From 4d45325aa532c07e62d4830fd786deaeb7fbbf1f Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 23 Jul 2024 18:03:14 +0000 Subject: [PATCH] Auto-Update: 2024-07-23T18:00:17.703525+00:00 --- CVE-2022/CVE-2022-488xx/CVE-2022-48849.json | 81 ++++++++++- CVE-2022/CVE-2022-488xx/CVE-2022-48850.json | 141 +++++++++++++++++-- CVE-2022/CVE-2022-488xx/CVE-2022-48851.json | 142 ++++++++++++++++++-- CVE-2022/CVE-2022-488xx/CVE-2022-48853.json | 141 +++++++++++++++++-- CVE-2024/CVE-2024-07xx/CVE-2024-0760.json | 6 +- CVE-2024/CVE-2024-17xx/CVE-2024-1737.json | 6 +- CVE-2024/CVE-2024-17xx/CVE-2024-1766.json | 66 ++++++++- CVE-2024/CVE-2024-19xx/CVE-2024-1975.json | 6 +- CVE-2024/CVE-2024-20xx/CVE-2024-2092.json | 71 +++++++++- CVE-2024/CVE-2024-397xx/CVE-2024-39702.json | 21 +++ CVE-2024/CVE-2024-40xx/CVE-2024-4076.json | 6 +- CVE-2024/CVE-2024-411xx/CVE-2024-41178.json | 33 +++++ CVE-2024/CVE-2024-413xx/CVE-2024-41314.json | 10 +- CVE-2024/CVE-2024-413xx/CVE-2024-41315.json | 10 +- CVE-2024/CVE-2024-413xx/CVE-2024-41316.json | 10 +- CVE-2024/CVE-2024-413xx/CVE-2024-41317.json | 10 +- CVE-2024/CVE-2024-416xx/CVE-2024-41663.json | 56 ++++++++ CVE-2024/CVE-2024-416xx/CVE-2024-41664.json | 56 ++++++++ CVE-2024/CVE-2024-44xx/CVE-2024-4467.json | 6 +- CVE-2024/CVE-2024-48xx/CVE-2024-4845.json | 44 +++++- CVE-2024/CVE-2024-48xx/CVE-2024-4898.json | 44 +++++- CVE-2024/CVE-2024-56xx/CVE-2024-5663.json | 76 ++++++++++- CVE-2024/CVE-2024-67xx/CVE-2024-6714.json | 64 +++++++++ README.md | 64 ++++----- _state.csv | 93 +++++++------ 25 files changed, 1109 insertions(+), 154 deletions(-) create mode 100644 CVE-2024/CVE-2024-397xx/CVE-2024-39702.json create mode 100644 CVE-2024/CVE-2024-411xx/CVE-2024-41178.json create mode 100644 CVE-2024/CVE-2024-416xx/CVE-2024-41663.json create mode 100644 CVE-2024/CVE-2024-416xx/CVE-2024-41664.json create mode 100644 CVE-2024/CVE-2024-67xx/CVE-2024-6714.json diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48849.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48849.json index 2dbf8ea529e..2a342b6566b 100644 --- a/CVE-2022/CVE-2022-488xx/CVE-2022-48849.json +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48849.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48849", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T13:15:12.103", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-07-23T17:09:44.370", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,19 +15,88 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: omite la verificaci\u00f3n del indicador de mosaico en la vitrina virtual (v2) vkms aprovecha la creaci\u00f3n de framebuffer amdgpu com\u00fan y, adem\u00e1s, como no admite el modificador FB, no es necesario verificar los indicadores de mosaico al iniciar framebuffer cuando la visualizaci\u00f3n virtual est\u00e1 habilitada. Esto se puede solucionar a continuaci\u00f3n: amdgpu 0000:00:08.0: GFX9+ requiere verificaci\u00f3n de FB seg\u00fan el modificador de formato ADVERTENCIA: CPU: 0 PID: 1023 en drivers/gpu/drm/amd/amdgpu/amdgpu_display.c:1150 amdgpu_display_framebuffer_init+0x8e7/0xb40 [amdgpu] v2: marque adev->enable_virtual_display en su lugar, ya que vkms tambi\u00e9n se puede habilitar en bare metal." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.29", + "matchCriteriaId": "19FA1597-045C-49EE-96B7-3CEF5B43002F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.15", + "matchCriteriaId": "83FDEDF2-0E19-4879-91FD-171E66D1B335" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/cb29021be49858059138f75d6311a7c35a9379b2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/e2b993302f40c4eb714ecf896dd9e1c5be7d4cd7", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fcd1d79aa943fff4fbaa0cce1d576995a7960699", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48850.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48850.json index d45bc150799..1011c0622e2 100644 --- a/CVE-2022/CVE-2022-488xx/CVE-2022-48850.json +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48850.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48850", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T13:15:12.170", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-07-23T17:06:58.507", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,158 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net-sysfs: agregue verificaci\u00f3n para que netdevice est\u00e9 presente en speed_show Al desactivar el netdevice o apagar el sistema, se puede desencadenar un p\u00e1nico al acceder a la ruta sysfs porque el dispositivo ya est\u00e1 eliminado. [ 755.549084] mlx5_core 0000:12:00.1: Se llam\u00f3 al apagado [ 756.404455] mlx5_core 0000:12:00.0: Se llam\u00f3 al apagado... [ 757.937260] ERROR: no se puede manejar la desreferencia del puntero NULL del kernel en (nulo) [ 758.031397] IP: [] dma_pool_alloc+0x1ab/0x280 crash> bt... PID: 12649 TAREA: ffff8924108f2100 CPU: 1 COMANDO: \"amsd\"... #9 [ffff89240e1a38b0] page_fault en ffffffff8f38c778 [excepci\u00f3n RIP: pool_alloc+0x1ab] RIP : ffffffff8ee11acb RSP: ffff89240e1a3968 RFLAGS: 00010046 RAX: 0000000000000246 RBX: ffff89243d874100 RCX: 0000000000001000 RDX: 00000000000000000 RSI: 0000000000000246 RDI: ffff89243d874090 RBP: ffff89240e1a39c0 R8: 000000000001f080 R9: ffff8905ffc03c00 R10: ffffffffc04680d4 R11: d R12: 00000000000080d0 R13: ffff89243d874090 R14: ffff89243d874080 R15: 0000000000000000 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 #10 [ffff89240e1a39c8] mlx5_alloc_cmd_msg en ffffffffc04680f3 [mlx5_core] #11 [ffff89240e1a3a18] d_exec en ffffffffc046ad62 [mlx5_core] #12 [ffff89240e1a3ab8] mlx5_cmd_exec en ffffffffc046b4fb [mlx5_core] #13 [ffff89240e1a3ae8] mlx5_core_access_reg en ffffffffc0475434 [mlx5_core] #14 [ffff89240e1a3b40] mlx5e_get_fec_caps en ffffffffc04a7348 [mlx5_core] #15 [ffff89240e1a3bb0] get_fec_supported_advertised en ffffffffc04992bf [mlx5_core] #16 [ffff89240e1a3c08] mlx5e_get_link_ksettings en ffffffffc049ab36 [mlx5_core] #17 [ffff89240e1a3ce8] __ethtool_get_link_ksettings en ffffffff8f25db46 #18 [ ffff89240e1a3d48] speed_show en ffffffff8f277208 #19 [ffff89240e1a3dd8] dev_attr_show en ffffffff8f0b70e3 #20 [ffff89240e1a3df8] sysfs_kf_seq_show en ffffffff8eedbedf #21 40e1a3e18] kernfs_seq_show en ffffffff8eeda596 #22 [ffff89240e1a3e28] seq_read en ffffffff8ee76d10 #23 [ffff89240e1a3e98] kernfs_fop_read en ffffffff8eedaef5 #24 8] vfs_read en ffffffff8ee4e3ff #25 [ffff89240e1a3f08] sys_read en ffffffff8ee4f27f #26 [ffff89240e1a3f50] system_call_fastpath en ffffffff8f395f92 crash> net_device.state ffff89443b0c0000 estado = 0x5 LINK_STATE_START| __LINK_STATE_NOCARRIER) Para evitar este escenario, tambi\u00e9n nos aseguramos de que el netdevice est\u00e9 presente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.9.307", + "matchCriteriaId": "22B29938-3445-45F5-868D-74D6063E6D64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.272", + "matchCriteriaId": "7F0FA2C5-4E50-48A6-9D72-7C133B60EF05" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.235", + "matchCriteriaId": "F8671D74-E8CD-4E41-A93F-3E3E88125D16" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.185", + "matchCriteriaId": "B374BFBF-C879-4A72-921F-C850CF7DFB99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.106", + "matchCriteriaId": "6A4F38AC-99A2-48DF-B132-C9F785B309B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.29", + "matchCriteriaId": "15DC6588-B28F-4637-9A1E-3753B34A40CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.15", + "matchCriteriaId": "83FDEDF2-0E19-4879-91FD-171E66D1B335" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/081369ad088a76429984483b8a5f7e967a125aad", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/3a79f380b3e10edf6caa9aac90163a5d7a282204", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/4224cfd7fb6523f7a9d1c8bb91bb5df1e38eb624", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/75fc8363227a999e8f3d17e2eb28dce5600dcd3f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8879b5313e9fa5e0c6d6812a0d25d83aed0110e2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8d5e69d8fbf3a35ab4fbe56b8f092802b43f3ef6", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/a7b9ab04c5932dee7ec95e0abc58b0df350c0dd2", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d15c9f6e3335002fea1c33bc8f71a705fa96976c", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48851.