admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-01T21:00:26.830728+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-01 21:00:30 +00:00
parent 3673f1ceeb
commit 4e7973cd42
26 changed files with 2475 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2018/CVE-2018-172xx/CVE-2018-17215.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-17215",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-09-26T21:29:01.853",
"lastModified": "2018-11-21T15:54:05.180",
"lastModified": "2024-02-01T19:55:49.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getpostman:postman:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:postman:postman:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.3.0",
"matchCriteriaId": "B191AA2D-00FA-4BBE-ADF7-BD0B26539612"
"matchCriteriaId": "F35E874F-A0C2-49FD-846E-6F4D03BF50E8"
}
]
}

68
CVE-2021/CVE-2021-421xx/CVE-2021-42146.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2021-42146",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T19:15:08.483",
"lastModified": "2024-01-24T19:43:42.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:16:49.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients)."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Contiki-NG tinyDTLS a trav\u00e9s de la rama maestra 53a0d97. Los servidores DTLS permiten a atacantes remotos reutilizar el mismo n\u00famero de \u00e9poca dentro de dos veces la vida \u00fatil m\u00e1xima del segmento TCP, lo cual est\u00e1 prohibido en RFC6347. Esta vulnerabilidad permite a atacantes remotos obtener aplicaciones confidenciales (datos de clientes conectados)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:contiki-ng:tinydtls:2018-08-30:*:*:*:*:*:*:*",
"matchCriteriaId": "90402650-48E8-4C88-9306-B32811E56046"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/19",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

155
CVE-2023/CVE-2023-290xx/CVE-2023-29081.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-29081",
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"published": "2024-01-26T20:15:54.187",
"lastModified": "2024-01-27T00:42:46.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:59:40.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023 R2. This vulnerability may allow locally authenticated users to cause a Denial of Service (DoS) condition when handling move operations on local, temporary folders."
},
{
"lang": "es",
"value": "Se ha informado de una vulnerabilidad en Suite Setups creadas con versiones anteriores a InstallShield 2023 R2. Esta vulnerabilidad puede permitir que los usuarios autenticados localmente provoquen una condici\u00f3n de denegaci\u00f3n de servicio (DoS) al manejar operaciones de movimiento en carpetas locales temporales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"type": "Secondary",
@ -46,10 +80,125 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2016:-:*:*:*:*:*:*",
"matchCriteriaId": "2299BAF1-82E5-4CA7-BCB1-FD1F16085302"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2016:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7749B2BA-33C7-40BB-9FFF-43C5CD26F18A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2016:sp2:*:*:*:*:*:*",
"matchCriteriaId": "95D01D5F-6885-4A49-B17B-FD6D578CDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2017:-:*:*:*:*:*:*",
"matchCriteriaId": "1B65E118-B78D-4439-A100-AEECAC08287F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2017:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C5D3D504-041B-498D-89A5-44480F973736"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "731C306D-F2EB-4FA5-92FB-E171DA348D5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2018:r2:*:*:*:*:*:*",
"matchCriteriaId": "5551FBFE-1E40-42E4-8A6C-2F1D81B48806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2018:sp1:*:*:*:*:*:*",
"matchCriteriaId": "8CA62BA4-3A62-4FF2-BAD7-B952B0B4F820"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "C1A819BD-CE66-4A79-AC86-7EC18EF16C74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2019:r2:*:*:*:*:*:*",
"matchCriteriaId": "8818A1F2-8322-4866-8AE5-758EDBEF29CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2019:r3:*:*:*:*:*:*",
"matchCriteriaId": "53EAD18C-B4E6-4AC8-8AE3-E9ED91CD8501"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "00D5FB38-28FF-468D-991D-D2B8647847F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "4CC709D9-6726-45F0-B5DB-8C752098F0D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2020:r3:*:*:*:*:*:*",
"matchCriteriaId": "4FE45C4B-CA42-4BEA-BA95-1E9FBD00F01E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2020:r3sp1:*:*:*:*:*:*",
"matchCriteriaId": "9D6AB162-11B2-42B7-86FE-5250A6E7BFA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2021:r1:*:*:*:*:*:*",
"matchCriteriaId": "02886A04-411B-4693-83E4-14CC421F85B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2021:r2:*:*:*:*:*:*",
"matchCriteriaId": "F1B7662F-3536-4D59-B7F1-32312A4AAA78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2022:r1:*:*:*:*:*:*",
"matchCriteriaId": "E691BE8F-360B-4072-91BC-2DC54FA6D709"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2022:r2:*:*:*:*:*:*",
"matchCriteriaId": "3644689A-6FD2-415F-B737-9B2851620000"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexera:installshield:2023:r1:*:*:*:*:*:*",
"matchCriteriaId": "C5831778-D628-44BF-9341-97C92DE926B1"
}
]
}
]
}
],
"references": [
{
"url": "https://community.flexera.com/t5/InstallShield-Knowledge-Base/CVE-2023-29081-InstallShield-Symlink-Vulnerability-Affecting/ta-p/305052",
"source": "PSIRT-CNA@flexerasoftware.com"
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-58xx/CVE-2023-5841.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-5841",
"sourceIdentifier": "cve@takeonme.org",
"published": "2024-02-01T19:15:08.097",
"lastModified": "2024-02-01T19:15:08.097",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX\u00a0image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability."
