Auto-Update: 2024-09-10T06:00:17.838120+00:00

CVE-2024/CVE-2024-00xx/CVE-2024-0067.json

@@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-0067",
+  "sourceIdentifier": "product-security@axis.com",
+  "published": "2024-09-10T05:15:10.460",
+  "lastModified": "2024-09-10T05:15:10.460",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "product-security@axis.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.axis.com/dam/public/c7/d0/91/cve-2024-0067-en-US-448994.pdf",
+      "source": "product-security@axis.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-215xx/CVE-2024-21528.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-21528",
+  "sourceIdentifier": "report@snyk.io",
+  "published": "2024-09-10T05:15:10.700",
+  "lastModified": "2024-09-10T05:15:10.700",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "All versions of the package node-gettext are vulnerable to Prototype Pollution via the addTranslations() function in gettext.js due to improper user input sanitization."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "report@snyk.io",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "report@snyk.io",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1321"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/alexanderwallin/node-gettext/blob/65d9670f691c2eeca40dce129c95bcf8b613d344/lib/gettext.js%23L113",
+      "source": "report@snyk.io"
+    },
+    {
+      "url": "https://security.snyk.io/vuln/SNYK-JS-NODEGETTEXT-6100943",
+      "source": "report@snyk.io"
+    }
+  ]
+}

CVE-2024/CVE-2024-417xx/CVE-2024-41728.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-41728",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T04:15:04.470",
+  "lastModified": "2024-09-10T04:15:04.470",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.7,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3496410",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-441xx/CVE-2024-44112.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-44112",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T04:15:04.710",
+  "lastModified": "2024-09-10T04:15:04.710",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or availability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3505293",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-441xx/CVE-2024-44113.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-44113",
   "sourceIdentifier": "cna@sap.com",
   "published": "2024-09-10T03:15:02.860",
-  "lastModified": "2024-09-10T03:15:02.860",
+  "lastModified": "2024-09-10T05:15:10.937",
   "vulnStatus": "Received",
   "cveTags": [],
   "descriptions": [
@@ -43,6 +43,10 @@
         {
           "lang": "en",
           "value": "CWE-359"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-862"
         }
       ]
     }

CVE-2024/CVE-2024-441xx/CVE-2024-44117.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-44117",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:11.050",
+  "lastModified": "2024-09-10T05:15:11.050",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The RFC enabled function module allows a low privileged user to perform various actions, such as modifying the URLs of any user's favourite nodes and workbook ID. There is low impact on integrity and availability of the application."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3488039",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-441xx/CVE-2024-44120.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-44120",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:11.247",