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48851.json index 5adc6f99ea1..8b5196be832 100644 --- a/CVE-2022/CVE-2022-488xx/CVE-2022-48851.json +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48851.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48851", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T13:15:12.247", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-07-23T17:03:30.303", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,159 @@ "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: staging: gdm724x: corrige el use after free en gdm_lte_rx() La funci\u00f3n netif_rx_ni() libera el skb para que no podamos desreferenciarlo para guardar el skb->len." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.12", + "versionEndExcluding": "4.9.307", + "matchCriteriaId": "C646FCEC-8D9D-4160-A402-1488A1906083" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.272", + "matchCriteriaId": "7F0FA2C5-4E50-48A6-9D72-7C133B60EF05" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.235", + "matchCriteriaId": "F8671D74-E8CD-4E41-A93F-3E3E88125D16" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.185", + "matchCriteriaId": "B374BFBF-C879-4A72-921F-C850CF7DFB99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.106", + "matchCriteriaId": "6A4F38AC-99A2-48DF-B132-C9F785B309B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.29", + "matchCriteriaId": "15DC6588-B28F-4637-9A1E-3753B34A40CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.15", + "matchCriteriaId": "83FDEDF2-0E19-4879-91FD-171E66D1B335" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/1fb9dd3787495b4deb0efe66c58306b65691a48f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/403e3afe241b62401de1f8629c9c6b9b3d69dbff", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/48ecdf3e29a6e514e8196691589c7dfc6c4ac169", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6d9700b445098dbbce0caff4b8cfca214cf1e757", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6dc7b87c62423bfa68139fe95e85028aab584c9a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/83a9c886c2b5a0d28c0b37e1736b47f38d61332a", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d39dc79513e99147b4c158a8a9e46743e23944f5", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/fc7f750dc9d102c1ed7bbe4591f991e770c99033", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-488xx/CVE-2022-48853.json b/CVE-2022/CVE-2022-488xx/CVE-2022-48853.json index fbf0b3b76e7..31a1214294e 100644 --- a/CVE-2022/CVE-2022-488xx/CVE-2022-48853.json +++ b/CVE-2022/CVE-2022-488xx/CVE-2022-48853.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48853", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-07-16T13:15:12.380", - "lastModified": "2024-07-16T13:43:58.773", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-07-23T17:05:11.353", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -15,39 +15,158 @@ "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: swiotlb: corrige la fuga de informaci\u00f3n con DMA_FROM_DEVICE El problema que estoy abordando fue descubierto mediante la prueba LTP que cubre cve-2018-1000204. A continuaci\u00f3n se ofrece una breve descripci\u00f3n de lo que sucede: 1) El caso de prueba emite un c\u00f3digo de comando 00 (UNIDAD DE PRUEBA LISTO) a trav\u00e9s de la interfaz SG_IO con: dxfer_len == 524288, dxdfer_dir == SG_DXFER_FROM_DEV y un dxferp correspondiente. Lo peculiar de esto es que TUR no lee desde el dispositivo. 2) En sg_start_req() la invocaci\u00f3n de blk_rq_map_user() efectivamente rebota el buffer del espacio de usuario. Como si el dispositivo fuera a transferirse a \u00e9l. Desde El commit a45b599ad808 (\"scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()\") nos aseguramos de que este primer b\u00fafer de rebote est\u00e9 asignado con GFP_ZERO. 3) Durante el resto de la historia seguimos ignorando que tenemos un TUR, por lo que el dispositivo no tocar\u00e1 el buffer que preparamos como si tuvi\u00e9ramos una situaci\u00f3n del tipo DMA_FROM_DEVICE. Mi configuraci\u00f3n utiliza un dispositivo virtio-scsi y el b\u00fafer asignado por SG se asigna mediante la funci\u00f3n virtqueue_add_split() que usa DMA_FROM_DEVICE para los sgs \"in\" (aqu\u00ed scatter-gather y no gen\u00e9ricos scsi). Este mapeo implica rebotar a trav\u00e9s de swiotlb (necesitamos swiotlb para hacer virtio en un invitado protegido como s390 Secure Execution o AMD SEV). 4) Cuando finaliza el SCSI TUR, primero copiamos el contenido del segundo b\u00fafer de rebote (es decir, swiotlb) (que probablemente contiene algunos datos de IO anteriores) al primer b\u00fafer de rebote, que contiene todos ceros. Luego volvemos a copiar el contenido del primer b\u00fafer de rebote al b\u00fafer de espacio de usuario. 5) El caso de prueba detecta que el b\u00fafer, que inicializ\u00f3 en cero, no es todo ceros y falla. Se puede argumentar que se trata de un problema de swiotlb, porque sin swiotlb se filtran todos los ceros, y swiotlb deber\u00eda ser transparente en el sentido de que no afecte el resultado (si todos los dem\u00e1s participantes se portan bien). Copiar el contenido del b\u00fafer original en el b\u00fafer swiotlb es la \u00fanica forma que se me ocurre para hacer que swiotlb sea transparente en tales escenarios. Entonces, hagamos eso en caso de duda, pero permitamos que el controlador nos diga que se sobrescribir\u00e1 todo el b\u00fafer asignado, en cuyo caso podemos preservar el comportamiento anterior y evitar el impacto en el rendimiento del rebote adicional." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.9.320", + "matchCriteriaId": "CF939175-79DE-4866-B38C-4C8F9896B785" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.281", + "matchCriteriaId": "EBB1A3B4-E46A-4454-A428-85CC0AC925F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.245", + "matchCriteriaId": "239757EB-B2DF-4DD4-8EEE-97141186DA12" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.189", + "matchCriteriaId": "8CB6E8F5-C2B1-46F3-A807-0F6104AC340F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.110", + "matchCriteriaId": "91D3BFD0-D3F3-4018-957C-96CCBF357D79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.29", + "matchCriteriaId": "15DC6588-B28F-4637-9A1E-3753B34A40CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.15", + "matchCriteriaId": "83FDEDF2-0E19-4879-91FD-171E66D1B335" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/stable/c/270475d6d2410ec66e971bf181afe1958dad565e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/6bfc5377a210dbda2a237f16d94d1bd4f1335026", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/7403f4118ab94be837ab9d770507537a8057bc63", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/8d9ac1b6665c73f23e963775f85d99679fd8e192", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/971e5dadffd02beba1063e7dd9c3a82de17cf534", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/c132f2ba716b5ee6b35f82226a6e5417d013d753", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/d4d975e7921079f877f828099bb8260af335508f", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] }, { "url": "https://git.kernel.org/stable/c/ddbd89deb7d32b1fbb879f48d68fda1a8ac58e8e", - "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0760.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0760.json index 7fb042eeab0..a8a6406ac5f 100644 --- a/CVE-2024/CVE-2024-07xx/CVE-2024-0760.json +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0760.json @@ -2,7 +2,7 @@ "id": "CVE-2024-0760", "sourceIdentifier": "security-officer@isc.org", "published": "2024-07-23T15:15:03.520", - "lastModified": "2024-07-23T15:15:03.520", + "lastModified": "2024-07-23T16:15:04.620", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -36,6 +36,10 @@ ] }, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/23/1", + "source": "security-officer@isc.org" + }, { "url": "https://kb.isc.org/docs/cve-2024-0760", "source": "security-officer@isc.org" diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1737.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1737.json index cbc817845c7..3eeeb16f535 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1737.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1737.