admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-25T15:01:11.658599+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-25 15:04:22 +00:00
parent e5e315975c
commit 5d0dee7f47
39 changed files with 8489 additions and 315 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
CVE-2023/CVE-2023-276xx/CVE-2023-27609.json
View File

@ -2,13 +2,16 @@
"id": "CVE-2023-27609",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-19T22:15:19.443",
"lastModified": "2024-11-19T22:15:19.443",
"vulnStatus": "Received",
"cveTags": [],
"lastModified": "2024-11-25T14:59:00.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration allows Stored XSS.This issue affects WP Roles at Registration: from n/a through 0.23."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en NetTantra WP Roles at Registration permite XSS almacenado. Este problema afecta a WP Roles at Registration: desde n/a hasta 0.23."
}
],
"metrics": {
@ -19,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
@ -26,12 +31,30 @@
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
@ -47,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/wp-roles-at-registration/wordpress-wp-roles-at-registration-plugin-0-23-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hyscaler:wp_roles_at_registration:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.23",
"matchCriteriaId": "A053592C-AADF-481A-AF5D-5958428BAC42"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-roles-at-registration/wordpress-wp-roles-at-registration-plugin-0-23-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

38
CVE-2023/CVE-2023-46xx/CVE-2023-4671.json
View File

@ -2,13 +2,12 @@
"id": "CVE-2023-4671",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-12-28T10:15:08.043",
"lastModified": "2024-01-04T20:11:33.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"lastModified": "2024-11-25T14:15:05.850",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection.This issue affects ECOP: before 32255.\n\n"
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection.This issue affects ECOP: before 32255."
},
{
"lang": "es",
@ -18,11 +17,13 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -30,39 +31,37 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "iletisim@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -95,6 +94,13 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0737",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

105
CVE-2023/CVE-2023-516xx/CVE-2023-51628.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2023-51628",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:26.093",
"lastModified": "2024-05-03T12:48:41.067",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T14:56:30.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,13 +15,15 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -30,9 +31,29 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.0,
"baseSeverity": "HIGH"
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
@ -49,16 +70,76 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dcs-8300lhv2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.07.02",
"matchCriteriaId": "B5E6108B-5223-48D0-ACD3-56A21F091F6C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dcs-8300lhv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "370C3425-5B83-4E93-9C84-FA625EFB93EC"
}
]
}
]
}
],
"references": [
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-048/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-048/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

97
CVE-2023/CVE-2023-516xx/CVE-2023-51629.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2023-51629",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:26.273",
"lastModified": "2024-05-03T12:48:41.067",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T14:39:27.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -23,6 +44,8 @@
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -30,9 +53,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
@ -49,16 +70,76 @@
"value": "CWE-259"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dcs-8300lhv2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.07.02",
"matchCriteriaId": "B5E6108B-5223-48D0-ACD3-56A21F091F6C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dcs-8300lhv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "370C3425-5B83-4E93-9C84-FA625EFB93EC"
}
]
}
]
}
],
"references": [
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-049/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-049/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

89
CVE-2023/CVE-2023-516xx/CVE-2023-51633.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2023-51633",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-05-03T03:16:26.440",
"lastModified": "2024-05-03T12:48:41.067",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T14:09:45.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -23,6 +44,8 @@
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,9 +53,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
@ -49,12 +70,66 @@
"value": "CWE-79"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:centreon:centreon_web:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.10.15",
"matchCriteriaId": "C08CB191-D339-44C2-9D91-491CC34F56F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:centreon:centreon_web:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.04.0",
"versionEndExcluding": "23.04.10",
"matchCriteriaId": "D1EBA182-3544-46ED-9701-05445772A90C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:centreon:centreon_web:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.10.0",
"versionEndExcluding": "23.10.1",
"matchCriteriaId": "032CBBEF-3B55-42C3-B3B1-0DEE7B209E78"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-416/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-416/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-59xx/CVE-2023-5989.json
View File

@ -2,13 +2,12 @@
"id": "CVE-2023-5989",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-12-21T10:15:37.990",
"lastModified": "2024-01-04T14:40:49.677",
"vulnStatus": "Analyzed",
"cveTags": [],
"lastModified": "2024-11-25T14:15:06.137",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies LioXERP allows Stored XSS.This issue affects LioXERP: before v.146.\n\n"
"value": "An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies' LioXERP allows an authenticated user to execute Stored XSS.\n\nThis issue affects LioXERP: before v.146."
},
{
"lang": "es",
@ -17,32 +16,14 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -50,19 +31,37 @@
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -96,6 +95,13 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0721",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}

