207xx/CVE-2024-20797.json +++ b/CVE-2024/CVE-2024-207xx/CVE-2024-20797.json @@ -2,8 +2,8 @@ "id": "CVE-2024-20797", "sourceIdentifier": "psirt@adobe.com", "published": "2024-04-11T11:15:48.130", - "lastModified": "2024-04-11T12:47:44.137", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:01:17.957", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,62 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.0.5", + "matchCriteriaId": "B6CCC133-8B73-4F85-879A-2BEFF81ABBF8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.2", + "matchCriteriaId": "0B790007-D58A-45A7-931C-EEF79772F782" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/animate/apsb24-26.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/animate/apsb24-26.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-210xx/CVE-2024-21073.json b/CVE-2024/CVE-2024-210xx/CVE-2024-21073.json index 5fdce17f594..8a1f363043e 100644 --- a/CVE-2024/CVE-2024-210xx/CVE-2024-21073.json +++ b/CVE-2024/CVE-2024-210xx/CVE-2024-21073.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21073", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-04-16T22:15:26.190", - "lastModified": "2024-04-17T12:48:31.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:28:30.120", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secalert_us@oracle.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,19 +32,58 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:trade_management:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.3", + "versionEndIncluding": "12.2.13", + "matchCriteriaId": "1A56ADAE-60CC-4998-9498-D882BABE691B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-210xx/CVE-2024-21075.json b/CVE-2024/CVE-2024-210xx/CVE-2024-21075.json index 9f231aeb310..07ff040879e 100644 --- a/CVE-2024/CVE-2024-210xx/CVE-2024-21075.json +++ b/CVE-2024/CVE-2024-210xx/CVE-2024-21075.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21075", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-04-16T22:15:26.543", - "lastModified": "2024-04-17T12:48:31.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:28:44.167", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secalert_us@oracle.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,19 +32,58 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:trade_management:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.3", + "versionEndIncluding": "12.2.13", + "matchCriteriaId": "1A56ADAE-60CC-4998-9498-D882BABE691B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-210xx/CVE-2024-21077.json b/CVE-2024/CVE-2024-210xx/CVE-2024-21077.json index 64556df1229..b3fcda5a9a3 100644 --- a/CVE-2024/CVE-2024-210xx/CVE-2024-21077.json +++ b/CVE-2024/CVE-2024-210xx/CVE-2024-21077.json @@ -2,8 +2,8 @@ "id": "CVE-2024-21077", "sourceIdentifier": "secalert_us@oracle.com", "published": "2024-04-16T22:15:26.887", - "lastModified": "2024-04-17T12:48:31.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:27:52.697", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "secalert_us@oracle.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,19 +32,58 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:trade_management:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.2.3", + "versionEndIncluding": "12.2.13", + "matchCriteriaId": "1A56ADAE-60CC-4998-9498-D882BABE691B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2024.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22114.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22114.json index 74136fb1707..48b16626d9d 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22114.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22114.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22114", "sourceIdentifier": "security@zabbix.com", "published": "2024-08-12T13:38:15.627", - "lastModified": "2024-08-12T13:41:36.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:28:53.450", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 1.4 @@ -49,12 +69,128 @@ "value": "CWE-281" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-281" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndIncluding": "5.0.42", + "matchCriteriaId": "D5950D0D-9DFF-4B36-9AAF-43CBCEFE7101" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndIncluding": "6.0.30", + "matchCriteriaId": "D1D26F5C-A94F-4273-81D7-7DDF7541C3E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.0", + "versionEndIncluding": "6.4.15", + "matchCriteriaId": "E0DA6900-EB3E-4867-BD97-243686EECADD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha1:*:*:*:*:*:*", + "matchCriteriaId": "93EB5757-7F98-4428-9616-C30A647A6612" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha2:*:*:*:*:*:*", + "matchCriteriaId": "DA00BDB5-433F-44E5-87AC-DA01C64B5DB3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha3:*:*:*:*:*:*", + "matchCriteriaId": "98C46C92-9D86-45CD-88FE-DFBB5502BB88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha4:*:*:*:*:*:*", + "matchCriteriaId": "B568E6DD-A6D1-4402-BB40-7DA2596A5BC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha5:*:*:*:*:*:*", + "matchCriteriaId": "B9C3673B-8459-4C63-8E90-724D1D42A8BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha6:*:*:*:*:*:*", + "matchCriteriaId": "7C9F6957-7526-4852-A579-DE556DBFAA97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha7:*:*:*:*:*:*", + "matchCriteriaId": "81A7A191-93DE-4C5D-963E-E8890FF7AACA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha8:*:*:*:*:*:*", + "matchCriteriaId": "AEE202D5-3C88-43A5-9328-FC78D0B9B8CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha9:*:*:*:*:*:*", + "matchCriteriaId": "F88BFB75-7951-47D5-941F-3839E9E31FFA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:beta1:*:*:*:*:*:*", + "matchCriteriaId": "8216247E-C160-4D2C-906E-9D8CD731B5C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:beta2:*:*:*:*:*:*", + "matchCriteriaId": "06548219-0DC3-4B5B-85D1-B1EE0FA30CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:beta3:*:*:*:*:*:*", + "matchCriteriaId": "4D23985B-2F4D-41F6-B9D6-7B184FC7E447" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "97964B9B-6A5E-4547-8886-E81B0849A876" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "40992B5F-0D83-4D5C-9188-E84C369FF92F" + } + ] + } + ] } ], "references": [ { "url": "https://support.zabbix.com/browse/ZBX-25015", - "source": "security@zabbix.com" + "source": "security@zabbix.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22116.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22116.json index db4daef887a..f3c33298f1c 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22116.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22116.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22116", "sourceIdentifier": "security@zabbix.com", "published": "2024-08-12T13:38:15.863", - "lastModified": "2024-08-12T13:41:36.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:21:51.983", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.9, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,12 +32,30 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.9, - "baseSeverity": "CRITICAL" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.1, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 } ] }, @@ -49,12 +69,114 @@ "value": "CWE-94" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.9", + "versionEndIncluding": "6.4.15", + "matchCriteriaId": "F6048A1B-69B0-40A5-8E50-00DECE750C58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha1:*:*:*:*:*:*", + "matchCriteriaId": "93EB5757-7F98-4428-9616-C30A647A6612" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha2:*:*:*:*:*:*", + "matchCriteriaId": "DA00BDB5-433F-44E5-87AC-DA01C64B5DB3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha3:*:*:*:*:*:*", + "matchCriteriaId": "98C46C92-9D86-45CD-88FE-DFBB5502BB88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha4:*:*:*:*:*:*", + "matchCriteriaId": "B568E6DD-A6D1-4402-BB40-7DA2596A5BC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha5:*:*:*:*:*:*", + "matchCriteriaId": "B9C3673B-8459-4C63-8E90-724D1D42A8BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha6:*:*:*:*:*:*", + "matchCriteriaId": "7C9F6957-7526-4852-A579-DE556DBFAA97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha7:*:*:*:*:*:*", + "matchCriteriaId": "81A7A191-93DE-4C5D-963E-E8890FF7AACA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha8:*:*:*:*:*:*", + "matchCriteriaId": "AEE202D5-3C88-43A5-9328-FC78D0B9B8CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:alpha9:*:*:*:*:*:*", + "matchCriteriaId": "F88BFB75-7951-47D5-941F-3839E9E31FFA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:beta1:*:*:*:*:*:*", + "matchCriteriaId": "8216247E-C160-4D2C-906E-9D8CD731B5C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:beta2:*:*:*:*:*:*", + "matchCriteriaId": "06548219-0DC3-4B5B-85D1-B1EE0FA30CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:beta3:*:*:*:*:*:*", + "matchCriteriaId": "4D23985B-2F4D-41F6-B9D6-7B184FC7E447" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "97964B9B-6A5E-4547-8886-E81B0849A876" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zabbix:zabbix:7.0.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "40992B5F-0D83-4D5C-9188-E84C369FF92F" + } + ] + } + ] } ], "references": [ { "url": "https://support.zabbix.com/browse/ZBX-25016", - "source": "security@zabbix.com" + "source": "security@zabbix.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22335.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22335.json index 311bdb6e062..cad90842623 100644 --- a/CVE-2024/CVE-2024-223xx/CVE-2024-22335.json +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22335.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22335", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-02-17T16:15:47.000", - "lastModified": "2024-02-20T19:50:53.960", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:54:13.357", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -30,19 +32,37 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.4, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "psirt@us.ibm.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,14 +71,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.10.0.0", + "versionEndIncluding": "1.10.11.0", + "matchCriteriaId": "8FA89838-3E05-4778-9323-DE51CC10FD18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_suite:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.10.12.0", + "versionEndExcluding": "1.10.18.0", + "matchCriteriaId": "D0EF0709-2F84-47AA-9F3A-4F2D427ABD9B" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279975", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry" + ] }, { "url": "https://www.ibm.com/support/pages/node/7118642", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279975", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "VDB Entry" + ] + }, + { + "url": "https://www.ibm.com/support/pages/node/7118642", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22336.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22336.json index 846916dd5fa..b056c755189 100644 --- a/CVE-2024/CVE-2024-223xx/CVE-2024-22336.json +++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22336.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22336", "sourceIdentifier": "psirt@us.ibm.com", "published": "2024-02-17T16:15:47.190", - "lastModified": "2024-02-20T19:50:53.960", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:53:58.667", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -30,19 +32,37 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 5.1, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.4, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "psirt@us.ibm.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,14 +71,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.10.0.0", + "versionEndIncluding": "1.10.11.0", + "matchCriteriaId": "8FA89838-3E05-4778-9323-DE51CC10FD18" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_suite:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.10.12.0", + "versionEndExcluding": "1.10.18.0", + "matchCriteriaId": "D0EF0709-2F84-47AA-9F3A-4F2D427ABD9B" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279976", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry" + ] }, { "url": "https://www.ibm.com/support/pages/node/7118642", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279976", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "VDB Entry" + ] + }, + { + "url": "https://www.ibm.com/support/pages/node/7118642", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26122.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26122.json index 6ee5b15cbdd..8558c6f1eb3 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26122.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26122.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26122", "sourceIdentifier": "psirt@adobe.com", "published": "2024-04-10T09:15:10.407", - "lastModified": "2024-04-10T13:23:38.787", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:12:42.803", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,7 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*", + "versionEndExcluding": "6.5.20.0", + "matchCriteriaId": "9BEA709A-B1E9-4411-893D-A638A404C606" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*", + "versionEndExcluding": "2024.3.0", + "matchCriteriaId": "60D24EC5-C471-4F67-BBD9-1F6ED38191F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-21.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb24-21.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27324.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27324.json index 6fefb4ecfff..6264db4ca08 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27324.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27324.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27324", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-01T22:15:16.503", - "lastModified": "2024-04-02T12:50:42.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:10:48.827", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -23,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +54,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 1.4 @@ -49,12 +71,60 @@ "value": "CWE-125" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.1.1.381", + "versionEndExcluding": "10.1.3.383", + "matchCriteriaId": "F542767E-1272-45B6-ACFE-19AA63A3AFE0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.1.1.381", + "versionEndExcluding": "10.1.3.383", + "matchCriteriaId": "A6D3A4A7-5483-42FA-A725-0CEFD57982CE" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-196/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-196/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27325.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27325.json index 1f9dffbfca1..1cd1e1999f7 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27325.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27325.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27325", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-01T22:15:17.063", - "lastModified": "2024-04-02T12:50:42.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:05:17.297", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -23,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +54,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 1.4 @@ -49,12 +71,56 @@ "value": "CWE-125" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "097CBCF4-A99C-4A83-937C-BE2F0A8E595F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "80367953-FC8D-4768-9BAC-4350A7E565C3" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-203/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-203/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27326.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27326.json index 6642eddd8b3..53641a288f6 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27326.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27326.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27326", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-01T22:15:17.597", - "lastModified": "2024-04-02T12:50:42.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:04:00.737", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -23,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +54,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 1.4 @@ -49,12 +71,56 @@ "value": "CWE-125" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "097CBCF4-A99C-4A83-937C-BE2F0A8E595F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "80367953-FC8D-4768-9BAC-4350A7E565C3" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-204/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-204/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27327.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27327.json index 06eef6c70fc..89035151cc8 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27327.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27327.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27327", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-01T22:15:18.120", - "lastModified": "2024-04-02T12:50:42.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:03:46.113", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,13 +16,15 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { - "source": "zdi-disclosures@trendmicro.com", - "type": "Secondary", + "source": "nvd@nist.gov", + "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,29 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], + "cvssMetricV30": [ + { + "source": "zdi-disclosures@trendmicro.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, - "baseSeverity": "HIGH" + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -49,12 +71,56 @@ "value": "CWE-787" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "097CBCF4-A99C-4A83-937C-BE2F0A8E595F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "80367953-FC8D-4768-9BAC-4350A7E565C3" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-205/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-205/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27328.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27328.json index a48dfc0d131..5abf06455f8 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27328.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27328.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27328", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-01T22:15:18.670", - "lastModified": "2024-04-02T12:50:42.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:03:16.167", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -23,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +54,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 1.4 @@ -49,12 +71,56 @@ "value": "CWE-125" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "097CBCF4-A99C-4A83-937C-BE2F0A8E595F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "80367953-FC8D-4768-9BAC-4350A7E565C3" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-202/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-202/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27329.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27329.json index 516a6115499..a5c789ea7cf 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27329.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27329.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27329", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-04-01T22:15:19.193", - "lastModified": "2024-04-02T12:50:42.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:02:57.010", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -23,6 +45,8 @@ "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "baseScore": 3.3, + "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +54,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 3.3, - "baseSeverity": "LOW" + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 1.4 @@ -49,12 +71,56 @@ "value": "CWE-125" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "097CBCF4-A99C-4A83-937C-BE2F0A8E595F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.1.381:*:*:*:*:*:*:*", + "matchCriteriaId": "80367953-FC8D-4768-9BAC-4350A7E565C3" + } + ] + } + ] } ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-200/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-200/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28824.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28824.json index 0e94f36ba6d..e8124c6f93f 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28824.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28824.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28824", "sourceIdentifier": "security@checkmk.com", "published": "2024-03-22T11:15:46.830", - "lastModified": "2024-03-22T12:45:36.130", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:47:59.480", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,12 +32,30 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.0, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -53,12 +73,480 @@ "value": "CWE-807" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/16198", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/16198", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28826.