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1737", "sourceIdentifier": "security-officer@isc.org", "published": "2024-07-23T15:15:03.740", - "lastModified": "2024-07-23T15:15:03.740", + "lastModified": "2024-07-23T16:15:04.713", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -36,6 +36,10 @@ ] }, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/23/1", + "source": "security-officer@isc.org" + }, { "url": "https://kb.isc.org/docs/cve-2024-1737", "source": "security-officer@isc.org" diff --git a/CVE-2024/CVE-2024-17xx/CVE-2024-1766.json b/CVE-2024/CVE-2024-17xx/CVE-2024-1766.json index a37c41c4c36..5b857b374c7 100644 --- a/CVE-2024/CVE-2024-17xx/CVE-2024-1766.json +++ b/CVE-2024/CVE-2024-17xx/CVE-2024-1766.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1766", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-12T11:15:50.413", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-07-23T17:11:08.703", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", @@ -39,14 +59,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpdownloadmanager:download_manager:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.2.87", + "matchCriteriaId": "72CBB879-0555-4376-A299-CF410F79F532" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/download-manager/trunk/src/User/views/dashboard/edit-profile.php#L16", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9774c999-acb6-4c5f-ad6c-10979660b164?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-19xx/CVE-2024-1975.json b/CVE-2024/CVE-2024-19xx/CVE-2024-1975.json index 4cab2efafcb..9bd4f5ddd7a 100644 --- a/CVE-2024/CVE-2024-19xx/CVE-2024-1975.json +++ b/CVE-2024/CVE-2024-19xx/CVE-2024-1975.json @@ -2,7 +2,7 @@ "id": "CVE-2024-1975", "sourceIdentifier": "security-officer@isc.org", "published": "2024-07-23T15:15:03.943", - "lastModified": "2024-07-23T15:15:03.943", + "lastModified": "2024-07-23T16:15:04.797", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -36,6 +36,10 @@ ] }, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/23/1", + "source": "security-officer@isc.org" + }, { "url": "https://kb.isc.org/docs/cve-2024-1975", "source": "security-officer@isc.org" diff --git a/CVE-2024/CVE-2024-20xx/CVE-2024-2092.json b/CVE-2024/CVE-2024-20xx/CVE-2024-2092.json index 657a06143de..a349c42b3b5 100644 --- a/CVE-2024/CVE-2024-20xx/CVE-2024-2092.json +++ b/CVE-2024/CVE-2024-20xx/CVE-2024-2092.json @@ -2,8 +2,8 @@ "id": "CVE-2024-2092", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-12T10:15:30.410", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-07-23T17:14:41.963", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", @@ -39,18 +59,57 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpvibes:elementor_addon_elements:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.13.4", + "matchCriteriaId": "97ADFE32-D627-46E4-BA27-2B48835CE727" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/twitter/widgets/twitter.php#L712", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3077362%40addon-elements-for-elementor-page-builder%2Ftrunk&old=3058768%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/67790c0b-c078-4955-a175-977a695392fc?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-397xx/CVE-2024-39702.json b/CVE-2024/CVE-2024-397xx/CVE-2024-39702.json new file mode 100644 index 00000000000..88f5502f858 --- /dev/null +++ b/CVE-2024/CVE-2024-397xx/CVE-2024-39702.json @@ -0,0 +1,21 @@ +{ + "id": "CVE-2024-39702", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-07-23T16:15:05.557", + "lastModified": "2024-07-23T16:15:05.557", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the string hashing function (used during string interning) allows HashDoS (Hash Denial of Service) attacks. An attacker could cause excessive resource usage during proxy operations via crafted requests, potentially leading to a denial of service with relatively few incoming requests. This vulnerability only exists in the OpenResty fork in the openresty/luajit2 GitHub repository. The LuaJIT/LuaJIT epository. is unaffected/" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://openresty.org/en/ann-1025003002.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-40xx/CVE-2024-4076.json b/CVE-2024/CVE-2024-40xx/CVE-2024-4076.json index 3aa2e147581..25f622b999e 100644 --- a/CVE-2024/CVE-2024-40xx/CVE-2024-4076.json +++ b/CVE-2024/CVE-2024-40xx/CVE-2024-4076.json @@ -2,7 +2,7 @@ "id": "CVE-2024-4076", "sourceIdentifier": "security-officer@isc.org", "published": "2024-07-23T15:15:05.500", - "lastModified": "2024-07-23T15:15:05.500", + "lastModified": "2024-07-23T16:15:06.287", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -36,6 +36,10 @@ ] }, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/23/1", + "source": "security-officer@isc.org" + }, { "url": "https://kb.isc.org/docs/cve-2024-4076", "source": "security-officer@isc.org" diff --git a/CVE-2024/CVE-2024-411xx/CVE-2024-41178.json b/CVE-2024/CVE-2024-411xx/CVE-2024-41178.json new file mode 100644 index 00000000000..c31d5fa7b0e --- /dev/null +++ b/CVE-2024/CVE-2024-411xx/CVE-2024-41178.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2024-41178", + "sourceIdentifier": "security@apache.org", + "published": "2024-07-23T17:15:12.663", + "lastModified": "2024-07-23T17:15:12.663", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Exposure of temporary credentials in logs\u00a0in Apache Arrow Rust Object Store (`object_store` crate), version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens.\u00a0\n\nOn certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html . This allows someone with access to the logs to impersonate that identity, including performing their own calls to AssumeRoleWithWebIdentity, until the OIDC token expires. Typically OIDC tokens are valid for up to an hour, although this will vary depending on the issuer.\n\nUsers are recommended to use a different AWS authentication mechanism, disable logging or upgrade to version 0.10.2, which fixes this issue.\n\nDetails:\n\nWhen using AWS WebIdentityTokens with the object_store crate, in the event of a failure and automatic retry, the underlying reqwest error, including the full URL with the credentials, potentially in the parameters, is written to the logs.\u00a0\n\nThanks to Paul\u00a0Hatcherian for reporting this vulnerability" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/3t0povdppnt2czv6crlsqhvyko93kcrg", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-413xx/CVE-2024-41314.json b/CVE-2024/CVE-2024-413xx/CVE-2024-41314.json index 0b8be03f6b6..99d779aade0 100644 --- a/CVE-2024/CVE-2024-413xx/CVE-2024-41314.json +++ b/CVE-2024/CVE-2024-413xx/CVE-2024-41314.json @@ -2,17 +2,25 @@ "id": "CVE-2024-41314", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-22T14:15:06.627", - "lastModified": "2024-07-22T14:15:06.627", + "lastModified": "2024-07-23T16:15:05.710", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function." + }, + { + "lang": "es", + "value": " Se descubri\u00f3 que TOTOLINK A6000R V1.0.1-B20201211.2000 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro iface en la funci\u00f3n vif_disable." } ], "metrics": {}, "references": [ + { + "url": "https://gist.github.com/yanggao017/8593748d4e2de1582344b4035b2456c6", + "source": "cve@mitre.org" + }, { "url": "https://github.com/yanggao017/vuln/blob/main/TOTOLINK/A6000R/CI_1_vif_disable/README.md", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-413xx/CVE-2024-41315.json b/CVE-2024/CVE-2024-413xx/CVE-2024-41315.json index 3d99f559ed7..c4dfcee0ba3 100644 --- a/CVE-2024/CVE-2024-413xx/CVE-2024-41315.json +++ b/CVE-2024/CVE-2024-413xx/CVE-2024-41315.json @@ -2,17 +2,25 @@ "id": "CVE-2024-41315", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-22T14:15:06.693", - "lastModified": "2024-07-22T14:15:06.693", + "lastModified": "2024-07-23T16:15:05.773", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function." + }, + { + "lang": "es", + "value": " Se descubri\u00f3 que TOTOLINK A6000R V1.0.1-B20201211.2000 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro ifname en la funci\u00f3n apcli_do_enr_pin_wps." } ], "metrics": {}, "references": [ + { + "url": "https://gist.github.com/yanggao017/add8d85589614d09e3e8ccb1fb335f64", + "source": "cve@mitre.org" + }, { "url": "https://github.com/yanggao017/vuln/blob/main/TOTOLINK/A6000R/CI_4_apcli_do_enr_pin_wps/README.md", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-413xx/CVE-2024-41316.json b/CVE-2024/CVE-2024-413xx/CVE-2024-41316.json index 47dddcc689f..25560d3c5b9 100644 --- a/CVE-2024/CVE-2024-413xx/CVE-2024-41316.json +++ b/CVE-2024/CVE-2024-413xx/CVE-2024-41316.json @@ -2,17 +2,25 @@ "id": "CVE-2024-41316", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-22T14:15:06.757", - "lastModified": "2024-07-22T14:15:06.757", + "lastModified": "2024-07-23T16:15:05.843", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function." + }, + { + "lang": "es", + "value": " Se descubri\u00f3 que TOTOLINK A6000R V1.0.1-B20201211.2000 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro ifname en la funci\u00f3n apcli_cancel_wps." } ], "metrics": {}, "references": [ + { + "url": "https://gist.github.com/yanggao017/690f3e4b5045bbdf1209baa30fb53065", + "source": "cve@mitre.org" + }, { "url": "https://github.com/yanggao017/vuln/blob/main/TOTOLINK/A6000R/CI_2_apcli_cancel_wps/README.md", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-413xx/CVE-2024-41317.json b/CVE-2024/CVE-2024-413xx/CVE-2024-41317.json index 6a92a07854b..e9a3fe73516 100644 --- a/CVE-2024/CVE-2024-413xx/CVE-2024-41317.json +++ b/CVE-2024/CVE-2024-413xx/CVE-2024-41317.json @@ -2,17 +2,25 @@ "id": "CVE-2024-41317", "sourceIdentifier": "cve@mitre.org", "published": "2024-07-22T14:15:06.817", - "lastModified": "2024-07-22T14:15:06.817", + "lastModified": "2024-07-23T16:15:05.910", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", "value": "TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function." + }, + { + "lang": "es", + "value": " Se descubri\u00f3 que TOTOLINK A6000R V1.0.1-B20201211.2000 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro ifname en la funci\u00f3n apcli_do_enr_pbc_wps." } ], "metrics": {}, "references": [ + { + "url": "https://gist.github.com/yanggao017/8b7a567996f1986ac9fb3ab427c59227", + "source": "cve@mitre.org" + }, { "url": "https://github.com/yanggao017/vuln/blob/main/TOTOLINK/A6000R/CI_3_apcli_do_enr_pbc_wps/README.md", "source": "cve@mitre.org" diff --git a/CVE-2024/CVE-2024-416xx/CVE-2024-41663.json b/CVE-2024/CVE-2024-416xx/CVE-2024-41663.json new file mode 100644 index 00000000000..9f7bb7c1c9e --- /dev/null +++ b/CVE-2024/CVE-2024-416xx/CVE-2024-41663.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-41663", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-23T16:15:06.070", + "lastModified": "2024-07-23T16:15:06.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Canarytokens help track activity and actions on a network. A Cross-Site Scripting vulnerability was identified in the \"Cloned Website\" Canarytoken, whereby the Canarytoken's creator can attack themselves. The creator of a slow-redirect Canarytoken can insert Javascript into the destination URL of their slow redirect token. When the creator later browses the management page for their own Canarytoken, the Javascript executes. This is a self-XSS. An attacker could create a Canarytoken with this self-XSS, and send the management link to a victim. When they click on it, the Javascript would execute. However, no sensitive information (ex. session information) will be disclosed to the malicious actor. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after `sha-097d91a`." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thinkst/canarytokens/security/advisories/GHSA-xj9h-3j9c-c95h", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-416xx/CVE-2024-41664.json b/CVE-2024/CVE-2024-416xx/CVE-2024-41664.json new file mode 100644 index 00000000000..dfa62aa3ebf --- /dev/null +++ b/CVE-2024/CVE-2024-416xx/CVE-2024-41664.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-41664", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-07-23T17:15:12.767", + "lastModified": "2024-07-23T17:15:12.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Canarytokens help track activity and actions on a network. Prior to `sha-8ea5315`, Canarytokens.org was vulnerable to a blind SSRF in the Webhook alert feature. When a Canarytoken is created, users choose to receive alerts either via email or via a webhook. If a webhook is supplied when a Canarytoken is first created, the site will make a test request to the supplied URL to ensure it accepts alert notification HTTP requests. No safety checks were performed on the URL, leading to a Server-Side Request Forgery vulnerability. The SSRF is Blind because the content of the response is not displayed to the creating user; they are simply told whether an error occurred in making the test request. Using the Blind SSRF, it was possible to map out open ports for IPs inside the Canarytokens.org infrastructure. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after `sha-097d91a`." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thinkst/canarytokens/security/advisories/GHSA-g6h5-pf7p-qmvj", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-44xx/CVE-2024-4467.json b/CVE-2024/CVE-2024-44xx/CVE-2024-4467.json index 0020822315a..8d7f9869d72 100644 --- a/CVE-2024/CVE-2024-44xx/CVE-2024-4467.json +++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4467.json @@ -2,7 +2,7 @@ "id": "CVE-2024-4467", "sourceIdentifier": "secalert@redhat.com", "published": "2024-07-02T16:15:05.423", - "lastModified": "2024-07-23T15:15:05.720", + "lastModified": "2024-07-23T16:15:06.377", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -52,6 +52,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/23/2", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2024:4276", "source": "secalert@redhat.com" diff --git a/CVE-2024/CVE-2024-48xx/CVE-2024-4845.json b/CVE-2024/CVE-2024-48xx/CVE-2024-4845.json index bfc6efff1a0..da9f272f877 100644 --- a/CVE-2024/CVE-2024-48xx/CVE-2024-4845.json +++ b/CVE-2024/CVE-2024-48xx/CVE-2024-4845.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4845", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-12T10:15:31.583", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-07-23T17:23:41.597", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,14 +39,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:icegram:icegram_express:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "5.7.23", + "matchCriteriaId": "086D4D16-3819-40A5-8EC2-A31D320F2724" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/3098321/email-subscribers", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21be2215-8ce0-438e-94e0-6a350b8cc952?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-48xx/CVE-2024-4898.json b/CVE-2024/CVE-2024-48xx/CVE-2024-4898.json index f390a68bac1..dbceab24c58 100644 --- a/CVE-2024/CVE-2024-48xx/CVE-2024-4898.json +++ b/CVE-2024/CVE-2024-48xx/CVE-2024-4898.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4898", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-12T11:15:50.907", - "lastModified": "2024-06-13T18:36:09.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-07-23T17:50:44.033", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -39,14 +39,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "0.1.0.39", + "matchCriteriaId": "66DB2CB9-8164-4EAF-ABFF-14E11FC7B2E0" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.1.0.38/includes/class-instawp-rest-api.php#L926", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/92a00fb4-7b50-43fd-ac04-5d6e29336e9c?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-56xx/CVE-2024-5663.json b/CVE-2024/CVE-2024-56xx/CVE-2024-5663.json index f2a73566302..ee8154f7fa8 100644 --- a/CVE-2024/CVE-2024-56xx/CVE-2024-5663.json +++ b/CVE-2024/CVE-2024-56xx/CVE-2024-5663.json @@ -2,8 +2,8 @@ "id": "CVE-2024-5663", "sourceIdentifier": "security@wordfence.com", "published": "2024-06-08T03:15:48.020", - "lastModified": "2024-06-10T02:52:08.267", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-07-23T17:55:19.843", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -18,8 +18,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", @@ -39,22 +59,64 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ultimateaddons:cards_for_beaver_builder:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.4", + "matchCriteriaId": "DDA3C1BE-9399-44B3-8A5B-111E70F12C59" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/bb-bootstrap-cards/trunk/bb-bootstrap-cards-module/includes/frontend.php#L13", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3099081%40bb-bootstrap-cards&new=3099081%40bb-bootstrap-cards&sfp_email=&sfph_mail=#file4", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://wordpress.org/plugins/bb-bootstrap-cards/#developers", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/55ff923e-9d04-4ce7-b6d6-165fa4fc5433?