+  "lastModified": "2024-09-10T05:15:11.247",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SAP NetWeaver Enterprise Portal is vulnerable to reflected cross site scripting due to insufficient encoding of user-controlled input. An unauthenticated attacker could craft a malicious URL and trick a user to click it. If the victim clicks on this crafted URL before it times out, then the attacker could read and manipulate user content in the browser."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3498221",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-441xx/CVE-2024-44121.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-44121",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:11.430",
+  "lastModified": "2024-09-10T05:15:11.430",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic privileges to access information which would otherwise be restricted. The vulnerability could expose internal user data that should remain confidential. It does not impact the integrity and availability of the application"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-213"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3437585",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-452xx/CVE-2024-45279.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45279",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:11.620",
+  "lastModified": "2024-09-10T05:15:11.620",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify information with no effect on availability of the application."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3501359",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-452xx/CVE-2024-45280.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45280",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:11.810",
+  "lastModified": "2024-09-10T05:15:11.810",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Due to insufficient encoding of user-controlled inputs, SAP NetWeaver AS Java allows malicious scripts to be executed in the login application. This has a limited impact on confidentiality and integrity of the application. There is no impact on availability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.7,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3505503",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-452xx/CVE-2024-45281.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45281",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:12.007",
+  "lastModified": "2024-09-10T05:15:12.007",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client desktop applications even if some of the DLLs are not digitally signed or if the signature is broken. The attacker needs to have local access to the vulnerable system to perform DLL related tasks. This could result in a high impact on confidentiality and integrity of the application."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.6,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-426"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3425287",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-452xx/CVE-2024-45283.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45283",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:12.207",
+  "lastModified": "2024-09-10T05:15:12.207",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.0,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.5,
+        "impactScore": 4.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-256"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3477359",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-452xx/CVE-2024-45284.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45284",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:12.407",