}
],
"metrics": {},
"weaknesses": [
{
"source": "cve@takeonme.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://takeonme.org/cves/CVE-2023-5841.html",
"source": "cve@takeonme.org"
}
]
}

14
CVE-2023/CVE-2023-61xx/CVE-2023-6176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6176",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-16T18:15:07.483",
"lastModified": "2024-02-01T18:51:12.797",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-01T19:15:08.180",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -41,19 +41,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]

21
CVE-2023/CVE-2023-62xx/CVE-2023-6298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6298",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-26T23:15:07.657",
"lastModified": "2023-12-06T15:15:07.027",
"vulnStatus": "Modified",
"lastModified": "2024-02-01T19:58:50.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -85,8 +85,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -123,7 +133,10 @@
},
{
"url": "https://kb.itextpdf.com/itext/statement-regarding-cve-2022-24198-and-2023-6298",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.246124",

263
CVE-2023/CVE-2023-69xx/CVE-2023-6919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6919",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-01-26T08:15:42.203",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T19:43:35.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,10 +50,267 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-4c1a-lru_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "D9EB930A-8960-4F13-9FA1-AF3A8ED5F284"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-4c1a-lru:-:*:*:*:*:*:*:*",
"matchCriteriaId": "027FBB09-AB4B-4961-AF21-FE8F05B59FB4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-4c1a-lrpu_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "17756524-D6A2-44A5-A939-FBFFA0CA19E1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-4c1a-lrpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703496E4-753F-4DD3-9134-DE952B284049"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-255a-bf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "49477B1C-4B2D-4291-B173-7A0835A27198"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-255a-bf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F099A1C9-4EA9-49A0-8479-CE03A10D92C4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-255-bv_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "4D440B47-C2F2-405E-B46E-D47BB76D264A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-255-bv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "026C9CBB-76DD-42C4-8112-6D90D601897E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-255-df_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "AA6C4B94-167C-4FCF-8152-D9BF26A8F41C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-255-df:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71111E6B-B8CA-486E-8E19-1ACE9CC57C1B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-64c8rd-nvr_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "5B6F0020-D212-43C9-96D5-5BD36C5C89D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-64c8rd-nvr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "888954F6-1182-42C4-BB02-E195FE73C7CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-4c1e-nvr_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "D0FA9FA9-78CA-4B7A-B9B9-15A3AFD08B4D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-4c1e-nvr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F755B81D-C702-46CE-9AB5-697686E4E7CA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-8c1e-nvr_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "24D79F3F-52BF-4107-9B0F-F4DCD6B35E07"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-8c1e-nvr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEF4458-2DCF-4064-BAD7-F80573DDC22F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:biges:vg-8c1a-lrpu_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "500.0003.r008.4011.c0012.b351.c",
"matchCriteriaId": "0BF11C5A-1130-42C9-BAB8-5F481CE6E061"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:biges:vg-8c1a-lrpu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9637FC-968F-463A-9FB4-864D1FDB056E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0054",
"source": "iletisim@usom.gov.tr"
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-07xx/CVE-2024-0781.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0781",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-22T16:15:08.577",
"lastModified": "2024-01-22T19:10:26.333",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T19:03:24.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input <meta http-equiv=\"refresh\" content=\"0; url=https://vuldb.com\" /> leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251697 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en CodeAstro Internet Banking System 1.0 y clasificada como problem\u00e1tica. Esto afecta a una parte desconocida del archivo pages_client_signup.php. La manipulaci\u00f3n del argumento Client Full Name con la entrada conduce a una redirecci\u00f3n abierta. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-251697."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:martmbithi:internet_banking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0AF461-CF49-4FCA-BDCC-935CE159A06A"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/drive/folders/1f61RXqelSDY0T92aLjmb8BhgAHt_eeUS",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.251697",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.251697",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2024/CVE-2024-09xx/CVE-2024-0942.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0942",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-26T20:15:54.403",