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28826.json index 1d96cd488ec..fa7ca360e32 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28826.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28826.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28826", "sourceIdentifier": "security@checkmk.com", "published": "2024-05-29T10:15:09.010", - "lastModified": "2024-05-29T13:02:09.280", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:32:38.107", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,12 +32,30 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 } ] }, @@ -49,12 +69,545 @@ "value": "CWE-73" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-610" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/15200", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/15200", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28827.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28827.json index b96309b694d..08a5307c6ac 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28827.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28827.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28827", "sourceIdentifier": "security@checkmk.com", "published": "2024-07-10T13:15:10.017", - "lastModified": "2024-07-11T13:05:54.930", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:32:27.407", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,12 +32,30 @@ "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.0, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -49,12 +69,580 @@ "value": "CWE-732" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*", + "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "77047A82-E6D5-4E84-9BEC-ACD2FDA91FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/16845", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/16845", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28830.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28830.json index bc789b495c2..831bbf1302d 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28830.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28830.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28830", "sourceIdentifier": "security@checkmk.com", "published": "2024-06-26T08:15:09.630", - "lastModified": "2024-06-26T12:44:29.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:12:51.557", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 2.7, + "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,9 +32,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "baseScore": 2.7, - "baseSeverity": "LOW" + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.2, "impactScore": 1.4 @@ -49,12 +69,570 @@ "value": "CWE-532" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*", + "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/17056", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/17056", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28831.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28831.json index 1a9bdcad963..e70ea5dd6f4 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28831.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28831.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28831", "sourceIdentifier": "security@checkmk.com", "published": "2024-06-25T12:15:09.490", - "lastModified": "2024-06-25T12:24:17.873", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:26:19.433", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +32,27 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.3, "impactScore": 2.7 @@ -49,12 +69,300 @@ "value": "CWE-80" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.2.0", + "matchCriteriaId": "6A3A4048-DA0C-496A-A1F4-28385462DCA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/17025", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/17025", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-288xx/CVE-2024-28832.json b/CVE-2024/CVE-2024-288xx/CVE-2024-28832.json index 991ede07789..aa2363af95f 100644 --- a/CVE-2024/CVE-2024-288xx/CVE-2024-28832.json +++ b/CVE-2024/CVE-2024-288xx/CVE-2024-28832.json @@ -2,8 +2,8 @@ "id": "CVE-2024-28832", "sourceIdentifier": "security@checkmk.com", "published": "2024-06-25T12:15:09.713", - "lastModified": "2024-06-25T12:24:17.873", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:15:21.077", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", @@ -30,9 +32,27 @@ "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "baseScore": 4.8, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.7, "impactScore": 2.7 @@ -49,12 +69,570 @@ "value": "CWE-80" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*", + "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/17024", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/17024", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30275.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30275.json index 93d6653ff2d..a4bf382103c 100644 --- a/CVE-2024/CVE-2024-302xx/CVE-2024-30275.json +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30275.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30275", "sourceIdentifier": "psirt@adobe.com", "published": "2024-05-16T09:15:10.750", - "lastModified": "2024-05-16T13:03:05.353", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:39:21.643", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 5.9 @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +51,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:aero:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.24.4", + "matchCriteriaId": "B32CD107-FE0E-4A86-804D-A7E64C550AD9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/aero/apsb24-33.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/aero/apsb24-33.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-302xx/CVE-2024-30281.json b/CVE-2024/CVE-2024-302xx/CVE-2024-30281.json index 486890be8ec..c365b44289d 100644 --- a/CVE-2024/CVE-2024-302xx/CVE-2024-30281.json +++ b/CVE-2024/CVE-2024-302xx/CVE-2024-30281.json @@ -2,8 +2,8 @@ "id": "CVE-2024-30281", "sourceIdentifier": "psirt@adobe.com", "published": "2024-05-16T09:15:11.007", - "lastModified": "2024-05-16T13:03:05.353", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T16:37:57.617", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -19,10 +19,12 @@ "cvssMetricV31": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,9 +32,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", - "availabilityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 5.5, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" }, "exploitabilityScore": 1.8, "impactScore": 3.6 @@ -42,7 +62,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -51,10 +71,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_designer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.1.2", + "matchCriteriaId": "38B7726B-22D6-47DD-BF75-37589072E8E1" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37574.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37574.json new file mode 100644 index 00000000000..c813e80c35b --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37574.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-37574", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-04T16:15:24.877", + "lastModified": "2024-12-04T16:15:24.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The GriceMobile com.grice.call application 4.5.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.iui.mobile.presentation.MobileActivity." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/actuator/com.grice.call", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/actuator/com.grice.call/blob/main/CVE-2024-37574", + "source": "cve@mitre.org" + }, + { + "url": "https://play.google.com/store/apps/details?id=com.grice.call", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37575.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37575.json new file mode 100644 index 00000000000..62c956fad4d --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37575.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-37575", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-04T16:15:24.983", + "lastModified": "2024-12-04T16:15:24.983", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the org.mistergroup.shouldianswer.ui.default_dialer.DefaultDialerActivity component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/actuator/org.mistergroup.shouldianswer", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/actuator/org.mistergroup.shouldianswer/blob/main/CVE-2024-37575", + "source": "cve@mitre.org" + }, + { + "url": "https://play.google.com/store/apps/details?id=org.mistergroup.shouldianswer", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-388xx/CVE-2024-38857.json b/CVE-2024/CVE-2024-388xx/CVE-2024-38857.json index 24074aef267..20e943e0a6b 100644 --- a/CVE-2024/CVE-2024-388xx/CVE-2024-38857.json +++ b/CVE-2024/CVE-2024-388xx/CVE-2024-38857.json @@ -2,8 +2,8 @@ "id": "CVE-2024-38857", "sourceIdentifier": "security@checkmk.com", "published": "2024-07-02T08:15:06.387", - "lastModified": "2024-07-02T12:09:16.907", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-12-04T15:37:16.290", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,12 +32,30 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 4.3, - "baseSeverity": "MEDIUM" + "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, @@ -49,12 +69,575 @@ "value": "CWE-79" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.0", + "matchCriteriaId": "C59985CE-68DF-433D-87BD-97EDCA81E039" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1AE224D8-742B-4D1F-ABBE-3DDA3EA5C5AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1E6FCE7B-7ECE-42A4-82C5-12A647B0CCC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "923AA113-D5E7-4F78-88BA-B72EF250F3EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B1984F57-A313-48AC-B8F9-F352D82824D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "A38DB527-72A6-40B8-B46F-B8E78BFFDB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "67643E11-91A1-4580-BC4C-574074C862CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "350B7E0F-D234-4D7C-91E4-F35E73579A24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "DE58ACA9-8078-46A7-8487-C06E4E38F372" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "B3D8CF4D-E1F8-4D8D-A8A9-1783CAC869E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:b9:*:*:*:*:*:*", + "matchCriteriaId": "58B0B051-7D3C-4EC7-96B0-38A1CC108D61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "B783A741-AAF2-43EE-8272-9239133A01E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "A5F275A3-A99E-40E1-BD77-694FA568541F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "3A44BF1A-5BE0-4412-B51D-055445758B61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "A31BAE94-9096-4320-AC19-AA204E8EC08D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "1B0784EA-98E8-4490-B97B-894F188A223D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "A56A901F-1040-4DB9-9BE3-FE1999C514CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "58A904FC-C015-469D-8502-E678D5FDBD06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "1B5D109C-60AA-4FA4-9B10-2191AAF109F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "37297866-24BB-4044-8744-EC0A8C29F152" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "F9D4A171-CCB3-43B8-8B70-78610423E7C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "5E1145FF-426D-407C-9F4B-EF773BD191EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "4DA8F776-A724-48FC-B7EF-13788BC69753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "46F42A22-99F2-4DF5-9B00-3123396F87AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "1C59D4D3-D526-4E6B-B3AA-FE485D030190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "65E5CAE6-DC8B-47B3-84A0-D79B0C33EB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "8B9E0D89-79E2-476A-8A3E-8443316BC310" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "38EA0591-C30B-4102-8A06-1B922FD3A0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "5E9AF0D3-8DD6-4EC7-BB33-54401D4025FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "983604CC-DD2C-42A9-8B9D-A9A261CE8BA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "224960F7-695C-415B-B991-E8C01859AA80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p28:*:*:*:*:*:*", + "matchCriteriaId": "1F6D86E4-738B-4ADA-858E-C12CCED9FAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p29:*:*:*:*:*:*", + "matchCriteriaId": "BD8EBF09-9B70-4972-85B1-82F41488BE3F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "076463AA-195F-4CD6-861B-72FE1C8A407F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p30:*:*:*:*:*:*", + "matchCriteriaId": "009D2C7B-39B8-400F-80A5-06D56319232C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p31:*:*:*:*:*:*", + "matchCriteriaId": "3D5AEB8D-772E-401F-975C-61BDD30B481E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p32:*:*:*:*:*:*", + "matchCriteriaId": "2ECAB6C5-518C-4CA4-8B2B-D51115612A8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p33:*:*:*:*:*:*", + "matchCriteriaId": "FECC252C-02AA-41EC-BB84-5C1A6BC0FB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p34:*:*:*:*:*:*", + "matchCriteriaId": "238324F5-7225-40DD-82E8-52F30F0D3776" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p35:*:*:*:*:*:*", + "matchCriteriaId": "4F3C9510-BD43-4F67-9C30-4F82B5D230E8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p36:*:*:*:*:*:*", + "matchCriteriaId": "51941654-F6FF-4323-AECA-5D1D84308CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p37:*:*:*:*:*:*", + "matchCriteriaId": "6E800133-1D28-41D1-8D73-9437D741F83B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p38:*:*:*:*:*:*", + "matchCriteriaId": "8A34B28B-2BD9-4F28-9428-8CF7FCEAD7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p39:*:*:*:*:*:*", + "matchCriteriaId": "D3FC491E-DE27-4C8F-B699-DB5260935D51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "63043834-98E5-47C2-91F1-41B98270ABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p40:*:*:*:*:*:*", + "matchCriteriaId": "0BE2C8FE-20CC-4B7E-B27B-54C873DC7530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p41:*:*:*:*:*:*", + "matchCriteriaId": "5C3C3714-C696-4456-88AA-B6E4EFC73C92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p42:*:*:*:*:*:*", + "matchCriteriaId": "BFF9D1C9-C340-4C31-A3EA-74EF85C6F34D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p43:*:*:*:*:*:*", + "matchCriteriaId": "A70FBA9D-F7DF-4961-9518-F7AE14FE174D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p44:*:*:*:*:*:*", + "matchCriteriaId": "FB38424F-0955-4FE3-9C1D-69D21A08AA8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "FCF745D0-2EA6-4414-90BC-99D3ED08BB01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "4823087F-D7FA-4594-8FD3-412DE5EA1F02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "6429F9CE-D477-4CFF-B6E0-4BF11B61ED0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "A50C58F9-94ED-4D85-8331-2D81F8E0760A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.1.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "9A6AC0BD-FB65-4FAA-B344-66F87F16F8B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C66704F1-0B5E-4B43-8748-987022F378F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "B068974F-6F67-4CBB-B567-FCED86E28F22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "EA70F36A-EEF6-48DC-B15E-055D0DE8A052" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "B2017F38-38DB-4E96-B34F-160BC731CBBE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "0949F399-371B-409C-AF9F-32690D881440" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "42E1E31A-B5CC-45F2-A2E5-3EEF735499BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "4B364FCA-500C-458E-B997-82CD0B1D24F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b7:*:*:*:*:*:*", + "matchCriteriaId": "0B32E657-917B-482B-B6A4-3D3746992A4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:b8:*:*:*:*:*:*", + "matchCriteriaId": "2119C732-E024-4DA6-8E47-9E08E5E12602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:i1:*:*:*:*:*:*", + "matchCriteriaId": "4F0B99A8-A124-43BD-B8AA-EECC9112346F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "3FB7221E-BE9F-4529-8E07-8AD547FA3208" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p10:*:*:*:*:*:*", + "matchCriteriaId": "30A074AD-9499-46E3-AB67-D6CEE3AA01C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p11:*:*:*:*:*:*", + "matchCriteriaId": "A8BD0240-A22B-4273-BD47-C35A8C12E127" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p12:*:*:*:*:*:*", + "matchCriteriaId": "DAA5680F-1DD0-48AA-BB7F-15B27365F0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p13:*:*:*:*:*:*", + "matchCriteriaId": "BC2F31CA-D4EB-44E6-9A09-5255D33F4A88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p14:*:*:*:*:*:*", + "matchCriteriaId": "CD80BD69-20C6-4E17-B165-98689179A5A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p15:*:*:*:*:*:*", + "matchCriteriaId": "B044D43B-0233-4A0D-A356-B9F9324E2777" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p16:*:*:*:*:*:*", + "matchCriteriaId": "7DE79896-EBE5-42F2-A126-2A871BBA1071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p17:*:*:*:*:*:*", + "matchCriteriaId": "51A44E69-EEA1-4B01-B7B3-5BF7B39819E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p18:*:*:*:*:*:*", + "matchCriteriaId": "BCB65AEB-CF52-410B-92B1-2DCFB914FFA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p19:*:*:*:*:*:*", + "matchCriteriaId": "B7E17FA6-9011-489C-9FA9-368CA2D86FAE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7BCEB6FF-668F-4313-9264-0BF021AFC45F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p20:*:*:*:*:*:*", + "matchCriteriaId": "F8B27218-A4FF-47BE-B578-6DB704478921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p21:*:*:*:*:*:*", + "matchCriteriaId": "8735357F-16A7-4408-9DDD-1C6796BADBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p22:*:*:*:*:*:*", + "matchCriteriaId": "4505098C-0A2B-481E-A3DF-D6DF8EFA4DE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p23:*:*:*:*:*:*", + "matchCriteriaId": "C12AFCCF-014E-4EEB-8F04-F1ACE182BA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p24:*:*:*:*:*:*", + "matchCriteriaId": "66B85557-D5EC-4AF4-B97A-D2B80A58B3B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p25:*:*:*:*:*:*", + "matchCriteriaId": "233ECD21-FA72-43AF-8E4C-DAC27CC18F3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p26:*:*:*:*:*:*", + "matchCriteriaId": "8B4DB8EE-C10A-4097-8E66-2932BAEB732E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p27:*:*:*:*:*:*", + "matchCriteriaId": "8653402A-C5AA-4CB1-8742-A12CCBE59373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "E2342E2D-58B0-43E7-8C01-DF4678520F39" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "1871B646-CA69-477F-B113-B901AC7B3934" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "EEC65A72-CAE1-4E28-83EF-7ECAFE921BB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "D8FDECBC-8213-495F-A932-C4310F7C1F87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "CB49BC95-6AA8-4F53-A3D6-E199BF756AAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p8:*:*:*:*:*:*", + "matchCriteriaId": "050B6617-8FD4-47A6-BE4A-A52503A65812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.2.0:p9:*:*:*:*:*:*", + "matchCriteriaId": "4CA0FEC5-7036-47AF-A341-873B6C324B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "83202950-840A-4CB7-AD96-CE62E84FABD8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b1:*:*:*:*:*:*", + "matchCriteriaId": "1A020A77-7D84-4557-9B0B-D74A89BC1538" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b2:*:*:*:*:*:*", + "matchCriteriaId": "D9770554-978B-4552-9E0E-CD6B6675243C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b3:*:*:*:*:*:*", + "matchCriteriaId": "1883D2F4-CB96-4DDE-87E8-D1990A3FA092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b4:*:*:*:*:*:*", + "matchCriteriaId": "99AD6F39-AF67-4CB9-BED2-00CA75B9F5DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b5:*:*:*:*:*:*", + "matchCriteriaId": "F08FE580-67D4-419C-AE4A-3B9EBC6A2838" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:b6:*:*:*:*:*:*", + "matchCriteriaId": "9DD5C67F-CD3E-400E-802D-8B52408A259F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p1:*:*:*:*:*:*", + "matchCriteriaId": "310A2FA2-633A-48FB-A5C2-9A9A922E72E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p2:*:*:*:*:*:*", + "matchCriteriaId": "7D1993E3-C4F9-4D78-BD02-A0B22D93BF1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p3:*:*:*:*:*:*", + "matchCriteriaId": "B28A0C9D-072A-413C-8587-CD57CB918190" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p4:*:*:*:*:*:*", + "matchCriteriaId": "DF22D0A7-82B1-4598-B8C5-BDFE523D07F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p5:*:*:*:*:*:*", + "matchCriteriaId": "20035AFB-75B4-4164-9833-A2FCAE24B577" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p6:*:*:*:*:*:*", + "matchCriteriaId": "8BCBACEB-7130-455D-B4BE-243053C116DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:checkmk:checkmk:2.3.0:p7:*:*:*:*:*:*", + "matchCriteriaId": "156384E2-E04B-4153-A91F-3F307C9FEAE8" + } + ] + } + ] } ], "references": [ { "url": "https://checkmk.com/werk/17059", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://checkmk.com/werk/17059", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-391xx/CVE-2024-39165.json b/CVE-2024/CVE-2024-391xx/CVE-2024-39165.json index 6111a316e96..4271a99d07b 100644 --- a/CVE-2024/CVE-2024-391xx/CVE-2024-39165.json +++ b/CVE-2024/CVE-2024-391xx/CVE-2024-39165.json @@ -2,7 +2,7 @@ "id": "CVE-2024-39165", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-04T13:15:10.023", - "lastModified": "2024-08-01T13:55:29.123", + "lastModified": "2024-12-04T16:15:25.093", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -17,12 +17,34 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -30,9 +52,7 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 6.8, - "baseSeverity": "MEDIUM" + "availabilityImpact": "LOW" }, "exploitabilityScore": 2.1, "impactScore": 4.7 @@ -53,8 +73,12 @@ ], "references": [ { - "url": "https://www.synacktiv.com/advisories/jpgraph-professional-version-pre-authenticated-remote-code-execution", + "url": "https://synacktiv.com/en/advisories/jpgraph-professional-version-pre-authenticated-remote-code-execution", "source": "cve@mitre.org" + }, + { + "url": "https://www.synacktiv.com/advisories/jpgraph-professional-version-pre-authenticated-remote-code-execution", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-407xx/CVE-2024-40744.json b/CVE-2024/CVE-2024-407xx/CVE-2024-40744.json new file mode 100644 index 00000000000..149a1097ee7 --- /dev/null +++ b/CVE-2024/CVE-2024-407xx/CVE-2024-40744.