+  "lastModified": "2024-09-10T05:15:12.407",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An authenticated attacker with high privilege can use functions of SLCM transactions to which access should be restricted. This may result in an escalation of privileges causing low impact on integrity of the application."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.4,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/2256627",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-452xx/CVE-2024-45285.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45285",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T05:15:12.590",
+  "lastModified": "2024-09-10T05:15:12.590",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The RFC enabled function module allows a low privileged user to perform denial of service on any user and also change or delete favourite nodes. By sending a crafted packet in the function module targeting specific parameters, the specific targeted user will no longer have access to any functionality of SAP GUI. There is low impact on integrity and availability of the application."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3488039",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-452xx/CVE-2024-45286.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-45286",
+  "sourceIdentifier": "cna@sap.com",
+  "published": "2024-09-10T04:15:04.950",
+  "lastModified": "2024-09-10T04:15:04.950",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin interface in SAP Production and Revenue Accounting allows unauthorized access that could lead to disclosure of highly sensitive data. There is no impact on integrity or availability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@sap.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@sap.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://me.sap.com/notes/3488341",
+      "source": "cna@sap.com"
+    },
+    {
+      "url": "https://url.sap/sapsecuritypatchday",
+      "source": "cna@sap.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-455xx/CVE-2024-45504.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2024-45504",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-09-10T05:15:12.780",
+  "lastModified": "2024-09-10T05:15:12.780",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site request forgery (CSRF) vulnerability in multiple Alps System Integration products and the OEM products allow a remote unauthenticated attacker to hijack the authentication of the user and to perform unintended operations if the user views a malicious page while logged in."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://alsifaq.dga.jp/faq_detail.html?id=6494",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://jvn.jp/en/jp/JVN05579230/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://success.trendmicro.com/ja-JP/solution/KA-0017618",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.motex.co.jp/news/notice/2024/release240909/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2024/CVE-2024-61xx/CVE-2024-6173.json

@@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-6173",
+  "sourceIdentifier": "product-security@axis.com",
+  "published": "2024-09-10T05:15:12.850",
+  "lastModified": "2024-09-10T05:15:12.850",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "product-security@axis.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.axis.com/dam/public/33/0c/c8/cve-2024-6173-en-US-448995.pdf",
+      "source": "product-security@axis.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-65xx/CVE-2024-6509.json

@@ -0,0 +1,44 @@
+{
+  "id": "CVE-2024-6509",
+  "sourceIdentifier": "product-security@axis.com",
+  "published": "2024-09-10T05:15:12.997",
+  "lastModified": "2024-09-10T05:15:12.997",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "product-security@axis.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.axis.com/dam/public/47/bf/2c/cve-2024-6509-en-US-448996.pdf",