"lastModified": "2024-01-27T00:42:46.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:32:02.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B20211224. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-252186 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Totolink N200RE V5 9.3.5u.6255_B20211224. Ha sido clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /cgi-bin/cstecgi.cgi es afectada por esta vulnerabilidad. La manipulaci\u00f3n provoca la caducidad de la sesi\u00f3n. Es posible lanzar el ataque de forma remota. La complejidad de un ataque es bastante alta. Se dice que la explotabilidad es dif\u00edcil. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-252186 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,22 +95,65 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:n200re-v5_firmware:9.3.5u.6255_b20211224:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCA8E04-4001-40BB-9C4D-2A03EB5F3D6C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:n200re-v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7042003A-B948-4357-ABDE-8B43DE0BE156"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1oWAGbmDtHDIUN1WSRAh4ZnuzHOuvTU4T/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.252186",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252186",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://youtu.be/b0tU2CiLbnU",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

73
CVE-2024/CVE-2024-09xx/CVE-2024-0943.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0943",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-26T20:15:54.640",
"lastModified": "2024-01-27T00:42:46.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:47:02.903",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Totolink N350RT 9.3.5u.6255. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252187. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Totolink N350RT 9.3.5u.6255. Ha sido declarada problem\u00e1tica. Una funci\u00f3n desconocida del archivo /cgi-bin/cstecgi.cgi es afectada por esta vulnerabilidad. La manipulaci\u00f3n provoca la caducidad de la sesi\u00f3n. El ataque se puede lanzar de forma remota. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece dif\u00edcil. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-252187. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,57 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:n350rt_firmware:9.3.5u.6255:*:*:*:*:*:*:*",
"matchCriteriaId": "49760E4A-9ED6-44FB-8F82-009145DFAC00"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:n350rt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B88D1F1-F7A6-43D5-8DF7-E9425823C7B6"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1OBs4kc1KvbqrMhQHs54WtwxxxiBoI0hL/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.252187",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252187",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-09xx/CVE-2024-0944.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0944",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-26T20:15:54.863",
"lastModified": "2024-01-27T00:42:46.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:49:30.500",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Totolink T8 4.1.5cu.833_20220905. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252188. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Totolink T8 4.1.5cu.833_20220905. Ha sido calificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /cgi-bin/cstecgi.cgi es afectada por este problema. La manipulaci\u00f3n provoca la caducidad de la sesi\u00f3n. El ataque puede lanzarse de forma remota. La complejidad de un ataque es bastante alta. Se sabe que la explotaci\u00f3n es dif\u00edcil. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-252188. NOTA: Se contact\u00f3 primeramente con proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,58 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:t8_firmware:4.1.5cu.833_20220905:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAB4A5E-435B-4286-AE0F-203CAD3E5409"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:t8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16621725-1296-4792-BDF4-43E0ABF3B744"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1YPisSnxM5CwSLKFgs9w5k5MtNUgiijVo/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.252188",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.252188",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

1026
CVE-2024/CVE-2024-216xx/CVE-2024-21620.json
View File

File diff suppressed because it is too large Load Diff

69
CVE-2024/CVE-2024-225xx/CVE-2024-22551.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2024-22551",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-26T15:15:09.490",
"lastModified": "2024-01-26T16:33:07.620",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:10:53.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "WhatACart v2.0.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /site/default/search."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que WhatACart v2.0.7 contiene una vulnerabilidad de cross site scripting (XSS) reflejado a trav\u00e9s del componente /site/default/search."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ushainformatique:whatacart:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5691761D-965A-41E3-B42A-41AC756A199B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://packetstormsecurity.com/files/176314/WhatACart-2.0.7-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2024/CVE-2024-233xx/CVE-2024-23341.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-23341",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-23T18:15:19.250",