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-40744", + "sourceIdentifier": "security@joomla.org", + "published": "2024-12-04T15:15:11.057", + "lastModified": "2024-12-04T15:15:11.057", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.6." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://www.tassos.gr/joomla-extensions/convert-forms", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-407xx/CVE-2024-40745.json b/CVE-2024/CVE-2024-407xx/CVE-2024-40745.json new file mode 100644 index 00000000000..145ebc91795 --- /dev/null +++ b/CVE-2024/CVE-2024-407xx/CVE-2024-40745.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-40745", + "sourceIdentifier": "security@joomla.org", + "published": "2024-12-04T15:15:11.170", + "lastModified": "2024-12-04T15:15:11.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.6." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.tassos.gr/joomla-extensions/convert-forms", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42451.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42451.json index f190d23eadb..cf0ad11e6cf 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42451.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42451.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42451", "sourceIdentifier": "support@hackerone.com", "published": "2024-12-04T02:15:04.643", - "lastModified": "2024-12-04T02:15:04.643", + "lastModified": "2024-12-04T15:15:11.273", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved credentials in plaintext. This is achieved by calling a series of methods over an external protocol, ultimately retrieving the credentials using a malicious setup on the attacker's side. This exposes sensitive data, which could be used for further attacks, including unauthorized access to systems managed by the platform." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Veeam Backup & Replication permite a los usuarios con pocos privilegios filtrar todas las credenciales guardadas en texto plano. Esto se logra llamando a una serie de m\u00e9todos a trav\u00e9s de un protocolo externo y, en \u00faltima instancia, recuperando las credenciales mediante una configuraci\u00f3n maliciosa del lado del atacante. Esto expone datos confidenciales, que podr\u00edan usarse para otros ataques, incluido el acceso no autorizado a los sistemas administrados por la plataforma." } ], "metrics": { @@ -35,6 +39,22 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + }, + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], "references": [ { "url": "https://www.veeam.com/kb4693", diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42452.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42452.json index c99410fc137..d31466a08fb 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42452.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42452.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42452", "sourceIdentifier": "support@hackerone.com", "published": "2024-12-04T02:15:04.747", - "lastModified": "2024-12-04T02:15:04.747", + "lastModified": "2024-12-04T16:15:25.317", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability exists because remote calls bypass permission checks, leading to full system compromise." + }, + { + "lang": "es", + "value": " Una vulnerabilidad en Veeam Backup & Replication permite a un usuario con pocos privilegios iniciar un agente de forma remota en modo servidor y obtener credenciales, lo que aumenta los privilegios a nivel de sistema. Esto permite al atacante cargar archivos al servidor con privilegios elevados. La vulnerabilidad existe porque las llamadas remotas eluden las comprobaciones de permisos, lo que lleva a un compromiso total del sistema." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], "references": [ { "url": "https://www.veeam.com/kb4693", diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42453.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42453.json index 5c5e573dc62..4bacf7dc3ec 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42453.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42453.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42453", "sourceIdentifier": "support@hackerone.com", "published": "2024-12-04T02:15:04.837", - "lastModified": "2024-12-04T02:15:04.837", + "lastModified": "2024-12-04T15:15:11.390", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability Veeam Backup & Replication allows low-privileged users to control and modify configurations on connected virtual infrastructure hosts. This includes the ability to power off virtual machines, delete files in storage, and make configuration changes, potentially leading to Denial of Service (DoS) and data integrity issues. The vulnerability is caused by improper permission checks in methods accessed via management services." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de Veeam Backup & Replication permite a los usuarios con pocos privilegios controlar y modificar las configuraciones de los hosts de infraestructura virtual conectados. Esto incluye la capacidad de apagar m\u00e1quinas virtuales, eliminar archivos del almacenamiento y realizar cambios de configuraci\u00f3n, lo que puede provocar denegaci\u00f3n de servicio (DoS) y problemas de integridad de los datos. La vulnerabilidad se debe a comprobaciones de permisos incorrectas en los m\u00e9todos a los que se accede a trav\u00e9s de los servicios de administraci\u00f3n." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], "references": [ { "url": "https://www.veeam.com/kb4693", diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42457.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42457.json index 92c1a8de132..45941067873 100644 --- a/CVE-2024/CVE-2024-424xx/CVE-2024-42457.json +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42457.json @@ -2,13 +2,17 @@ "id": "CVE-2024-42457", "sourceIdentifier": "support@hackerone.com", "published": "2024-12-04T02:15:05.133", - "lastModified": "2024-12-04T02:15:05.133", + "lastModified": "2024-12-04T16:15:25.450", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose saved credentials by leveraging a combination of methods in a remote management interface. This can be achieved using a session object that allows for credential enumeration and exploitation, leading to the leak of plaintext credentials to a malicious host. The attack is facilitated by improper usage of a method that allows operators to add a new host with an attacker-controlled IP, enabling them to retrieve sensitive credentials in plaintext." + }, + { + "lang": "es", + "value": "Una vulnerabilidad en Veeam Backup & Replication permite a los usuarios con determinados roles de operador exponer las credenciales guardadas aprovechando una combinaci\u00f3n de m\u00e9todos en una interfaz de gesti\u00f3n remota. Esto se puede lograr utilizando un objeto de sesi\u00f3n que permite la enumeraci\u00f3n y explotaci\u00f3n de credenciales, lo que lleva a la filtraci\u00f3n de credenciales de texto sin formato a un host malicioso. El ataque se facilita mediante el uso indebido de un m\u00e9todo que permite a los operadores agregar un nuevo host con una IP controlada por el atacante, lo que les permite recuperar credenciales confidenciales en texto plano." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + } + ], "references": [ { "url": "https://www.veeam.com/kb4693", diff --git a/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json b/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json index 4b02f9ca3b4..34efd51cf5f 100644 --- a/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json +++ b/CVE-2024/CVE-2024-430xx/CVE-2024-43091.json @@ -2,7 +2,7 @@ "id": "CVE-2024-43091", "sourceIdentifier": "security@android.com", "published": "2024-11-13T18:15:21.590", - "lastModified": "2024-11-15T14:00:09.720", + "lastModified": "2024-12-04T15:15:11.497", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -22,19 +22,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", + "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, - "exploitabilityScore": 2.8, + "exploitabilityScore": 3.9, "impactScore": 5.9 } ] @@ -44,6 +44,10 @@ "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [ + { + "lang": "en", + "value": "CWE-190" + }, { "lang": "en", "value": "CWE-787" diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45207.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45207.json index 309502a40d1..131d6830755 100644 --- a/CVE-2024/CVE-2024-452xx/CVE-2024-45207.json +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45207.json @@ -2,13 +2,17 @@ "id": "CVE-2024-45207", "sourceIdentifier": "support@hackerone.com", "published": "2024-12-04T02:15:05.520", - "lastModified": "2024-12-04T02:15:05.520", + "lastModified": "2024-12-04T16:15:25.580", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure locations. When the agent runs, it searches these directories for necessary DLLs. If an attacker places a malicious DLL in one of these directories, the Veeam Agent might load it inadvertently, allowing the attacker to execute harmful code. This could lead to unauthorized access, data theft, or disruption of services" + }, + { + "lang": "es", + "value": " La inyecci\u00f3n de DLL en Veeam Agent para Windows puede ocurrir si la variable PATH del sistema incluye ubicaciones no seguras. Cuando el agente se ejecuta, busca en estos directorios las DLL necesarias. Si un atacante coloca una DLL maliciosa en uno de estos directorios, Veeam Agent podr\u00eda cargarla sin darse cuenta, lo que le permitir\u00eda ejecutar c\u00f3digo da\u00f1ino. Esto podr\u00eda provocar acceso no autorizado, robo de datos o interrupci\u00f3n de los servicios." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-426" + } + ] + } + ], "references": [ { "url": "https://www.veeam.com/kb4693", diff --git a/CVE-2024/CVE-2024-466xx/CVE-2024-46624.json b/CVE-2024/CVE-2024-466xx/CVE-2024-46624.json index 2ddfadd8d98..a0e0cea552f 100644 --- a/CVE-2024/CVE-2024-466xx/CVE-2024-46624.json +++ b/CVE-2024/CVE-2024-466xx/CVE-2024-46624.json @@ -2,16 +2,55 @@ "id": "CVE-2024-46624", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-03T23:15:04.627", - "lastModified": "2024-12-03T23:15:04.627", + "lastModified": "2024-12-04T15:15:11.727", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users." + }, + { + "lang": "es", + "value": "Un problema en InfoDom Performa 365 v4.0.1 permite a atacantes autenticados elevar sus privilegios a Administrador a trav\u00e9s de un payload manipulado enviada a /api/users." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/EchoSl0w/Research/blob/main/2024/CVE-2024-46624.md", diff --git a/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json b/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json index 08adf1a0404..6ca202ccb2f 100644 --- a/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json +++ b/CVE-2024/CVE-2024-475xx/CVE-2024-47554.json @@ -2,7 +2,7 @@ "id": "CVE-2024-47554", "sourceIdentifier": "security@apache.org", "published": "2024-10-03T12:15:02.613", - "lastModified": "2024-10-04T13:50:43.727", + "lastModified": "2024-12-04T15:15:11.940", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -15,11 +15,34 @@ "value": "Vulnerabilidad de consumo descontrolado de recursos en Apache Commons IO. La clase org.apache.commons.io.input.XmlStreamReader puede consumir recursos de CPU en exceso al procesar una entrada manipulada con fines malintencionados. Este problema afecta a Apache Commons IO: desde la versi\u00f3n 2.0 hasta la 2.14.0. Se recomienda a los usuarios que actualicen a la versi\u00f3n 2.14.0 o posterior, que soluciona el problema." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -32,6 +55,10 @@ { "url": "https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1", "source": "security@apache.org" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/10/03/2", + "source": "af854a3a-2127-422b-91ae-364da2661108" } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-487xx/CVE-2024-48783.json b/CVE-2024/CVE-2024-487xx/CVE-2024-48783.json index eb95c46ab7e..65f4b282a72 100644 --- a/CVE-2024/CVE-2024-487xx/CVE-2024-48783.json +++ b/CVE-2024/CVE-2024-487xx/CVE-2024-48783.json @@ -2,8 +2,8 @@ "id": "CVE-2024-48783", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-15T21:15:11.510", - "lastModified": "2024-11-08T15:19:21.263", - "vulnStatus": "Analyzed", + "lastModified": "2024-12-04T15:15:12.120", + "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { @@ -23,6 +23,8 @@ "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -30,12 +32,30 @@ "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE" }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, @@ -49,6 +69,16 @@ "value": "NVD-CWE-noinfo" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-922" + } + ] } ], "configurations": [ diff --git a/CVE-2024/CVE-2024-513xx/CVE-2024-51365.json b/CVE-2024/CVE-2024-513xx/CVE-2024-51365.json new file mode 100644 index 00000000000..2dd521de540 --- /dev/null +++ b/CVE-2024/CVE-2024-513xx/CVE-2024-51365.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-51365", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-21T20:15:44.210", + "lastModified": "2024-12-04T16:15:25.717", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows attackers to execute arbitrary code via uploading a crafted Zip file." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos arbitrarios en el m\u00e9todo importSettings de VisiCut v2.1 permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo Zip manipulado espec\u00edficamente para ello." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "http://visicut.com", + "source": "cve@mitre.org" + }, + { + "url": "https://download.visicut.org/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Gelcon/PoC-of-VisiCut2_1-Stack-Overflow-Vul", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-513xx/CVE-2024-51366.json b/CVE-2024/CVE-2024-513xx/CVE-2024-51366.json new file mode 100644 index 00000000000..4a06f5fd478 --- /dev/null +++ b/CVE-2024/CVE-2024-513xx/CVE-2024-51366.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2024-51366", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-21T20:15:44.413", + "lastModified": "2024-12-04T16:15:25.903", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An arbitrary file upload vulnerability in the component \\Roaming\\Omega of OmegaT v6.0.1 allows attackers to execute arbitrary code via uploading a crafted .conf file." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de carga de archivos arbitrarios en el componente \\Roaming\\Omega de OmegaT v6.0.1 permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo .conf manipulado espec\u00edficamente." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "http://omegat.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Gelcon/PoCofOmegaTV6_0_1", + "source": "cve@mitre.org" + }, + { + "url": "https://omegat.org/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json b/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json index c946f0c5dc5..d06a6090611 100644 --- a/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json +++ b/CVE-2024/CVE-2024-513xx/CVE-2024-51378.json @@ -2,7 +2,7 @@ "id": "CVE-2024-51378", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-29T23:15:04.083", - "lastModified": "2024-12-03T19:15:10.807", + "lastModified": "2024-12-04T16:15:26.087", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -46,7 +46,7 @@ "description": [ { "lang": "en", - "value": "CWE-77" + "value": "CWE-276" } ] } diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53126.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53126.json new file mode 100644 index 00000000000..51ae8939a41 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53126.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53126", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:12.540", + "lastModified": "2024-12-04T15:15:12.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa: solidrun: Fix UB bug with devres\n\nIn psnet_open_pf_bar() and snet_open_vf_bar() a string later passed to\npcim_iomap_regions() is placed on the stack. Neither\npcim_iomap_regions() nor the functions it calls copy that string.\n\nShould the string later ever be used, this, consequently, causes\nundefined behavior since the stack frame will by then have disappeared.\n\nFix the bug by allocating the strings on the heap through\ndevm_kasprintf()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0b364cf53b20204e92bac7c6ebd1ee7d3ec62931", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/5bb287da2d2d5bb8f7376e223b02edb16998982e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d372dd09cfbf1324f54cbffd81fcaf6cdf3e608e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53127.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53127.json new file mode 100644 index 00000000000..b13020570db --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53127.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53127", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:12.637", + "lastModified": "2024-12-04T15:15:12.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K\"\n\nThe commit 8396c793ffdf (\"mmc: dw_mmc: Fix IDMAC operation with pages\nbigger than 4K\") increased the max_req_size, even for 4K pages, causing\nvarious issues:\n- Panic booting the kernel/rootfs from an SD card on Rockchip RK3566\n- Panic booting the kernel/rootfs from an SD card on StarFive JH7100\n- \"swiotlb buffer is full\" and data corruption on StarFive JH7110\n\nAt this stage no fix have been found, so it's probably better to just\nrevert the change.\n\nThis reverts commit 8396c793ffdf28bb8aee7cfe0891080f8cab7890." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1635e407a4a64d08a8517ac59ca14ad4fc785e75", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/56de724c58c07a7ca3aac027cfd2ccb184ed9e4e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8f9416147d7ed414109d3501f1cb3d7a1735b25a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/a4685366f07448420badb710ff5c12aaaadf63ad", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53128.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53128.json new file mode 100644 index 00000000000..99cf63de799 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53128.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-53128", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:12.737", + "lastModified": "2024-12-04T15:15:12.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/task_stack: fix object_is_on_stack() for KASAN tagged pointers\n\nWhen CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, the\nobject_is_on_stack() function may produce incorrect results due to the\npresence of tags in the obj pointer, while the stack pointer does not have\ntags. This discrepancy can lead to incorrect stack object detection and\nsubsequently trigger warnings if CONFIG_DEBUG_OBJECTS is also enabled.\n\nExample of the warning:\n\nODEBUG: object 3eff800082ea7bb0 is NOT on stack ffff800082ea0000, but annotated.