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-67xx/CVE-2024-6714.json b/CVE-2024/CVE-2024-67xx/CVE-2024-6714.json new file mode 100644 index 00000000000..499343b3e74 --- /dev/null +++ b/CVE-2024/CVE-2024-67xx/CVE-2024-6714.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-6714", + "sourceIdentifier": "security@ubuntu.com", + "published": "2024-07-23T16:15:06.543", + "lastModified": "2024-07-23T16:15:06.543", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.0, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://bugs.launchpad.net/ubuntu/+source/provd/+bug/2071574", + "source": "security@ubuntu.com" + }, + { + "url": "https://github.com/canonical/ubuntu-desktop-provision/commit/8d9086de0f82894ff27a9e429ff4f45231020092", + "source": "security@ubuntu.com" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-6714", + "source": "security@ubuntu.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 3431cf90837..a463db4bdb8 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-07-23T16:00:16.909196+00:00 +2024-07-23T18:00:17.703525+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-07-23T15:53:16.620000+00:00 +2024-07-23T17:55:19.843000+00:00 ``` ### Last Data Feed Release @@ -33,50 +33,42 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -257841 +257846 ``` ### CVEs added in the last Commit -Recently added CVEs: `12` +Recently added CVEs: `5` -- [CVE-2024-0760](CVE-2024/CVE-2024-07xx/CVE-2024-0760.json) (`2024-07-23T15:15:03.520`) -- [CVE-2024-1737](CVE-2024/CVE-2024-17xx/CVE-2024-1737.json) (`2024-07-23T15:15:03.740`) -- [CVE-2024-1975](CVE-2024/CVE-2024-19xx/CVE-2024-1975.json) (`2024-07-23T15:15:03.943`) -- [CVE-2024-40060](CVE-2024/CVE-2024-400xx/CVE-2024-40060.json) (`2024-07-23T15:15:04.810`) -- [CVE-2024-4076](CVE-2024/CVE-2024-40xx/CVE-2024-4076.json) (`2024-07-23T15:15:05.500`) -- [CVE-2024-4079](CVE-2024/CVE-2024-40xx/CVE-2024-4079.json) (`2024-07-23T14:15:14.353`) -- [CVE-2024-4080](CVE-2024/CVE-2024-40xx/CVE-2024-4080.json) (`2024-07-23T14:15:14.590`) -- [CVE-2024-4081](CVE-2024/CVE-2024-40xx/CVE-2024-4081.json) (`2024-07-23T14:15:14.837`) -- [CVE-2024-41319](CVE-2024/CVE-2024-413xx/CVE-2024-41319.json) (`2024-07-23T15:15:05.050`) -- [CVE-2024-41655](CVE-2024/CVE-2024-416xx/CVE-2024-41655.json) (`2024-07-23T15:15:05.207`) -- [CVE-2024-5602](CVE-2024/CVE-2024-56xx/CVE-2024-5602.json) (`2024-07-23T14:15:15.077`) -- [CVE-2024-6783](CVE-2024/CVE-2024-67xx/CVE-2024-6783.json) (`2024-07-23T15:15:06.210`) +- [CVE-2024-39702](CVE-2024/CVE-2024-397xx/CVE-2024-39702.json) (`2024-07-23T16:15:05.557`) +- [CVE-2024-41178](CVE-2024/CVE-2024-411xx/CVE-2024-41178.json) (`2024-07-23T17:15:12.663`) +- [CVE-2024-41663](CVE-2024/CVE-2024-416xx/CVE-2024-41663.json) (`2024-07-23T16:15:06.070`) +- [CVE-2024-41664](CVE-2024/CVE-2024-416xx/CVE-2024-41664.json) (`2024-07-23T17:15:12.767`) +- [CVE-2024-6714](CVE-2024/CVE-2024-67xx/CVE-2024-6714.json) (`2024-07-23T16:15:06.543`) ### CVEs modified in the last Commit -Recently modified CVEs: `19` +Recently modified CVEs: `18` -- [CVE-2022-48852](CVE-2022/CVE-2022-488xx/CVE-2022-48852.json) (`2024-07-23T15:53:16.620`) -- [CVE-2022-48854](CVE-2022/CVE-2022-488xx/CVE-2022-48854.json) (`2024-07-23T15:26:31.407`) -- [CVE-2022-48855](CVE-2022/CVE-2022-488xx/CVE-2022-48855.json) (`2024-07-23T15:23:59.303`) -- [CVE-2022-48856](CVE-2022/CVE-2022-488xx/CVE-2022-48856.json) (`2024-07-23T15:11:32.597`) -- [CVE-2022-48857](CVE-2022/CVE-2022-488xx/CVE-2022-48857.json) (`2024-07-23T15:08:36.157`) -- [CVE-2022-48858](CVE-2022/CVE-2022-488xx/CVE-2022-48858.json) (`2024-07-23T15:07:49.103`) -- [CVE-2022-48859](CVE-2022/CVE-2022-488xx/CVE-2022-48859.json) (`2024-07-23T15:02:52.540`) -- [CVE-2022-48860](CVE-2022/CVE-2022-488xx/CVE-2022-48860.json) (`2024-07-23T15:02:09.747`) -- [CVE-2022-48861](CVE-2022/CVE-2022-488xx/CVE-2022-48861.json) (`2024-07-23T14:51:36.307`) -- [CVE-2022-48862](CVE-2022/CVE-2022-488xx/CVE-2022-48862.json) (`2024-07-23T14:49:56.077`) -- [CVE-2022-48863](CVE-2022/CVE-2022-488xx/CVE-2022-48863.json) (`2024-07-23T14:47:41.200`) -- [CVE-2022-48864](CVE-2022/CVE-2022-488xx/CVE-2022-48864.json) (`2024-07-23T14:44:00.093`) -- [CVE-2022-48865](CVE-2022/CVE-2022-488xx/CVE-2022-48865.json) (`2024-07-23T14:42:20.300`) -- [CVE-2022-48866](CVE-2022/CVE-2022-488xx/CVE-2022-48866.json) (`2024-07-23T14:36:54.493`) -- [CVE-2023-29581](CVE-2023/CVE-2023-295xx/CVE-2023-29581.json) (`2024-07-23T15:15:03.180`) -- [CVE-2024-41318](CVE-2024/CVE-2024-413xx/CVE-2024-41318.json) (`2024-07-23T15:15:04.973`) -- [CVE-2024-41320](CVE-2024/CVE-2024-413xx/CVE-2024-41320.json) (`2024-07-23T15:15:05.133`) -- [CVE-2024-4467](CVE-2024/CVE-2024-44xx/CVE-2024-4467.json) (`2024-07-23T15:15:05.720`) -- [CVE-2024-6409](CVE-2024/CVE-2024-64xx/CVE-2024-6409.json) (`2024-07-23T15:15:06.010`) +- [CVE-2022-48849](CVE-2022/CVE-2022-488xx/CVE-2022-48849.json) (`2024-07-23T17:09:44.370`) +- [CVE-2022-48850](CVE-2022/CVE-2022-488xx/CVE-2022-48850.json) (`2024-07-23T17:06:58.507`) +- [CVE-2022-48851](CVE-2022/CVE-2022-488xx/CVE-2022-48851.json) (`2024-07-23T17:03:30.303`) +- [CVE-2022-48853](CVE-2022/CVE-2022-488xx/CVE-2022-48853.json) (`2024-07-23T17:05:11.353`) +- [CVE-2024-0760](CVE-2024/CVE-2024-07xx/CVE-2024-0760.json) (`2024-07-23T16:15:04.620`) +- [CVE-2024-1737](CVE-2024/CVE-2024-17xx/CVE-2024-1737.json) (`2024-07-23T16:15:04.713`) +- [CVE-2024-1766](CVE-2024/CVE-2024-17xx/CVE-2024-1766.json) (`2024-07-23T17:11:08.703`) +- [CVE-2024-1975](CVE-2024/CVE-2024-19xx/CVE-2024-1975.json) (`2024-07-23T16:15:04.797`) +- [CVE-2024-2092](CVE-2024/CVE-2024-20xx/CVE-2024-2092.json) (`2024-07-23T17:14:41.963`) +- [CVE-2024-4076](CVE-2024/CVE-2024-40xx/CVE-2024-4076.json) (`2024-07-23T16:15:06.287`) +- [CVE-2024-41314](CVE-2024/CVE-2024-413xx/CVE-2024-41314.json) (`2024-07-23T16:15:05.710`) +- [CVE-2024-41315](CVE-2024/CVE-2024-413xx/CVE-2024-41315.json) (`2024-07-23T16:15:05.773`) +- [CVE-2024-41316](CVE-2024/CVE-2024-413xx/CVE-2024-41316.json) (`2024-07-23T16:15:05.843`) +- [CVE-2024-41317](CVE-2024/CVE-2024-413xx/CVE-2024-41317.json) (`2024-07-23T16:15:05.910`) +- [CVE-2024-4467](CVE-2024/CVE-2024-44xx/CVE-2024-4467.json) (`2024-07-23T16:15:06.377`) +- [CVE-2024-4845](CVE-2024/CVE-2024-48xx/CVE-2024-4845.json) (`2024-07-23T17:23:41.597`) +- [CVE-2024-4898](CVE-2024/CVE-2024-48xx/CVE-2024-4898.json) (`2024-07-23T17:50:44.033`) +- [CVE-2024-5663](CVE-2024/CVE-2024-56xx/CVE-2024-5663.json) (`2024-07-23T17:55:19.843`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 3736b0dfd12..908b4513f3a 100644 --- a/_state.csv +++ b/_state.csv @@ -212304,26 +212304,26 @@ CVE-2022-48845,0,0,d0d8bacbeaadac4ed574e80a459dd1290ff1feb09770c0ae5c1cd2a3d3faf CVE-2022-48846,0,0,5b536048413f3ce6f025fdac2c3c054abdb7d8cefc6a66f73cdd3fd5697d8307,2024-07-16T13:43:58.773000 CVE-2022-48847,0,0,6aa2e1020638a4c62eafe843c87a74398d07166164dc423a3d56b54837905510,2024-07-16T13:43:58.773000 CVE-2022-48848,0,0,dddd50c7eb3950aedfa7f0bc6fff70798586a1d9cd7fd2eaab41c9613bba7dd0,2024-07-16T13:43:58.773000 -CVE-2022-48849,0,0,3ab46846ef9692112d2f6a1016acfa952d10d22e2ebd53ba9f4366d9d5f5d537,2024-07-16T13:43:58.773000 +CVE-2022-48849,0,1,016c5643058b7be64f2fc414ce9f20639993c67d73cb205d7d7633710ee6dbd2,2024-07-23T17:09:44.370000 CVE-2022-4885,0,0,6dfd3bcc205acf11a6a336fd859c715f78ad0d5c5de19658ba0e65de5d18469e,2024-05-17T02:17:01.360000 -CVE-2022-48850,0,0,805256e0a07edb33d3d0df8007d620a7f657bb4f55179941872a2a5b20243879,2024-07-16T13:43:58.773000 -CVE-2022-48851,0,0,88694c829f2b140549d3ab2d55143598fae04692031fc05266bf8333d09f0369,2024-07-16T13:43:58.773000 -CVE-2022-48852,0,1,23a898d7c7e573fa2a0620931872937d0b6e5fe3cc9c89934a123678ca7997e4,2024-07-23T15:53:16.620000 -CVE-2022-48853,0,0,7fdb9f2d505b9801c358a79b529ed6bde7131f7ad8078d1472d6fbd75a89cc07,2024-07-16T13:43:58.773000 -CVE-2022-48854,0,1,84d72ee43bdc8bc90080f7760c75fc6b54e0c0e9fbbe4f5f7c172dd332053185,2024-07-23T15:26:31.407000 -CVE-2022-48855,0,1,8184a2b8e473bb37a6c0bbe6dc654b20d1cf4672d6e709641902a3801007c03f,2024-07-23T15:23:59.303000 -CVE-2022-48856,0,1,69627a4291fac482d879733ac9d780fcb3e7bd33912f75e12316ce911f4a7311,2024-07-23T15:11:32.597000 -CVE-2022-48857,0,1,34b6164763cd6a68c0a6002e1d3d213cdedcf8437cad8d4ea6b8e657200a6e39,2024-07-23T15:08:36.157000 -CVE-2022-48858,0,1,fb6ff58be2ebb22a4508bb7730dba181f9b242e9fd34699133a6cacd8b66d1c0,2024-07-23T15:07:49.103000 -CVE-2022-48859,0,1,70d41ff4c5e34ed24bd3832eec99a0fe09edaff6eb8c00d58efe17b5d3511229,2024-07-23T15:02:52.540000 +CVE-2022-48850,0,1,458c421742def3a2b68d612e2bbd387d1c2395caa97d294537edd4740d1826d1,2024-07-23T17:06:58.507000 +CVE-2022-48851,0,1,6c105e0ede56c26517e7ce0531135f9e44e397ea83568b83cb5c55edc176b577,2024-07-23T17:03:30.303000 +CVE-2022-48852,0,0,23a898d7c7e573fa2a0620931872937d0b6e5fe3cc9c89934a123678ca7997e4,2024-07-23T15:53:16.620000 +CVE-2022-48853,0,1,d21537475e6c928610889db61db4abb63fc0b607ec970ac744ded03bf16946a9,2024-07-23T17:05:11.353000 +CVE-2022-48854,0,0,84d72ee43bdc8bc90080f7760c75fc6b54e0c0e9fbbe4f5f7c172dd332053185,2024-07-23T15:26:31.407000 +CVE-2022-48855,0,0,8184a2b8e473bb37a6c0bbe6dc654b20d1cf4672d6e709641902a3801007c03f,2024-07-23T15:23:59.303000 +CVE-2022-48856,0,0,69627a4291fac482d879733ac9d780fcb3e7bd33912f75e12316ce911f4a7311,2024-07-23T15:11:32.597000 +CVE-2022-48857,0,0,34b6164763cd6a68c0a6002e1d3d213cdedcf8437cad8d4ea6b8e657200a6e39,2024-07-23T15:08:36.157000 +CVE-2022-48858,0,0,fb6ff58be2ebb22a4508bb7730dba181f9b242e9fd34699133a6cacd8b66d1c0,2024-07-23T15:07:49.103000 +CVE-2022-48859,0,0,70d41ff4c5e34ed24bd3832eec99a0fe09edaff6eb8c00d58efe17b5d3511229,2024-07-23T15:02:52.540000 CVE-2022-4886,0,0,e42990ffb743b6c6f14b952ff7ce95d12501834b779ed69d6232e165ff6a1e65,2024-03-07T17:15:09.470000 -CVE-2022-48860,0,1,c5a87242019a95e5f4363a5bd126e2959e21726237d09087289cfb79660fb35c,2024-07-23T15:02:09.747000 -CVE-2022-48861,0,1,a2b2770bf1e7c4d07ff53f784185b00aea1b78fe56475ddbecb516a73fee4e4c,2024-07-23T14:51:36.307000 -CVE-2022-48862,0,1,0345e9275650d1642626668702535bf44938b1d4b99e150f80c523ab30110656,2024-07-23T14:49:56.077000 -CVE-2022-48863,0,1,0b99b60ca586a6da4e957e9e6764f579d04f3de517666b5d23308eb74a0327d4,2024-07-23T14:47:41.200000 -CVE-2022-48864,0,1,20a93d8c717514ed3619da6525932e50b688bd0d476c290094d596cb506d7b10,2024-07-23T14:44:00.093000 -CVE-2022-48865,0,1,131f2466a64b0e56f3543f09aa08c5ba9a2688ed851b0bd16452f38d0b32c199,2024-07-23T14:42:20.300000 -CVE-2022-48866,0,1,dd9632abea944a27af10a71970d4f3466ac4d00c77d7597d39b4974e89d54588,2024-07-23T14:36:54.493000 +CVE-2022-48860,0,0,c5a87242019a95e5f4363a5bd126e2959e21726237d09087289cfb79660fb35c,2024-07-23T15:02:09.747000 +CVE-2022-48861,0,0,a2b2770bf1e7c4d07ff53f784185b00aea1b78fe56475ddbecb516a73fee4e4c,2024-07-23T14:51:36.307000 +CVE-2022-48862,0,0,0345e9275650d1642626668702535bf44938b1d4b99e150f80c523ab30110656,2024-07-23T14:49:56.077000 +CVE-2022-48863,0,0,0b99b60ca586a6da4e957e9e6764f579d04f3de517666b5d23308eb74a0327d4,2024-07-23T14:47:41.200000 +CVE-2022-48864,0,0,20a93d8c717514ed3619da6525932e50b688bd0d476c290094d596cb506d7b10,2024-07-23T14:44:00.093000 +CVE-2022-48865,0,0,131f2466a64b0e56f3543f09aa08c5ba9a2688ed851b0bd16452f38d0b32c199,2024-07-23T14:42:20.300000 +CVE-2022-48866,0,0,dd9632abea944a27af10a71970d4f3466ac4d00c77d7597d39b4974e89d54588,2024-07-23T14:36:54.493000 CVE-2022-4888,0,0,b679e23092f1369239dc0dfe1d4aeef981e952b9db5ffb43ed815e206bd3f53d,2023-11-07T03:59:13.600000 CVE-2022-4889,0,0,e28145e6bac3566714c615b828c485e97008b42961c16fdc8c566e13678a4601,2024-05-17T02:17:01.537000 CVE-2022-4890,0,0,6681cfa53e1bf5f370bc8c8bc62693e3d5b22cda3aa6b9f40531dae97a716dfa,2024-05-17T02:17:01.647000 @@ -222243,7 +222243,7 @@ CVE-2023-29578,0,0,f58e4cfe2bbcf81a350d059842ea4d6c6b04838d2651111cf3d4585298dbd CVE-2023-29579,0,0,28468ff69e9a6557c02253ea7ed3570181d5c8845f1afa1cba907ee0ab5a3415,2024-05-17T02:22:27.113000 CVE-2023-2958,0,0,85f829d96608f899deea4dfc15649f90f7aef4944e1dbf6338c275a5e763dd22,2023-07-31T17:46:45.333000 CVE-2023-29580,0,0,6dcf1674dbda7f5e1025e60d0e9fe8e3ba7fec96d7027bf837157aa4720b4ffe,2023-04-21T14:52:34.300000 -CVE-2023-29581,0,1,191da2ffd387fca064afbbd65bcc1e3bfa7f52ee0c8a4afc777f1d480719eb42,2024-07-23T15:15:03.180000 +CVE-2023-29581,0,0,191da2ffd387fca064afbbd65bcc1e3bfa7f52ee0c8a4afc777f1d480719eb42,2024-07-23T15:15:03.180000 CVE-2023-29582,0,0,3804170943994ec102d49d2f6ce51e0be5c75778178b33a939af6fa77d114ee3,2024-05-17T02:22:27.343000 CVE-2023-29583,0,0,bc016245907014284b4cad7297e49fec4175de71ef513e961e881c519db255d9,2024-07-18T18:15:05.047000 CVE-2023-29584,0,0,831cddac2cd925bf62dea9fe091ac0aeef558699a444ef91f6c61edb2e4d84e8,2023-04-19T19:28:11.347000 @@ -241475,7 +241475,7 @@ CVE-2024-0756,0,0,b74435a4e5e1d4f3b3a4ce7f115d91d803212fb6f57df8fa4a2fa8d8698a38 CVE-2024-0757,0,0,82f1d5fe239632b077ccabeaf1b70c316c565ea22ca5e26cba66c98605a2ac8c,2024-06-04T16:57:41.053000 CVE-2024-0758,0,0,fc97ebc5b04803b57ecd71df236ee98d87d4a211b2215bb34049825cdbd967a6,2024-01-26T17:00:10.607000 CVE-2024-0759,0,0,1f29bc7ec90b9be141ba5df168c832467834f0104b9d12619d749a3c91302f63,2024-03-07T20:15:50.480000 -CVE-2024-0760,1,1,8db13b8ad7f269d6c10205fd6f4b44d6dac0fa16737bb6c125818141fbebd16e,2024-07-23T15:15:03.520000 +CVE-2024-0760,0,1,8105c8416b50506009b355699668dee4859403b64711173a887ee0291d0a1145,2024-07-23T16:15:04.620000 CVE-2024-0761,0,0,b79031e86661bd45f67f34e880253c63ee13d5042f1a53406b385d1b1dffaecd,2024-02-13T17:16:46.780000 CVE-2024-0762,0,0,81ad586535781fa8baa3508ec280780590072000f5a50fe32a89e5b366d40ac6,2024-06-21T10:15:10.580000 CVE-2024-0763,0,0,5db758bc3605bfbe323fa32ed26d84a2f001f92484a51218ea35fbdc0710d446,2024-02-28T14:06:45.783000 @@ -242369,7 +242369,7 @@ CVE-2024-1732,0,0,834564798b34803457a0ec9cad4eefb5bcc466f88b5c86130580cd8ef81bdf CVE-2024-1733,0,0,1de98e53179418755768544ec663a550e1c566834940320a34ae086f141e0f3f,2024-03-17T22:38:29.433000 CVE-2024-1735,0,0,3dcff7ae67c98fab6233fc660b83fa45dc36cbd0301a4874decf976f37ddb465,2024-06-12T08:15:50.043000 CVE-2024-1736,0,0,a622ca00070de7a96b73d1a11c2dcf2634e69d5606345f8f86e99a97ccacdaf4,2024-07-18T19:50:31.223000 -CVE-2024-1737,1,1,50e1de2fbf8ce4a27262d5446addc001b1cb9798d9bb03b6baf537a2ab0f47d0,2024-07-23T15:15:03.740000 +CVE-2024-1737,0,1,800111f0aa4745b9ce36cd934896a6a79c8a3bc8bbffe5c389a9c2f5ecec8083,2024-07-23T16:15:04.713000 CVE-2024-1738,0,0,65086d20a025a8acdbd054263ca4cd14eb5b5ba61d808610c94ef2eec44edd2f,2024-05-15T16:15:09.807000 CVE-2024-1739,0,0,0f6aa88dfc12de7693a69727eb574af9b67e4c54140ec3c21c30b657e8fcbacf,2024-07-03T01:45:31.133000 CVE-2024-1740,0,0,974b4647e97273950b6a297affa420d08f59acef309aa37814c6598a456898d5,2024-04-10T19:49:51.183000 @@ -242395,7 +242395,7 @@ CVE-2024-1762,0,0,241c7a4fe5773bd8189555a83e4536d2b4e1748a4105b5b95d2cba9449227d CVE-2024-1763,0,0,17aff713db2b70dc093b8a200b0b0cba051dc67d06bec9cbd58eb78aaa729d06,2024-03-13T18:15:58.530000 CVE-2024-1764,0,0,738ad87d60294ab476866e630e3fc0cf64eea72d083d756f17aaf78f284eadf2,2024-03-06T15:18:08.093000 CVE-2024-1765,0,0,f39dadb643a5bec889d884a7eb993100eaca0427da6a70914fd30f53f03c22b8,2024-03-13T12:33:51.697000 -CVE-2024-1766,0,0,adebaa53d28c88fddae1f754dffc1674e1a6785644ffcc75e1589223a9dbc0d5,2024-06-13T18:36:09.010000 +CVE-2024-1766,0,1,38f0912b19b4ee9ae81b53676b6e5830e7b55be1b35b37ee84ae1276afe50dd7,2024-07-23T17:11:08.703000 CVE-2024-1767,0,0,7395c2b7d4a729a5785affef03d9683ff7403cf9fad3e379a92eafa2f471ac9a,2024-03-11T01:32:39.697000 CVE-2024-1768,0,0,a13452c7baf7ba94c369fdae54594bf85d851a04306fc375c630d83151591a76,2024-06-07T14:56:05.647000 CVE-2024-1769,0,0,04498df6e589468446e1a8a9f44ebbdc8bbfb71dd20b9576ca4eef8a5490a2f5,2024-03-05T13:41:01.900000 @@ -242590,7 +242590,7 @@ CVE-2024-1971,0,0,0d9cb5107f1036f4f23265da8dd7b2bd2dcf4479650a723be6560fae09ba01 CVE-2024-1972,0,0,2560881ff7431f691f7bc00728ec8a23e2620398774dabc33f53c4508cee2e65,2024-05-17T02:35:43.363000 CVE-2024-1973,0,0,626b2f0735da4862b031577cf6d60a60bb435d6eef085a140fda3327fd09bd68,2024-03-26T12:55:05.010000 CVE-2024-1974,0,0,dc475e5db2810e48258099e8096a48a8d4eea51b1241d562afef1cfd4323c64d,2024-04-10T13:23:38.787000 -CVE-2024-1975,1,1,cadbd901de2ace2a148bf8f100f196c984a63646db6a36e7b91cf6667529ce88,2024-07-23T15:15:03.943000 +CVE-2024-1975,0,1,f8e48c48ca9653e070745c933b045525bfa64c87797ea477b65a6ae3d8d7f41a,2024-07-23T16:15:04.797000 CVE-2024-1976,0,0,c42fde98a9f4f021d37eae05be5cdd6a425eba391cce3b7b3b2e8b240d70bd79,2024-02-29T13:49:29.390000 CVE-2024-1977,0,0,f4c93cb09e0dd632ab410c1ff88e1a572fb17d35be648b109a192a65dc30f9e6,2024-02-29T13:49:29.390000 CVE-2024-1978,0,0,194a996e86c18d7c40d1315b29a524d0f48e8a7d042ccb89cd8a2a6beb64d004,2024-02-29T13:49:29.390000 @@ -243128,7 +243128,7 @@ CVE-2024-20916,0,0,fa25cd13f1d5003a9402bf8b2824fbe225d800b2b894fa3cbba3f37644aef CVE-2024-20917,0,0,37f0a6f3072e154209fa0b525163e16beb6132ec70453564082c0061952fa7d2,2024-02-20T19:51:05.510000 CVE-2024-20918,0,0,1f8b1c5c8f27f2bbdd35361436e307f2eb12e55549bc074707cb3c0855b1a1a5,2024-02-15T03:18:09.407000 