"lastModified": "2024-01-23T19:40:11.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:15:31.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TuiTse-TsuSin is a package for organizing the comparative corpus of Taiwanese Chinese characters and Roman characters, and extracting sentences of the Taiwanese Chinese characters and the Roman characters. Prior to version 1.3.2, when using `tuitse_html` without quoting the input, there is a html injection vulnerability. Version 1.3.2 contains a patch for the issue. As a workaround, sanitize Taigi input with HTML quotation."
},
{
"lang": "es",
"value": "TuiTse-TsuSin es un paquete para organizar el corpus comparativo de caracteres chinos taiwaneses y caracteres romanos, y extraer oraciones de los caracteres chinos taiwaneses y caracteres romanos. Antes de la versi\u00f3n 1.3.2, cuando se usaba `tuitse_html` sin citar la entrada, exist\u00eda una vulnerabilidad de inyecci\u00f3n de html. La versi\u00f3n 1.3.2 contiene un parche para el problema. Como workaround, desinfecte la entrada de Taigi con citas HTML."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +70,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ithuan:tuitse-tsusin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "C64FB9E1-AA6C-4B7F-A102-B41C9B2D84A4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/i3thuan5/TuiTse-TsuSin/commit/9d21d99d7cfcd7c42aade251fab98ec102e730ea",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/i3thuan5/TuiTse-TsuSin/pull/22",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/i3thuan5/TuiTse-TsuSin/security/advisories/GHSA-m4m5-j36m-8x72",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-236xx/CVE-2024-23626.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23626",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:10.820",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T19:24:18.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:motorola:mr2600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB21523A-FF81-44F5-84D4-83D690D1D021"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:motorola:mr2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF30D0-9447-49F2-B33B-CA2BF24D6DD2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/motorola-mr2600-savesyslogparams-command-injection-vulnerability/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-236xx/CVE-2024-23627.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23627",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:11.037",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T19:38:10.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:motorola:mr2600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB21523A-FF81-44F5-84D4-83D690D1D021"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:motorola:mr2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF30D0-9447-49F2-B33B-CA2BF24D6DD2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/motorola-mr2600-savestaticrouteipv4params-command-injection-vulnerability/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-236xx/CVE-2024-23628.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23628",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:11.273",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T19:40:28.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:motorola:mr2600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB21523A-FF81-44F5-84D4-83D690D1D021"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:motorola:mr2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF30D0-9447-49F2-B33B-CA2BF24D6DD2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/motorola-mr2600-savestaticrouteipv6params-command-injection-vulnerability/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-236xx/CVE-2024-23629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23629",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:11.650",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T19:48:49.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:motorola:mr2600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB21523A-FF81-44F5-84D4-83D690D1D021"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:motorola:mr2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF30D0-9447-49F2-B33B-CA2BF24D6DD2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/motorola-mr2600-authentication-bypass-vulnerability/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2024/CVE-2024-236xx/CVE-2024-23630.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23630",
"sourceIdentifier": "disclosures@exodusintel.com",
"published": "2024-01-26T00:15:12.187",
"lastModified": "2024-01-26T13:51:45.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T19:56:55.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "disclosures@exodusintel.com",
"type": "Secondary",
@ -75,10 +105,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:motorola:mr2600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB21523A-FF81-44F5-84D4-83D690D1D021"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:motorola:mr2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF30D0-9447-49F2-B33B-CA2BF24D6DD2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.exodusintel.com/2024/01/25/motorola-mr2600-arbitrary-firmware-upload-vulnerability/",
"source": "disclosures@exodusintel.com"
"source": "disclosures@exodusintel.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-236xx/CVE-2024-23636.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-23636",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-23T18:15:19.433",
"lastModified": "2024-01-23T19:40:11.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-02-01T20:17:34.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to version 5.12.0, there is a gadget chain that can bypass the SOFA Hessian blacklist protection mechanism, and this gadget chain only relies on JDK and does not rely on any third-party components. Version 5.12.0 fixed this issue by adding a blacklist. SOFARPC also provides a way to add additional blacklists. Users can add a class like `-Drpc_serialize_blacklist_override=org.apache.xpath.` to avoid this issue."