\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 __debug_object_init+0x330/0x364\nModules linked in:\nCPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc5 #4\nHardware name: linux,dummy-virt (DT)\npstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __debug_object_init+0x330/0x364\nlr : __debug_object_init+0x330/0x364\nsp : ffff800082ea7b40\nx29: ffff800082ea7b40 x28: 98ff0000c0164518 x27: 98ff0000c0164534\nx26: ffff800082d93ec8 x25: 0000000000000001 x24: 1cff0000c00172a0\nx23: 0000000000000000 x22: ffff800082d93ed0 x21: ffff800081a24418\nx20: 3eff800082ea7bb0 x19: efff800000000000 x18: 0000000000000000\nx17: 00000000000000ff x16: 0000000000000047 x15: 206b63617473206e\nx14: 0000000000000018 x13: ffff800082ea7780 x12: 0ffff800082ea78e\nx11: 0ffff800082ea790 x10: 0ffff800082ea79d x9 : 34d77febe173e800\nx8 : 34d77febe173e800 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : feff800082ea74b8 x4 : ffff800082870a90 x3 : ffff80008018d3c4\nx2 : 0000000000000001 x1 : ffff800082858810 x0 : 0000000000000050\nCall trace:\n __debug_object_init+0x330/0x364\n debug_object_init_on_stack+0x30/0x3c\n schedule_hrtimeout_range_clock+0xac/0x26c\n schedule_hrtimeout+0x1c/0x30\n wait_task_inactive+0x1d4/0x25c\n kthread_bind_mask+0x28/0x98\n init_rescuer+0x1e8/0x280\n workqueue_init+0x1a0/0x3cc\n kernel_init_freeable+0x118/0x200\n kernel_init+0x28/0x1f0\n ret_from_fork+0x10/0x20\n---[ end trace 0000000000000000 ]---\nODEBUG: object 3eff800082ea7bb0 is NOT on stack ffff800082ea0000, but annotated.\n------------[ cut here ]------------" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/fbfe23012cec509dfbe09852019c4e4bb84999d0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/fd7b4f9f46d46acbc7af3a439bb0d869efdc5c58", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53129.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53129.json new file mode 100644 index 00000000000..77d31a829ba --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53129.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53129", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:12.837", + "lastModified": "2024-12-04T15:15:12.837", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop: Fix a dereferenced before check warning\n\nThe 'state' can't be NULL, we should check crtc_state.\n\nFix warning:\ndrivers/gpu/drm/rockchip/rockchip_drm_vop.c:1096\nvop_plane_atomic_async_check() warn: variable dereferenced before check\n'state' (see line 1077)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/1e53059729691ca4d905118258b9fbd17d854174", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/656dbd1c21c2c088c70059cdd43ec83e7d54ec4d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ab1c793f457f740ab7108cc0b1340a402dbf484d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bbf8bc7e75863942028131ae39c23118f62de6c0", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53130.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53130.json new file mode 100644 index 00000000000..19753a2957a --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53130.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53130", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:12.927", + "lastModified": "2024-12-04T15:15:12.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint\n\nWhen using the \"block:block_dirty_buffer\" tracepoint, mark_buffer_dirty()\nmay cause a NULL pointer dereference, or a general protection fault when\nKASAN is enabled.\n\nThis happens because, since the tracepoint was added in\nmark_buffer_dirty(), it references the dev_t member bh->b_bdev->bd_dev\nregardless of whether the buffer head has a pointer to a block_device\nstructure.\n\nIn the current implementation, nilfs_grab_buffer(), which grabs a buffer\nto read (or create) a block of metadata, including b-tree node blocks,\ndoes not set the block device, but instead does so only if the buffer is\nnot in the \"uptodate\" state for each of its caller block reading\nfunctions. However, if the uptodate flag is set on a folio/page, and the\nbuffer heads are detached from it by try_to_free_buffers(), and new buffer\nheads are then attached by create_empty_buffers(), the uptodate flag may\nbe restored to each buffer without the block device being set to\nbh->b_bdev, and mark_buffer_dirty() may be called later in that state,\nresulting in the bug mentioned above.\n\nFix this issue by making nilfs_grab_buffer() always set the block device\nof the super block structure to the buffer head, regardless of the state\nof the buffer's uptodate flag." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2026559a6c4ce34db117d2db8f710fe2a9420d5a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/86b19031dbc79abc378dfae357f6ea33ebeb0c95", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b0e4765740040c44039282057ecacd7435d1d2ba", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ffc440a76a0f476a7e6ea838ec0dc8e9979944d1", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53131.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53131.json new file mode 100644 index 00000000000..61bc0e9784a --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53131.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53131", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.090", + "lastModified": "2024-12-04T15:15:13.090", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix null-ptr-deref in block_touch_buffer tracepoint\n\nPatch series \"nilfs2: fix null-ptr-deref bugs on block tracepoints\".\n\nThis series fixes null pointer dereference bugs that occur when using\nnilfs2 and two block-related tracepoints.\n\n\nThis patch (of 2):\n\nIt has been reported that when using \"block:block_touch_buffer\"\ntracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a\nNULL pointer dereference, or a general protection fault when KASAN is\nenabled.\n\nThis happens because since the tracepoint was added in touch_buffer(), it\nreferences the dev_t member bh->b_bdev->bd_dev regardless of whether the\nbuffer head has a pointer to a block_device structure. In the current\nimplementation, the block_device structure is set after the function\nreturns to the caller.\n\nHere, touch_buffer() is used to mark the folio/page that owns the buffer\nhead as accessed, but the common search helper for folio/page used by the\ncaller function was optimized to mark the folio/page as accessed when it\nwas reimplemented a long time ago, eliminating the need to call\ntouch_buffer() here in the first place.\n\nSo this solves the issue by eliminating the touch_buffer() call itself." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe14d061f4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53132.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53132.json new file mode 100644 index 00000000000..126210e2ca7 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53132.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-53132", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.193", + "lastModified": "2024-12-04T15:15:13.193", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/oa: Fix \"Missing outer runtime PM protection\" warning\n\nFix the following drm_WARN:\n\n[953.586396] xe 0000:00:02.0: [drm] Missing outer runtime PM protection\n...\n<4> [953.587090] ? xe_pm_runtime_get_noresume+0x8d/0xa0 [xe]\n<4> [953.587208] guc_exec_queue_add_msg+0x28/0x130 [xe]\n<4> [953.587319] guc_exec_queue_fini+0x3a/0x40 [xe]\n<4> [953.587425] xe_exec_queue_destroy+0xb3/0xf0 [xe]\n<4> [953.587515] xe_oa_release+0x9c/0xc0 [xe]\n\n(cherry picked from commit b107c63d2953907908fd0cafb0e543b3c3167b75)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/c0403e4ceecaefbeaf78263dffcd3e3f06a19f6b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ed7cd3510d8da6e3578d9125a9ea4440f8adeeaa", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53133.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53133.json new file mode 100644 index 00000000000..4930186209e --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53133.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-53133", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.310", + "lastModified": "2024-12-04T15:15:13.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Handle dml allocation failure to avoid crash\n\n[Why]\nIn the case where a dml allocation fails for any reason, the\ncurrent state's dml contexts would no longer be valid. Then\nsubsequent calls dc_state_copy_internal would shallow copy\ninvalid memory and if the new state was released, a double\nfree would occur.\n\n[How]\nReset dml pointers in new_state to NULL and avoid invalid\npointer\n\n(cherry picked from commit bcafdc61529a48f6f06355d78eb41b3aeda5296c)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/6825cb07b79ffeb1d90ffaa7a1227462cdca34ae", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/874ff59cde8fc525112dda26b501a1bac17dde9f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53134.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53134.json new file mode 100644 index 00000000000..b550708eccd --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53134.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53134", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.503", + "lastModified": "2024-12-04T15:15:13.503", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx93-blk-ctrl: correct remove path\n\nThe check condition should be 'i < bc->onecell_data.num_domains', not\n'bc->onecell_data.num_domains' which will make the look never finish\nand cause kernel panic.\n\nAlso disable runtime to address\n\"imx93-blk-ctrl 4ac10000.system-controller: Unbalanced pm_runtime_enable!\"" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/201fb9e164a1e4c5937de2cf58bcb0327c08664f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/8fc228ab5d38a026eae7183a5f74a4fac43d9b6a", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/f7c7c5aa556378a2c8da72c1f7f238b6648f95fb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53135.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53135.json new file mode 100644 index 00000000000..122c5b120d6 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53135.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53135", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.630", + "lastModified": "2024-12-04T15:15:13.630", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest's) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn't validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/aa0d42cacf093a6fcca872edc954f6f812926a17", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/b91bb0ce5cd7005b376eac690ec664c1b56372ec", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d28b059ee4779b5102c5da6e929762520510e406", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e6716f4230a8784957273ddd27326264b27b9313", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53136.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53136.json new file mode 100644 index 00000000000..0b43b77b454 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53136.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53136", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.737", + "lastModified": "2024-12-04T15:15:13.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: revert \"mm: shmem: fix data-race in shmem_getattr()\"\n\nRevert d949d1d14fa2 (\"mm: shmem: fix data-race in shmem_getattr()\") as\nsuggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over\nNFS.\n\nAs Hugh commented, \"added just to silence a syzbot sanitizer splat: added\nwhere there has never been any practical problem\"." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/5874c1150e77296565ad6e495ef41fbf87570d14", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/64e67e8694252c1bf01b802ee911be3fee62c36b", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/901dc2ad7c3789fa87dc3956f6697c5d62d5cf7e", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d1aa0c04294e29883d65eac6c2f72fe95cc7c049", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53137.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53137.json new file mode 100644 index 00000000000..7bd63720702 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53137.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-53137", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.843", + "lastModified": "2024-12-04T15:15:13.843", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: fix cacheflush with PAN\n\nIt seems that the cacheflush syscall got broken when PAN for LPAE was\nimplemented. User access was not enabled around the cache maintenance\ninstructions, causing them to fault." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/ca29cfcc4a21083d671522ad384532e28a43f033", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/e6960a2ed49c9a25357817535f7cc50594a58604", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53138.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53138.json new file mode 100644 index 00000000000..adf4e58cf49 --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53138.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53138", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:13.983", + "lastModified": "2024-12-04T15:15:13.983", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: kTLS, Fix incorrect page refcounting\n\nThe kTLS tx handling code is using a mix of get_page() and\npage_ref_inc() APIs to increment the page reference. But on the release\npath (mlx5e_ktls_tx_handle_resync_dump_comp()), only put_page() is used.\n\nThis is an issue when using pages from large folios: the get_page()\nreferences are stored on the folio page while the page_ref_inc()\nreferences are stored directly in the given page. On release the folio\npage will be dereferenced too many times.\n\nThis was found while doing kTLS testing with sendfile() + ZC when the\nserved file was read from NFS on a kernel with NFS large folios support\n(commit 49b29a573da8 (\"nfs: add support for large folios\"))." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/2723e8b2cbd486cb96e5a61b22473f7fd62e18df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/69fbd07f17b0fdaf8970bc705f5bf115c297839d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/93a14620b97c911489a5b008782f3d9b0c4aeff4", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/dd6e972cc5890d91d6749bb48e3912721c4e4b25", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53139.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53139.json new file mode 100644 index 00000000000..13da5d19ddb --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53139.json @@ -0,0 +1,29 @@ +{ + "id": "CVE-2024-53139", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:15.643", + "lastModified": "2024-12-04T15:15:15.643", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix possible UAF in sctp_v6_available()\n\nA lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints\nthat sctp_v6_available() is calling dev_get_by_index_rcu()\nand ipv6_chk_addr() without holding rcu.\n\n[1]\n =============================\n WARNING: suspicious RCU usage\n 6.12.0-rc5-virtme #1216 Tainted: G W\n -----------------------------\n net/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by sctp_hello/31495:\n #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp\n\nstack backtrace:\n CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216\n Tainted: [W]=WARN\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Call Trace:\n \n dump_stack_lvl (lib/dump_stack.c:123)\n lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)\n dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7))\n sctp_v6_available (net/sctp/ipv6.c:701) sctp\n sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp\n sctp_bind (net/sctp/socket.c:320) sctp\n inet6_bind_sk (net/ipv6/af_inet6.c:465)\n ? security_socket_bind (security/security.c:4581 (discriminator 1))\n __sys_bind (net/socket.c:1848 net/socket.c:1869)\n ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340)\n ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13))\n __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1))\n do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n RIP: 0033:0x7f59b934a1e7\n Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48\nAll code\n========\n 0:\t44 00 00 \tadd %r8b,(%rax)\n 3:\t48 8b 15 39 8c 0c 00 \tmov 0xc8c39(%rip),%rdx # 0xc8c43\n a:\tf7 d8 \tneg %eax\n c:\t64 89 02 \tmov %eax,%fs:(%rdx)\n f:\tb8 ff ff ff ff \tmov $0xffffffff,%eax\n 14:\teb bd \tjmp 0xffffffffffffffd3\n 16:\t66 2e 0f 1f 84 00 00 \tcs nopw 0x0(%rax,%rax,1)\n 1d:\t00 00 00\n 20:\t0f 1f 00 \tnopl (%rax)\n 23:\tb8 31 00 00 00 \tmov $0x31,%eax\n 28:\t0f 05 \tsyscall\n 2a:*\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\t\t<-- trapping instruction\n 30:\t73 01 \tjae 0x33\n 32:\tc3 \tret\n 33:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c43\n 3a:\tf7 d8 \tneg %eax\n 3c:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 3f:\t48 \trex.W\n\nCode starting with the faulting instruction\n===========================================\n 0:\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\n 6:\t73 01 \tjae 0x9\n 8:\tc3 \tret\n 9:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c19\n 10:\tf7 d8 \tneg %eax\n 12:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 15:\t48 \trex.W\n RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031\n RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7\n RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000\n R10: 00007f59b9253298 R11: 000000000000\n---truncated---" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/05656a66592759242c74063616291b7274d11b2f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/ad975697211f4f2c4ce61c3ba524fd14d88ceab8", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/eb72e7fcc83987d5d5595b43222f23b295d5de7f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-531xx/CVE-2024-53140.json b/CVE-2024/CVE-2024-531xx/CVE-2024-53140.json new file mode 100644 index 00000000000..fc26ee63b8e --- /dev/null +++ b/CVE-2024/CVE-2024-531xx/CVE-2024-53140.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-53140", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2024-12-04T15:15:16.803", + "lastModified": "2024-12-04T15:15:16.803", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon't actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we're back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn't have to take a reference of its own." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/176c41b3ca9281a9736b67c6121b03dbf0c8c08f", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/1904fb9ebf911441f90a68e96b22aa73e4410505", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/4e87a52133284afbd40fb522dbf96e258af52a98", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/bbc769d2fa1b8b368c5fbe013b5b096afa3c05ca", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-534xx/CVE-2024-53432.json b/CVE-2024/CVE-2024-534xx/CVE-2024-53432.json new file mode 100644 index 00000000000..4b929f847cc --- /dev/null +++ b/CVE-2024/CVE-2024-534xx/CVE-2024-53432.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-53432", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-11-21T18:15:14.420", + "lastModified": "2024-12-04T16:15:26.240", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "While parsing certain malformed PLY files, PCL version 1.14.1 crashes due to an uncaught std::out_of_range exception in PCLPointCloud2::at. This issue could potentially be exploited to cause a denial-of-service (DoS) attack when processing untrusted PLY files." + }, + { + "lang": "es", + "value": "Al analizar ciertos archivos PLY malformados, la versi\u00f3n 1.14.1 de PCL se bloquea debido a una excepci\u00f3n std::out_of_range no detectada en PCLPointCloud2::at. Este problema podr\u00eda aprovecharse para provocar un ataque de denegaci\u00f3n de servicio (DoS) al procesar archivos PLY que no son de confianza." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/PointCloudLibrary/pcl/issues/6162", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-536xx/CVE-2024-53614.json b/CVE-2024/CVE-2024-536xx/CVE-2024-53614.json new file mode 100644 index 00000000000..dd0a65f9606 --- /dev/null +++ b/CVE-2024/CVE-2024-536xx/CVE-2024-53614.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-53614", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-12-04T16:15:26.413", + "lastModified": "2024-12-04T16:15:26.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive data and execute arbitrary commands with elevated privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://thinkware.com", + "source": "cve@mitre.org" + }, + { + "url": "https://geochen.medium.com/cve-2024-53614-61b48c3b45d6", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-540xx/CVE-2024-54002.json b/CVE-2024/CVE-2024-540xx/CVE-2024-54002.json new file mode 100644 index 00000000000..9b4a47ae435 --- /dev/null +++ b/CVE-2024/CVE-2024-540xx/CVE-2024-54002.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54002", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-04T16:15:26.537", + "lastModified": "2024-12-04T16:15:26.