96
CVE-2024/CVE-2024-00xx/CVE-2024-0022.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-0022",
"sourceIdentifier": "security@android.com",
"published": "2024-05-07T21:15:08.330",
"lastModified": "2024-05-08T13:15:00.690",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T13:52:21.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,15 +14,94 @@
"value": "En m\u00faltiples funciones de CompanionDeviceManagerService.java, existe un posible lanzamiento de NotificationAccessConfirmationActivity de otro perfil de usuario debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/bdf1cce569c9700965ff6baee8efd3fb1e8269e8",
"source": "security@android.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://source.android.com/security/bulletin/2024-04-01",
"source": "security@android.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/bdf1cce569c9700965ff6baee8efd3fb1e8269e8",
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2024-04-01",
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/bdf1cce569c9700965ff6baee8efd3fb1e8269e8",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2024-04-01",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

81
CVE-2024/CVE-2024-114xx/CVE-2024-11403.json Normal file
View File

@ -0,0 +1,81 @@
{
"id": "CVE-2024-11403",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2024-11-25T14:15:06.310",
"lastModified": "2024-11-25T14:15:06.310",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "There exists an out of bounds read/write in LibJXL versions prior to commit\u00a09cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder\u00a0when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame on untrusted input) does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli which is released as part of the same project, the same vulnerability is present. However, the relevant buffer is part of a bigger structure, and the code makes no assumptions on the values that could be overwritten. The issue could however cause jpegli to read uninitialised memory, or addresses of functions."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://github.com/libjxl/libjxl/commit/9cc451b91b74ba470fd72bd48c121e9f33d24c99",
"source": "cve-coordination@google.com"
}
]
}

77
CVE-2024/CVE-2024-114xx/CVE-2024-11498.json Normal file
View File

@ -0,0 +1,77 @@
{
"id": "CVE-2024-11498",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2024-11-25T14:15:06.607",
"lastModified": "2024-11-25T14:15:06.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "There exists a stack buffer overflow in libjxl.\u00a0A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend upgrading past commit\u00a065fbec56bc578b6b6ee02a527be70787bbd053b0."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://github.com/libjxl/libjxl/pull/3943",
"source": "cve-coordination@google.com"
}
]
}

6584
CVE-2024/CVE-2024-233xx/CVE-2024-23357.json
View File

File diff suppressed because it is too large Load Diff

59
CVE-2024/CVE-2024-271xx/CVE-2024-27134.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-27134",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-11-25T14:15:06.867",
"lastModified": "2024-11-25T14:15:06.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the spark_udf() MLflow API is called."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "reefs@jfrog.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
},
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://github.com/mlflow/mlflow/pull/10874",
"source": "reefs@jfrog.com"
}
]
}

31
CVE-2024/CVE-2024-343xx/CVE-2024-34391.json
View File

@ -2,13 +2,12 @@
"id": "CVE-2024-34391",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-05-02T19:15:06.177",
"lastModified": "2024-08-06T16:35:13.613",
"lastModified": "2024-11-25T13:15:04.370",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled).\n\n"
"value": "libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled)."
},
{
"lang": "es",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -59,6 +68,14 @@
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/",
"source": "reefs@jfrog.com"
},
{
"url": "https://github.com/libxmljs/libxmljs/issues/645",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

29
CVE-2024/CVE-2024-343xx/CVE-2024-34392.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-34392",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-05-02T19:15:06.333",
"lastModified": "2024-08-01T13:52:21.033",
"lastModified": "2024-11-25T13:15:06.017",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -59,6 +68,14 @@
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs-namespaces-type-confusion-rce-jfsa-2024-001034096/",
"source": "reefs@jfrog.com"
},
{
"url": "https://github.com/libxmljs/libxmljs/issues/646",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs-namespaces-type-confusion-rce-jfsa-2024-001034096/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