},
{
"lang": "es",
"value": "SOFARPC es un framework Java RPC. SOFARPC utiliza de forma predeterminada el protocolo SOFA Hessian para deserializar los datos recibidos, mientras que el protocolo SOFA Hessian utiliza un mecanismo de lista negra para restringir la deserializaci\u00f3n de clases potencialmente peligrosas para la protecci\u00f3n de la seguridad. Pero, antes de la versi\u00f3n 5.12.0, exist\u00eda una cadena de dispositivos que pod\u00eda eludir el mecanismo de protecci\u00f3n de la lista negra de SOFA Hessian, y esta cadena de dispositivos solo se basa en JDK y no depende de ning\u00fan componente de terceros. La versi\u00f3n 5.12.0 solucion\u00f3 este problema agregando una lista negra. SOFARPC tambi\u00e9n proporciona una forma de agregar listas negras adicionales. Los usuarios pueden agregar una clase como `-Drpc_serialize_blacklist_override=org.apache.xpath.` para evitar este problema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sofastack:sofarpc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.12.0",
"matchCriteriaId": "5B157065-0631-4FFB-8A18-D8BA348F3166"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sofastack/sofa-rpc/commit/42d19b1b1d14a25aafd9ef7c219c04a19f90fc76",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sofastack/sofa-rpc/security/advisories/GHSA-7q8p-9953-pxvr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2024/CVE-2024-240xx/CVE-2024-24041.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-24041",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-01T20:50:05.760",
"lastModified": "2024-02-01T20:50:05.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the location parameter at /travel-journal/write-journal.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/tubakvgc/CVE/blob/main/Travel_Journal_App.md",
"source": "cve@mitre.org"
},
{
"url": "https://portswigger.net/web-security/cross-site-scripting",
"source": "cve@mitre.org"
}
]
}

63
CVE-2024/CVE-2024-245xx/CVE-2024-24569.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-24569",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-01T19:15:08.360",
"lastModified": "2024-02-01T19:15:08.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Pixee Java Code Security Toolkit is a set of security APIs meant to help secure Java code. `ZipSecurity#isBelowCurrentDirectory` is vulnerable to a partial-path traversal bypass. To be vulnerable to the bypass, the application must use toolkit version <=1.1.1, use ZipSecurity as a guard against path traversal, and have an exploit path. Although the control still protects attackers from escaping the application path into higher level directories (e.g., /etc/), it will allow \"escaping\" into sibling paths. For example, if your running path is /my/app/path you an attacker could navigate into /my/app/path-something-else. This vulnerability is patched in 1.1.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/pixee/java-security-toolkit/blob/7c8e93e6fb2420fb6003c54a741e267c4f883bab/src/main/java/io/github/pixee/security/ZipSecurity.java#L82-L87",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pixee/java-security-toolkit/commit/b885b03c9cfae53d62d239037f9654d973dd54d9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pixee/java-security-toolkit/security/advisories/GHSA-qh4g-4m4w-jgv2",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2024/CVE-2024-247xx/CVE-2024-24752.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-24752",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-01T16:17:14.487",
"lastModified": "2024-02-01T16:17:14.487",
"lastModified": "2024-02-01T20:50:05.813",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a `RequestHandlerInterface`, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each part is parsed and for each which contains a file, it is extracted and saved in `/tmp` with a random filename starting with `bref_upload_`. The flow mimics what plain PHP does but it does not delete the temporary files when the request has been processed. An attacker could fill the Lambda instance disk by performing multiple MultiPart requests containing files. This vulnerability is patched in 2.1.12."