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Performing a login request against the /api/v1/user/login endpoint with a username that exist in the system takes significantly longer than performing the same action with a username that is not known by the system. The observable difference in request duration can be leveraged by actors to enumerate valid names of managed users. LDAP and OpenID Connect users are not affected. The issue has been fixed in Dependency-Track 4.12.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/DependencyTrack/dependency-track/security/advisories/GHSA-9w3m-hm36-w32w", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-541xx/CVE-2024-54132.json b/CVE-2024/CVE-2024-541xx/CVE-2024-54132.json new file mode 100644 index 00000000000..47b516c6d55 --- /dev/null +++ b/CVE-2024/CVE-2024-541xx/CVE-2024-54132.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-54132", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-04T16:15:26.730", + "lastModified": "2024-12-04T16:15:26.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The GitHub CLI is GitHub\u2019s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from a GitHub Actions workflow artifact named .. when downloaded using gh run download. The artifact name and --dir flag are used to determine the artifact\u2019s download path. When the artifact is named .., the resulting files within the artifact are extracted exactly 1 directory higher than the specified --dir flag value. This vulnerability is fixed in 2.63.1." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "GREEN" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/cli/cli/commit/1136764c369aaf0cae4ec2ee09dc35d871076932", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/cli/cli/security/advisories/GHSA-2m9h-r57g-45pj", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-541xx/CVE-2024-54134.json b/CVE-2024/CVE-2024-541xx/CVE-2024-54134.json new file mode 100644 index 00000000000..1e65f5ab9f5 --- /dev/null +++ b/CVE-2024/CVE-2024-541xx/CVE-2024-54134.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2024-54134", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-12-04T16:15:26.883", + "lastModified": "2024-12-04T16:15:26.883", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A publish-access account was compromised for `@solana/web3.js`, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots, that handle private keys directly. This issue should not affect non-custodial wallets, as they generally do not expose private keys during transactions. This is not an issue with the Solana protocol itself, but with a specific JavaScript client library and only appears to affect projects that directly handle private keys and that updated within the window of 3:20pm UTC and 8:25pm UTC on Tuesday, December 3, 2024. These two unauthorized versions (1.95.6 and 1.95.7) were caught within hours and have since been unpublished. All Solana app developers should upgrade to version 1.95.8. Developers that suspect they might be compromised should rotate any suspect authority keys, including multisigs, program authorities, server keypairs, and so on." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnerableSystemConfidentiality": "HIGH", + "vulnerableSystemIntegrity": "NONE", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "HIGH", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-jcxm-7wvp-g6p5", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-546xx/CVE-2024-54661.json b/CVE-2024/CVE-2024-546xx/CVE-2024-54661.json index 90a161da5e7..a27c0fbec5b 100644 --- a/CVE-2024/CVE-2024-546xx/CVE-2024-54661.json +++ b/CVE-2024/CVE-2024-546xx/CVE-2024-54661.json @@ -2,16 +2,43 @@ "id": "CVE-2024-54661", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-04T05:15:07.967", - "lastModified": "2024-12-04T05:15:07.967", + "lastModified": "2024-12-04T15:15:17.580", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file." + }, + { + "lang": "es", + "value": " readline.sh en socat hasta 1.8.0.1 se basa en el archivo /tmp/$USER/stderr2." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, "references": [ { "url": "https://repo.or.cz/socat.git/blob/6ff391324d2d3b9f6bfb58e7d16a20be43b47af7:/readline.sh#l29", diff --git a/CVE-2024/CVE-2024-546xx/CVE-2024-54664.json b/CVE-2024/CVE-2024-546xx/CVE-2024-54664.json index abebc963b3c..283b7042e54 100644 --- a/CVE-2024/CVE-2024-546xx/CVE-2024-54664.json +++ b/CVE-2024/CVE-2024-546xx/CVE-2024-54664.json @@ -2,13 +2,17 @@ "id": "CVE-2024-54664", "sourceIdentifier": "cve@mitre.org", "published": "2024-12-04T06:15:08.357", - "lastModified": "2024-12-04T06:15:08.357", + "lastModified": "2024-12-04T15:15:18.093", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL could be loaded, resulting in execution of the attacker's code in the user's security context, a different vulnerability than CVE-2024-52945." + }, + { + "lang": "es", + "value": " Se descubri\u00f3 un problema en Veritas NetBackup anterior a la versi\u00f3n 10.5. Esto solo se aplica a los componentes de NetBackup que se ejecutan en un sistema operativo Windows. Si un usuario ejecuta comandos espec\u00edficos de NetBackup o un atacante utiliza t\u00e9cnicas de ingenier\u00eda social para obligar al usuario a ejecutar los comandos, se podr\u00eda cargar una DLL maliciosa, lo que provocar\u00eda la ejecuci\u00f3n del c\u00f3digo del atacante en el contexto de seguridad del usuario, una vulnerabilidad diferente a CVE-2024-52945." } ], "metrics": { @@ -35,6 +39,18 @@ } ] }, + "weaknesses": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "references": [ { "url": "https://www.veritas.com/content/support/en_US/security/VTS24-012", diff --git a/CVE-2024/CVE-2024-74xx/CVE-2024-7488.json b/CVE-2024/CVE-2024-74xx/CVE-2024-7488.json index cd1082ba291..35e65ff4086 100644 --- a/CVE-2024/CVE-2024-74xx/CVE-2024-7488.json +++ b/CVE-2024/CVE-2024-74xx/CVE-2024-7488.json @@ -2,7 +2,7 @@ "id": "CVE-2024-7488", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2024-12-04T14:15:21.000", - "lastModified": "2024-12-04T14:15:21.000", + "lastModified": "2024-12-04T15:15:18.310", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,7 @@ "cvssMetricV31": [ { "source": "iletisim@usom.gov.tr", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", @@ -45,6 +45,16 @@ "value": "CWE-20" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] } ], "references": [ diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8843.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8843.json index 46d89c00224..e59154f0994 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8843.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8843.json @@ -2,15 +2,42 @@ "id": "CVE-2024-8843", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:22.887", - "lastModified": "2024-11-22T21:15:22.887", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:38:13.297", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24495." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos JB2 de PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos JB2. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24495." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0.386", + "versionEndExcluding": "10.4.0.388", + "matchCriteriaId": "CCBDE41C-2363-4E7E-9F00-4401DF124C0F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0.386", + "versionEndExcluding": "10.4.0.388", + "matchCriteriaId": "A461E260-0A49-4131-86AB-6E3754F00630" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1266/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8844.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8844.json index 177536260f4..b58cd215970 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8844.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8844.json @@ -2,15 +2,42 @@ "id": "CVE-2024-8844", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:23.003", - "lastModified": "2024-11-22T21:15:23.003", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:38:10.040", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24550." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PDF del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24550." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0.386", + "versionEndExcluding": "10.4.0.388", + "matchCriteriaId": "CCBDE41C-2363-4E7E-9F00-4401DF124C0F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0.386", + "versionEndExcluding": "10.4.0.388", + "matchCriteriaId": "A461E260-0A49-4131-86AB-6E3754F00630" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1267/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8845.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8845.json index c990c800ae4..a6996ffd992 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8845.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8845.json @@ -2,15 +2,42 @@ "id": "CVE-2024-8845", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:23.110", - "lastModified": "2024-11-22T21:15:23.110", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:38:07.607", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24553." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PDF del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos PDF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24553." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0.386", + "versionEndExcluding": "10.4.0.388", + "matchCriteriaId": "CCBDE41C-2363-4E7E-9F00-4401DF124C0F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.3.0.386", + "versionEndExcluding": "10.4.0.388", + "matchCriteriaId": "A461E260-0A49-4131-86AB-6E3754F00630" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1268/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8846.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8846.json index e681b8d6358..a64e80626f6 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8846.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8846.json @@ -2,15 +2,42 @@ "id": "CVE-2024-8846", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:23.230", - "lastModified": "2024-11-22T21:15:23.230", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:42:04.860", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-24835." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos TIF del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el an\u00e1lisis de archivos TIF. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-24835." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,35 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "D0469A99-6E90-46A7-8698-77D7EB92D4C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "2198B487-C8B6-45E2-B12E-8F8DCB87334D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1269/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8847.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8847.json index 01a50593de7..8fa9489cdfc 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8847.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8847.json @@ -2,15 +2,42 @@ "id": "CVE-2024-8847", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:23.367", - "lastModified": "2024-11-22T21:15:23.367", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:42:07.103", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25198." + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remoto por lectura fuera de los l\u00edmites de objetos Doc en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de objetos Doc. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de un b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-25198." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,35 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "D0469A99-6E90-46A7-8698-77D7EB92D4C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "2198B487-C8B6-45E2-B12E-8F8DCB87334D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1270/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8848.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8848.json index 2645dd93730..9802aa0eac3 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8848.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8848.json @@ -2,15 +2,42 @@ "id": "CVE-2024-8848", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:23.500", - "lastModified": "2024-11-22T21:15:23.500", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:42:08.827", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-25268." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en AcroForm del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-25268." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,35 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "D0469A99-6E90-46A7-8698-77D7EB92D4C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "2198B487-C8B6-45E2-B12E-8F8DCB87334D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1271/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-88xx/CVE-2024-8849.json b/CVE-2024/CVE-2024-88xx/CVE-2024-8849.json index 5fe2acb9a31..049b8c1df9b 100644 --- a/CVE-2024/CVE-2024-88xx/CVE-2024-8849.json +++ b/CVE-2024/CVE-2024-88xx/CVE-2024-8849.json @@ -2,15 +2,42 @@ "id": "CVE-2024-8849", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-11-22T21:15:23.650", - "lastModified": "2024-11-22T21:15:23.650", - "vulnStatus": "Received", + "lastModified": "2024-12-04T16:42:10.820", + "vulnStatus": "Analyzed", + "cveTags": [], "descriptions": [ { "lang": "en", "value": "PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-25269." + }, + { + "lang": "es", + "value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en AcroForm del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre instalaciones afectadas de PDF-XChange Editor. Se requiere la interacci\u00f3n del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica existe en el manejo de AcroForms. El problema es el resultado de la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede resultar en una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-25269." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -46,10 +73,35 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "D0469A99-6E90-46A7-8698-77D7EB92D4C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.1.387:*:*:*:*:*:*:*", + "matchCriteriaId": "2198B487-C8B6-45E2-B12E-8F8DCB87334D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1272/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 9d3774eb5cd..8ae81f9a484 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-04T15:02:14.826318+00:00 +2024-12-04T17:00:55.533514+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-04T14:57:13.823000+00:00 +2024-12-04T17:00:07.247000+00:00 ``` ### Last Data Feed Release @@ -33,47 +33,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -272101 +272129 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `28` -- [CVE-2024-11935](CVE-2024/CVE-2024-119xx/CVE-2024-11935.json) (`2024-12-04T13:15:05.910`) -- [CVE-2024-12138](CVE-2024/CVE-2024-121xx/CVE-2024-12138.json) (`2024-12-04T14:15:19.413`) -- [CVE-2024-51465](CVE-2024/CVE-2024-514xx/CVE-2024-51465.json) (`2024-12-04T14:15:20.223`) -- [CVE-2024-53125](CVE-2024/CVE-2024-531xx/CVE-2024-53125.json) (`2024-12-04T14:15:20.460`) -- [CVE-2024-7488](CVE-2024/CVE-2024-74xx/CVE-2024-7488.json) (`2024-12-04T14:15:21.000`) +- [CVE-2024-37575](CVE-2024/CVE-2024-375xx/CVE-2024-37575.json) (`2024-12-04T16:15:24.983`) +- [CVE-2024-40744](CVE-2024/CVE-2024-407xx/CVE-2024-40744.json) (`2024-12-04T15:15:11.057`) +- [CVE-2024-40745](CVE-2024/CVE-2024-407xx/CVE-2024-40745.json) (`2024-12-04T15:15:11.170`) +- [CVE-2024-51365](CVE-2024/CVE-2024-513xx/CVE-2024-51365.json) (`2024-11-21T20:15:44.210`) +- [CVE-2024-51366](CVE-2024/CVE-2024-513xx/CVE-2024-51366.json) (`2024-11-21T20:15:44.413`) +- [CVE-2024-53126](CVE-2024/CVE-2024-531xx/CVE-2024-53126.json) (`2024-12-04T15:15:12.540`) +- [CVE-2024-53127](CVE-2024/CVE-2024-531xx/CVE-2024-53127.json) (`2024-12-04T15:15:12.637`) +- [CVE-2024-53128](CVE-2024/CVE-2024-531xx/CVE-2024-53128.json) (`2024-12-04T15:15:12.737`) +- [CVE-2024-53129](CVE-2024/CVE-2024-531xx/CVE-2024-53129.json) (`2024-12-04T15:15:12.837`) +- [CVE-2024-53130](CVE-2024/CVE-2024-531xx/CVE-2024-53130.json) (`2024-12-04T15:15:12.927`) +- [CVE-2024-53131](CVE-2024/CVE-2024-531xx/CVE-2024-53131.json) (`2024-12-04T15:15:13.090`) +- [CVE-2024-53132](CVE-2024/CVE-2024-531xx/CVE-2024-53132.json) (`2024-12-04T15:15:13.193`) +- [CVE-2024-53133](CVE-2024/CVE-2024-531xx/CVE-2024-53133.json) (`2024-12-04T15:15:13.310`) +- [CVE-2024-53134](CVE-2024/CVE-2024-531xx/CVE-2024-53134.json) (`2024-12-04T15:15:13.503`) +- [CVE-2024-53135](CVE-2024/CVE-2024-531xx/CVE-2024-53135.json) (`2024-12-04T15:15:13.630`) +- [CVE-2024-53136](CVE-2024/CVE-2024-531xx/CVE-2024-53136.json) (`2024-12-04T15:15:13.737`) +- [CVE-2024-53137](CVE-2024/CVE-2024-531xx/CVE-2024-53137.json) (`2024-12-04T15:15:13.843`) +- [CVE-2024-53138](CVE-2024/CVE-2024-531xx/CVE-2024-53138.json) (`2024-12-04T15:15:13.983`) +- [CVE-2024-53139](CVE-2024/CVE-2024-531xx/CVE-2024-53139.json) (`2024-12-04T15:15:15.643`) +- [CVE-2024-53140](CVE-2024/CVE-2024-531xx/CVE-2024-53140.json) (`2024-12-04T15:15:16.803`) +- [CVE-2024-53432](CVE-2024/CVE-2024-534xx/CVE-2024-53432.json) (`2024-11-21T18:15:14.420`) +- [CVE-2024-53614](CVE-2024/CVE-2024-536xx/CVE-2024-53614.json) (`2024-12-04T16:15:26.413`) +- [CVE-2024-54002](CVE-2024/CVE-2024-540xx/CVE-2024-54002.json) (`2024-12-04T16:15:26.537`) +- [CVE-2024-54132](CVE-2024/CVE-2024-541xx/CVE-2024-54132.json) (`2024-12-04T16:15:26.730`) +- [CVE-2024-54134](CVE-2024/CVE-2024-541xx/CVE-2024-54134.json) (`2024-12-04T16:15:26.883`) ### CVEs modified in the last Commit -Recently modified CVEs: `23` +Recently modified CVEs: `67` -- [CVE-2023-40735](CVE-2023/CVE-2023-407xx/CVE-2023-40735.json) (`2024-12-04T13:15:05.183`) -- [CVE-2024-30271](CVE-2024/CVE-2024-302xx/CVE-2024-30271.json) (`2024-12-04T14:57:13.823`) -- [CVE-2024-30272](CVE-2024/CVE-2024-302xx/CVE-2024-30272.json) (`2024-12-04T14:45:39.650`) -- [CVE-2024-30273](CVE-2024/CVE-2024-302xx/CVE-2024-30273.json) (`2024-12-04T14:35:16.303`) -- [CVE-2024-52277](CVE-2024/CVE-2024-522xx/CVE-2024-52277.json) (`2024-12-04T13:15:06.080`) -- [CVE-2024-8812](CVE-2024/CVE-2024-88xx/CVE-2024-8812.json) (`2024-12-04T14:56:07.463`) -- [CVE-2024-8813](CVE-2024/CVE-2024-88xx/CVE-2024-8813.json) (`2024-12-04T14:56:03.620`) -- [CVE-2024-8814](CVE-2024/CVE-2024-88xx/CVE-2024-8814.json) (`2024-12-04T14:55:59.677`) -- [CVE-2024-8815](CVE-2024/CVE-2024-88xx/CVE-2024-8815.json) (`2024-12-04T14:55:55.787`) -- [CVE-2024-8816](CVE-2024/CVE-2024-88xx/CVE-2024-8816.json) (`2024-12-04T14:55:51.693`) -- [CVE-2024-8817](CVE-2024/CVE-2024-88xx/CVE-2024-8817.json) (`2024-12-04T14:55:21.647`) -- [CVE-2024-8818](CVE-2024/CVE-2024-88xx/CVE-2024-8818.json) (`2024-12-04T14:55:10.590`) -- [CVE-2024-8819](CVE-2024/CVE-2024-88xx/CVE-2024-8819.json) (`2024-12-04T14:50:28.667`) -- [CVE-2024-8820](CVE-2024/CVE-2024-88xx/CVE-2024-8820.json) (`2024-12-04T14:49:53.280`) -- [CVE-2024-8821](CVE-2024/CVE-2024-88xx/CVE-2024-8821.json) (`2024-12-04T14:48:52.033`) -- [CVE-2024-8822](CVE-2024/CVE-2024-88xx/CVE-2024-8822.json) (`2024-12-04T14:47:30.647`) -- [CVE-2024-8823](CVE-2024/CVE-2024-88xx/CVE-2024-8823.json) (`2024-12-04T14:45:59.687`) -- [CVE-2024-8824](CVE-2024/CVE-2024-88xx/CVE-2024-8824.json) (`2024-12-04T14:44:31.470`) -- [CVE-2024-8839](CVE-2024/CVE-2024-88xx/CVE-2024-8839.json) (`2024-12-04T14:43:09.680`) -- [CVE-2024-8840](CVE-2024/CVE-2024-88xx/CVE-2024-8840.json) (`2024-12-04T14:42:12.897`) -- [CVE-2024-8841](CVE-2024/CVE-2024-88xx/CVE-2024-8841.json) (`2024-12-04T14:41:07.097`) -- [CVE-2024-8842](CVE-2024/CVE-2024-88xx/CVE-2024-8842.json) (`2024-12-04T14:38:40.640`) -- [CVE-2024-8962](CVE-2024/CVE-2024-89xx/CVE-2024-8962.json) (`2024-12-04T12:15:20.913`) +- [CVE-2024-28832](CVE-2024/CVE-2024-288xx/CVE-2024-28832.json) (`2024-12-04T16:15:21.077`) +- [CVE-2024-30275](CVE-2024/CVE-2024-302xx/CVE-2024-30275.json) (`2024-12-04T16:39:21.643`) +- [CVE-2024-30281](CVE-2024/CVE-2024-302xx/CVE-2024-30281.json) (`2024-12-04T16:37:57.617`) +- [CVE-2024-38857](CVE-2024/CVE-2024-388xx/CVE-2024-38857.json) (`2024-12-04T15:37:16.290`) +- [CVE-2024-39165](CVE-2024/CVE-2024-391xx/CVE-2024-39165.json) (`2024-12-04T16:15:25.093`) +- [CVE-2024-42451](CVE-2024/CVE-2024-424xx/CVE-2024-42451.json) (`2024-12-04T15:15:11.273`) +- [CVE-2024-42452](CVE-2024/CVE-2024-424xx/CVE-2024-42452.json) (`2024-12-04T16:15:25.317`) +- [CVE-2024-42453](CVE-2024/CVE-2024-424xx/CVE-2024-42453.json) (`2024-12-04T15:15:11.390`) +- [CVE-2024-42457](CVE-2024/CVE-2024-424xx/CVE-2024-42457.json) (`2024-12-04T16:15:25.450`) +- [CVE-2024-43091](CVE-2024/CVE-2024-430xx/CVE-2024-43091.json) (`2024-12-04T15:15:11.497`) +- [CVE-2024-45207](CVE-2024/CVE-2024-452xx/CVE-2024-45207.json) (`2024-12-04T16:15:25.580`) +- [CVE-2024-46624](CVE-2024/CVE-2024-466xx/CVE-2024-46624.json) (`2024-12-04T15:15:11.727`) +- [CVE-2024-47554](CVE-2024/CVE-2024-475xx/CVE-2024-47554.json) (`2024-12-04T15:15:11.940`) +- [CVE-2024-48783](CVE-2024/CVE-2024-487xx/CVE-2024-48783.json) (`2024-12-04T15:15:12.120`) +- [CVE-2024-51378](CVE-2024/CVE-2024-513xx/CVE-2024-51378.json) (`2024-12-04T16:15:26.087`) +- [CVE-2024-54661](CVE-2024/CVE-2024-546xx/CVE-2024-54661.json) (`2024-12-04T15:15:17.580`) +- [CVE-2024-54664](CVE-2024/CVE-2024-546xx/CVE-2024-54664.json) (`2024-12-04T15:15:18.093`) +- [CVE-2024-7488](CVE-2024/CVE-2024-74xx/CVE-2024-7488.json) (`2024-12-04T15:15:18.310`) +- [CVE-2024-8843](CVE-2024/CVE-2024-88xx/CVE-2024-8843.json) (`2024-12-04T16:38:13.297`) +- [CVE-2024-8844](CVE-2024/CVE-2024-88xx/CVE-2024-8844.json) (`2024-12-04T16:38:10.040`) +- [CVE-2024-8845](CVE-2024/CVE-2024-88xx/CVE-2024-8845.json) (`2024-12-04T16:38:07.607`) +- [CVE-2024-8846](CVE-2024/CVE-2024-88xx/CVE-2024-8846.json) (`2024-12-04T16:42:04.860`) +- [CVE-2024-8847](CVE-2024/CVE-2024-88xx/CVE-2024-8847.json) (`2024-12-04T16:42:07.103`) +- [CVE-2024-8848](CVE-2024/CVE-2024-88xx/CVE-2024-8848.json) (`2024-12-04T16:42:08.827`) +- [CVE-2024-8849](CVE-2024/CVE-2024-88xx/CVE-2024-8849.json) (`2024-12-04T16:42:10.820`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 