29
CVE-2024/CVE-2024-343xx/CVE-2024-34393.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-34393",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-05-02T19:15:06.480",
"lastModified": "2024-05-03T12:50:34.250",
"lastModified": "2024-11-25T13:15:06.223",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,15 +31,25 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://github.com/marudor/libxmljs2/issues/204",
@ -47,6 +58,14 @@
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs2-attrs-type-confusion-rce-jfsa-2024-001034097/",
"source": "reefs@jfrog.com"
},
{
"url": "https://github.com/marudor/libxmljs2/issues/204",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs2-attrs-type-confusion-rce-jfsa-2024-001034097/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

29
CVE-2024/CVE-2024-343xx/CVE-2024-34394.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-34394",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-05-02T19:15:06.630",
"lastModified": "2024-05-03T12:50:34.250",
"lastModified": "2024-11-25T13:15:06.407",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,15 +31,25 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://github.com/marudor/libxmljs2/issues/205",
@ -47,6 +58,14 @@
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs2-namespaces-type-confusion-rce-jfsa-2024-001034098/",
"source": "reefs@jfrog.com"
},
{
"url": "https://github.com/marudor/libxmljs2/issues/205",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://research.jfrog.com/vulnerabilities/libxmljs2-namespaces-type-confusion-rce-jfsa-2024-001034098/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

21
CVE-2024/CVE-2024-451xx/CVE-2024-45187.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-45187",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-08-23T19:15:07.077",
"lastModified": "2024-08-26T12:47:20.187",
"lastModified": "2024-11-25T13:15:06.577",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",

21
CVE-2024/CVE-2024-451xx/CVE-2024-45188.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-45188",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-08-23T20:15:07.937",
"lastModified": "2024-08-26T12:47:20.187",
"lastModified": "2024-11-25T13:15:06.770",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -30,15 +31,25 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://research.jfrog.com/vulnerabilities/mage-ai-file-content-request-remote-arbitrary-file-leak-jfsa-2024-001039603/",

61
CVE-2024/CVE-2024-451xx/CVE-2024-45189.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-45189",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-08-23T20:15:08.197",
"lastModified": "2024-09-12T20:42:30.850",
"vulnStatus": "Analyzed",
"cveTags": [],
"lastModified": "2024-11-25T13:15:06.940",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,32 +16,14 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "reefs@jfrog.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -50,9 +31,27 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
@ -61,7 +60,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
@ -69,6 +68,16 @@
"value": "CWE-22"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

21
CVE-2024/CVE-2024-451xx/CVE-2024-45190.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-45190",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-08-23T20:15:08.403",
"lastModified": "2024-08-26T12:47:20.187",
"lastModified": "2024-11-25T13:15:07.130",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-35"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",

62
CVE-2024/CVE-2024-516xx/CVE-2024-51669.json
View File

@ -2,13 +2,16 @@
"id": "CVE-2024-51669",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-19T22:15:20.673",
"lastModified": "2024-11-19T22:15:20.673",
"vulnStatus": "Received",
"cveTags": [],
"lastModified": "2024-11-25T14:46:27.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs Dynamic Widgets.This issue affects Dynamic Widgets: from n/a through 1.6.4."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Vivwebs Dynamic Widgets. Este problema afecta a los widgets din\u00e1micos: desde n/a hasta 1.6.4."
}
],
"metrics": {
@ -19,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -26,12 +31,30 @@
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -47,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/dynamic-widgets/wordpress-dynamic-widgets-plugin-1-6-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vivwebsolutions:dynamic_widgets:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.5",
"matchCriteriaId": "C9474E42-31E9-400F-B667-D61609E69395"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dynamic-widgets/wordpress-dynamic-widgets-plugin-1-6-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-523xx/CVE-2024-52392.json
View File

@ -2,13 +2,16 @@
"id": "CVE-2024-52392",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-19T22:15:20.910",
"lastModified": "2024-11-19T22:15:20.910",
"vulnStatus": "Received",
"cveTags": [],
"lastModified": "2024-11-25T14:37:05.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects W3SPEEDSTER: from n/a through 7.25."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en W3speedster W3SPEEDSTER. Este problema afecta a W3SPEEDSTER: desde n/a hasta 7.25."
}
],
"metrics": {
@ -19,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -26,12 +31,30 @@
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
@ -47,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/w3speedster-wp/wordpress-w3speedster-plugin-7-25-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3speedster:w3speedster:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.27",
"matchCriteriaId": "27FF9DF1-977A-42D0-AFAF-85E9AA9068C3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/w3speedster-wp/wordpress-w3speedster-plugin-7-25-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