CVE-2024-20919,0,0,f32b38df4be8d406125d20b81a0a36fea655b3c9d080af0ec28f80feefd5b5f5,2024-02-20T19:51:05.510000 -CVE-2024-2092,0,0,c5ffe7a0b55795ee8d047bf814ffde4290b9441b8125f90bdbd06f744d7e7bfb,2024-06-13T18:36:09.010000 +CVE-2024-2092,0,1,a316801cc7dde85dd006820e50100cb21585dd08f10e55e1c16e6ff68463ad93,2024-07-23T17:14:41.963000 CVE-2024-20920,0,0,e5224b5819d600e19158d39255fdf9f912d6ca54cc2923b90758342f5b39cae5,2024-01-20T18:39:46.033000 CVE-2024-20921,0,0,6d239afefd3919dc70929a326530158f46113e1e660a96ac7b33bda4f04c7b47,2024-02-20T19:51:05.510000 CVE-2024-20922,0,0,9dd883413b1ca45dc7c138e52101d4c22dd7eba0af5f925a999c067fb6713829,2024-02-02T17:36:17.387000 @@ -255324,6 +255324,7 @@ CVE-2024-39699,0,0,711bdc17f9c229479a79abf16418d6f303c1d2fb494a38a72ece58a870304 CVE-2024-3970,0,0,91552b239fa9d8e00e56c74ece4dae5720fa4dc9c44897dc0454091791cfe152,2024-05-15T18:35:11.453000 CVE-2024-39700,0,0,c0797f3628df13d0523a3968cdcee9fc6d1644740c750ed207d822c73c9030ad,2024-07-17T13:34:20.520000 CVE-2024-39701,0,0,879aa58f50a7d5b18bfb505718bd80f7c1e443b3ef3725ff1457799d3d8b8189,2024-07-09T18:19:14.047000 +CVE-2024-39702,1,1,5fee3e41b6557578bd760dad4c38cca33259bd9e26ede4e7bfd1b37a453fbf63,2024-07-23T16:15:05.557000 CVE-2024-39704,0,0,1d59c065d69d465eb86bf6114b5299aaf44c728f69d6748df6b6bd65077d4590,2024-07-03T14:32:56.510000 CVE-2024-39705,0,0,91d39f33d5bd2d9618d124407e406b5aefb3921b0f0d526c128476a4653583c8,2024-07-03T02:05:51.507000 CVE-2024-39708,0,0,000cfabacce752db3861ff9f8f3b1c505cd90f739471d05927bcaf43cab3bb6e,2024-06-28T10:27:00.920000 @@ -255450,7 +255451,7 @@ CVE-2024-40039,0,0,e210b5ff95f4cbe50930111bbfa1727a53319595db825c61fbcbca8d251a4 CVE-2024-4005,0,0,980f25dcabac4666d2a5ebf5d973009bd7c7226dd4f2e01aee26b530adf5da1a,2024-06-17T12:42:04.623000 CVE-2024-40051,0,0,20936052b0bb3980011c19c0052b751939b6bec1e8494d2d1b40959208734703,2024-07-22T18:15:03.700000 CVE-2024-4006,0,0,94faf2d168fb54b3d152844d072ec60ae7893cacd318e45ba2a9ad56b250c9d0,2024-04-25T17:25:05.903000 -CVE-2024-40060,1,1,89b016f158367e52ead3b215f86cc8c74da8a245b566cf4ad04fc853d74e6c19,2024-07-23T15:15:04.810000 +CVE-2024-40060,0,0,89b016f158367e52ead3b215f86cc8c74da8a245b566cf4ad04fc853d74e6c19,2024-07-23T15:15:04.810000 CVE-2024-4007,0,0,857ffd215040050c5517e94efdf82e72cc62aae4cfd62acb973d56bcff6e13cd,2024-07-01T16:37:39.040000 CVE-2024-40075,0,0,be1f3a1614eb2c73b3ebf7d6cfcc89f676aefcd3dd81c28d14eaccf6ea1048a3,2024-07-22T19:15:02.867000 CVE-2024-4008,0,0,41ba43cb718e067f099fac417cd6110082f457ea9bc7353b1528141e52f4a2d0,2024-06-18T17:00:01.570000 @@ -255620,13 +255621,13 @@ CVE-2024-40741,0,0,ddd0ff9476ed1ff47a6c6ea90383139e3fceeb76685fa77b077d9f9786ebe CVE-2024-40742,0,0,a7b4d8a63cd84bbed8ae36225a2d630607182f2ae3b73228fc1ab3090889f783,2024-07-11T15:06:29.580000 CVE-2024-4075,0,0,29d19ea935c989efa2e770180ba61eb06fe49f0b181d6d812a7498d3145b983a,2024-05-17T02:40:15.170000 CVE-2024-40750,0,0,123c568c4a271c6bb023f9091df0f00fec1f937f3d0585148d7948581d7b9455,2024-07-11T13:06:13.187000 -CVE-2024-4076,1,1,ca2ab25a79ea4503d987d7077915c8c87516cd03df00ab1b5497ea0e7b0bf5ae,2024-07-23T15:15:05.500000 +CVE-2024-4076,0,1,c3f4da0ebbad513f4d6376f9fec9325c5fc08f473d80236741b20cd14dc865c8,2024-07-23T16:15:06.287000 CVE-2024-40764,0,0,31190fa168623fbefe72005739844174b20afc4fdab83062110ac517be35c6d0,2024-07-18T12:28:43.707000 CVE-2024-4077,0,0,d4f08c4fa42913c8d00f3fecbe96233f1448e9383bf97ebcbeca4cc0f2c8ae2b,2024-04-25T13:18:02.660000 CVE-2024-4078,0,0,4f6a573d2d42430a81000704c37318a2f1d7afadf71bcba45d97fec5f925233f,2024-05-16T13:03:05.353000 -CVE-2024-4079,1,1,99209b6b51eaa8a9d90cd12f677c7e30b866cd2c9ada6d13befa76362cf63168,2024-07-23T14:15:14.353000 -CVE-2024-4080,1,1,560bae462fb211eddacf035e8ddd7895f21fc7d0d5fb7308ab290c999a3d58c7,2024-07-23T14:15:14.590000 -CVE-2024-4081,1,1,ef414c5873253d066739bf6ceaeff30779bac8cfff998e1da63ebd72617023bb,2024-07-23T14:15:14.837000 +CVE-2024-4079,0,0,99209b6b51eaa8a9d90cd12f677c7e30b866cd2c9ada6d13befa76362cf63168,2024-07-23T14:15:14.353000 +CVE-2024-4080,0,0,560bae462fb211eddacf035e8ddd7895f21fc7d0d5fb7308ab290c999a3d58c7,2024-07-23T14:15:14.590000 +CVE-2024-4081,0,0,ef414c5873253d066739bf6ceaeff30779bac8cfff998e1da63ebd72617023bb,2024-07-23T14:15:14.837000 CVE-2024-4082,0,0,02264cef46dbd3bc30b90eb0e358643df5f32c233cd928965c67d2a95fa3306a,2024-05-14T16:11:39.510000 CVE-2024-4083,0,0,1cd1c6384007aa9a5a8af9731386deec2b0818df508019e87115186ced7033b5,2024-05-02T18:00:37.360000 CVE-2024-4084,0,0,aed2355093521159d48a9084a5a18f34499717e2daefb72a4c03148c5f7b9d24,2024-06-11T16:44:49.090000 @@ -255779,6 +255780,7 @@ CVE-2024-4115,0,0,89bc89df66a101d446d6568b359dec67345256fa579984420e2e2fe7ea4994 CVE-2024-4116,0,0,6ee64e85b69f8f11f599040da371bf02d3a94742e1ecd0f467d9a48f26243458,2024-05-17T02:40:16.110000 CVE-2024-4117,0,0,439d2da59fd01a25f254df6698027149837f261eb1a16ba5752d7e62667d1bfc,2024-06-04T19:20:30.043000 CVE-2024-41172,0,0,aff170553f604e0c7275db2adb45c6ecf8207e69e7b01abeab9ae04e85025c2a,2024-07-19T13:01:44.567000 +CVE-2024-41178,1,1,5f43c58c5c6ca34c5933e5a769cffcf59ef6a400e48f125a013a2ba32a9ab6cc,2024-07-23T17:15:12.663000 CVE-2024-4118,0,0,261b7c2db2db4c5bd0863007ba022afd6141eeb3c40d43094e801a457a5edb93,2024-06-04T19:20:30.147000 CVE-2024-41184,0,0,5632ca1fe6b4d580f96d1889964128d406f3b607849d31bde6a0492547023118,2024-07-18T14:15:05.137000 CVE-2024-4119,0,0,1787463dab796293e9249fc34f7a40843b12d1d129a7d5ccdb513e5ec2672067,2024-06-04T19:20:30.247000 @@ -255793,13 +255795,13 @@ CVE-2024-4127,0,0,13aabefe1ea17c857d1bb509e28f374ee8245c3658c3b51912d597c1f898ec CVE-2024-4128,0,0,68bc0506eec8fccf6c4228f6f90915fa5b089633c8bc20338b2c6bd4b4236a0b,2024-05-02T18:00:37.360000 CVE-2024-41281,0,0,67d3a54ff6c69e817d1c4d3304511fe0d1b87ffa7ae182f6c630038b3326bf87,2024-07-22T13:00:53.287000 CVE-2024-4129,0,0,f2fba94e29dd925b8a56a23f2711717731ea628ca4457222b442fc21c3f8c80a,2024-05-14T16:11:39.510000 -CVE-2024-41314,0,0,ccb6c27b3b5599068351780e5c3616b8ca3caa5e52aa798c9a723e62613254b1,2024-07-22T14:15:06.627000 -CVE-2024-41315,0,0,0a1a8a1ddbef26bb636be733b82824c88fddc794ce2b817aeca0a1e1ecf0dad2,2024-07-22T14:15:06.693000 -CVE-2024-41316,0,0,e98fe5500ad4bad72c068aaa9dc48cd190f9de2669945b609391f78bff36111d,2024-07-22T14:15:06.757000 -CVE-2024-41317,0,0,ed4ee8d76c043b4dd89a61007bfc1f34e52dad1d8709852147b21963f35fa454,2024-07-22T14:15:06.817000 -CVE-2024-41318,0,1,18c108befe2fc6c42d41c2578a07ae72341f45f8778f9f6bb91b2ae7402f1325,2024-07-23T15:15:04.973000 -CVE-2024-41319,1,1,94bc49a845d6947968b4f80e3a5d12e86b12266859d7779d4b9fd0058b107ce8,2024-07-23T15:15:05.050000 -CVE-2024-41320,0,1,689e2ad8a9ee3d4af7d517e95ae2356f73fe15837a1e2972e05beec9e4f28250,2024-07-23T15:15:05.133000 +CVE-2024-41314,0,1,fbb757145a602671d01d3277038d12255dba8eb70b1580ba575b09ffe4ff2384,2024-07-23T16:15:05.710000 +CVE-2024-41315,0,1,5b06430aa5c923b2c9715b666f01fd994301ba33f8a408d00803142f998b4c8b,2024-07-23T16:15:05.773000 +CVE-2024-41316,0,1,f8405994e7acdc2a2d24863792c0ec27a82ddd7bdb92723ef2f75a35a999a2e1,2024-07-23T16:15:05.843000 +CVE-2024-41317,0,1,527d4d72baf527afab04b156b585818a31101a6fd67674396e566845251ef15e,2024-07-23T16:15:05.910000 +CVE-2024-41318,0,0,18c108befe2fc6c42d41c2578a07ae72341f45f8778f9f6bb91b2ae7402f1325,2024-07-23T15:15:04.973000 +CVE-2024-41319,0,0,94bc49a845d6947968b4f80e3a5d12e86b12266859d7779d4b9fd0058b107ce8,2024-07-23T15:15:05.050000 +CVE-2024-41320,0,0,689e2ad8a9ee3d4af7d517e95ae2356f73fe15837a1e2972e05beec9e4f28250,2024-07-23T15:15:05.133000 CVE-2024-4133,0,0,809a3aebbf4e63405fb2f0740c9908f3dfcf1d711b93379e5d465ea9e56d3cba,2024-05-02T18:00:37.360000 CVE-2024-4135,0,0,3adddfced77f8fc8630aec5e175734a40783e3f6b247cb0614a312485a8097a3,2024-05-08T13:15:00.690000 CVE-2024-4138,0,0,0f7c3171dd014e7915cab9bf533b57ef231d5c30c6ae20f761b745c0767014ec,2024-05-14T19:17:55.627000 @@ -255836,8 +255838,10 @@ CVE-2024-4162,0,0,1a4f39929c1df6d420ff35b2d8de51a57c5e5378a57b6e7a1a35abc1b5a3dc CVE-2024-4163,0,0,69022c7df60536fa7bdfb20d2705efebe8d2d6c2c39bf59b2dcb5940921dba2c,2024-07-03T02:07:10.047000 CVE-2024-4164,0,0,5c582c5408e712b207393008a4bc438580820bad61af8c831d6d320440184b2c,2024-05-17T02:40:17.710000 CVE-2024-4165,0,0,1335796556da8c6a778d77814a8f1d84d8c2dc18b70d9de88815783ed1aa0d77,2024-06-04T19:20:31.500000 -CVE-2024-41655,1,1,3fe02fa61b0dfb920c71488e9c8b5259c7506f728d57d11b14913ec90a7b67aa,2024-07-23T15:15:05.207000 +CVE-2024-41655,0,0,3fe02fa61b0dfb920c71488e9c8b5259c7506f728d57d11b14913ec90a7b67aa,2024-07-23T15:15:05.207000 