1d98f29cb14..4b53b7ecd6d 100644 --- a/_state.csv +++ b/_state.csv @@ -130170,7 +130170,7 @@ CVE-2019-11878,0,0,60e63f300200d6374b5d6417c27459c70d3fc1712724705af1bc85497eb29 CVE-2019-11879,0,0,8db403e31e86ef94aa6386fe68db01fd9fb48be021090400a60a64c2353a5b80,2024-11-21T04:21:56.713000 CVE-2019-1188,0,0,dca4e950e48b09ba0ef2237981f41dcf66536e82c58f387f82c2ba4c8e000d4d,2024-11-21T04:36:12.563000 CVE-2019-11880,0,0,0fc9ccf38444b9a010df24a0695c942c3d2d7c1c9b4b901340881d7614d7ea48,2024-11-21T04:21:56.850000 -CVE-2019-11881,0,0,ba864baf454b31d1ae915debb083c88d65367fe14c1f8c3fb427e29d468c42e0,2024-11-21T04:21:56.987000 +CVE-2019-11881,0,1,ad56e30f904a01f1d6f08ec17da6627ef3cbec2f9d7e75cd066898194bc9a71d,2024-12-04T15:15:07.187000 CVE-2019-11884,0,0,0126912028053ba5e390ae349d371374199bf6d94bbc45f01609ec37fb809c1c,2024-11-21T04:21:57.123000 CVE-2019-11885,0,0,3f88ba9baf0300db7d5768d3e9a77232978f996c749e18708cd6c827311b3038,2024-11-21T04:21:57.323000 CVE-2019-11886,0,0,28241fb0d91b1a971de3e84e66be69e84a71c71342df50dbc911723883515e46,2024-11-21T04:21:57.453000 @@ -215892,7 +215892,7 @@ CVE-2023-21204,0,0,8ec52cac1cc57a934cde51f93ae87fbabe93f15783c9ea97aa80052778f2e CVE-2023-21205,0,0,4640bdce484581b63b2290811ee2b2a6d21ab4de9a7673a8f1aacaff335d8f63,2023-07-05T20:34:04.573000 CVE-2023-21206,0,0,b11482e80b3b7ae5575a083d75035f972ad4676e66dd0a70dffc6aad8f6b954b,2023-07-05T20:34:02.357000 CVE-2023-21207,0,0,43ed70791d6189d7c10b8c85126a67773a7c6d61eaeee60bfd086d0a9afc505c,2023-07-05T20:34:52.277000 -CVE-2023-21208,0,0,9e62e0fba9dd68500793adbc765540c7231075eee8b3528e0e8d3309e9354433,2023-07-05T20:35:19.113000 +CVE-2023-21208,0,1,fff78a9173c94affcc14c689aa52d7ccb785e9831878df0f8d5249b912ec8463,2024-12-04T16:15:20.150000 CVE-2023-21209,0,0,1e93a9505e162b026458bd58479591108659afeac1a8e8152b1c8bdf0def781f,2023-07-05T20:36:09.567000 CVE-2023-2121,0,0,bcaa63972fd4141d67d9a735acb1deeb4c552e14bdef8af61e2b2b78f6011717,2023-06-16T15:56:52.060000 CVE-2023-21210,0,0,27f2f828ece26fc5ea07447dbb3ef7a84292d4b50ac04df3a4e6d49fce4cbbdd,2023-07-06T01:06:42.483000 @@ -220759,7 +220759,7 @@ CVE-2023-27193,0,0,db011b9c20b0a7ec3fe7191d94d708aaf84e402b7845de7a6217b63a157f1 CVE-2023-27195,0,0,1db344883bab5d24ba38dd104980a3f54b0f34fa4fd99cc74c7709276c32fdf2,2024-11-08T19:01:03.880000 CVE-2023-27197,0,0,e4893c777b607c81209ff71550aea955bb1173b406a50f011540af73d07be5b7,2024-04-23T14:15:08.123000 CVE-2023-27198,0,0,d7c5d99d6e1c2d2350e3e97ed6cdfbc824dd778955fb5505c7385cdd6dd3931d,2024-07-03T01:39:41.580000 -CVE-2023-27199,0,0,985816829dca5aafda4ab3255cd7c5230e1b1c3559f7c2d5fcdd1ddc36dda006,2024-04-23T14:15:08.290000 +CVE-2023-27199,0,1,f52e678322b83023c324e2d55ad56e8e9fb4a4e93977a5e149525ab199baa64a,2024-12-04T16:15:20.393000 CVE-2023-27202,0,0,70730dd2567b106f0e0e2320f2aaf5636283bbc3a02331695f2c90762b37848a,2023-03-13T03:51:33.370000 CVE-2023-27203,0,0,a8603f14232197c141f1c3e4d8f23acd3a8201c521d23233875799924c295333,2023-03-13T03:51:39.573000 CVE-2023-27204,0,0,26f784a5df15f665e49ab1fcc4fad8f4fe8194f2c71fb80d7a4492fa46d2e486,2023-03-13T03:51:44.600000 @@ -225107,7 +225107,7 @@ CVE-2023-32619,0,0,efedb5478e604f4427316aad5814054fb30dfe5a182f27be16e5658b3f9c9 CVE-2023-3262,0,0,0211d95fb873faeefc7598b055ba57ab843a16b5034ef3301028eaae024fec2c,2023-08-25T06:15:09.797000 CVE-2023-32620,0,0,8d7d3fd55c1278b59cba81bffb9150a561d52098456668ec6539b6e54441b6c9,2023-07-06T23:39:14.747000 CVE-2023-32621,0,0,2440a84ed4a735262ea93249e732473f9489e2961da473f444a670fb0457c050,2023-07-06T23:39:27.227000 -CVE-2023-32622,0,0,71747ab46c33456aed476e4425613d72e88f3406e6c48f880eedf8e6b8a2c59e,2023-07-06T23:39:37.940000 +CVE-2023-32622,0,1,c048ce1b86c6eabe732e2869e84e05a7ca0f03310313ae80a9c7bb6b6cc195d5,2024-12-04T16:15:22.143000 CVE-2023-32623,0,0,30ff1279195a6636057104c5dab6bf90f9094c454e8c98830e8ff9889b1dbcea,2023-07-21T19:19:23.793000 CVE-2023-32624,0,0,b7f16c801dcd157fb7ede4a52f1e7501cafb88f6b0e5e589e72ddfda3a58cce4,2023-08-07T19:32:10.417000 CVE-2023-32625,0,0,8b56ef61f638262055fb85e3f151f40250cb418f506a6b1e66b6d000f1dce0e0,2023-08-07T19:33:29.343000 @@ -231335,7 +231335,7 @@ CVE-2023-4073,0,0,f38da659b6673c490161e8d4cab88eac5a3d08db3aa00ddc31bba9a3c441f4 CVE-2023-40730,0,0,e53bc04f867a544c5c2142f4a7a7d3e2044be62442a64262e5df3e630faa7cc3,2023-09-14T17:00:29.273000 CVE-2023-40731,0,0,0d3b4e375c466ae10676028b39f9bcec599de7e021f7941e33591b60d27b8d5d,2023-09-14T16:59:57.110000 CVE-2023-40732,0,0,0de335b97cb2d8ea28ba2daf4a9181c7d5927ddd29e5111dad0cca9b99f8a9b1,2023-09-14T16:49:50.890000 -CVE-2023-40735,0,1,f27d911e4b1df0d5478b3a7881e66ba6fd52bceb01ac3a5de94b784c69d8aefa,2024-12-04T13:15:05.183000 +CVE-2023-40735,0,0,f27d911e4b1df0d5478b3a7881e66ba6fd52bceb01ac3a5de94b784c69d8aefa,2024-12-04T13:15:05.183000 CVE-2023-4074,0,0,51839cd8c1d88842439840ca3e3c8c020fefa804c32fe4e5a053d3a124748d9b,2024-01-31T17:15:14.080000 CVE-2023-40743,0,0,0f73d9585b00b12c90cacbe8597e86a593f7f0029cedf8511d7b2ade05b82d99,2024-08-02T19:15:56.317000 CVE-2023-40744,0,0,bd2ca97004f8ab866b5a6f1be3d1e9b3c291466120a8c648383110306df29689,2023-11-07T04:20:21.733000 @@ -241728,7 +241728,7 @@ CVE-2023-7232,0,0,156e2327f167f22b03f75e9d7e3ba8518eca33b5ed593a1c4859deb33e3651 CVE-2023-7233,0,0,e5fe13d2a4428fd4e4020fc7b1f777ad9d2c087815bd0943f82d6bc94f58cd21,2024-10-09T15:13:58.453000 CVE-2023-7234,0,0,4913e889eaa472bb82ac4ba0cfb090f6c1de954cba61f05570944d51d33ce47e,2024-01-24T16:47:18.570000 CVE-2023-7235,0,0,288cad2e6179ef85d872cd7f090732746a564db6bcf8f5576a956098e7e30cf5,2024-08-26T17:35:02.810000 -CVE-2023-7236,0,0,cd6a7ec339739cf2aa5f2eae566c737d9fd00de8ade845936b1d92492028c2e6,2024-03-18T19:40:00.173000 +CVE-2023-7236,0,1,9009ce03eeb5b5cdfacb016f4d4897329173952f44f4d171a6c2f99c3e38c7c7,2024-12-04T15:15:08.850000 CVE-2023-7237,0,0,6ede4d8777d26459317d07a52276038ce4b85bbc05573f8c5c11b9dc2dee4959,2024-08-02T09:15:55.093000 CVE-2023-7238,0,0,d0942fe297f03a68e7e31266796f6644d36881b4d44368b50ec8e852010759d9,2024-01-30T14:20:10.613000 CVE-2023-7240,0,0,005c6356bb8f504b55212cfdaf7a0383a7a8c51e35ef4128de67cddfc2fc399a,2024-05-07T13:39:32.710000 @@ -242344,7 +242344,7 @@ CVE-2024-0630,0,0,d1b6c3d6d47b33cade72cfdfa3bd557e2f21e9b34f7aba4a3b06ebf2966a66 CVE-2024-0631,0,0,1eb151ec6cac73d31f9af7ab300a827824377aaab9494cd8938353b043b303a6,2024-03-13T18:16:18.563000 CVE-2024-0632,0,0,ae48c419bfd5ed41fe6749b263d7c36e723d44f2e0709014c4076d986e69aca4,2024-05-22T12:46:53.887000 CVE-2024-0637,0,0,dadab941d75ce49c1ed149b09f13b5308caafb87e4c245f613272cfa866fb9cd,2024-04-02T12:50:42.233000 -CVE-2024-0638,0,0,f90b3cd5ea6c0fc1359c41364e6e4a0adddbffde64d707f6e97b396cac76eb6b,2024-03-22T12:45:36.130000 +CVE-2024-0638,0,1,07ac9ef695277f9a476f19b4f2c1e2a29c25bffffc157de815a3953f8b74a260,2024-12-04T17:00:07.247000 CVE-2024-0639,0,0,3f7140b2db015d1eb23164fcbfbfe65205853595aa394c88605f5308b92b2c86,2024-02-14T13:15:08.107000 CVE-2024-0641,0,0,65eded4d16aec7accb7f6502f2049811c8c28b8c00f13f2b790f15971a21b936,2024-02-14T13:15:08.363000 CVE-2024-0642,0,0,015121aefe6958e10648c2f414972825fefb755d8d649c4c15f3edc1a228b9ed,2024-01-24T19:29:41.893000 @@ -243791,6 +243791,7 @@ CVE-2024-11630,0,0,124823e79cad8f52614d45dfbfa425539f468c43cf02153ebcf347d478214 CVE-2024-11631,0,0,570ceb0c85d63bd361de89b3e02d09184658915631c383aecab754524c3a2fca,2024-11-25T16:54:46.333000 CVE-2024-11632,0,0,8edb73f8418ace86236ba956d8491424810c23a2e18945d058b1e1e3e75bf17a,2024-11-25T16:50:43.257000 CVE-2024-1164,0,0,ccdaeeda02ae302b7582e035c96145e342a579b2b0fb5245fe0e2c3517f4c5b6,2024-06-11T17:14:02.340000 +CVE-2024-11643,1,1,039d5370061f49fd71c5ebdc11104b862b98df64fa76c9477dfe421e5ea069db,2024-12-04T16:15:24.177000 CVE-2024-11646,0,0,b2891164a39c25d2fa53a65f4b329cb1c73caac3a31639e7b4bbc1c59b376703,2024-11-25T16:49:56.377000 CVE-2024-11647,0,0,5fef3a2788feb739ecc5043b64bfcdcd72f581cff57eecbc508436bf5d08eb70,2024-11-25T16:49:24.083000 CVE-2024-11648,0,0,ec8d331f7da601df15f7ee6f28e6911e13e4712baf3a7f8d3e7582c3b9dd2b55,2024-11-25T16:49:02.417000 @@ -243845,7 +243846,7 @@ CVE-2024-1170,0,0,ef14266ea2026fd1e77d96d081d12f376a313e532bfd85bbf7562d8a6e990c CVE-2024-11700,0,0,bc2be5af2b84b6516d161a848a53862ea2fabd715864fcabb126a0f4a490319e,2024-12-02T15:15:10.557000 CVE-2024-11701,0,0,3ce088d891c171dd484e061591f74125e217790d856876ddb068c1435abf2279,2024-11-27T16:15:13.470000 CVE-2024-11702,0,0,13d1f6c9b043e1cf62a5a526ef83139151e2fe50c3be4951aef4463544909f25,2024-11-27T16:15:13.660000 -CVE-2024-11703,0,0,e983d143affae3fe0df24c337c8810ae7731133ae347091f674c58908251a91d,2024-12-02T18:15:09.087000 +CVE-2024-11703,0,1,066d1bf191b3c715a9f0e76133a16cb73e57cb6df71926665b900ef9b350c267,2024-12-04T15:15:09.437000 CVE-2024-11704,0,0,2b7b550cc939bccaee7258fd0a9f771da470ed456c481083dde13c083b054c7f,2024-11-27T16:15:13.837000 CVE-2024-11705,0,0,b00958231cd75a51aaf41f507045209bb5b601f8c6cb2be613795f56225c7da5,2024-11-27T16:15:14 CVE-2024-11706,0,0,1b96fbb1c831be79b72164c44aa56f72093a93485fb6eb748f832788631279b2,2024-11-26T17:15:23.010000 @@ -243924,19 +243925,19 @@ CVE-2024-1192,0,0,2496c5c2bd24b6b1e653d79a0dbb975771788d1c54262403d529d1a596a310 CVE-2024-11925,0,0,8ba6e48179945e2c0807e717394a91dffc0cd6e22b1cec23e4da5d64788cadee,2024-11-28T07:15:05.267000 CVE-2024-1193,0,0,ffb9a4095d8f9913e32a4a9fb84e7d515c719215bffa9c1271257c84c947030d,2024-05-17T02:35:17.833000 CVE-2024-11933,0,0,ff719b80c8b04b1955877df42e564ce90eac2c09e4f59c20e785f18a1e8804d6,2024-12-03T16:04:10.350000 -CVE-2024-11935,1,1,9c769b1c4d867474a0ead8d3d33ccb8daaae06c82d486a8ac440c6198046b3e0,2024-12-04T13:15:05.910000 +CVE-2024-11935,0,0,9c769b1c4d867474a0ead8d3d33ccb8daaae06c82d486a8ac440c6198046b3e0,2024-12-04T13:15:05.910000 CVE-2024-1194,0,0,2ada7ec0067a4a6c15e16c8b6d60d2605ff0ff50c80d53e3de0a5fe7493767f7,2024-05-17T02:35:17.933000 CVE-2024-1195,0,0,524480b99d81e527b71e9b6d2b12e0f3d16697f860efe8d11194cd8cf60ecd57,2024-05-17T02:35:18.037000 CVE-2024-11952,0,0,1cf8955e26709babaa743e659edcf01ad0b08b777d583067e6146dcc8a8319e6,2024-12-04T09:15:04.637000 -CVE-2024-11959,0,0,55f4f0848caef18230c7048f835a742ab3a0aaaf83b000723880212a9c969f3f,2024-11-28T15:15:18.003000 +CVE-2024-11959,0,1,8e4c044a79a34553dacc3bbf68fddd2b6e5f24a72d4b7a0c2b06bf8643853e87,2024-12-04T16:52:55.150000 CVE-2024-1196,0,0,173789435a8c6c5c60dcb01ff025ba37f5dda093bc9fc2e5668920b347e89874,2024-06-26T15:15:19.377000 -CVE-2024-11960,0,0,2d84941367c11811ce6d55e848618cc2315cea35327995aea7fad7a0f77a50b6,2024-11-28T15:15:18.347000 +CVE-2024-11960,0,1,bd9138e92373cf0f2d64cabaf1c792eb3475a5676b172a9be24a4ae943f1b162,2024-12-04T16:52:34.413000 CVE-2024-11961,0,0,af3b999d43f9bfaef8700094c90ff95b6131c75a8452f640c9da5081e2f19786,2024-11-28T15:15:18.527000 -CVE-2024-11962,0,0,f9d257ef3e1d4e95d1a8ef2dcd95b3209db6340cb769a80f7cf0d282046c7957,2024-11-28T16:15:06.307000 -CVE-2024-11963,0,0,1b768f13ae7432af87819b66e9c88a81e009e2b704744a659aae219fb06ce32d,2024-11-28T16:15:06.993000 -CVE-2024-11964,0,0,f94c574717c50c0184dd47517b1de305bfceb467090489bd5e62aaac299102a8,2024-11-28T17:15:18.500000 -CVE-2024-11965,0,0,31af601734e720f7b4898a226ec470eb7b7893d1e57135a43f25ca10822bcc63,2024-11-28T17:15:19.383000 -CVE-2024-11966,0,0,5e055161cfb759b43cc69778fc343f8b37e119ddc14d9d9b1e0ff4c55e38b235,2024-11-28T18:15:07.547000 +CVE-2024-11962,0,1,f538b65665f2e3cba57b21491ff610cfd2c91dae4a78a6a09ff0930469b2bf9d,2024-12-04T16:51:47.007000 +CVE-2024-11963,0,1,3e254fdaabe1a428140e6a7d7fc0327fd8a35973f16b2835f24e923dec166329,2024-12-04T16:51:21.440000 +CVE-2024-11964,0,1,37459bfcc29215486f1bd42ba7b539350d067861021516c9a1104062a391c8fc,2024-12-04T16:50:38.423000 +CVE-2024-11965,0,1,313bbe1b1ac1d61a35d679932e2e10075499a0aa5d0aad35d37d818c0c9baff6,2024-12-04T16:50:20.197000 +CVE-2024-11966,0,1,7c4f4923d478eeb18d816a1eff403182cf3427322c487ac0c23ba39f6ae9534d,2024-12-04T16:50:01.657000 CVE-2024-11967,0,0,179e3dd97123c4b8b3faa14a32f95da586545a8fae36dd420cfa9023f4b058ee,2024-12-03T20:20:04.177000 CVE-2024-11968,0,0,4c8e45962195e3bc30ba3ade6a5593c14f2e51bb9212137724bade4969c57980,2024-12-03T20:12:14.177000 CVE-2024-11969,0,0,328ae06406886fb66d7ac1b2c34b1818381f0d888a340c497ddc215ced06af80,2024-11-28T16:15:07.190000 @@ -243970,6 +243971,7 @@ CVE-2024-1203,0,0,b776394b4b874eaeeae3e5b604198862b49ad905e4e26e755c608f17ba381d CVE-2024-1204,0,0,227dcadf8be17e7ba46954487209fff721db299a9b29c34d65c82dfa9a2b5cb2,2024-07-03T01:45:05.337000 CVE-2024-1205,0,0,0a0d23d8cab3c22e48da3af802fa5d4730efda2f1ae3f246ab487b1969fd7c36,2024-03-20T13:00:16.367000 CVE-2024-12053,0,0,2b398607da9e0d35894a5dae028909ee96e509eaf1448f83891a86a3497d90af,2024-12-03T20:15:14.513000 +CVE-2024-12056,1,1,178a01d22970ecd4324357f85a8e355aa2bb3fef2b11d0929147803ddf53d972,2024-12-04T15:15:09.700000 CVE-2024-1206,0,0,5f77d40826619ff076a6ee2348b6f5023dd16e0c591d0d5d735c076214b8b61d,2024-02-29T13:49:29.390000 CVE-2024-12062,0,0,053134064f0b6efbb78d94709d74965493fd7936bfcf08f9a9a8ec7d826131fc,2024-12-03T10:15:05.493000 CVE-2024-1207,0,0,dcc484c1fca006f292c23965347128c235a983932753c8f043310e93d42eeea4,2024-02-15T02:05:42.313000 @@ -243983,7 +243985,7 @@ CVE-2024-12107,0,0,4ecf985355ed02c46a47df39da30f4f8d3067f06e5bf8632c870b7442c326 CVE-2024-1212,0,0,da6373ae7bafa80bc186105339e693a9592b96e608bda44b9b7e9a26c6194323,2024-11-19T17:24:39.480000 CVE-2024-12123,0,0,a64c5f1053ac9ab8204a334c665b77f722022f7905b787d927f9f5c425016fc1,2024-12-04T04:15:04.430000 CVE-2024-1213,0,0,73c928f5e166c2f8b5a80c38e18cb771f40a6d802d77253df887196bd9243584,2024-03-21T12:58:51.093000 -CVE-2024-12138,1,1,b627f71d7eb0f3c5b092a28495f539873055e1ed13f91ef3e777df6f0a6a06f4,2024-12-04T14:15:19.413000 +CVE-2024-12138,0,0,b627f71d7eb0f3c5b092a28495f539873055e1ed13f91ef3e777df6f0a6a06f4,2024-12-04T14:15:19.413000 CVE-2024-1214,0,0,3ce61bef6906de47cb6dca47166861f981b3b7a12f38cc6bc1c75e176d1b9b5e,2024-03-21T12:58:51.093000 CVE-2024-1215,0,0,a5f81972c1c766d6a1a96567c8d27bfbbda6117700102c01b81784829175fa50,2024-05-17T02:35:19.200000 CVE-2024-1216,0,0,2ac4284b62a708a705b7ab9ac6ff4ec2f3952b584d951b1f83e5c9b3524c781f,2024-03-21T02:51:38.760000 @@ -244476,7 +244478,7 @@ CVE-2024-1738,0,0,65086d20a025a8acdbd054263ca4cd14eb5b5ba61d808610c94ef2eec44edd CVE-2024-1739,0,0,0f6aa88dfc12de7693a69727eb574af9b67e4c54140ec3c21c30b657e8fcbacf,2024-07-03T01:45:31.133000 CVE-2024-1740,0,0,4b55d38226d5ebd3f082acc38fe305e54f83be2ec67ba17cba277423f7c2c217,2024-04-10T19:49:51.183000 CVE-2024-1741,0,0,9b90ffeb3b03d37716707b75f2cc4dbd5a37dfb34e59e240c9be2fa85842dcc2,2024-04-15T18:15:09.937000 -CVE-2024-1742,0,0,ef8e2131c95185fddee2b27fa43b85956207ef471d56b7605b9d2e6a1c53a4d4,2024-03-22T12:45:36.130000 +CVE-2024-1742,0,1,542c2c34f16f6008fa22df8f55e52bcadfd55af05e5a0a313be70cc620f28193,2024-12-04T16:50:05.197000 CVE-2024-1743,0,0,483e7e67b70ea440915c26337d00527748cea35503b453ed4beec805a523f208,2024-07-03T01:45:31.390000 CVE-2024-1744,0,0,2bf4c4c8925f4703c92760e64890aeefa2be5dff60889c111ab6ca3c9c83547e,2024-09-13T20:30:09.373000 CVE-2024-1745,0,0,1e43ec903cdd08626f0d20b4612f3ce6507e55e2bd5bb05034398a450502f6f7,2024-08-05T19:35:01.720000 @@ -244497,7 +244499,7 @@ CVE-2024-1760,0,0,4f3edf7fc6f3db82ea437154c49ab657cbd3092301975d7f2a4f8039847a31 CVE-2024-1761,0,0,ed8eda817a93e5dc3eda5dae2bbd7dfa121c810b4473fa7bd373727026037dd0,2024-03-07T13:52:27.110000 CVE-2024-1762,0,0,241c7a4fe5773bd8189555a83e4536d2b4e1748a4105b5b95d2cba9449227d75,2024-05-22T12:46:53.887000 CVE-2024-1763,0,0,17aff713db2b70dc093b8a200b0b0cba051dc67d06bec9cbd58eb78aaa729d06,2024-03-13T18:15:58.530000 -CVE-2024-1764,0,0,738ad87d60294ab476866e630e3fc0cf64eea72d083d756f17aaf78f284eadf2,2024-03-06T15:18:08.093000 +CVE-2024-1764,0,1,9af00bc3a2cdec19cf0cc3ce6677a0f4b515b26edef4b60b7c6a5e9330153847,2024-12-04T16:15:24.527000 CVE-2024-1765,0,0,f39dadb643a5bec889d884a7eb993100eaca0427da6a70914fd30f53f03c22b8,2024-03-13T12:33:51.697000 CVE-2024-1766,0,0,38f0912b19b4ee9ae81b53676b6e5830e7b55be1b35b37ee84ae1276afe50dd7,2024-07-23T17:11:08.703000 CVE-2024-1767,0,0,7395c2b7d4a729a5785affef03d9683ff7403cf9fad3e379a92eafa2f471ac9a,2024-03-11T01:32:39.697000 @@ -245304,10 +245306,10 @@ CVE-2024-20758,0,0,9a68474708dbba86344d778593d171591406a4b15d84e428ecc0142dd681d CVE-2024-20759,0,0,a686ba0e4b3836d989843a87504f9dac91dbfa6f45b488354f95fb65c9a28ce7,2024-04-10T13:23:38.787000 CVE-2024-2076,0,0,b498bfd91472e82b9d0da8877f7703c42c1b4325bed0ae394a281bb937b4cf85,2024-05-17T02:38:02.357000 CVE-2024-20760,0,0,6d0cc8f06d6baf91d5ee9fe96291eb72040f4837c001560e934222ef69cfb990,2024-12-03T16:24:49.360000 -CVE-2024-20761,0,0,effc1f74749cfb4de0a51bb869b82cb1b6120d03159af755229b4852d1eef78d,2024-03-18T19:40:00.173000 -CVE-2024-20762,0,0,ea10f0e8d7fe9a7b94e73cdf8e279466b2cf3903cbb5861766fb1f64821f89f4,2024-03-18T19:40:00.173000 -CVE-2024-20763,0,0,0d54e79e21cf32dfbe1bc44d0592f636e5ac1732654d64c3846be98120f1a1ba,2024-03-18T19:40:00.173000 -CVE-2024-20764,0,0,aaf6aea1cfc81c17e2ef82d097347523784d6c37fa8e664f1fa9ad6c605a3ae1,2024-03-18T19:40:00.173000 +CVE-2024-20761,0,1,97a5b93d95d473c0825b4c3e5e0ff13b8b488b044f8bfe0e88962a5749f31ff1,2024-12-04T15:16:10.297000 +CVE-2024-20762,0,1,38b6f44fa06a6bde99e5ad99c71f1112bb49089ff24e4849455ae10a13e28683,2024-12-04T15:15:52.700000 +CVE-2024-20763,0,1,c4ae7ee1e5da223faf7f6ab1679656c9b9fede84d1024a9c5eedb3023d54e4a7,2024-12-04T15:15:36.200000 +CVE-2024-20764,0,1,425a15ec3fa98912e0e2b2e3e32bf3ee284d81cfd6b2ca0b093427879549fe69,2024-12-04T15:15:25.463000 CVE-2024-20765,0,0,ad91982b1363103e7d071a542448be4f43c1d446a44c46149dd1d5563e96bd7d,2024-02-29T18:06:42.010000 CVE-2024-20766,0,0,898b775b089dd9caddb4b4690630a4034df5907c7b03a6ac372c91b73b803f73,2024-04-10T19:49:51.183000 CVE-2024-20767,0,0,e44fe1f40a168c1d580708d22170c7101344fa827a777107ab7c62d60385df35,2024-03-18T12:38:25.490000 @@ -245334,9 +245336,9 @@ CVE-2024-20791,0,0,30758adf0bc2f0f37a906cbf437cc58c73eb8c3385f894e41d9f4f5ef41f5 CVE-2024-20792,0,0,f743a82f55d36974fd9055bf0c833f5b4f50402bf02427344d220e686fedd52f,2024-05-16T13:03:05.353000 CVE-2024-20793,0,0,79df2b707e1cbc4e53b872f4870eee47d97e91541b8737f8089fe7049103b0ad,2024-05-16T13:03:05.353000 CVE-2024-20794,0,0,009cfcab48094bcf6aabe6ba2b455d8a62e38422e17ebb73b841667a8ce258e2,2024-04-11T12:47:44.137000 -CVE-2024-20795,0,0,339aac1d5967def1721b9f2266bf58d280ddf20a2869a78a797eb0f1e5bbfaaf,2024-04-11T12:47:44.137000 -CVE-2024-20796,0,0,00526c11ef10ac19e26f1b9fd4dbb5343656ad019ba0153210f3164b00fbb116,2024-04-11T12:47:44.137000 -CVE-2024-20797,0,0,cca548d603d4ef24bc949550666e86662b0fde7c1a3163dc260ede4b6277d4bf,2024-04-11T12:47:44.137000 +CVE-2024-20795,0,1,32420077536f65e7d836635f10a09f330c98616d65d4b5b98da6ff3774af1866,2024-12-04T15:15:06.780000 +CVE-2024-20796,0,1,8bc604a05d3d3d5125b73c5595aaf9705529daec2c4fd945b4fd3b85d08d1716,2024-12-04T15:06:27.790000 +CVE-2024-20797,0,1,326cec9f5b28616467af89b63e5afe1a94492d7fb972a282db20cd2b654df1b3,2024-12-04T15:01:17.957000 CVE-2024-20798,0,0,8b948926eaf9bb7762236e345460aa95eaff4b64e6ad072852daab65eab7f1c6,2024-04-11T12:47:44.137000 CVE-2024-20799,0,0,8428cb712862354c385635b67f043354a5a529f6758e50018b2185b88daa17c7,2024-12-03T14:18:15.477000 CVE-2024-2080,0,0,739bb7bc16949ce8dc42f086707a1965c48b8c0e80b8a96770d78539ca010524,2024-03-22T12:45:36.130000 @@ -245630,11 +245632,11 @@ CVE-2024-2107,0,0,902766287c54c3e88a205ae58fbc93817b4ac63ce16c76170f3874ff8989f8 CVE-2024-21070,0,0,dcb32bdff97d714fae397a13993c70a847f7c7a724f9c49c152268eff8babf0e,2024-04-17T12:48:31.863000 CVE-2024-21071,0,0,ef4afb1893071bf9afc8d2a6252fd27efdd4f53ba3c0df579c63b35c35843417,2024-04-17T12:48:31.863000 CVE-2024-21072,0,0,7f673ab379e3c8685bed2a1be8717cabd60284c4e7f85a16930c542ef012a340,2024-04-17T12:48:31.863000 -CVE-2024-21073,0,0,bfb69ab63ee1f20e8dc22f6137aaf673997ca38f7421a32083d8b777bfb0210f,2024-04-17T12:48:31.863000 +CVE-2024-21073,0,1,6fab5dcf6f6b2dd06f1784f0d55406ff6087734f2ac6cbb318793cd2479feb81,2024-12-04T16:28:30.120000 CVE-2024-21074,0,0,051e1574ad44e9fc134434d9fc9291336fdac976a78056659b667cad82103ed4,2024-07-08T14:17:20.423000 -CVE-2024-21075,0,0,3d1469f5822a4bfb58e81522907e45d96ce7089280c4116dbf1c51f751fb604e,2024-04-17T12:48:31.863000 +CVE-2024-21075,0,1,8b46952e5245f6968a5f3ddc66b10ae2b4f79d4c31914d663054014762397cb6,2024-12-04T16:28:44.167000 CVE-2024-21076,0,0,cdb3cc254612d1752c3cffca87777e374b4c26fcac1665448f74861effaad989,2024-07-08T14:17:21.220000 -CVE-2024-21077,0,0,ed4d231112508ce41d3afd69cffe676258d74fbece3e06ef622bfd4ea44fb479,2024-04-17T12:48:31.863000 +CVE-2024-21077,0,1,178901293d2450ee4b65a744f15a73938d06d8b3c198af6954429932020daece,2024-12-04T16:27:52.697000 CVE-2024-21078,0,0,666a72e4a2d5b5f435878899403d81c38c2bdad2a7569b00e5fa81b904f101c2,2024-04-17T12:48:31.863000 CVE-2024-21079,0,0,685618112ea4ba42a7d4f3e9d1bef3ac6bcb6bebbbb5721a0fae57be1a5a6663,2024-04-17T12:48:31.863000 CVE-2024-2108,0,0,9a499dbebde221ddf489f66723ebb5541c2e31460bf0818d8c825cfb43b4c9a0,2024-03-29T12:45:02.937000 @@ -246539,8 +246541,8 @@ CVE-2024-22107,0,0,64d7edf67861f2aea41c988e2079065b0ec1cd38f81bbea72ea4457990c09 CVE-2024-22108,0,0,ea9416ff38e82db4d89f422aa521b9f43cdfda08ac0452ecfa3b97765a1ecbeb,2024-02-09T19:39:12.853000 CVE-2024-2211,0,0,05480e51a3be1a04ffc8c792d1598e0bb76f2a87ae83af92a3cec09f51086e05,2024-03-06T15:18:08.093000 CVE-2024-22113,0,0,13db1784c83c707f65c71b4cba39eb52868092157c2e93186447ad786b8101cf,2024-01-29T14:23:46.600000 -CVE-2024-22114,0,0,75d9f5c8284912618be884d36b9cb1afbefbc08385864a5b05047a68b2a54fe4,2024-08-12T13:41:36.517000 -CVE-2024-22116,0,0,a42afcbf50e9566736e2ce29958dcd5497489f858ec77d725c7511584e561d6a,2024-08-12T13:41:36.517000 +CVE-2024-22114,0,1,b98aec6151fc366c3b669a552c78744585fb46223fe45a4b12b56beb46fb5169,2024-12-04T15:28:53.450000 +CVE-2024-22116,0,1,c04c3de9f5b4ead60d384f4b087010c1878ec579b099b751b4e2eb65332cdb41,2024-12-04T15:21:51.983000 CVE-2024-22117,0,0,d3e2e020c7f36ba94f3b1c8693c6d572e02071bc9f9073ad2fde61447d87d7f6,2024-11-26T15:15:31.510000 CVE-2024-22119,0,0,bab5d1250fcd6f1a1cd43309c34479a872d2f802d868b87d856c55058b7e578d,2024-04-28T20:15:45.757000 CVE-2024-2212,0,0,be13cbfb4ebfba5aea4c193e4a0db60e8d52926fc0c6f15b80d0ac3ffc4e7b0a,2024-06-10T19:15:53.270000 @@ -246754,8 +246756,8 @@ CVE-2024-22331,0,0,d490fba89e7f88683c136dfcfc87c9cff8ad31b547c7cdf5425991357b2dc CVE-2024-22332,0,0,638d06450f89d191258df8fe36d1620abd0564acdb0d8f1f383caf127d6d43b9,2024-04-03T02:15:07.973000 CVE-2024-22333,0,0,2aea130a34348f78dfbf003fc187c19aae24d1eb68c0b3938ae198b41308d45b,2024-08-24T11:15:05.467000 CVE-2024-22334,0,0,1951698d7ab1d55a1824ae76507a3577dbbe6facddaaf9272bcefe471309fc13,2024-04-15T13:15:51.577000 -CVE-2024-22335,0,0,a452659277dfc0c00bbebf3f7fdbdbc10eb5e3a4586e5ce33a7b718b3f3008c7,2024-02-20T19:50:53.960000 -CVE-2024-22336,0,0,34ed66b8b7f583d44759ce52a251db14fa1a95596195a1c1fd9558e86e073ccc,2024-02-20T19:50:53.960000 +CVE-2024-22335,0,1,e2b76db2903c3b21b30293b11e0d5211766a480f47e1c57391ac644ab64e35f3,2024-12-04T15:54:13.357000 +CVE-2024-22336,0,1,6375dd2f8efea9f8ed1bbbe927f03995b2a9f8efd43a08ecb97db9fc1596f66f,2024-12-04T15:53:58.667000 CVE-2024-22337,0,0,1de618a6f28c5fec8fafb6e061eacd56c2db85c65e6102701c7028659734cb3b,2024-12-03T20:37:33.563000 CVE-2024-22338,0,0,e8c119fcc7813a5f8ad34d4aef250cb976af5de302a14bd8a4dc81c7298c7a15,2024-05-31T13:01:46.727000 CVE-2024-22339,0,0,ff71ed4a9397c8cae779b6390f5a620529a660975b4982f9683fc670797ea640,2024-04-15T13:15:31.997000 @@ -249311,7 +249313,7 @@ CVE-2024-26119,0,0,4b9672c4383944698be27ef3681196f885f486afd6d233cd555b9a74ce688 CVE-2024-2612,0,0,4262bfdf186b50c97c0850391a589444d79ea8f33a25322b9905ef9642e35485,2024-08-12T18:35:36.893000 CVE-2024-26120,0,0,43dfe6d4a5bd0c25647885b13659676989d5db62934997c87a611f3edfaa57c6,2024-12-03T22:21:01.987000 CVE-2024-26121,0,0,957890214873564856e47183e155f244aa5acc330278ac5f2dbf5d754578caae,2024-06-14T19:56:28.683000 -CVE-2024-26122,0,0,57c13883cf54d7ea5563c7f228cb6b0f720cd74558f1835e1bedf6fd46f326a6,2024-04-10T13:23:38.787000 +CVE-2024-26122,0,1,321d33549d0ea6ae34e7e0bdaddcb21915772f03631bf88917d64b35a503481b,2024-12-04T15:12:42.803000 CVE-2024-26123,0,0,d69a78525ed0b2177c48aba91e4b340a6ed0524f9340b64f380733a723672e11,2024-06-14T19:56:46.423000 CVE-2024-26124,0,0,05e1b75e023e7f39562e91ba3e10093a02347fcc6413576387c93ee80972eeba,2024-12-03T22:21:14.077000 CVE-2024-26125,0,0,f503cd783f2856196c3c43976be189791e5f167ba0b137ff2d255fa237ac86c1,2024-12-03T22:21:24.047000 @@ -250379,12 +250381,12 @@ CVE-2024-27320,0,0,322204c7c44b6b07c7c5ce2517955a5763bb970c7a635001dc6670202a7c4 CVE-2024-27321,0,0,21ec13da4bc7743b26ab8f16ae210d29125d1180d3f4bbbecb3541886b29f580,2024-09-20T17:06:58.440000 CVE-2024-27322,0,0,b770b9d962cb08865ef72f437565bd0d77dc69db533af805410b12f466305679,2024-06-10T18:15:28.103000 CVE-2024-27323,0,0,6c305023feaf03ade31091623ffcdfebff35c3b0cdd2648e0815655a328ef63b,2024-12-03T22:03:36.550000 -CVE-2024-27324,0,0,bd68fc610631d765b504e2eb0f9c966837d653f843cbd0dbbbd7151aba723966,2024-04-02T12:50:42.233000 -CVE-2024-27325,0,0,91c89b4ca089464e099a6844730ad761f5ea57833c3f8473c9d662fd4df4035a,2024-04-02T12:50:42.233000 -CVE-2024-27326,0,0,17ed7eadcf7ccf0f8f633fa32c1b3dd8ae0821c2df09af51de2b083a97bfbfd7,2024-04-02T12:50:42.233000 -CVE-2024-27327,0,0,f1e48a43e8181c3380b22385ad355312d650c25645121a0671ec2cb46c927f7a,2024-04-02T12:50:42.233000 -CVE-2024-27328,0,0,1895fe1e60292a52f5751f4a9f54dd64a706185ac5bda7699e4a05554609e126,2024-04-02T12:50:42.233000 -CVE-2024-27329,0,0,bf1dcad969ad7bbc21418405418768d65a6d8a49fdfe46dfb4323288f6d4c0d1,2024-04-02T12:50:42.233000 +CVE-2024-27324,0,1,948c384a8fd1a280dd3d9f0ef688f369ad8eea275daf71aa6027a074616da1c3,2024-12-04T15:10:48.827000 +CVE-2024-27325,0,1,b7d7991caaf7b4dbe1f605eef3779e5ff665519b84dc027f99202fcb37fedfea,2024-12-04T15:05:17.297000 +CVE-2024-27326,0,1,9c7e2b9fdb34a40e3e15b646c2105decdf69a8f22693558651330deac1e0bcd8,2024-12-04T15:04:00.737000 +CVE-2024-27327,0,1,b1f985bd9470ed536a3784c792a0223d30f4e8799e174ea1d5049c4f79b6ed86,2024-12-04T15:03:46.113000 +CVE-2024-27328,0,1,d60be5d90dbfbf7efdce9cdcbb4ca86fe380f80228e13ee52df3d7912bdcb7ee,2024-12-04T15:03:16.167000 +CVE-2024-27329,0,1,f730ccc363e49ec85098e55d3ee00c0542737f21f124abd177c04f5de216f250,2024-12-04T15:02:57.010000 CVE-2024-2733,0,0,bb38b8f7f176e644e16bb8083f1aa14d4f6d0df5f63ddf4c2f59742e43b73b50,2024-04-10T13:23:38.787000 CVE-2024-27330,0,0,e367663d113e2981719f52bff2e4c981f35c740a4459a639f800bd63d2059a26,2024-04-02T12:50:42.233000 CVE-2024-27331,0,0,1bd4b7f823bf6a775089641c7e26f8a110cb3bd4d77e8104d442eb88c49cc65b,2024-04-02T12:50:42.233000 @@ -251374,16 +251376,16 @@ CVE-2024-28818,0,0,553ea080520e3ef7d7c194b1130a084d77d8e937a2b2bb8942609e2870cc9 CVE-2024-2882,0,0,ac3db032a55af245aeee4f2522d2c10c01bd50b8ed58cf00aeea2dd39d0cf75d,2024-06-27T19:25:12.067000 CVE-2024-28820,0,0,59630a2ec384f5cee96f56aaa85aea5162ded435ca23f64ff656b699864e52c3,2024-11-04T18:35:08.457000 CVE-2024-28823,0,0,927067da9fdc9e5e8a46b927c68553c4b240f8e12b50935e3045e657acce74ef,2024-11-01T19:35:21.633000 -CVE-2024-28824,0,0,eef4aea08ae10a65f9268e3694b2e67d70c352841b8880eff507640248495160,2024-03-22T12:45:36.130000 +CVE-2024-28824,0,1,cde433b5885911b7789fdfdbd34a44f8766b9cc8e82862fff5faf5f350d4d4d7,2024-12-04T16:47:59.480000 CVE-2024-28825,0,0,2060c8862968982d4a6159b0b62313dec95ecc020293b85f137ce41396383f90,2024-04-24T13:39:42.883000 -CVE-2024-28826,0,0,ccabc68ae1502fb496d2010a22f66c953a12ff1a849372d7235937980a01c570,2024-05-29T13:02:09.280000 -CVE-2024-28827,0,0,30d6d403e5c79dbab459dc4233554203969c32826737ea25dceb545e947896f1,2024-07-11T13:05:54.930000 +CVE-2024-28826,0,1,077e8e0b407c9d0f41b5a56fc0a8c8515e3139f57d73c98dd94b70c9a5246b32,2024-12-04T16:32:38.107000 +CVE-2024-28827,0,1,20a0a6c1eea7a3a4639aae044c1bd574f322bb4d2a2d3d499f43bf40de5de771,2024-12-04T15:32:27.407000 CVE-2024-28828,0,0,f569edfaae2cfaafb15d4f5e29614839e3689bfe76be347c8b67efdf6d0be50b,2024-08-07T17:57:38.413000 CVE-2024-28829,0,0,7a55640720947d8ce349cb378455ecd484e6615d62727837b8c36597f79843f6,2024-12-03T17:55:48.257000 CVE-2024-2883,0,0,4414164b8fa79ba498c6ddbb6ab7a825d3f0a39397b4604f63f00efe5e5aaa16,2024-07-03T01:53:37.420000 -CVE-2024-28830,0,0,49bb68528483eea32fe70c10feda0199ddfef50b4330a9b74a5779b200dbf298,2024-06-26T12:44:29.693000 -CVE-2024-28831,0,0,8b0cc22b019b2f22717d4926d7f18f8c0f1245da30fda97cee3d4dd670ef131d,2024-06-25T12:24:17.873000 -CVE-2024-28832,0,0,c3bef51d1d2b49d44a5cbd5ad95465735111e5acf4b5fed5434359c729a5a90b,2024-06-25T12:24:17.873000 +CVE-2024-28830,0,1,4563cf5d707eaa76894bd58f2510a1e38e84669d1a700195533ebfc8719c1a4e,2024-12-04T16:12:51.557000 +CVE-2024-28831,0,1,b9f078eda0bf7709be619841a17c72919a06273b6528b30f0ac3ef5ddb7c46d0,2024-12-04T16:26:19.433000 +CVE-2024-28832,0,1,d36740d578b94e121524c78aca6be42c6639b820da2e5a247680f98779cbf78e,2024-12-04T16:15:21.077000 CVE-2024-28833,0,0,95d1c84c9c0bb5af1310ab4a090c09297178e4ddce6249de5c3d10a30511596c,2024-07-23T19:37:16.630000 CVE-2024-28834,0,0,6169c5fe96d348066c69e5afc427020303cc57bfa1d554346262e7fb6d3cc8e1,2024-09-12T20:15:04.633000 CVE-2024-28835,0,0,320e77e3e5a781ad4c36639b85b1ac17d8be81ac886eb60e26929a4d15b9d5fa,2024-11-22T12:15:18.570000 @@ -252471,17 +252473,17 @@ CVE-2024-30268,0,0,ffa5140c145b21998fe4c37797ee5abb4701b5534f81fb1c409e5323ad32c CVE-2024-30269,0,0,a6507b629e7b569393fa27709eec0cfdedc416a2cbb19d81e682f3fd938c0a11,2024-04-08T18:48:40.217000 CVE-2024-3027,0,0,16c67633c1c455d10e505859ab19495a9b84017838b0c8bbf9f6f233747b7450,2024-04-15T13:15:31.997000 CVE-2024-30270,0,0,efecb3f08ba92062dd267bd0c96f7f12cf461464043b62265b8f7d0e604df3fd,2024-04-05T12:40:52.763000 -CVE-2024-30271,0,1,cc79f14ef55e5ada2ea6b4cb77cf322f6abb8edab1e5c3186d027e6424abfdde,2024-12-04T14:57:13.823000 -CVE-2024-30272,0,1,8608cde58e1e6e82a43340ffdffdd3627c273038d1a30d497551792463dc4d72,2024-12-04T14:45:39.650000 -CVE-2024-30273,0,1,42c53237be689cc1cfa9b149abe835be671695859725a738c8992c03134ab2bc,2024-12-04T14:35:16.303000 +CVE-2024-30271,0,0,cc79f14ef55e5ada2ea6b4cb77cf322f6abb8edab1e5c3186d027e6424abfdde,2024-12-04T14:57:13.823000 +CVE-2024-30272,0,0,8608cde58e1e6e82a43340ffdffdd3627c273038d1a30d497551792463dc4d72,2024-12-04T14:45:39.650000 +CVE-2024-30273,0,0,42c53237be689cc1cfa9b149abe835be671695859725a738c8992c03134ab2bc,2024-12-04T14:35:16.303000 CVE-2024-30274,0,0,6d6a72c834ea38ccb2874ecc4feec72c8e33b47ed0e8a1829f5848ded1ff7c3a,2024-12-03T16:31:14.377000 -CVE-2024-30275,0,0,5c7fd7a6cf84690d33049db8d301fa3c3763a08fb307abbb2a39ddc9f47ba093,2024-05-16T13:03:05.353000 +CVE-2024-30275,0,1,a67d134321e1dde91fb1cb0881825f2f9c197343ae0dcac0b945a669cb550afe,2024-12-04T16:39:21.643000 CVE-2024-30276,0,0,0bd4be9c7f10ca7d4fd2dfa1716549a7092cbd7f9a2adabf7913546d4cdfeadd,2024-07-09T15:50:56.480000 CVE-2024-30278,0,0,61f4d7e9a9587a3224ab5f7ebbd333eb1034f085c631558b85be2564db298806,2024-07-15T16:15:37.093000 CVE-2024-30279,0,0,767e69e25126451c4f487ebe7766f45df35bb82c6e622e29c3997953a2b4aa46,2024-12-02T21:22:38.307000 CVE-2024-3028,0,0,9e4bef210fc19099d68fdbe2ca58f9c70793f50703ba240559787e18524fd766,2024-04-16T13:24:07.103000 CVE-2024-30280,0,0,93bdc3da471d036a4418ced21d662a3f15c2d1ab9923945dd89a213b934e5951,2024-12-02T21:07:30.440000 -CVE-2024-30281,0,0,aa55f6f337f0eff14aaba79eadac42cf1fa69bcced5e256cfe63f794552ecdfc,2024-05-16T13:03:05.353000 +CVE-2024-30281,0,1,076061c665cf91aadaaa54f07b4b9dd6dcfc323d3de52d84f929c1f95cd398ab,2024-12-04T16:37:57.617000 CVE-2024-30282,0,0,23f906c56739d2637a62852ff21f89b589c2e003e455e0b879928121b47e538e,2024-12-02T17:48:54.733000 CVE-2024-30283,0,0,9e8da6a935a66e8cc0ba5dc2d12b3c47dfb3d77dd0f559b5a2de4927dc7e26e5,2024-12-02T20:43:17.603000 CVE-2024-30284,0,0,1c3b923f08901bf42732b59f245e3843c68bd61f1640ed6808aa75f45339dcbe,2024-12-02T21:22:08.673000 @@ -258004,6 +258006,8 @@ CVE-2024-3757,0,0,d3e75f8205a45aeb6c1cb5b9efd4d99998e027f23a100dabf40ce218744ea3 CVE-2024-37570,0,0,3d4360fa9467e8eab1b52b173ed2069d0c82ea4d63ef454bbfc16c6908108d82,2024-10-25T19:35:06.277000 CVE-2024-37571,0,0,f2268da0f70596d56829f3f9bf9d47661ad5192c587321bdcf916146c34ae427,2024-11-05T15:35:14.403000 CVE-2024-37573,0,0,7cf896a83bff7adb78d3c1fc14e6c4ef534e5b6ec963a5ca90d46c8aebfbcf87,2024-11-01T12:57:03.417000 +CVE-2024-37574,1,1,797d54c70d9dae4f1e8a20e7baa2e8f09e984efdaccf235f649fe793e36430eb,2024-12-04T16:15:24.877000 +CVE-2024-37575,1,1,3b24e839189ad71495ddb0832218c24c04a0579607dae566164f270a0a5ef8a5,2024-12-04T16:15:24.983000 CVE-2024-3758,0,0,9133e9ab6c91a5523f7a6c3075b39d739f115990ca9d090ea03db032b6c7f7e8,2024-05-07T13:39:32.710000 CVE-2024-3759,0,0,228c14dd97b4dcf6507c1901dec59f930e3b9b578ef9455bb0b7881e5199f2f8,2024-05-07T13:39:32.710000 CVE-2024-3760,0,0,765db3bb54fa1f2f1338a5061cbed541635fc95d68f8dd265e09dda2b1d63b18,2024-11-18T22:02:15.053000 @@ -259030,7 +259034,7 @@ CVE-2024-38833,0,0,835bd940af739843a067d4677be9dfaaf3f1b1e91231a8f8b581ac7dca343 CVE-2024-38834,0,0,fd2bab78ac4213a2e7e8847a5e2d0557c682fa7f71f78cfdc81702dc9f99d3b0,2024-11-26T12:15:18.900000 CVE-2024-3885,0,0,9b28a2ee85edfe77753e71858fb1438bd68a9b6ee299843f3a5752cca4753d01,2024-05-02T18:00:37.360000 CVE-2024-38856,0,0,cf2c30abb1c3c3e6b03acfa253b7bd98efa464ab76b49fddc2034ce3ce8a3be1,2024-08-28T16:15:58.043000 -CVE-2024-38857,0,0,857bbf4d5ee889c68ec1450930f0cf323232ab2d5a162824c8153ee668a7e638,2024-07-02T12:09:16.907000 +CVE-2024-38857,0,1,392b260a009bcf153896a24b0ca2ef35f6f5d57e012aa080627851164a4da679,2024-12-04T15:37:16.290000 CVE-2024-38858,0,0,c2e046d5d75320cc690e509cc93285ebeb3c1c26a8f79c6f003385d5db961fad,2024-09-04T14:39:10.203000 CVE-2024-38859,0,0,d5cd9910194e7ede45677f9f5ea018635b199c144fa350166115cef667345577,2024-12-03T17:47:02.467000 CVE-2024-3886,0,0,637917caac7fdeed5913d854d310583d9de4da2bf7f910a461c6efc8f1bacf15,2024-09-03T18:48:14.927000 @@ -259175,7 +259179,7 @@ CVE-2024-39157,0,0,7034c13893105630c126aaeda1d41a6cc977f264ae0a5560b4322987c4591 CVE-2024-39158,0,0,beef67f67d5e34e77b6dda17b52b1b915715ad948b917471fcfb6cb43631b837,2024-08-12T14:35:10.937000 CVE-2024-3916,0,0,f95518a402c56c15214d8c7d6dfe42604495d4bb38ccc0f52b32e4da2a1f88ce,2024-05-14T16:11:39.510000 CVE-2024-39162,0,0,d89402b30ddce5f1d9bae9a5e9d5f1c6914a5fb854eec868c1c810e9722b3d34,2024-11-29T15:15:17.140000 -CVE-2024-39165,0,0,865aa0107f3f6748d69255a4f99cc73813afe8f9fc3ab112adbd557bcb0e49d1,2024-08-01T13:55:29.123000 +CVE-2024-39165,0,1,301bacb9ee4b80bd8b1672f3716e4ccfa691474967bfc0399bcf2a55b330c770,2024-12-04T16:15:25.093000 CVE-2024-3917,0,0,87493362103f61e3758851588aca1cc3facb0cf1f97ad5b068e06e988e9b2161,2024-07-03T02:06:53.877000 CVE-2024-39171,0,0,979bc13509f362c564b7984548b10a6ed307c7ff17f59734c1b5aba694dfcb6e,2024-07-12T17:15:38.200000 CVE-2024-39173,0,0,7e7488e695a5a0a1cc2cbfd222ab57477e2c94cef7c8b0522ab4aeea25b8c823,2024-08-01T13:55:45 @@ -260101,6 +260105,8 @@ CVE-2024-40740,0,0,b418443d865eec432c82a04de65de6e9b39f235788ff127206843cf6bdb7c CVE-2024-40741,0,0,d8d483a0abb3b7648774c6f8d0ea3345aaa4bf40cdd21fdc9df2fcbe837ed8fa,2024-08-01T13:57:59.147000 CVE-2024-40742,0,0,a7b4d8a63cd84bbed8ae36225a2d630607182f2ae3b73228fc1ab3090889f783,2024-07-11T15:06:29.580000 CVE-2024-40743,0,0,1ca5c18a4f8e370309e54e9979f8748e30571bbf531892fd8ed83274cf09559a,2024-10-30T15:35:12.210000 +CVE-2024-40744,1,1,1fccc9310139e97667c1a15086d929e698da6dc28fffa0a3a07eb55c3952961c,2024-12-04T15:15:11.057000 +CVE-2024-40745,1,1,8d2a348ef4551ca7e528eb5ec40b0167ddcf99aba57eaa5639eb18b589a13659,2024-12-04T15:15:11.170000 CVE-2024-40746,0,0,eead0b50026ce20d26effd54607d8bf55992b18b9630c4426d5bb7acadcc3473,2024-10-29T15:34:22.100000 CVE-2024-4075,0,0,29d19ea935c989efa2e770180ba61eb06fe49f0b181d6d812a7498d3145b983a,2024-05-17T02:40:15.170000 CVE-2024-40750,0,0,4e3e6171aeb80e296c4f4bceff1e57bb47723c54756e5f9524dd370144084fd3,2024-11-22T19:15:07.113000 @@ -261386,12 +261392,12 @@ CVE-2024-42447,0,0,68027c21ffcefe32f56a7a559d44cc2a1c6b0b32c4ec80fa56a1f1b8e20a9 CVE-2024-42449,0,0,93ae5a9efbde414e281cd627ced690929dfd66984137b36a33df38cc4aac3741,2024-12-04T02:15:04.533000 CVE-2024-4245,0,0,bc150cb423e680075dcbfa7aff18f43429f7c6ca789bf05cb5f53de998c993ba,2024-06-04T19:20:33.693000 CVE-2024-42450,0,0,981cb721b54cc6e525f5390653a82c1324af59c4dd0c689fe15788d32ac5ed02,2024-11-19T21:56:45.533000 -CVE-2024-42451,0,0,5cc178b0533ab2c99901354fffefd52769acc7b6da2ad0927712e394f26f20f5,2024-12-04T02:15:04.643000 -CVE-2024-42452,0,0,bd5abb3e1bf1a6cb8ddc6659a0b7a3a899c24b6c779eb2549e4bc20f5d4fab5c,2024-12-04T02:15:04.747000 -CVE-2024-42453,0,0,e34b2f875ec6432231f2212bdd6c7e46095819336c725ff2a8f59a3f5ee3ab26,2024-12-04T02:15:04.837000 +CVE-2024-42451,0,1,0f47ac86ae8fd799c6326176962a8fc97d59993b3a21430ffe28c0e34e783f85,2024-12-04T15:15:11.273000 +CVE-2024-42452,0,1,5a10754b5cd532359fc7efdc3b77e0846e93b613cf11da58c57501b08cacf43d,2024-12-04T16:15:25.317000 +CVE-2024-42453,0,1,42270438e9d30a8c5b47deb0616723f62539864451d80a1da6e6f3579b1eed88,2024-12-04T15:15:11.390000 CVE-2024-42455,0,0,77dae4b93ac08ab16863aad4ce532757f03ea91ca2fd4c4ac7a7ec904c2ab652,2024-12-04T02:15:04.937000 CVE-2024-42456,0,0,a1711ec365f39620d2a005ebf06b5c2487ef544eab12f3bedf18af36e31cff5c,2024-12-04T02:15:05.033000 -CVE-2024-42457,0,0,58f1401d06041ccd3cbab6490c0fff284cbee17a085dd2ffd0c58b83b94df4f5,2024-12-04T02:15:05.133000 +CVE-2024-42457,0,1,f4ec8ae619a41d5322cd138ac36da908ebf5fd3928b3eb0476f3217f4964bb50,2024-12-04T16:15:25.450000 CVE-2024-42458,0,0,92fe6004383d793b0d5cb11f4d02a69450774ac5606c98f7e6de587e1b590522,2024-09-05T15:51:34.307000 CVE-2024-42459,0,0,1b31e68c1b4d33528b48a03fd6d9767f75dade645a7a5642b37f7704ee8ff193,2024-08-02T15:35:44.213000 CVE-2024-4246,0,0,d1ecb5c9b82db83c5f960ba668d8749b982008f4e59e30cf96ab22ab0b209b32,2024-06-04T19:20:33.790000 @@ -261753,7 +261759,7 @@ CVE-2024-43088,0,0,5fbf63de8edfff74dd53eb50c668704ac8d4545d67de243eaefcbc2be774c CVE-2024-43089,0,0,d3b053825a9d0f746a08fd76a42a6d43f88775450cf3a22f622d8b459747722b,2024-11-15T14:00:09.720000 CVE-2024-4309,0,0,5b40a8fbb2137dd0d77fe6c4c1c586190f4489f813d005ab45d5553c299b0b73,2024-04-30T13:11:16.690000 CVE-2024-43090,0,0,848285523b1896a815127be3a3a822d3044ca02a62736f67a76b73d14c9bb36e,2024-11-15T14:00:09.720000 -CVE-2024-43091,0,0,a4ed2e91dce6bf9b7994c0e48ea8b422882ce713583c38600d41c714ede7374c,2024-11-15T14:00:09.720000 +CVE-2024-43091,0,1,8a98551952cab38a4e11739cbf42d3d33d352c54d1f6329a3779e88e1a89d616,2024-12-04T15:15:11.497000 CVE-2024-43093,0,0,a5e7a7a99ded32f4ceacb99abeec61cc52c3868dd50355a02eece2e0b7c2cfec,2024-11-14T21:42:34.923000 CVE-2024-43099,0,0,1e8651c725576df83054b4b74436ff5087c13bad1e13244cb0e6a25df0f7bb09,2024-09-14T11:47:14.677000 CVE-2024-4310,0,0,08f5e8e76073c3640785934b5dbc198d89dde47497c02b1ac3fc670d20c22fd2,2024-04-30T13:11:16.690000 @@ -263272,7 +263278,7 @@ CVE-2024-45203,0,0,0a34ec3cf21e7526a71f11433fb5593e3ea52ee9638fd0c30ca94a57eb961 CVE-2024-45204,0,0,48b569460e625badc45f40d0788f43dad19cb6139194ba9913a20c0d81e6f8ea,2024-12-04T02:15:05.233000 CVE-2024-45205,0,0,fc98dd2a96a1785dcb6d3c7f3c3037d971308d90a23c54f8b61c9a0695ed25a5,2024-12-04T02:15:05.323000 CVE-2024-45206,0,0,3c2daa001e3b568c09c6afd9c93d9e8a855292bcb89134693fe65e41abda9c5e,2024-12-04T02:15:05.427000 -CVE-2024-45207,0,0,65d999695b1c7647b33a0638b75d52b26562a739fa3017bff8a8e4b328ea158a,2024-12-04T02:15:05.520000 +CVE-2024-45207,0,1,73e5dfa43c01499de889c141920c4cafac14ce910c2fe731c3b0acb56b6619d8,2024-12-04T16:15:25.580000 CVE-2024-4521,0,0,a1d240438f25322e21494c2ddd2f5ee26b23410f012534bc2c27a0a49b09a860,2024-06-04T19:20:41.223000 CVE-2024-45216,0,0,b5d4ad361df623d2747c2e3dcc354f4583c0440162a6f21fa826489a75df8c0b,2024-10-16T17:35:02.523000 CVE-2024-45217,0,0,7f4e0444e8d84a01765ba25b87443db3586a72a8f0d57ce2936fe2b23421574c,2024-10-16T16:38:14.557000 @@ -263968,7 +263974,7 @@ CVE-2024-46610,0,0,dfd11b66ad880194d4e8759fea756317b6075d327e3519259cd11f18ae0f4 CVE-2024-46612,0,0,a589f709811c7445ac7df28a3a7782b0e1ab03ae28a72339e484d8d02cc7d048,2024-09-26T13:32:02.803000 CVE-2024-46613,0,0,5ea77bcf17f248af3d069df5b88a849aa784044eebc39e95db23c0b984f956be,2024-11-19T21:35:06.937000 CVE-2024-4662,0,0,42d3ec88d759fc9bf88fc92972e0c9891830916b90a0cdbb0331ad5486f420dd,2024-05-24T01:15:30.977000 -CVE-2024-46624,0,0,b14a1b7f49aa03ed9b92f78e29ddb94102b3bca27f8346746517afc6985a8b9f,2024-12-03T23:15:04.627000 +CVE-2024-46624,0,1,e800e44051231dd971778236a3fdc8ea96ba3ade9f45a127525091713e9e6350,2024-12-04T15:15:11.727000 CVE-2024-46625,0,0,e036c2fb3ae85ba95e30ff971b52c755b42dd725f69d5dd7e4b6f064ac659acd,2024-12-03T22:15:04.860000 CVE-2024-46626,0,0,b2dbe1e3c2ee97096cbfddcd538250ce5664f2528c19dd2dc51892ffc471844d,2024-10-04T13:50:43.727000 CVE-2024-46627,0,0,4cc8890cea4e8322a4c476b42c8fefe2b4b66b62a78446cc66eb2d1a373670f4,2024-09-30T12:46:20.237000 @@ -264700,7 +264706,7 @@ CVE-2024-4754,0,0,43efa3a5287d05b500ecfcf4503ad62e1b41a22939150352bf102c1b98a351 CVE-2024-47549,0,0,113d97e5056ed200778519e504bac77f5b27816ee70d3059de963f972da95681,2024-11-05T19:40:52.070000 CVE-2024-4755,0,0,ca5306e45de4985a027d64d4740785092288eb6abbd1ab6d1fda3377d88d4e7e,2024-07-03T02:08:01.477000 CVE-2024-47553,0,0,2212e0c73d31ee4117260b14c09959b86700d87277dc600c8b069eb02d73b59b,2024-10-11T20:04:08.623000 -CVE-2024-47554,0,0,ed4aff6ea0e7ac69533e960f0592e4849edcc0303a79e4282ca0e96ec7b37a4c,2024-10-04T13:50:43.727000 +CVE-2024-47554,0,1,97aa47119214f6131b5ae7402fce65d944f6d01db7e1f420f573753d6f9f24e5,2024-12-04T15:15:11.940000 CVE-2024-47555,0,0,fd6842fa8e3868552d886daf37839c899991f22ed0d1cbcbe8a1f0bc204570fe,2024-10-10T12:57:21.987000 CVE-2024-47556,0,0,b2eb26ccd170b7356f5c7ae8348c7211579bcfcda419ce390ac6a894b3fb29d9,2024-10-16T17:34:45.813000 CVE-2024-47557,0,0,32e1b664421a88ab8d1661bad7cea7af32ba7043981422db8a0ddfbc9f2f0ac5,2024-10-16T17:33:56.373000 @@ -265345,7 +265351,7 @@ CVE-2024-48778,0,0,84465a6cd0aeb1f5e7a79a50b406c02904acdaa29d8045952a59d45351acb