+      "source": "product-security@axis.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-09-10T04:00:17.954746+00:00
+2024-09-10T06:00:17.838120+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-09-10T03:15:03.903000+00:00
+2024-09-10T05:15:12.997000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,31 +33,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-262258
+262275
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `12`
+Recently added CVEs: `17`
 
-- [CVE-2024-38270](CVE-2024/CVE-2024-382xx/CVE-2024-38270.json) (`2024-09-10T02:15:09.780`)
+- [CVE-2024-0067](CVE-2024/CVE-2024-00xx/CVE-2024-0067.json) (`2024-09-10T05:15:10.460`)
-- [CVE-2024-41729](CVE-2024/CVE-2024-417xx/CVE-2024-41729.json) (`2024-09-10T03:15:02.033`)
+- [CVE-2024-21528](CVE-2024/CVE-2024-215xx/CVE-2024-21528.json) (`2024-09-10T05:15:10.700`)
-- [CVE-2024-42371](CVE-2024/CVE-2024-423xx/CVE-2024-42371.json) (`2024-09-10T03:15:02.240`)
+- [CVE-2024-41728](CVE-2024/CVE-2024-417xx/CVE-2024-41728.json) (`2024-09-10T04:15:04.470`)
-- [CVE-2024-42378](CVE-2024/CVE-2024-423xx/CVE-2024-42378.json) (`2024-09-10T03:15:02.443`)
+- [CVE-2024-44112](CVE-2024/CVE-2024-441xx/CVE-2024-44112.json) (`2024-09-10T04:15:04.710`)
-- [CVE-2024-42380](CVE-2024/CVE-2024-423xx/CVE-2024-42380.json) (`2024-09-10T03:15:02.653`)
+- [CVE-2024-44117](CVE-2024/CVE-2024-441xx/CVE-2024-44117.json) (`2024-09-10T05:15:11.050`)
-- [CVE-2024-44113](CVE-2024/CVE-2024-441xx/CVE-2024-44113.json) (`2024-09-10T03:15:02.860`)
+- [CVE-2024-44120](CVE-2024/CVE-2024-441xx/CVE-2024-44120.json) (`2024-09-10T05:15:11.247`)
-- [CVE-2024-44114](CVE-2024/CVE-2024-441xx/CVE-2024-44114.json) (`2024-09-10T03:15:03.077`)
+- [CVE-2024-44121](CVE-2024/CVE-2024-441xx/CVE-2024-44121.json) (`2024-09-10T05:15:11.430`)
-- [CVE-2024-44115](CVE-2024/CVE-2024-441xx/CVE-2024-44115.json) (`2024-09-10T03:15:03.293`)
+- [CVE-2024-45279](CVE-2024/CVE-2024-452xx/CVE-2024-45279.json) (`2024-09-10T05:15:11.620`)
-- [CVE-2024-44116](CVE-2024/CVE-2024-441xx/CVE-2024-44116.json) (`2024-09-10T03:15:03.490`)
+- [CVE-2024-45280](CVE-2024/CVE-2024-452xx/CVE-2024-45280.json) (`2024-09-10T05:15:11.810`)
-- [CVE-2024-6342](CVE-2024/CVE-2024-63xx/CVE-2024-6342.json) (`2024-09-10T02:15:10.063`)
+- [CVE-2024-45281](CVE-2024/CVE-2024-452xx/CVE-2024-45281.json) (`2024-09-10T05:15:12.007`)
-- [CVE-2024-8268](CVE-2024/CVE-2024-82xx/CVE-2024-8268.json) (`2024-09-10T03:15:03.690`)
+- [CVE-2024-45283](CVE-2024/CVE-2024-452xx/CVE-2024-45283.json) (`2024-09-10T05:15:12.207`)
-- [CVE-2024-8478](CVE-2024/CVE-2024-84xx/CVE-2024-8478.json) (`2024-09-10T03:15:03.903`)
+- [CVE-2024-45284](CVE-2024/CVE-2024-452xx/CVE-2024-45284.json) (`2024-09-10T05:15:12.407`)
+- [CVE-2024-45285](CVE-2024/CVE-2024-452xx/CVE-2024-45285.json) (`2024-09-10T05:15:12.590`)
+- [CVE-2024-45286](CVE-2024/CVE-2024-452xx/CVE-2024-45286.json) (`2024-09-10T04:15:04.950`)
+- [CVE-2024-45504](CVE-2024/CVE-2024-455xx/CVE-2024-45504.json) (`2024-09-10T05:15:12.780`)
+- [CVE-2024-6173](CVE-2024/CVE-2024-61xx/CVE-2024-6173.json) (`2024-09-10T05:15:12.850`)
+- [CVE-2024-6509](CVE-2024/CVE-2024-65xx/CVE-2024-6509.json) (`2024-09-10T05:15:12.997`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+- [CVE-2024-44113](CVE-2024/CVE-2024-441xx/CVE-2024-44113.json) (`2024-09-10T05:15:10.937`)
 
 
 ## Download and Usage

_state.csv

@@ -241190,6 +241190,7 @@ CVE-2024-0055,0,0,6423f35fac503e2236303ae5d235d6e391a2b6d4054c8cfb0ff929b519b2bf
 CVE-2024-0056,0,0,250eb566c316b11de6e07df616e14b6841dc4cdae760cc615b211d8501ed88cc,2024-05-29T00:15:10.920000
 CVE-2024-0057,0,0,5ab5673f2af739399b07e147370322a5ca65cb1474378035b1d3b1b450eb99db,2024-05-29T00:15:11.080000
 CVE-2024-0066,0,0,edf104f3d6f2429ec397ec7f6a0c69119750ee227dae9f3b2af25d9d29a03213,2024-06-20T12:44:01.637000