"value": "Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a `RequestHandlerInterface`, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each part is parsed and for each which contains a file, it is extracted and saved in `/tmp` with a random filename starting with `bref_upload_`. The flow mimics what plain PHP does but it does not delete the temporary files when the request has been processed. An attacker could fill the Lambda instance disk by performing multiple MultiPart requests containing files. This vulnerability is patched in 2.1.13."
}
],
"metrics": {
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "https://github.com/brefphp/bref/commit/350788de12880b6fd64c4c318ba995388bec840e",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/brefphp/bref/security/advisories/GHSA-x4hh-frx8-98r5",
"source": "security-advisories@github.com"

8
CVE-2024/CVE-2024-247xx/CVE-2024-24753.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-24753",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-02-01T16:17:14.690",
"lastModified": "2024-02-01T16:17:14.690",
"lastModified": "2024-02-01T20:50:05.963",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Bref enable serverless PHP on AWS Lambda. When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. If PHP generates a response with two headers having the same key but different values only the latest one is kept. If an application relies on multiple headers with the same key being set for security reasons, then Bref would lower the application security. For example, if an application sets multiple `Content-Security-Policy` headers, then Bref would just reflect the latest one. This vulnerability is patched in 2.1.12."
"value": "Bref enable serverless PHP on AWS Lambda. When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. If PHP generates a response with two headers having the same key but different values only the latest one is kept. If an application relies on multiple headers with the same key being set for security reasons, then Bref would lower the application security. For example, if an application sets multiple `Content-Security-Policy` headers, then Bref would just reflect the latest one. This vulnerability is patched in 2.1.13."
}
],
"metrics": {
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "https://github.com/brefphp/bref/commit/f834027aaf88b3885f4aa8edf6944ae920daf2dc",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/brefphp/bref/security/advisories/GHSA-99f9-gv72-fw9r",
"source": "security-advisories@github.com"

24
CVE-2024/CVE-2024-249xx/CVE-2024-24945.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-24945",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-01T20:50:06.063",
"lastModified": "2024-02-01T20:50:06.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with Source Code v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Share Your Moments parameter at /travel-journal/write-journal.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/tubakvgc/CVE/blob/main/Travel_Journal_App.md",