CVE-2024-48779,0,0,a5735aa3308cc7fa6a81842b65de3a753e16df0c22c5eb2215f4ac53555c02cb,2024-10-17T17:35:10.600000 CVE-2024-48781,0,0,def8da40d2e3000f84547055f8a8e1f07c6a72e8f93e09b1e29d5c94bce33085,2024-10-16T19:35:12.160000 CVE-2024-48782,0,0,657280405f72b96cca8d15f0169a0c59717f325a8a72d146f1dff61ffc4a85a4,2024-10-16T19:35:13.023000 -CVE-2024-48783,0,0,7f45f17f3f4e3b4b042e707502c7a2f387e6fd60de5b928d56fc97bb847137a0,2024-11-08T15:19:21.263000 +CVE-2024-48783,0,1,d4281dcb030256a97ffea98b8e9bd3af14ddffa2c5d3e56173dc86185cb6352a,2024-12-04T15:15:12.120000 CVE-2024-48784,0,0,b17d7d33d987ccc732abbbed7a19a2cd24322765e46d4a5e12c5048ecd3b3022,2024-10-15T19:35:42.627000 CVE-2024-48786,0,0,356725ffde0ce97cc052a45790af4a3778948dfbfe170e13c7ea8d62a13a4603,2024-10-15T19:35:43.413000 CVE-2024-48787,0,0,6d2ea7e3a85defa8b6f92bcb4641f0fb3472eedc1d016221be7f4707cb95d1ae,2024-10-15T19:35:44.190000 @@ -266964,10 +266970,12 @@ CVE-2024-5136,0,0,00acd0d99ac180a457379231db172c8713de0958aea5d4d69a24c443710504 CVE-2024-51362,0,0,a6e1a40cf5e527208990e8a764ceb58cfefd7f1b5e4a2c9e1905064ef69946f2,2024-11-06T20:35:35.750000 CVE-2024-51363,0,0,1a718dc87e73de14ce88ee568b473ff8c6c86948d120e61d443ba463ad9363f5,2024-12-03T22:15:05.013000 CVE-2024-51364,0,0,14b2dee82d01d7389bab3881eda1c802d61b28380989b485af4049ffc6cb6a67,2024-11-27T21:15:07.797000 +CVE-2024-51365,1,1,d837cc1586c1d4910b5dfde0140d794651911e802de0b0b7889dd342124292bb,2024-12-04T16:15:25.717000 +CVE-2024-51366,1,1,8cb37b642efd94f1ef2cb009c97c3b6b6785b34318fa56f7821210d8849df437,2024-12-04T16:15:25.903000 CVE-2024-51367,0,0,321834f3c68e231d48212ed0455e22a6133cdcee14f287745838cf2ad31fdf76,2024-11-27T17:15:13.207000 CVE-2024-5137,0,0,1c94e90fa849c62df03c5c4f490c71de8dac579e548f5eda16234216f611cd2a,2024-06-04T19:21:01.370000 CVE-2024-51377,0,0,cf00c0a6e7d0ac48895095961c732d7f23ec2a7e49679df67603156d82aefffb,2024-11-14T23:23:52.997000 -CVE-2024-51378,0,0,2fc4fb18f85014556482fb0a3b592153adf2fc1c323319341ddbcbf96ed2ad74,2024-12-03T19:15:10.807000 +CVE-2024-51378,0,1,f275e65f6aec7ab6257af04eb76a4910058d9fa5bf005cebd27a62dee359a4ad,2024-12-04T16:15:26.087000 CVE-2024-51379,0,0,2ac9e22a4ada4c046a62bb7cfce4898a690b6639726f7e96ec64275e3571bb6f,2024-11-06T18:17:17.287000 CVE-2024-5138,0,0,47c03094386326d2315f3415dc7d3ef94b00cbe65c94e42ace003fc1a8714791,2024-09-06T20:35:18.950000 CVE-2024-51380,0,0,f14cbfd3bfbc558498abdac43f5bd2dd3434adc287319fdcc829b18876bf6370,2024-11-06T18:17:17.287000 @@ -266994,7 +267002,7 @@ CVE-2024-51432,0,0,06d0d3316848cec870b03db5c1c503efe28d2aee8f81e4282d342a7548539 CVE-2024-51434,0,0,8c68c9ee35eceb55bbf1a98e98603282050fe997d32967086380b48530b1bb99,2024-11-08T19:01:03.880000 CVE-2024-5144,0,0,6bbfaf13c1764c4fefc00893d80de8b864d8af9b05653210d129c904ab48e8ed,2024-05-31T18:15:13.217000 CVE-2024-5145,0,0,e9d5b011678068f9e46540aba9b4c166c9546581cf81cda6f6984ec899d8b7b6,2024-06-04T19:21:01.520000 -CVE-2024-51465,1,1,bdca8003fe6667a7bb57737482afc81e26c476c0c2e3ce70c4f3a3adf1f80500,2024-12-04T14:15:20.223000 +CVE-2024-51465,0,0,bdca8003fe6667a7bb57737482afc81e26c476c0c2e3ce70c4f3a3adf1f80500,2024-12-04T14:15:20.223000 CVE-2024-5147,0,0,67fd758fa3d69d8e32fe541a58ba746107ffb7370fa9ddd99ec9988f56fe738f,2024-05-22T12:46:53.887000 CVE-2024-51478,0,0,9c645c867780dc62421ca357104dcf5de15f7abda4e26eccd09e0b3312ae61a8,2024-11-01T12:57:03.417000 CVE-2024-5148,0,0,bd5836562cd7c4456364427f29f33cc1c67447ccbfc1a9320a1023f854c7eb77,2024-09-03T12:59:02.453000 @@ -267516,7 +267524,7 @@ CVE-2024-52273,0,0,b7b3a2f5cbdd924580d00aadbad6b7f335f6885215a6863c2e9e57dfb72a2 CVE-2024-52274,0,0,ecb13f813ac787f1c31aa47c0141b458f6c53ba8bd458f3c4ba6754a9ae6907f,2024-12-04T11:30:50.713000 CVE-2024-52275,0,0,de23971a6cc4bd67116b75ca69f0f05e1dfdda58aa0b336c64f30eb1995963ee,2024-12-04T11:30:50.827000 CVE-2024-52276,0,0,54746b97ddb09890491662c4bcbf843a83df86e03b0c283af9b1c46eabcb7a4d,2024-12-04T11:30:50.947000 -CVE-2024-52277,0,1,fc2174c3dc3f35a5b0a85a074a2c2acfc285045ebf03ef343ee0d7694eb36e3c,2024-12-04T13:15:06.080000 +CVE-2024-52277,0,0,fc2174c3dc3f35a5b0a85a074a2c2acfc285045ebf03ef343ee0d7694eb36e3c,2024-12-04T13:15:06.080000 CVE-2024-52278,0,0,f6727d2bf49859f0724c1a39e0d775cbd477e6bb49e30b91be3cb4bcf4a7b7c5,2024-12-04T12:15:19.763000 CVE-2024-5228,0,0,d7fb18ef663e7fbb963ee04e575f2bc258b900955c0912600676521519fad837,2024-05-24T01:15:30.977000 CVE-2024-52283,0,0,f59df4d918f6034e17961b306063745063af3cc2eb28f2a813fc1b7331b63f1f,2024-11-28T10:15:08.543000 @@ -267995,9 +268003,24 @@ CVE-2024-53121,0,0,0df4084097284edf0dd35ebbe17aab3a3d685c9d3fdc3da9364efeff40162 CVE-2024-53122,0,0,1c299a2688f6ab9dded70cf6b0cfd3aeafa91db46a3f4d275e9dee3fcde2a23a,2024-12-02T14:15:13.010000 CVE-2024-53123,0,0,dcef2903ddd7f9038bf183b6ef6585245f13744aad480c16672e1f79f35f6cd8,2024-12-02T14:15:13.120000 CVE-2024-53124,0,0,ce00db9f52d4602938a9498c77e180ac9ff339a933c4e30878280323c81f97d8,2024-12-02T14:15:13.220000 -CVE-2024-53125,1,1,43afd00df3c663365d0f10b7914fbddd39434ca1bab6ae886e0992d3c66d10ae,2024-12-04T14:15:20.460000 +CVE-2024-53125,0,0,43afd00df3c663365d0f10b7914fbddd39434ca1bab6ae886e0992d3c66d10ae,2024-12-04T14:15:20.460000 +CVE-2024-53126,1,1,ee300ce2fe08b359d05ec932ced473611e48ef0673b121a0bb43a8289dc7be68,2024-12-04T15:15:12.540000 +CVE-2024-53127,1,1,cc2218603ef0bc951c96f8c863300e009964e509ba993c0fda1d1902ac487bc5,2024-12-04T15:15:12.637000 +CVE-2024-53128,1,1,facd6aef343d89909f023b720f1ee7bd7fdedbfb65ba1abf3ccc85681e46bde6,2024-12-04T15:15:12.737000 +CVE-2024-53129,1,1,b7bae6cbd65f11e8c206b53746cdbef6ecefb987252adf776a59e1954349c15d,2024-12-04T15:15:12.837000 CVE-2024-5313,0,0,f1cdfb8a50e98ae6ac3af0ea1d50716e060963965a73a7d8f531b777ae15b8ad,2024-08-14T13:40:02.907000 +CVE-2024-53130,1,1,41d509684d5ea9873593fcada6424a1ec3f1ed5cb5b1895e3afe4cb3cddd2a04,2024-12-04T15:15:12.927000 +CVE-2024-53131,1,1,73e6a4ab7278e1057f313ad27e10ce3868722f6881e4ec2fb1873c27491acd38,2024-12-04T15:15:13.090000 +CVE-2024-53132,1,1,e51b7b1476e2f729ab964a586e98986e4e6f1ab8c35a4b562721ba867b26dbf7,2024-12-04T15:15:13.193000 +CVE-2024-53133,1,1,16c36f403f66be61d12f083aa24406f9744b56d22276089bffff2d5e219071d4,2024-12-04T15:15:13.310000 +CVE-2024-53134,1,1,e48c62226358a312dc8eba1377e6bff671f99204fb8c37c363bbe85d6aac2667,2024-12-04T15:15:13.503000 +CVE-2024-53135,1,1,31f82adbb18f449866f3e3497120af16bb1647e33bef34a597bbd9d2215f06ee,2024-12-04T15:15:13.630000 +CVE-2024-53136,1,1,f6e4837c48b458b0a293bff28b13ab0029c74e2a4fcd90a96cea4266a1b4eefa,2024-12-04T15:15:13.737000 +CVE-2024-53137,1,1,c197a7e4675d1f451c839a6de66e0b5bd59f7f8a79fef07e23e4b3e48a847694,2024-12-04T15:15:13.843000 +CVE-2024-53138,1,1,de139392b28bd8c9d32d2e1c4772dd0f6a1b16aaacc94b87a9d05e711c747d66,2024-12-04T15:15:13.983000 +CVE-2024-53139,1,1,bf979a7146d5ba9a5d2de25db6fbab96172e8502b1c148b2beb6afc201708ae3,2024-12-04T15:15:15.643000 CVE-2024-5314,0,0,a7cdac28c15b59d972bbd1ad7f63aae58232f4c63fcf8544d4cfc91c709ee3db,2024-05-24T13:03:05.093000 +CVE-2024-53140,1,1,816d7ea16582c6c4bde331607e12b601f27c6f94d9cdbd334614166721bb1015,2024-12-04T15:15:16.803000 CVE-2024-5315,0,0,8579169b825e98cf3238daa1adb0a4d2ea9e4baf40a7a9906b16d52fd8bd309a,2024-05-24T13:03:05.093000 CVE-2024-5317,0,0,ca9413f34c0b442e0ebe516eaf4713c47241a346ee54ab90be673b58c28dbb75,2024-06-11T17:22:08.007000 CVE-2024-5318,0,0,837e96b053ddf8bba826c345247317ae9421322227a87d1660e3de27e2bfd29a,2024-10-03T07:15:31.463000 @@ -268043,6 +268066,7 @@ CVE-2024-53425,0,0,dba41ac0d03c322e076798942c48ad94ab227d8220eb1e3a3534e4bdae7c6 CVE-2024-53426,0,0,9339130e86a75243ea176c2c1911663d0047bd370b4ea0fccb09719eca2c3ad9,2024-11-26T18:15:20.330000 CVE-2024-53429,0,0,eaa70acb2843e8489abf02d5796dd8a314b9b85961845be919325cda159f0f76,2024-12-03T16:15:23.833000 CVE-2024-5343,0,0,fedc1366914170279f2e5d2ad585273a49bb658750b62f8b5bda5b06ac846b44,2024-06-20T12:44:01.637000 +CVE-2024-53432,1,1,91200366caef4fd477ae549a4b97936ab0103419821400acdfe9619ad1d645ce,2024-12-04T16:15:26.240000 CVE-2024-53438,0,0,269e7677ace7d9295c53368d7a770c8536638e497558c04303dcd88d3a89eb20,2024-11-27T17:15:14.647000 CVE-2024-5344,0,0,b9eb66177d3d824bf1f1529dfc9f0ece4e45e95565139113aee3e384e4e64696,2024-07-17T03:07:04.743000 CVE-2024-5345,0,0,e63bd8698ebea410f9684596571cb5f236dcece9e087d3c47739e1f377731d0e,2024-05-31T13:01:46.727000 @@ -268080,6 +268104,7 @@ CVE-2024-53603,0,0,162b8a1c0030915029673db748be5d0adb733dae81b9ae207cb34767108f8 CVE-2024-53604,0,0,f62d305bb98148833da87db5a11321e6ca6d6dd658f1c5fbfba2d66d119aa0aa,2024-11-29T14:15:05.893000 CVE-2024-53605,0,0,ca300feecc4d15af3b8cbc938be55c089599ebfcca8298d8fee9c4660ffccb57,2024-12-02T01:15:04.030000 CVE-2024-5361,0,0,5486d2207143454b44a9225276732f9ee62f5258ee0c41c9fa5501a1b55451e4,2024-05-28T12:39:42.673000 +CVE-2024-53614,1,1,b00946e181d3cd3fb87b3f018a0f0f76e03eaa353cf255e1e8e5b0564a9c017b,2024-12-04T16:15:26.413000 CVE-2024-53617,0,0,1d15b7d8455e44e7d682bb17f092211a84550d994186e8d8092655932756eace,2024-12-02T20:15:07.710000 CVE-2024-53619,0,0,7d24d177db4282b10dd583a800553384958865a9c2b032eab35d21cf889272f3,2024-11-26T20:15:33.880000 CVE-2024-5362,0,0,5b47523dd74fc943fbc0021df1551e4d13ec69c02c41616d4b2935f18460ef93,2024-06-04T19:21:06.287000 @@ -268261,6 +268286,7 @@ CVE-2024-53992,0,0,968e2d279d6edfc36860c960df4396bf9d9df657b6a78a28aa81a3adc4be5 CVE-2024-53999,0,0,80e3192c64b986a2c82f7cb85ff5081bb2235e4dec0ec9c5a1f5324ae09e812c,2024-12-03T16:15:24.250000 CVE-2024-5400,0,0,094967d50b5003fa8a1a95a7cd40ccdb2300c03695bb818acf6e11d6054c6ffe,2024-05-28T12:39:28.377000 CVE-2024-54000,0,0,79bf0fc3308433671fec9e277259b5b3b941c6e3097b99968c0a0fe0b45a16f5,2024-12-03T16:15:24.380000 +CVE-2024-54002,1,1,5b9cdb59ff01c2fea869162b60f55e20fa576bcef3f36d1de9c6feeadd4e5a60,2024-12-04T16:15:26.537000 CVE-2024-54003,0,0,2506866a989efaeab3da1a8a5555a804f26e4215f0a647f04a179f236368dfb1,2024-11-27T20:15:26.133000 CVE-2024-54004,0,0,4b55764e78df7d1fab73ac81a29fd36001f40116e182b6aab547372d06b234b5,2024-11-27T19:15:33.723000 CVE-2024-5402,0,0,a5e55a0c84701c59a5f5d7ada1c30ecac8bd71919dc47c454e4a5ba90cd9220e,2024-07-19T18:03:55.583000 @@ -268278,6 +268304,8 @@ CVE-2024-54123,0,0,adb9d810678343393bca99901a3c1b47719ef78df3ca8f4e2f7e11c7b4e03 CVE-2024-54124,0,0,d93261f0be0c719ea94f116c38fdd88edcab344178e1fea1cd1f60fbeb46997e,2024-11-29T19:15:10.443000 CVE-2024-5413,0,0,b448c8c4fee794a9903e33e6c17f07ddeb3dd7c0bc677024b75809ef047d2c8a,2024-05-28T14:59:09.827000 CVE-2024-54131,0,0,4b4918afa2a4261da20afce1984c24b92c3cd8c05c3ee6659db317d6cf1d35a8,2024-12-03T21:15:08.127000 +CVE-2024-54132,1,1,173178d6ece3c7447fdd5c5581bec00491b47d845f420e9310f497032a9cb26a,2024-12-04T16:15:26.730000 +CVE-2024-54134,1,1,01f811a321fb67f4c86b325bd0e972a7966de74270807e150473381d1bf3fa29,2024-12-04T16:15:26.883000 CVE-2024-5414,0,0,08acc305e6c9bea4a9589fa3dba157ea62649fb0f8c0ee74aad6ddc09386f1c2,2024-05-28T14:59:09.827000 CVE-2024-5415,0,0,d8ba178a70f3cfb2a3911a07d12ef045cc2ca261b5b8d85db5edc9c9636eef1e,2024-05-28T14:59:09.827000 CVE-2024-54153,0,0,fe748b404c05f0f3b478581c42b273c9674060ff9a7f772d2c51f053c33a523f,2024-12-04T12:15:19.853000 @@ -268333,8 +268361,8 @@ CVE-2024-5463,0,0,4d43b352cf9202f80c2f04ee56f4d6c5363c98e3eebea680338a85f124fca3 CVE-2024-5464,0,0,87d260a13f52f3a01db81247aa60ad8629b4b67f72e7ca5812703b2de9e3fb0a,2024-07-16T15:19:27.493000 CVE-2024-5465,0,0,c54306dfcc71e50bcd77c603fadee0b02af76d4cc30340f017524a72c7deac1a,2024-07-16T15:19:04.987000 CVE-2024-5466,0,0,7210eb30821301ab6ac0b6aaa79a17e39c84346dbb1ec0b37d3f9aca66c7a349,2024-08-27T13:32:50.803000 -CVE-2024-54661,0,0,22392659acb70039999ecba5023be6de4684440ccf86608f12a2ab76cffcaccd,2024-12-04T05:15:07.967000 -CVE-2024-54664,0,0,09351112c7587ddfa9168cdac629d8fd24ab72f63d5c772e651417e51d3f5c81,2024-12-04T06:15:08.357000 +CVE-2024-54661,0,1,a7869024e775d27a777a789534fe9533b55cb90ea0d22f9015f9f2a6b4b8ae94,2024-12-04T15:15:17.580000 +CVE-2024-54664,0,1,79dc396dc6c5b3917fb202a8de4cee0534c56602cdfe210a713783011dd6c02d,2024-12-04T15:15:18.093000 CVE-2024-5467,0,0,d5f2177f9d3ea444dfbcd8018e7c02f38607b067be38c512aaf8da3b2751677c,2024-08-27T14:35:48.977000 CVE-2024-5468,0,0,a9b6881473aab66cd93b6151044b19528c011d8001f0e2556b425e826958e7fb,2024-06-13T18:36:09.010000 CVE-2024-5469,0,0,2b1f02bc4b651b767de9138333ca1493d00343771be32540c7c4d36f10b2a10e,2024-08-30T14:15:16.703000 @@ -270114,7 +270142,7 @@ CVE-2024-7481,0,0,029caf1b5321966d6fff7b258f5edb21656af3703408123f2c0a2bb28c2a7f CVE-2024-7484,0,0,922e65f90a754867bdae2807b60c4750519990bf6adcc62fb148334df21e54c7,2024-08-06T16:30:24.547000 CVE-2024-7485,0,0,0b34fc91c3d825ea4087a792a0e5c6d839cf66a581a05d0c60df64b0af48f97e,2024-08-06T16:30:24.547000 CVE-2024-7486,0,0,e2579b82a31704160b51da6f8b3285ef5bff1d765f5e0369c7378c4f856658fb,2024-08-08T13:04:18.753000 -CVE-2024-7488,1,1,4a73f1913c86dad7d8841567d3b6c7841f9556bb57dbbd864ebb2f69f4aabb4a,2024-12-04T14:15:21 +CVE-2024-7488,0,1,7e5f9a7e62d9e8f949ee2539cfdd5d11c8ab7d10e6be27f01d35262f676351b4,2024-12-04T15:15:18.310000 CVE-2024-7489,0,0,a911c458f8c85ecb33feabe2fee5828bb307bd0fdaa5447d2dc32acdf03946c2,2024-10-16T07:15:16.160000 CVE-2024-7490,0,0,2dbd6717a12bca522d1065ac017f63874351831b0b05b9f6e750116d667cf962,2024-08-12T15:22:20.267000 CVE-2024-7491,0,0,d689a374fb3537e15633f4540eb868e4dc80670c3ee0d8274c63d44d12227824,2024-09-26T13:32:02.803000 @@ -271191,19 +271219,19 @@ CVE-2024-8808,0,0,a747c52b1664999051d9b0fe9d3aff6496c6b7bb644b6f690fa14f1c2188e6 CVE-2024-8809,0,0,5ef323758cc04cc3437d900754b8899d6be21732d037419ae491643e0d299c4b,2024-11-22T21:15:19.110000 CVE-2024-8810,0,0,28ccf959675d77b7e3dcf659d948720de4b02c335959c6c7364babe715cf7b78,2024-11-08T19:01:03.880000 CVE-2024-8811,0,0,f149726d303ee5303af357b9626b7520300c87c24b19cbce455084888f6aaddd,2024-11-22T21:15:19.220000 -CVE-2024-8812,0,1,bb02fc6aeb6a5ac1f09542da80a7e732df3fce4abf0f1812bb84e6052fd54012,2024-12-04T14:56:07.463000 -CVE-2024-8813,0,1,2eaa7ba4fc2b319f137dbd3febf169692852bcf46f553772924673950c1923d3,2024-12-04T14:56:03.620000 -CVE-2024-8814,0,1,988a786909b9e0becaa242b7d30f5b4116700fa704d8c5412f3e1d1c310d422a,2024-12-04T14:55:59.677000 -CVE-2024-8815,0,1,a0f1ef1ba3ef6d938b6e3988125d554ed200016bfa87a8188a2ebbd3829767d6,2024-12-04T14:55:55.787000 -CVE-2024-8816,0,1,0e1aaf29dea5646f47f2bc4d56c73bacd5c4e4b975dd47d426de8f7a2984138e,2024-12-04T14:55:51.693000 -CVE-2024-8817,0,1,38fc29c423f47b605821a02a0977289dcb2f443673adedf40e1ff2c2f3f447c7,2024-12-04T14:55:21.647000 -CVE-2024-8818,0,1,3a7d39b233d509189babbdebb7797281f643877f96185f6f8cb7a1815b533967,2024-12-04T14:55:10.590000 -CVE-2024-8819,0,1,4e4d3b7143fe200e690db17de8251a0c098db765f7f791fdff514f3c869782e7,2024-12-04T14:50:28.667000 -CVE-2024-8820,0,1,87ef82b4244082d1a4881800e062311d181d9f0f28625ca7b1dbb1abd3d7f6b8,2024-12-04T14:49:53.280000 -CVE-2024-8821,0,1,d0050a279d9250a40b6f05fa760c9cbfd5be21a3fd49f1a9ee0883e21e6e9c64,2024-12-04T14:48:52.033000 -CVE-2024-8822,0,1,2950c312f451c38c32cd5ee0d43bfe02740e193dc615ece3742ae2e8fd457c86,2024-12-04T14:47:30.647000 -CVE-2024-8823,0,1,315b56efc8d962874c8152076ad27fbee666fcd87542252f2db2c54f5b5673aa,2024-12-04T14:45:59.687000 -CVE-2024-8824,0,1,081b887efb7be95b457127b5d1be656b2e827f4c77f383c21956eee1e09e7994,2024-12-04T14:44:31.470000 +CVE-2024-8812,0,0,bb02fc6aeb6a5ac1f09542da80a7e732df3fce4abf0f1812bb84e6052fd54012,2024-12-04T14:56:07.463000 +CVE-2024-8813,0,0,2eaa7ba4fc2b319f137dbd3febf169692852bcf46f553772924673950c1923d3,2024-12-04T14:56:03.620000 +CVE-2024-8814,0,0,988a786909b9e0becaa242b7d30f5b4116700fa704d8c5412f3e1d1c310d422a,2024-12-04T14:55:59.677000 +CVE-2024-8815,0,0,a0f1ef1ba3ef6d938b6e3988125d554ed200016bfa87a8188a2ebbd3829767d6,2024-12-04T14:55:55.787000 +CVE-2024-8816,0,0,0e1aaf29dea5646f47f2bc4d56c73bacd5c4e4b975dd47d426de8f7a2984138e,2024-12-04T14:55:51.693000 +CVE-2024-8817,0,0,38fc29c423f47b605821a02a0977289dcb2f443673adedf40e1ff2c2f3f447c7,2024-12-04T14:55:21.647000 +CVE-2024-8818,0,0,3a7d39b233d509189babbdebb7797281f643877f96185f6f8cb7a1815b533967,2024-12-04T14:55:10.590000 +CVE-2024-8819,0,0,4e4d3b7143fe200e690db17de8251a0c098db765f7f791fdff514f3c869782e7,2024-12-04T14:50:28.667000 +CVE-2024-8820,0,0,87ef82b4244082d1a4881800e062311d181d9f0f28625ca7b1dbb1abd3d7f6b8,2024-12-04T14:49:53.280000 +CVE-2024-8821,0,0,d0050a279d9250a40b6f05fa760c9cbfd5be21a3fd49f1a9ee0883e21e6e9c64,2024-12-04T14:48:52.033000 +CVE-2024-8822,0,0,2950c312f451c38c32cd5ee0d43bfe02740e193dc615ece3742ae2e8fd457c86,2024-12-04T14:47:30.647000 +CVE-2024-8823,0,0,315b56efc8d962874c8152076ad27fbee666fcd87542252f2db2c54f5b5673aa,2024-12-04T14:45:59.687000 +CVE-2024-8824,0,0,081b887efb7be95b457127b5d1be656b2e827f4c77f383c21956eee1e09e7994,2024-12-04T14:44:31.470000 CVE-2024-8825,0,0,386facc7f478cbfcfa85ec990ba31bcaed7eca7d9ceff17e6e15478683dda148,2024-11-29T20:20:44.863000 CVE-2024-8826,0,0,f4e52980884276b4d0670106e2ba49b1b78815b10ae4ced581158a7b704c52a8,2024-11-29T20:08:47.553000 CVE-2024-8827,0,0,61f5eb5ff8ecf0faa7db8953d296c535df6bfdf7ae19ad117bcc6010c4727fb8,2024-11-29T20:20:34.137000 @@ -271218,17 +271246,17 @@ CVE-2024-8835,0,0,ac7088e58560f5b8a53a89d7053ca91953fa04c930410cf78b9450022c4f09 CVE-2024-8836,0,0,79e7b0ebef3f34831f5721ae680df12c7c8fda724633587fb2447905129a1385,2024-11-29T20:17:29.823000 CVE-2024-8837,0,0,89e656db04439e6a29296845420167328da47c051242908b0604e6fd8193f958,2024-11-29T20:10:41.130000 CVE-2024-8838,0,0,10d39ca9b78f79c235ce4c6d2c97387f035b10246bb5c06ccf2c04f01720827b,2024-12-03T22:06:42.107000 -CVE-2024-8839,0,1,dfcb598a9905352c16372165491519fa79e7e07cfa2e5867258644329e155b49,2024-12-04T14:43:09.680000 -CVE-2024-8840,0,1,b608d7a40737ad530d95cc8acf900fdbf22b481e49ed67cfe05022036924b7d2,2024-12-04T14:42:12.897000 -CVE-2024-8841,0,1,5b3907b9bf6ae6a634463aa043ad5265c90979211a7e3919fc540e1869116b36,2024-12-04T14:41:07.097000 -CVE-2024-8842,0,1,58b2215a517c3855255ee3b31bf2c0e7ffb854269fa29ec9ca904e8149139bfa,2024-12-04T14:38:40.640000 -CVE-2024-8843,0,0,bdc359026810a398006ae94b0d06b14bc02690dec55ef854528c3c02d08a2a22,2024-11-22T21:15:22.887000 -CVE-2024-8844,0,0,fcacb504868d6d764f006f94e50184c1b2b0d2e323919da7dccdb5a6055d68fb,2024-11-22T21:15:23.003000 -CVE-2024-8845,0,0,57499101fb1d711c0d6da0ba80832d89600f988a6b5c33815f15d2d7a0cab0c3,2024-11-22T21:15:23.110000 -CVE-2024-8846,0,0,8d0012407da17e654de5ec8d628ed02cd9ac49615691f1af975a4afd066efa41,2024-11-22T21:15:23.230000 -CVE-2024-8847,0,0,17631b5f51ea0e2815e2cba10816031bea387bb47a34938d4ddad17b8625458a,2024-11-22T21:15:23.367000 -CVE-2024-8848,0,0,a7d50f72a679e4e96488d0cf2d572b067f5c2d76f6b5b42b61cf3288ea790814,2024-11-22T21:15:23.500000 -CVE-2024-8849,0,0,acc675871cc600fe0f679629b60dcfd116902d4bcdd429886c1b576733b40d1f,2024-11-22T21:15:23.650000 +CVE-2024-8839,0,0,dfcb598a9905352c16372165491519fa79e7e07cfa2e5867258644329e155b49,2024-12-04T14:43:09.680000 +CVE-2024-8840,0,0,b608d7a40737ad530d95cc8acf900fdbf22b481e49ed67cfe05022036924b7d2,2024-12-04T14:42:12.897000 +CVE-2024-8841,0,0,5b3907b9bf6ae6a634463aa043ad5265c90979211a7e3919fc540e1869116b36,2024-12-04T14:41:07.097000 +CVE-2024-8842,0,0,58b2215a517c3855255ee3b31bf2c0e7ffb854269fa29ec9ca904e8149139bfa,2024-12-04T14:38:40.640000 +CVE-2024-8843,0,1,f86a0f055d62eb7db780727f9a4f93c2118fa2d2e2e3eb8861752668bf402a54,2024-12-04T16:38:13.297000 +CVE-2024-8844,0,1,e2e82abdad3c32f9ab0b631071ce98c126ad1ab938920565edba7e80277bcdd7,2024-12-04T16:38:10.040000 +CVE-2024-8845,0,1,badb198a77abe8a9fa2c6e1afe80064105f9eb7f2882900529dc52dc31af660e,2024-12-04T16:38:07.607000 +CVE-2024-8846,0,1,ce4dc61d8ff5fa61aed0ae16162c63037b7f5852a598911f85433890aef44c54,2024-12-04T16:42:04.860000 +CVE-2024-8847,0,1,169229dadab5cc67a0189cd2c1f1ff515cb9d8e237a14f87d602ace230bdc031,2024-12-04T16:42:07.103000 +CVE-2024-8848,0,1,6fb3785664795ee02fdf50508f3d9c3655bd2c295a7f89678cebccfe571e3a6a,2024-12-04T16:42:08.827000 +CVE-2024-8849,0,1,0734151af4af8138bcdc00f593bbe5da7ce0eb57042fd20edab1406815b87a42,2024-12-04T16:42:10.820000 CVE-2024-8850,0,0,60f99c260767f82bf00cc7954ec3e058985003b965020b8d3dac7a45b3ea5f64,2024-09-25T18:49:53.397000 CVE-2024-8852,0,0,4c29aa9b59fffc51165fcfe6324e59328792cc2858478a0eeda39ebd10055ec2,2024-10-25T21:20:11.410000 CVE-2024-8853,0,0,b5a3b0675f8f2657c7381537f08c47ae3a3694c18acf1b18976370e35c278f0e,2024-09-25T17:49:25.653000 @@ -271319,7 +271347,7 @@ CVE-2024-8957,0,0,0308f2f5a0567b3e01401fcc5a35dd0d4903c31a6d3992c47cfe16c6bc21ea CVE-2024-8959,0,0,0dc3502ed244ae66bafd80efba15dddd0bb76667e6d8b2d3ee7e3d6fc71e6baf,2024-10-25T12:56:07.750000 CVE-2024-8960,0,0,cb9c3666b1d5630b31aed515dc84bc6b9317ac9454d917c6e7a599d8d75d0609,2024-11-12T13:56:24.513000 CVE-2024-8961,0,0,ef82d8b2e398fd75b52fa0b073d3909959e3a804636999baddf212f4cb248ab3,2024-11-19T17:01:15.787000 -CVE-2024-8962,0,1,4816be581bbb312715eb3c44dc8264043d82a8113eaa7eb6324ec3df1eeb3774,2024-12-04T12:15:20.913000 +CVE-2024-8962,0,0,4816be581bbb312715eb3c44dc8264043d82a8113eaa7eb6324ec3df1eeb3774,2024-12-04T12:15:20.913000 CVE-2024-8963,0,0,67fe8ea90f3163df4929d6782956d377bcadef461d17352cf475deabaa8fd4ad,2024-09-20T16:32:02.563000 CVE-2024-8964,0,0,c8fc4fc0d8f6e4149ea3cd0239ed4708c78c8d6f77eb0df4938d6649d94bf7d7,2024-10-10T12:56:30.817000 CVE-2024-8965,0,0,fcd9a7faf9aba17ebbc93d83d1389f5891b9c0797caaf85615a1a91da1ce5a78,2024-10-04T19:04:03.157000