+CVE-2024-0067,1,1,41f9a989833a05b5ff8fe367f644fff09841660e46d7827d4d80b37f30896962,2024-09-10T05:15:10.460000
 CVE-2024-0068,0,0,6b8371ca9b4345af5aaf5fdf9359976122506646a267dd907e8079f7bfa63e11,2024-03-01T14:04:26.010000
 CVE-2024-0069,0,0,f3ce66513994f3ff028688e20278f0458e6258ba59cf74f690ee7dcc06e666da,2023-11-28T00:15:07.140000
 CVE-2024-0070,0,0,cd3a46a295206562a4be32633daf482f59e1d323193385e7677ae8b6c52e190f,2023-11-28T00:15:07.183000
@@ -244039,6 +244040,7 @@ CVE-2024-21524,0,0,94f71300cc1d59487169e73d8c8122613dc6982f44c5510e0a3db2e12961d
 CVE-2024-21525,0,0,b0b4bb7ac52f850d274c4462f4e1c3c5bb13c947283cf1a8b69a39e30d235a9e,2024-07-11T13:05:54.930000
 CVE-2024-21526,0,0,effd07762d29cbaa402155d2c949789e21ab2c387b4e4af3dcba88775e370e17,2024-07-11T15:05:20.940000
 CVE-2024-21527,0,0,5f68d3fcedc529f8c61b21687ff27d1dfc424d6b1048d7df4e422495549fd852,2024-07-19T13:01:44.567000
+CVE-2024-21528,1,1,26685f5828103d8c46dc8c742e438d1837ec7435a5b8246a9b2aa068d15c15e3,2024-09-10T05:15:10.700000
 CVE-2024-2153,0,0,d3abacc4f79f5ae0d18412563134adcd72e3650da9619fcc6b902801eca849d9,2024-05-17T02:38:04.867000
 CVE-2024-2154,0,0,ab5f0b39bb38e5c25606bad964d563e0edda059ff34db22b99ca2b3670b021ff,2024-05-17T02:38:04.970000
 CVE-2024-2155,0,0,499612150b3a1be829ef430bb3388eb54a55d7bb52271f37f2a76ceb8af6c56f,2024-05-17T02:38:05.063000
@@ -255643,7 +255645,7 @@ CVE-2024-3824,0,0,e8430e8e74668eaaf1515aab02bbd50450b435f6ff0c9f12ee70566d9f9578
 CVE-2024-3825,0,0,0797baa725c3e17399d5d91a8de7a7a1a558d256247589a07a334c4f415b4b15,2024-04-17T15:31:50.160000
 CVE-2024-3826,0,0,121760e16d238bf81106004c4251c8d93e688e0e085277d4609f0e751627011d,2024-07-02T17:44:45.700000
 CVE-2024-3827,0,0,fe9452c74994fbdb1f4a1edea576f588d513e300bcd491a382890605454b836b,2024-08-02T12:59:43.990000
-CVE-2024-38270,1,1,88494ff7e92eeb00b1d3cd2553698f6361d76d9fdef9b73186cd2b1c0321bbb8,2024-09-10T02:15:09.780000
+CVE-2024-38270,0,0,88494ff7e92eeb00b1d3cd2553698f6361d76d9fdef9b73186cd2b1c0321bbb8,2024-09-10T02:15:09.780000
 CVE-2024-38271,0,0,a55d517f1e451a20db301f87d88d99f6d0173df1fa03dd913b12a59d024f897d,2024-07-29T22:15:04.757000
 CVE-2024-38272,0,0,0d362d9df49b138200ab4f12d59df7df286d43127ca17e43b2d79b45065d1568,2024-07-29T22:15:04.883000
 CVE-2024-38273,0,0,98139fcc5d27706ddcb6f85d322a9c3ffe167225916ac0c861ab393656c9d382,2024-06-27T03:15:50.130000
@@ -257572,7 +257574,8 @@ CVE-2024-41720,0,0,2d7bee1f981165f1c9cbab9643ce597269a916a15ed0d381724ec0dadf39a
 CVE-2024-41723,0,0,2fd6c172462641b542f047f7ff3bf2247bdc5b8b5f34ce988c43b2bfe1795c68,2024-08-20T19:26:24.033000
 CVE-2024-41726,0,0,e325c72cd77b10fa79a0c73cd0bce9d67f9472d40dd3ab04f6437f9f2b06b815,2024-08-01T13:59:09.707000
 CVE-2024-41727,0,0,f64de623c1f3cae418235db50af8da33c1315446224a7b8505bd8fc5343d1bad,2024-08-20T19:25:12.490000
-CVE-2024-41729,1,1,ac890e0f7f73249aca33143f86621c6e4fc49c322ed84484185656c9a23af937,2024-09-10T03:15:02.033000
+CVE-2024-41728,1,1,c6bccdd3e8260709018415f48c9c3550163556b0e4ffac150061c5ce277841d2,2024-09-10T04:15:04.470000
+CVE-2024-41729,0,0,ac890e0f7f73249aca33143f86621c6e4fc49c322ed84484185656c9a23af937,2024-09-10T03:15:02.033000
 CVE-2024-4173,0,0,47f39f3e8e603eac743ed4815cd724decf015716a2f0d9c17daf4d8fa3affc2d,2024-04-25T23:15:47.240000
 CVE-2024-41730,0,0,c3a91737f2e086c1acf47dd27a2418a435b72c75c0ef95092d81c10a62890c2b,2024-08-13T12:58:25.437000
 CVE-2024-41731,0,0,d5e6b6d25037e68a1f79c484f53ff7d64e1c1ae1a43b0c3615ae42e47ee6cc50,2024-08-13T12:58:25.437000
@@ -258042,16 +258045,16 @@ CVE-2024-42368,0,0,de4f48ab04f32dd7f3db383df19cc416867f89e8ecae60c2fdd0bef001ee0
 CVE-2024-42369,0,0,2db0203d9e1c9ed86d7e5fe91c7527c5d07f66504aa58aae16d195697c2bea11,2024-08-21T16:01:03.147000
 CVE-2024-4237,0,0,c38818d0c288b1eec57a9be9e655b05254cb3f3487787a1ecd91e69d9c20b38c,2024-05-17T02:40:19.580000