"source": "cve@mitre.org"
},
{
"url": "https://portswigger.net/web-security/cross-site-scripting",
"source": "cve@mitre.org"
}
]
}

67
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-01T19:00:24.967995+00:00
2024-02-01T21:00:26.830728+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-01T18:54:51.137000+00:00
2024-02-01T20:59:40.320000+00:00
```
### Last Data Feed Release
@ -29,51 +29,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237315
237319
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `4`
* [CVE-2023-51446](CVE-2023/CVE-2023-514xx/CVE-2023-51446.json) (`2024-02-01T18:15:53.427`)
* [CVE-2024-23832](CVE-2024/CVE-2024-238xx/CVE-2024-23832.json) (`2024-02-01T17:15:10.677`)
* [CVE-2024-24557](CVE-2024/CVE-2024-245xx/CVE-2024-24557.json) (`2024-02-01T17:15:10.953`)
* [CVE-2024-24561](CVE-2024/CVE-2024-245xx/CVE-2024-24561.json) (`2024-02-01T17:15:11.180`)
* [CVE-2024-1167](CVE-2024/CVE-2024-11xx/CVE-2024-1167.json) (`2024-02-01T18:15:53.637`)
* [CVE-2024-23645](CVE-2024/CVE-2024-236xx/CVE-2024-23645.json) (`2024-02-01T18:15:53.823`)
* [CVE-2024-24570](CVE-2024/CVE-2024-245xx/CVE-2024-24570.json) (`2024-02-01T17:15:11.403`)
* [CVE-2023-5841](CVE-2023/CVE-2023-58xx/CVE-2023-5841.json) (`2024-02-01T19:15:08.097`)
* [CVE-2024-24569](CVE-2024/CVE-2024-245xx/CVE-2024-24569.json) (`2024-02-01T19:15:08.360`)
* [CVE-2024-24041](CVE-2024/CVE-2024-240xx/CVE-2024-24041.json) (`2024-02-01T20:50:05.760`)
* [CVE-2024-24945](CVE-2024/CVE-2024-249xx/CVE-2024-24945.json) (`2024-02-01T20:50:06.063`)
### CVEs modified in the last Commit
Recently modified CVEs: `58`
Recently modified CVEs: `21`
* [CVE-2024-0941](CVE-2024/CVE-2024-09xx/CVE-2024-0941.json) (`2024-02-01T17:02:05.140`)
* [CVE-2024-20918](CVE-2024/CVE-2024-209xx/CVE-2024-20918.json) (`2024-02-01T17:15:08.847`)
* [CVE-2024-20922](CVE-2024/CVE-2024-209xx/CVE-2024-20922.json) (`2024-02-01T17:15:08.973`)
* [CVE-2024-20926](CVE-2024/CVE-2024-209xx/CVE-2024-20926.json) (`2024-02-01T17:15:09.080`)
* [CVE-2024-20932](CVE-2024/CVE-2024-209xx/CVE-2024-20932.json) (`2024-02-01T17:15:09.190`)
* [CVE-2024-20952](CVE-2024/CVE-2024-209xx/CVE-2024-20952.json) (`2024-02-01T17:15:09.293`)
* [CVE-2024-20961](CVE-2024/CVE-2024-209xx/CVE-2024-20961.json) (`2024-02-01T17:15:09.397`)
* [CVE-2024-20963](CVE-2024/CVE-2024-209xx/CVE-2024-20963.json) (`2024-02-01T17:15:09.500`)
* [CVE-2024-20965](CVE-2024/CVE-2024-209xx/CVE-2024-20965.json) (`2024-02-01T17:15:09.593`)
* [CVE-2024-20967](CVE-2024/CVE-2024-209xx/CVE-2024-20967.json) (`2024-02-01T17:15:09.697`)
* [CVE-2024-20969](CVE-2024/CVE-2024-209xx/CVE-2024-20969.json) (`2024-02-01T17:15:09.793`)
* [CVE-2024-20971](CVE-2024/CVE-2024-209xx/CVE-2024-20971.json) (`2024-02-01T17:15:09.893`)
* [CVE-2024-20973](CVE-2024/CVE-2024-209xx/CVE-2024-20973.json) (`2024-02-01T17:15:09.987`)
* [CVE-2024-20975](CVE-2024/CVE-2024-209xx/CVE-2024-20975.json) (`2024-02-01T17:15:10.080`)