11
CVE-2024/CVE-2024-525xx/CVE-2024-52581.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-52581",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-20T21:15:08.320",
"lastModified": "2024-11-22T21:33:08.027",
"vulnStatus": "Analyzed",
"lastModified": "2024-11-25T14:15:07.077",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -136,11 +136,8 @@
]
},
{
"url": "https://github.com/litestar-org/litestar/security/advisories/GHSA-p24m-863f-fm6q)",
"source": "security-advisories@github.com",
"tags": [
"Broken Link"
]
"url": "https://github.com/litestar-org/litestar/security/advisories/GHSA-p24m-863f-fm6q",
"source": "security-advisories@github.com"
}
]
}

87
CVE-2024/CVE-2024-525xx/CVE-2024-52595.json
View File

@ -2,13 +2,16 @@
"id": "CVE-2024-52595",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-19T22:15:21.120",
"lastModified": "2024-11-19T22:15:21.120",
"vulnStatus": "Received",
"cveTags": [],
"lastModified": "2024-11-25T14:27:38.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as `<svg>`, `<math>` and `<noscript>`. This behavior deviates from how web browsers parse and interpret such tags. Specifically, content in CSS comments is ignored by lxml_html_clean but may be interpreted differently by web browsers, enabling malicious scripts to bypass the cleaning process. This vulnerability could lead to Cross-Site Scripting (XSS) attacks, compromising the security of users relying on lxml_html_clean in default configuration for sanitizing untrusted HTML content. Users employing the HTML cleaner in a security-sensitive context should upgrade to lxml 0.4.0, which addresses this issue. As a temporary mitigation, users can configure lxml_html_clean with the following settings to prevent the exploitation of this vulnerability. Via `remove_tags`, one may specify tags to remove - their content is moved to their parents' tags. Via `kill_tags`, one may specify tags to be removed completely. Via `allow_tags`, one may restrict the set of permissible tags, excluding context-switching tags like `<svg>`, `<math>` and `<noscript>`."
},
{
"lang": "es",
"value": "lxml_html_clean es un proyecto para funciones de limpieza de HTML copiadas de `lxml.html.clean`. Antes de la versi\u00f3n 0.4.0, el analizador HTML en lxml no manejaba correctamente el cambio de contexto para etiquetas HTML especiales como ``, `` y ``. Este comportamiento se desv\u00eda de la forma en que los navegadores web analizan e interpretan dichas etiquetas. Espec\u00edficamente, lxml_html_clean ignora el contenido en los comentarios CSS pero puede ser interpretado de manera diferente por los navegadores web, lo que permite que los scripts maliciosos pasen por alto el proceso de limpieza. Esta vulnerabilidad podr\u00eda conducir a ataques de Cross-Site Scripting (XSS), lo que compromete la seguridad de los usuarios que conf\u00edan en lxml_html_clean en la configuraci\u00f3n predeterminada para desinfectar contenido HTML no confiable. Los usuarios que emplean el limpiador HTML en un contexto sensible a la seguridad deben actualizar a lxml 0.4.0, que soluciona este problema. Como mitigaci\u00f3n temporal, los usuarios pueden configurar lxml_html_clean con los siguientes ajustes para evitar la explotaci\u00f3n de esta vulnerabilidad. Mediante `remove_tags`, se pueden especificar las etiquetas que se eliminar\u00e1n; su contenido se mover\u00e1 a las etiquetas de sus padres. Mediante `kill_tags`, se pueden especificar las etiquetas que se eliminar\u00e1n por completo. Mediante `allow_tags`, se puede restringir el conjunto de etiquetas permitidas, excluyendo las etiquetas que cambian de contexto como ``, `` y ``."
}
],
"metrics": {
@ -19,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -26,12 +31,30 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -40,10 +63,6 @@
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-184"
},
{
"lang": "en",
"value": "CWE-79"
@ -51,6 +70,38 @@
{
"lang": "en",
"value": "CWE-83"
},
{
"lang": "en",
"value": "CWE-184"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedoralovespython:lxml_html_clean:*:*:*:*:*:python:*:*",
"versionEndExcluding": "0.4.0",
"matchCriteriaId": "CC41E12F-6FF6-4533-99FD-08846511435B"
}
]
}
]
}
@ -58,15 +109,25 @@
"references": [
{
"url": "https://github.com/fedora-python/lxml_html_clean/commit/c5d816f86eb3707d72a8ecf5f3823e0daa1b3808",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fedora-python/lxml_html_clean/pull/19",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fedora-python/lxml_html_clean/security/advisories/GHSA-5jfw-gq64-q45f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