 CVE-2024-42370,0,0,62e839a91edcd64bb21dabf32c60522dd52dc9540883662a6d8c03c0ecbecadd,2024-08-12T13:41:36.517000
-CVE-2024-42371,1,1,cd7ff869e93847fbb23784b57bfbf63bc575ad0ebff75f6b007cf865f374b683,2024-09-10T03:15:02.240000
+CVE-2024-42371,0,0,cd7ff869e93847fbb23784b57bfbf63bc575ad0ebff75f6b007cf865f374b683,2024-09-10T03:15:02.240000
 CVE-2024-42373,0,0,295f57d389a740d58ca7f1197ba4847ae8998d712f5bf5435ce1e4024bfbdcde,2024-08-13T12:58:25.437000
 CVE-2024-42374,0,0,fbac271476e1e2a5530eb62b051d58c9133aff05c9b2fa9d3a5620c40d2acb9c,2024-08-13T12:58:25.437000
 CVE-2024-42375,0,0,e9725b5004889e50f9a6ac1c59e56febb5ad276cb9a721fc0c08aaaf3ebec84e,2024-08-13T12:58:25.437000
 CVE-2024-42376,0,0,c4f07b2c8269cb92583efc852c36ba8aba70348295a5eb2d011adc15b060ded0,2024-08-13T12:58:25.437000
 CVE-2024-42377,0,0,4524d9cd87be67a4dc2034064ca6271f613fad79df3daac39c5631e6926975fc,2024-08-13T12:58:25.437000
-CVE-2024-42378,1,1,75897fc94046d7ea6843a7213e3b0152685bd4850edda15bfa6dea4afdf49778,2024-09-10T03:15:02.443000
+CVE-2024-42378,0,0,75897fc94046d7ea6843a7213e3b0152685bd4850edda15bfa6dea4afdf49778,2024-09-10T03:15:02.443000
 CVE-2024-42379,0,0,3df4e462d3527273fa2a98871af6d02d089a425040231b6521435b06449dcc55,2024-08-30T20:15:07.623000
 CVE-2024-4238,0,0,188cceccdce16b8df034bef32fee010a6dd0f801c6690e1589421c7cadfb521c,2024-06-04T19:20:33.063000
-CVE-2024-42380,1,1,39822d2449019d03359db4654460d3e129092bfcfd74e542e36fc02ff5cd35fb,2024-09-10T03:15:02.653000
+CVE-2024-42380,0,0,39822d2449019d03359db4654460d3e129092bfcfd74e542e36fc02ff5cd35fb,2024-09-10T03:15:02.653000
 CVE-2024-42381,0,0,a5fa1277b5fe346d1dd5469d0c93ac780c7d0547ab1d06a7617c27606bb89aa8,2024-08-01T13:59:22.207000
 CVE-2024-4239,0,0,cecc2be82896f12bf6cdae75a3b125d58c075d387f3da865cfaf565a2c454897,2024-06-04T19:20:33.163000
 CVE-2024-42393,0,0,dccd6d06051b1376b790b00ce1bb00ad00ff605de076bb7cd98815c096883960,2024-08-12T18:22:45.023000
@@ -258859,10 +258862,14 @@ CVE-2024-44085,0,0,ecf5951d52699c6f64ad8e35ca78bb63c6655b58c6934de27f2c5efa7e11f
 CVE-2024-4409,0,0,ef601ae22761768812ec6eb133885b7a6b08c5417903a944100f49b603e1172f,2024-05-24T13:03:11.993000
 CVE-2024-4410,0,0,ca43b98286a78ab63b5139b50b93fc074ee9aec4c16e78097aa3514c43622322,2024-07-29T14:12:08.783000
 CVE-2024-4411,0,0,9d1b27ccac7555d95c6be5f4488ca4d9772a0570efc26fe6a3f3d131fd0aea06,2024-05-14T16:11:39.510000
-CVE-2024-44113,1,1,c73975ce842e7aaf37d793d57c0d8cb768c550c2e24f6ba52399c7b838ee35cc,2024-09-10T03:15:02.860000
+CVE-2024-44112,1,1,7f9f6d410db88028ac206f1c59f3e441658970ec64baa48ed608cf2ff21ebba3,2024-09-10T04:15:04.710000
-CVE-2024-44114,1,1,7485fa213d8873fa4e777bbb54e3495c1f5ad9a0ae89db9bd88a75db8757a502,2024-09-10T03:15:03.077000
+CVE-2024-44113,0,1,704c93f20033e7061ac5a882acd04eabab6359da9a08c08e6f80926dfbe9d57a,2024-09-10T05:15:10.937000
-CVE-2024-44115,1,1,827c635267c78d3e9e654741102b0d5d2f37a36cc75857dc8bad6547bc921cc6,2024-09-10T03:15:03.293000
+CVE-2024-44114,0,0,7485fa213d8873fa4e777bbb54e3495c1f5ad9a0ae89db9bd88a75db8757a502,2024-09-10T03:15:03.077000
-CVE-2024-44116,1,1,794e07caec118d7a39c9bcbae777b16a09607cfb7442f9b33d60d62947c59443,2024-09-10T03:15:03.490000
+CVE-2024-44115,0,0,827c635267c78d3e9e654741102b0d5d2f37a36cc75857dc8bad6547bc921cc6,2024-09-10T03:15:03.293000
+CVE-2024-44116,0,0,794e07caec118d7a39c9bcbae777b16a09607cfb7442f9b33d60d62947c59443,2024-09-10T03:15:03.490000
+CVE-2024-44117,1,1,00e72a7b5a42f4e8796628fb4ae5e583fd9c2f3f9683bb993901c196c321366b,2024-09-10T05:15:11.050000
+CVE-2024-44120,1,1,2eae8ef35a031c80c44d105062dafa34a3de9321de17b17f2b9b81983efa082d,2024-09-10T05:15:11.247000
+CVE-2024-44121,1,1,2196749e23d4cd934163a9f191e6424b2bda3ad95f814bbf72815647632bd158,2024-09-10T05:15:11.430000
 CVE-2024-4413,0,0,63e6df043fde5eb9cf937a1f1c34414009dec10f116b4c7a5421dbd8a403038d,2024-05-14T16:11:39.510000