CVE-2024-4166,0,0,f698286bcd13839c3e713fc944a2d68390d9d1f07ea9696da7a343bdead6335d,2024-05-17T02:40:17.900000 +CVE-2024-41663,1,1,8042fa4e8e7f69909056503228f4440b95aae4b30fd4e8a4914a9356a142b8b7,2024-07-23T16:15:06.070000 +CVE-2024-41664,1,1,c9d7ddefe086d64fe440f8fda96eba34811ee0b3b187e398c83e4f09b91fffd6,2024-07-23T17:15:12.767000 CVE-2024-4167,0,0,a726fa69800dd2a00fe506dc5d29a370681725e72bfe1ac34a8206d50708861e,2024-06-04T19:20:31.593000 CVE-2024-4168,0,0,7f4f833c88738c683a47d814a058bf8a730868170937a9aca799097bc79bf22f,2024-06-04T19:20:31.690000 CVE-2024-4169,0,0,c62ff626929882f5d2c6f5c5b02ad92c379b5b400e34f72b774f8d063efba0f1,2024-06-04T19:20:31.780000 @@ -256104,7 +256108,7 @@ CVE-2024-4461,0,0,51250da8bcd9ecf720caf9f3a7efd550d6e47af21e57f982fabb8237238dcf CVE-2024-4462,0,0,7de1c10fc651b37d9659e3e60da12a8c072b437874aeb6819554614b6acb9a58,2024-06-04T16:57:41.053000 CVE-2024-4463,0,0,697d96b65b3f5bb41384b58e0f6586cf3caa8378b8edc45503427d4f5bdd2d8e,2024-05-14T16:11:39.510000 CVE-2024-4466,0,0,b7aa09b25d001fa0ca3c8a92093b33e950eb38bf6c988ff6fde91a26b7231c00,2024-05-03T12:48:41.067000 -CVE-2024-4467,0,1,7f76f66c1d0e872eb71b56df71116d9a76874326825b3693b94b452aba004123,2024-07-23T15:15:05.720000 +CVE-2024-4467,0,1,ee2f9bc5bbc36c26f38005024ca97c3b21da7805a59dcaa3c6665d23fa511c53,2024-07-23T16:15:06.377000 CVE-2024-4468,0,0,b3276ced4484e0a6677a57dac2ac7e9a5b704e2ae059b48a7256dc6a67d6da0e,2024-06-10T02:52:08.267000 CVE-2024-4469,0,0,8f4eafe1629cfec30e07bc480cd9bd60074526e695dc3e7699a9034cc841795d,2024-05-31T13:01:46.727000 CVE-2024-4470,0,0,3c0fcce343f2a1d09f74dfb9be1570b18bd3555368134445c358e736dab037c4,2024-05-21T12:37:59.687000 @@ -256437,7 +256441,7 @@ CVE-2024-4841,0,0,65ebfdfe2681835a6b4ece6477d685d2c79df9dc285d61b3c6847a6703ab51 CVE-2024-4842,0,0,266948939b8663b41b45dca8cb12f3f3247c17eab2663a8a73d7a0fbf198d426,2024-05-30T20:15:09.703000 CVE-2024-4843,0,0,6c6ae016d182516d10e6e73ab68236968844df3762466d188dfe9ab6c4374a75,2024-05-16T13:03:05.353000 CVE-2024-4844,0,0,8d4783b6be8eb3ca86bdecf4aaa281d65ab414ff769f738cde8b6bc1a2becc80,2024-05-16T13:03:05.353000 -CVE-2024-4845,0,0,77e5146a10cb5abd01f27484c9a3818c63181ba6144f7537a5330c684db067e5,2024-06-13T18:36:09.010000 +CVE-2024-4845,0,1,f8e5a569577a931ed62905431d3e7dc57f80df89344697bf8fc7f196d4c6a1d9,2024-07-23T17:23:41.597000 CVE-2024-4846,0,0,354213cecebbad5d2830809199864dadc70a5508c38afeb47a24b8f17c4c0fe1,2024-06-25T18:50:42.040000 CVE-2024-4847,0,0,3e175fcde7743d0dafc07697dcd3c0585505cba50a8840c440513434f4a1e2f1,2024-05-15T16:40:19.330000 CVE-2024-4849,0,0,ea1119b37dea5602dfce7972c7449fed4caaba21295f1145a8612489a3c2fd07,2024-05-20T13:00:34.807000 @@ -256480,7 +256484,7 @@ CVE-2024-4894,0,0,1906244d072f236ffca4e7ab82222b86cb7f201e42e01d4517f3ab933ca907 CVE-2024-4895,0,0,f6b1e62d3b5bd64aea52e6768b6c469e049c941759a77bf99aa3b85ad7e20caa,2024-05-24T01:15:30.977000 CVE-2024-4896,0,0,20cc2dc19f323150528d4fb3a23b846b2e602fa65e075afe5dc2b86cb95d9c94,2024-05-22T12:46:53.887000 CVE-2024-4897,0,0,b80483aa02f533d1f5c4695afa1f7ec5dae4ecfa8b472cf561efa5d05f8ff11d,2024-07-02T17:44:45.700000 -CVE-2024-4898,0,0,f8ef9bdd2831220cec17d1f994e04a2554391723cc8686c1ffe249fd522f4549,2024-06-13T18:36:09.010000 +CVE-2024-4898,0,1,a64ada88476e7dbd5dca1f8ed9406bed15a3acb87fadbe7d9a4f3102502b7a67,2024-07-23T17:50:44.033000 CVE-2024-4899,0,0,7d0ca1543842829897b22c32fd7c3ea389ea1c85b28761d045bc30da0b354462,2024-07-03T02:08:16.280000 CVE-2024-4900,0,0,2074e15c0050e8989f750822fa85e67702dc13ece861470c246a4c4acb047889,2024-06-24T12:57:36.513000 CVE-2024-4901,0,0,038977315c18c98069a655ab35eb2b501ae92d62e5deb196337fd2891dd989fe,2024-06-28T13:18:19.407000 @@ -257061,7 +257065,7 @@ CVE-2024-5598,0,0,dea97cf43130ffc7ec8c1e0439cc4a1d595d430c970e2a6bb452f71273924c CVE-2024-5599,0,0,e2a52dc8fb81a6d016503d8fbd621cff191add725c15ae779eff77632921d437,2024-06-11T18:24:39.057000 CVE-2024-5600,0,0,cbb44154b53a9ff19bb9b8607051bff7897a220aae51af46369a9f79546fe419,2024-07-09T18:19:14.047000 CVE-2024-5601,0,0,e22064ef868b7763ab6a035a66dc94fbf47f776f059b7b471d5873c49e582f7a,2024-06-28T13:25:40.677000 -CVE-2024-5602,1,1,4041257a741ba4edb015af2613f552f2da5cbcb483f9737a6d05c3549139c389,2024-07-23T14:15:15.077000 +CVE-2024-5602,0,0,4041257a741ba4edb015af2613f552f2da5cbcb483f9737a6d05c3549139c389,2024-07-23T14:15:15.077000 CVE-2024-5604,0,0,3fc5f4822707c10b93ac858cb809bfd200b008140e07ef20d84f7ed8208c8435,2024-07-19T13:01:44.567000 CVE-2024-5605,0,0,e4ab13f44aee681834db0b09d11c486a794d1d811bed7db97810cd3bad2b3e86,2024-07-17T14:02:16.537000 CVE-2024-5606,0,0,954b2855130670426569975aef75e63a345bb5d86a76ecc86734db71e762262f,2024-07-08T14:19:15.450000 @@ -257108,7 +257112,7 @@ CVE-2024-5658,0,0,4b7b5594fb2d6fb3074fb71ac61cbc23cef4f1cc04b9e936bb835d1343d629 CVE-2024-5659,0,0,ffc77731bd38c72dba71b78652c4b9387b9df2ddb5b033ee614f797d944c1fbe,2024-06-17T12:42:04.623000 CVE-2024-5661,0,0,64c610f4ac197974e4a9f4370e828aefe9bbaabb0bf444795d194a1356128a89,2024-07-02T14:43:40.460000 CVE-2024-5662,0,0,8c3107c3250f17bf50f488951af6a806bf508fec6c0432bc071f0b8c3606d97e,2024-06-28T10:27:00.920000 -CVE-2024-5663,0,0,abcbe0954d080f7edb9d1c70aa4d460157931705940030ca323308bce17ef529,2024-06-10T02:52:08.267000 +CVE-2024-5663,0,1,bb880da64d53311a8a310f135d9a5689f60a63ae397c005441eb1cf59738b610,2024-07-23T17:55:19.843000 CVE-2024-5664,0,0,3daba34112ffc15ab14e7e66b41cb4d94002be0e467de37777afa664cf939f2a,2024-07-11T13:05:54.930000 CVE-2024-5665,0,0,ee434c76bce552b377f6919bf1c15ee1f70c912b781038fb2d7ab59e3f11029d,2024-06-11T17:47:45.033000 CVE-2024-5666,0,0,c2cb648af5be31cc7b97e094a0871dd39fea80d2d3a0f373e615f5ae502553a5,2024-07-01T12:37:24.220000 @@ -257604,7 +257608,7 @@ CVE-2024-6402,0,0,795485c4534407e246daec51c1daaa33b95f6651688fed743a8fb9054cdaed CVE-2024-6403,0,0,e44b9cfa8d9ae367e624a8cdf179ef52ea1e98c2115d7a956299d17747a6a56b,2024-07-01T12:37:24.220000 CVE-2024-6405,0,0,fdb62e3d2213e21f6cf3d269e158ee31cc07c01f1a5a460b466ccce5203f82ee,2024-07-01T12:37:24.220000 CVE-2024-6407,0,0,12314028e09ddfd135bb748e0530e9ce4aee25dcaa6c2bae62524650d54b655f,2024-07-12T16:36:34.747000 -CVE-2024-6409,0,1,578c0304a0eb142e0bd60834fe2621b9fbe6dbe565942555cba8093cadf1251b,2024-07-23T15:15:06.010000 +CVE-2024-6409,0,0,578c0304a0eb142e0bd60834fe2621b9fbe6dbe565942555cba8093cadf1251b,2024-07-23T15:15:06.010000 CVE-2024-6410,0,0,9db961a9e1824a35ea4ea0ac1b25800d120aafac2e5d4caf32d46e6051ad19d3,2024-07-11T13:05:54.930000 CVE-2024-6411,0,0,47c8df8c850420fccb0a9ac1089e4a10bdc49d8ecc38cd5ac33a449b2082a491,2024-07-11T13:05:54.930000 CVE-2024-6414,0,0,ae0d661be5f3239fdfe6f0d08030fef27c03212dc1e12675bcf532fd90369002,2024-07-01T12:37:24.220000 @@ -257735,6 +257739,7 @@ CVE-2024-6681,0,0,fd87484dafd740c0f788720b14149eb40f6b6d8ce371416d0e039ce9acf820 CVE-2024-6689,0,0,d40d4a6e022419e83ed34bb3a74eb0d24556e6d76f7b0a592f90775a9d52873c,2024-07-16T13:43:58.773000 CVE-2024-6694,0,0,7d61bbb6e4266a8c90354c9d0cb6da1ede156f667671ed3e7d5507b5e685e063,2024-07-22T13:00:53.287000 CVE-2024-6705,0,0,1e166467558902cf3ff2211f8b1aa347feb308f999c65053186e5a13806e8368,2024-07-18T12:28:43.707000 +CVE-2024-6714,1,1,51220ba43cdb8c58907390ac6e78c6d29891545d544dae414b1a0ed2901cb384,2024-07-23T16:15:06.543000 CVE-2024-6716,0,0,8ffb92442f0506288b44c8e147b3f474301f4b7d486d9477f8f7548823d67c07,2024-07-17T14:15:04.210000 CVE-2024-6717,0,0,91d6e2e1e8d85821c6b836019c0c3e544427a23e07d8611904ae6a48961d3cf4,2024-07-23T01:15:09.190000 CVE-2024-6721,0,0,20bc3ac9fd25b0ef666ff8f606cfc8f742981337efa5a16bd2cfa701fac87a51,2024-07-15T16:15:03.467000 @@ -257767,7 +257772,7 @@ CVE-2024-6777,0,0,1b2f8bc7483fbfc540bfc78d70c330a5b3bd55e3e3b550b722254066c080b4 CVE-2024-6778,0,0,4b9f54a1ab5418724c8d4d40b1c3b12f937747d49588cc60e2bad6855d8270bc,2024-07-17T13:34:20.520000 CVE-2024-6779,0,0,eb8d5debe3ae4525916f27034d3cd0e49a98090896d6ba5d8c5bcdb0d54820b6,2024-07-17T13:34:20.520000 CVE-2024-6780,0,0,54fc3efeb973ca2f40f04f54d5a723685bcfaff31befba604fec0242bd088a83,2024-07-16T13:43:58.773000 -CVE-2024-6783,1,1,1e995d50ba4966436ba609fc82d167b4f81781c635bc2a71adba2b8a7ed30f1d,2024-07-23T15:15:06.210000 +CVE-2024-6783,0,0,1e995d50ba4966436ba609fc82d167b4f81781c635bc2a71adba2b8a7ed30f1d,2024-07-23T15:15:06.210000 CVE-2024-6791,0,0,59433f923d9fc7ff46afaa161eb77f91d2573910fe459bf3d739fa4cb3b0f828,2024-07-22T21:15:04.360000 CVE-2024-6793,0,0,1e50d4c72ccf22ca7ffc2eb62910606f5bcc86a8538c175560adaab5c207dbc8,2024-07-22T21:15:04.547000 CVE-2024-6794,0,0,9c548937685e7eadcbd8adef12ff14dde9bbbe9b98aa13e29f5cb0fc83a93b12,2024-07-22T21:15:04.733000