* [CVE-2024-20977](CVE-2024/CVE-2024-209xx/CVE-2024-20977.json) (`2024-02-01T17:15:10.183`)
* [CVE-2024-20981](CVE-2024/CVE-2024-209xx/CVE-2024-20981.json) (`2024-02-01T17:15:10.280`)
* [CVE-2024-20983](CVE-2024/CVE-2024-209xx/CVE-2024-20983.json) (`2024-02-01T17:15:10.380`)
* [CVE-2024-20985](CVE-2024/CVE-2024-209xx/CVE-2024-20985.json) (`2024-02-01T17:15:10.467`)
* [CVE-2024-21733](CVE-2024/CVE-2024-217xx/CVE-2024-21733.json) (`2024-02-01T17:15:10.543`)
* [CVE-2024-23330](CVE-2024/CVE-2024-233xx/CVE-2024-23330.json) (`2024-02-01T17:20:38.387`)
* [CVE-2024-23985](CVE-2024/CVE-2024-239xx/CVE-2024-23985.json) (`2024-02-01T17:33:41.777`)
* [CVE-2024-24062](CVE-2024/CVE-2024-240xx/CVE-2024-24062.json) (`2024-02-01T18:52:05.193`)
* [CVE-2024-24061](CVE-2024/CVE-2024-240xx/CVE-2024-24061.json) (`2024-02-01T18:52:07.677`)
* [CVE-2024-24060](CVE-2024/CVE-2024-240xx/CVE-2024-24060.json) (`2024-02-01T18:52:09.930`)
* [CVE-2024-24059](CVE-2024/CVE-2024-240xx/CVE-2024-24059.json) (`2024-02-01T18:52:12.257`)
* [CVE-2018-17215](CVE-2018/CVE-2018-172xx/CVE-2018-17215.json) (`2024-02-01T19:55:49.890`)
* [CVE-2021-42146](CVE-2021/CVE-2021-421xx/CVE-2021-42146.json) (`2024-02-01T20:16:49.277`)
* [CVE-2023-6176](CVE-2023/CVE-2023-61xx/CVE-2023-6176.json) (`2024-02-01T19:15:08.180`)
* [CVE-2023-6919](CVE-2023/CVE-2023-69xx/CVE-2023-6919.json) (`2024-02-01T19:43:35.653`)
* [CVE-2023-6298](CVE-2023/CVE-2023-62xx/CVE-2023-6298.json) (`2024-02-01T19:58:50.157`)
* [CVE-2023-29081](CVE-2023/CVE-2023-290xx/CVE-2023-29081.json) (`2024-02-01T20:59:40.320`)
* [CVE-2024-0781](CVE-2024/CVE-2024-07xx/CVE-2024-0781.json) (`2024-02-01T19:03:24.887`)
* [CVE-2024-23626](CVE-2024/CVE-2024-236xx/CVE-2024-23626.json) (`2024-02-01T19:24:18.060`)
* [CVE-2024-23627](CVE-2024/CVE-2024-236xx/CVE-2024-23627.json) (`2024-02-01T19:38:10.910`)
* [CVE-2024-23628](CVE-2024/CVE-2024-236xx/CVE-2024-23628.json) (`2024-02-01T19:40:28.237`)
* [CVE-2024-23629](CVE-2024/CVE-2024-236xx/CVE-2024-23629.json) (`2024-02-01T19:48:49.857`)
* [CVE-2024-23630](CVE-2024/CVE-2024-236xx/CVE-2024-23630.json) (`2024-02-01T19:56:55.807`)
* [CVE-2024-22551](CVE-2024/CVE-2024-225xx/CVE-2024-22551.json) (`2024-02-01T20:10:53.180`)
* [CVE-2024-23341](CVE-2024/CVE-2024-233xx/CVE-2024-23341.json) (`2024-02-01T20:15:31.893`)
* [CVE-2024-23636](CVE-2024/CVE-2024-236xx/CVE-2024-23636.json) (`2024-02-01T20:17:34.393`)
* [CVE-2024-21620](CVE-2024/CVE-2024-216xx/CVE-2024-21620.json) (`2024-02-01T20:20:19.847`)
* [CVE-2024-0942](CVE-2024/CVE-2024-09xx/CVE-2024-0942.json) (`2024-02-01T20:32:02.617`)
* [CVE-2024-0943](CVE-2024/CVE-2024-09xx/CVE-2024-0943.json) (`2024-02-01T20:47:02.903`)
* [CVE-2024-0944](CVE-2024/CVE-2024-09xx/CVE-2024-0944.json) (`2024-02-01T20:49:30.500`)
* [CVE-2024-24752](CVE-2024/CVE-2024-247xx/CVE-2024-24752.json) (`2024-02-01T20:50:05.813`)
* [CVE-2024-24753](CVE-2024/CVE-2024-247xx/CVE-2024-24753.json) (`2024-02-01T20:50:05.963`)
## Download and Usage