 CVE-2024-4417,0,0,9b4dc22c7f1e74f381016fafb921403ecdaeb7b3b80aa5fc2130db180ef5935c,2024-05-14T16:11:39.510000
 CVE-2024-4418,0,0,da6c1eb4513de715971e2c985312b5242ea57c97376ea448b71f18893daf3366,2024-07-23T22:15:09.183000
@@ -259200,7 +259207,14 @@ CVE-2024-45265,0,0,0bfdc3ea11a3a8b692c725170390e0ed5e5bfa861ba7586668c7c78868fd4
 CVE-2024-45269,0,0,930c2dda66909b7393cc3daf8d8e0bcb8066c589d45124dd784354d0c2c32ffd,2024-09-04T11:49:36.950000
 CVE-2024-4527,0,0,c7ad79186f39af6c4287cf90f197f2ec298291b738fc5af7e4ddede8b4e9adfb,2024-06-04T19:20:41.810000
 CVE-2024-45270,0,0,c7af37af49333c30529c68858eecc171381f5cb95414149d25997e187a81c107,2024-09-04T11:51:30.887000
+CVE-2024-45279,1,1,48f3576754a694bb0969ebaea39dc4b504fcdaaa623ea41876295e35ea323d97,2024-09-10T05:15:11.620000
 CVE-2024-4528,0,0,7b720d00d965c73e07e6aefd4c36ac932b079840a05c5efc530ca8c4800fb595,2024-06-04T19:20:41.917000
+CVE-2024-45280,1,1,cb9553d1c8491dc45a8fd201621044dbd74f8bd4f8c8a8b882cfcd4deb2a9875,2024-09-10T05:15:11.810000
+CVE-2024-45281,1,1,067c80cd831f2d1cc0db992a964d5ae07b3f4c054ab65f017a77c4cf474a6cbd,2024-09-10T05:15:12.007000
+CVE-2024-45283,1,1,7893dc364a73551169072d8957b070c46478ddf3f8c93e9e6fceee3912a20a4c,2024-09-10T05:15:12.207000
+CVE-2024-45284,1,1,30c4444516a161886e0742807c660e31c341fbeb59e1d05c4d70f1de4f3aa529,2024-09-10T05:15:12.407000
+CVE-2024-45285,1,1,e2fba2ec3f1d0957600c3373da162b804c7de96dfc5feb7090e30febb4044d3a,2024-09-10T05:15:12.590000
+CVE-2024-45286,1,1,27b24a0e31993479410470549480d5895882636682afe68834dc16e08dcfea1c,2024-09-10T04:15:04.950000
 CVE-2024-45287,0,0,045bfb0d53167c55abd32c57163028c51920368f50e2cf76774839485016e81f,2024-09-06T16:26:26.303000
 CVE-2024-45288,0,0,955296d26f6688a711bb67949962e8bc8a5c80938f39e5cdb2e043fe3c66ded8,2024-09-05T14:35:25.337000
 CVE-2024-4529,0,0,5fbb4c14219ef7d51954458b7780a68dbee769876e9489db6e9ba34bd68834fa,2024-07-03T02:07:42.220000
@@ -259274,6 +259288,7 @@ CVE-2024-45490,0,0,4a9544858f8ad52701885faaacc054b024c5e1d139687b3f21fcc2ee9f6ad
 CVE-2024-45491,0,0,e460156ea6419a80b45a0f265018e72555b70e117c8be4ee37cb347a447d976e,2024-09-04T14:28:33.953000
 CVE-2024-45492,0,0,073ca72c9147ce0bd071ae42dd069b817368a461c31ddb6a6a85b43c752a5921,2024-09-04T14:28:41.760000
 CVE-2024-45498,0,0,c0b73fd56e19fc295690d422c61db0b0a34ba9767e31b80f7a635220e3379808,2024-09-09T13:03:38.303000
+CVE-2024-45504,1,1,65d252e0b9c758f32f0c17b6d6b1884ee3a85a817f00139b1e23172bce879735,2024-09-10T05:15:12.780000
 CVE-2024-45506,0,0,f825d7097befd0ec70ad07a8a6b4c2f13762a67e5f358f9d2ab15de2e8f395af,2024-09-05T14:39:49.807000
 CVE-2024-45507,0,0,b2cf0920dcb75db868de7b4afd51449cea360da72164b9b7e7a575176b0c17c4,2024-09-05T17:53:39.760000
 CVE-2024-45508,0,0,a7bf13ff5f2bf318e53d0cc8b12c1b5ac7eae45f1991e7b683a2e3673a166bb9,2024-09-04T16:44:08.247000
@@ -260694,6 +260709,7 @@ CVE-2024-6169,0,0,5e3e4a526f2a4d49baf3eef5dd269238928a43ddd3f433b5eb67cd54677888
 CVE-2024-6170,0,0,ac5157d2a01994f30113ebfad64201af3c260777b3c9d326a82653d700efeb69,2024-07-12T14:20:01.013000
 CVE-2024-6171,0,0,cc3c7e2efac98c0e3bae2d0863061f06de152fc95e444a2b0790f9bcdb93cdc1,2024-07-12T14:40:02.843000
 CVE-2024-6172,0,0,772bb913ed7f683b9ada9dc0ecd54a374149383f55e758d624c0fb5be0b0bf4c,2024-07-03T18:00:01.770000
+CVE-2024-6173,1,1,3dd1ff6967c31df1026c0fabfd06c978374bf8e2ea537ffaff248636c8d956f6,2024-09-10T05:15:12.850000
 CVE-2024-6175,0,0,eb9360cbb2782c1dffbbe4cdc22c0383ba7fa24583969fa1007fff7e487bb251,2024-07-18T12:28:43.707000
 CVE-2024-6176,0,0,1a872b8ffa43aa03ad69b3aab7b5781342b0397e6bd6a578bab967fc8754b3a9,2024-06-20T12:43:25.663000
 CVE-2024-6177,0,0,e51904c80961d41608903dd9ecba1a38d9527008f51a121ebd3747e18a611aea,2024-06-20T15:17:06.493000
@@ -260839,7 +260855,7 @@ CVE-2024-6338,0,0,8956384d5cc966970e625ecbde4127bb4f84d940fa059b7aaed0155a833fd9
 CVE-2024-6339,0,0,900c18b99c3b938f801abc6ad5fe5a877c8e068ea7f11186df65574c46246a21,2024-08-21T12:30:33.697000
 CVE-2024-6340,0,0,fd12f25a45d92fefbb8c0ec47428250f4f56bb9c686a12a52e54d86e24fec10a,2024-07-03T18:27:40.903000
 CVE-2024-6341,0,0,528f4fdde1526d72477e90a767b2f2316b168f65b64effeddb9446d8a5cdcaf5,2024-07-02T18:15:03.900000
-CVE-2024-6342,1,1,30a7277b1df834a061a853c2081b82e404845761ff8d9940e7349ca7a4b67145,2024-09-10T02:15:10.063000
+CVE-2024-6342,0,0,30a7277b1df834a061a853c2081b82e404845761ff8d9940e7349ca7a4b67145,2024-09-10T02:15:10.063000
 CVE-2024-6343,0,0,38ac9303003845967860125853ac4494a8fe1ecd1fc8d7c1fa719ce9a13c5dc8,2024-09-05T14:35:34.780000
 CVE-2024-6344,0,0,ddc89c494afe0b7b80a518e0bed96070c096d29b8a0f403bdd242f60ce193de2,2024-06-27T00:15:13.360000
 CVE-2024-6345,0,0,fc166d5e44485020c9b016f580b4f1c78befbdae01a9e6ec8b7e6b8d01a2e1ea,2024-07-15T13:00:34.853000
@@ -260966,6 +260982,7 @@ CVE-2024-6505,0,0,b8708084cd092b6ca88acb18ad5e80f748f8e2829ec040b8958bfe3c1fee2c
 CVE-2024-6506,0,0,58310ca3e68e3dacb16dafd9b32db187bdf111a88d3da008267c8c84bbec48d6,2024-07-05T12:55:51.367000
 CVE-2024-6507,0,0,4e3b24fd61e25de66a6840473e4d19109a713188592b0f05efa1cbb9de33936e,2024-07-08T14:19:21.610000
 CVE-2024-6508,0,0,5773cbe3ab2c4eb69c1efc3c03d7ae03bdf5d1ca7c49c5fd875f2b2bd8e08dcb,2024-08-21T12:30:33.697000
+CVE-2024-6509,1,1,2851583e714ce872fa370561a6935fbb216f4071414a3c1dbdf5e2b89badfad1,2024-09-10T05:15:12.997000
 CVE-2024-6511,0,0,053f3089b06a0cd915df79eb3301836b5db5c9fe4d3ed571ee6923d36f4d1832,2024-07-05T12:55:51.367000
 CVE-2024-6513,0,0,bb977a38eaef5aa918756b3907c97d9805111d3bc118dcf2b0096d1bbd202aea,2024-07-04T16:15:03.103000
 CVE-2024-6518,0,0,7382529f36b9b37e0acec24889e25676a677588945f854438be53c4cb8bd58b0,2024-08-27T13:15:20.033000
@@ -262118,7 +262135,7 @@ CVE-2024-8250,0,0,9b93a65d8c7dcee06e07a2e2b390d716b51503d05b493ec48aa5a8756ae94b
 CVE-2024-8252,0,0,36e1aa114a02ff2bf925a636a4ed4135ae0e6011078bf9fd8b3aff586823c205,2024-09-03T14:31:27.243000
 CVE-2024-8255,0,0,c6874ac38c80acc73ad7edcdfa1b6810f24be9f578842829800024511d128d5a,2024-09-06T22:53:34.187000
 CVE-2024-8260,0,0,812d2a62f9a14f293d2814006504d857c705848c99804aae9066abfa5d1408ba,2024-09-03T12:59:02.453000
-CVE-2024-8268,1,1,19698d2ff5d82db2ae743a122534da67a187f2f6f912961a5504ef6cf90e8b6b,2024-09-10T03:15:03.690000
+CVE-2024-8268,0,0,19698d2ff5d82db2ae743a122534da67a187f2f6f912961a5504ef6cf90e8b6b,2024-09-10T03:15:03.690000
 CVE-2024-8274,0,0,81f15088246893eaf3249a3304ee5d5199071263c8883a7f9f22c293a16a376a,2024-09-03T14:28:06.853000
 CVE-2024-8276,0,0,33cf21b53b41316bc2e568f752afa4e96bbe73b4ee966f9832ffdb8137ffcc10,2024-09-03T12:59:02.453000
 CVE-2024-8285,0,0,44d06284adb5d71c65e8f3277866d5d546f57dcd495152060c7216923cd6bd07,2024-09-03T12:59:02.453000
@@ -262214,7 +262231,7 @@ CVE-2024-8470,0,0,bea6b0b968688b42b5644ab4cec20c893536d252388507a633ee5ebbe07507
 CVE-2024-8471,0,0,d4cac4daadf018326a13905f788e8fc27e503497a3cff6ab0ea980773a6f76cb,2024-09-06T11:44:22.510000
 CVE-2024-8472,0,0,a896e0fd54ff62d16feed47be0f08dd27e23a8a4def269ca8073766b75918cef,2024-09-06T11:44:34.543000
 CVE-2024-8473,0,0,0d318dfea88475fed5cabdbe761e188358c3ae35cd6d226ef3fe46f2f9041c00,2024-09-06T11:44:45.017000
-CVE-2024-8478,1,1,181986e299f6363b073613ea52b26c04918963aa2f232a1a7ef542f1a98c13f6,2024-09-10T03:15:03.903000
+CVE-2024-8478,0,0,181986e299f6363b073613ea52b26c04918963aa2f232a1a7ef542f1a98c13f6,2024-09-10T03:15:03.903000
 CVE-2024-8480,0,0,6f63c0c2b913be669f1e72f74bb0555ea9046fdf00f5eabae51a6bc6bb95358b,2024-09-06T12:08:04.550000
 CVE-2024-8509,0,0,72b678ade46a23d1db65e1dfb65526568e7875d83752ef0a47b4a7edfeaf5ddf,2024-09-09T19:15:14.837000
 CVE-2024-8517,0,0,3800f6b128aab40f688c971c9a9e47c0b6a42cbdd5c8d94b7cf3eaf620f48fad,2024-09-09T16:15:03.053000