127
CVE-2024/CVE-2024-530xx/CVE-2024-53068.json
View File

@ -2,28 +2,131 @@
"id": "CVE-2024-53068",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:26.557",
"lastModified": "2024-11-19T21:56:45.533",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T13:43:00.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()\n\nThe scmi_dev->name is released prematurely in __scmi_device_destroy(),\nwhich causes slab-use-after-free when accessing scmi_dev->name in\nscmi_bus_notifier(). So move the release of scmi_dev->name to\nscmi_device_release() to avoid slab-use-after-free.\n\n | BUG: KASAN: slab-use-after-free in strncmp+0xe4/0xec\n | Read of size 1 at addr ffffff80a482bcc0 by task swapper/0/1\n |\n | CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.6.38-debug #1\n | Hardware name: Qualcomm Technologies, Inc. SA8775P Ride (DT)\n | Call trace:\n | dump_backtrace+0x94/0x114\n | show_stack+0x18/0x24\n | dump_stack_lvl+0x48/0x60\n | print_report+0xf4/0x5b0\n | kasan_report+0xa4/0xec\n | __asan_report_load1_noabort+0x20/0x2c\n | strncmp+0xe4/0xec\n | scmi_bus_notifier+0x5c/0x54c\n | notifier_call_chain+0xb4/0x31c\n | blocking_notifier_call_chain+0x68/0x9c\n | bus_notify+0x54/0x78\n | device_del+0x1bc/0x840\n | device_unregister+0x20/0xb4\n | __scmi_device_destroy+0xac/0x280\n | scmi_device_destroy+0x94/0xd0\n | scmi_chan_setup+0x524/0x750\n | scmi_probe+0x7fc/0x1508\n | platform_probe+0xc4/0x19c\n | really_probe+0x32c/0x99c\n | __driver_probe_device+0x15c/0x3c4\n | driver_probe_device+0x5c/0x170\n | __driver_attach+0x1c8/0x440\n | bus_for_each_dev+0xf4/0x178\n | driver_attach+0x3c/0x58\n | bus_add_driver+0x234/0x4d4\n | driver_register+0xf4/0x3c0\n | __platform_driver_register+0x60/0x88\n | scmi_driver_init+0xb0/0x104\n | do_one_initcall+0xb4/0x664\n | kernel_init_freeable+0x3c8/0x894\n | kernel_init+0x24/0x1e8\n | ret_from_fork+0x10/0x20\n |\n | Allocated by task 1:\n | kasan_save_stack+0x2c/0x54\n | kasan_set_track+0x2c/0x40\n | kasan_save_alloc_info+0x24/0x34\n | __kasan_kmalloc+0xa0/0xb8\n | __kmalloc_node_track_caller+0x6c/0x104\n | kstrdup+0x48/0x84\n | kstrdup_const+0x34/0x40\n | __scmi_device_create.part.0+0x8c/0x408\n | scmi_device_create+0x104/0x370\n | scmi_chan_setup+0x2a0/0x750\n | scmi_probe+0x7fc/0x1508\n | platform_probe+0xc4/0x19c\n | really_probe+0x32c/0x99c\n | __driver_probe_device+0x15c/0x3c4\n | driver_probe_device+0x5c/0x170\n | __driver_attach+0x1c8/0x440\n | bus_for_each_dev+0xf4/0x178\n | driver_attach+0x3c/0x58\n | bus_add_driver+0x234/0x4d4\n | driver_register+0xf4/0x3c0\n | __platform_driver_register+0x60/0x88\n | scmi_driver_init+0xb0/0x104\n | do_one_initcall+0xb4/0x664\n | kernel_init_freeable+0x3c8/0x894\n | kernel_init+0x24/0x1e8\n | ret_from_fork+0x10/0x20\n |\n | Freed by task 1:\n | kasan_save_stack+0x2c/0x54\n | kasan_set_track+0x2c/0x40\n | kasan_save_free_info+0x38/0x5c\n | __kasan_slab_free+0xe8/0x164\n | __kmem_cache_free+0x11c/0x230\n | kfree+0x70/0x130\n | kfree_const+0x20/0x40\n | __scmi_device_destroy+0x70/0x280\n | scmi_device_destroy+0x94/0xd0\n | scmi_chan_setup+0x524/0x750\n | scmi_probe+0x7fc/0x1508\n | platform_probe+0xc4/0x19c\n | really_probe+0x32c/0x99c\n | __driver_probe_device+0x15c/0x3c4\n | driver_probe_device+0x5c/0x170\n | __driver_attach+0x1c8/0x440\n | bus_for_each_dev+0xf4/0x178\n | driver_attach+0x3c/0x58\n | bus_add_driver+0x234/0x4d4\n | driver_register+0xf4/0x3c0\n | __platform_driver_register+0x60/0x88\n | scmi_driver_init+0xb0/0x104\n | do_one_initcall+0xb4/0x664\n | kernel_init_freeable+0x3c8/0x894\n | kernel_init+0x24/0x1e8\n | ret_from_fork+0x10/0x20"
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scmi: Arreglar slab-use-after-free en scmi_bus_notifier() El scmi_dev-&gt;name se libera prematuramente en __scmi_device_destroy(), lo que provoca slab-use-after-free al acceder a scmi_dev-&gt;name en scmi_bus_notifier(). Por lo tanto, mueva la liberaci\u00f3n de scmi_dev-&gt;name a scmi_device_release() para evitar slab-use-after-free. | ERROR: KASAN: slab-use-after-free en strncmp+0xe4/0xec | Lectura de tama\u00f1o 1 en la direcci\u00f3n ffffff80a482bcc0 por la tarea swapper/0/1 | | CPU: 1 PID: 1 Comm: swapper/0 No contaminado 6.6.38-debug #1 | Nombre del hardware: Qualcomm Technologies, Inc. SA8775P Ride (DT) | Rastreo de llamadas: | dump_backtrace+0x94/0x114 | show_stack+0x18/0x24 | dump_stack_lvl+0x48/0x60 | print_report+0xf4/0x5b0 | kasan_report+0xa4/0xec | __asan_report_load1_noabort+0x20/0x2c | strncmp+0xe4/0xec | scmi_bus_notifier+0x5c/0x54c | notifier_call_chain+0xb4/0x31c | blocking_notifier_call_chain+0x68/0x9c | bus_notify+0x54/0x78 | device_del+0x1bc/0x840 | dispositivo_anular_registro+0x20/0xb4 | __scmi_device_destroy+0xac/0x280 | scmi_device_destroy+0x94/0xd0 | scmi_chan_setup+0x524/0x750 | scmi_probe+0x7fc/0x1508 | plataforma_probe+0xc4/0x19c | realmente_probe+0x32c/0x99c | __controlador_dispositivo_sondeo+0x15c/0x3c4 | controlador_dispositivo_sondeo+0x5c/0x170 | __controlador_adjunto+0x1c8/0x440 | bus_para_cada_dispositivo+0xf4/0x178 | controlador_adjunto+0x3c/0x58 | bus_add_driver+0x234/0x4d4 | driver_register+0xf4/0x3c0 | __platform_driver_register+0x60/0x88 | scmi_driver_init+0xb0/0x104 | do_one_initcall+0xb4/0x664 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | ret_from_fork+0x10/0x20 | | Asignado por la tarea 1: | kasan_save_stack+0x2c/0x54 | kasan_set_track+0x2c/0x40 | kasan_save_alloc_info+0x24/0x34 | __kasan_kmalloc+0xa0/0xb8 | es: __kmalloc_node_track_caller+0x6c/0x104 | kstrdup+0x48/0x84 | kstrdup_const+0x34/0x40 | __scmi_device_create.part.0+0x8c/0x408 | scmi_device_create+0x104/0x370 | scmi_chan_setup+0x2a0/0x750 | scmi_probe+0x7fc/0x1508 | platform_probe+0xc4/0x19c | really_probe+0x32c/0x99c | __driver_probe_device+0x15c/0x3c4 | driver_probe_device+0x5c/0x170 | __driver_attach+0x1c8/0x440 | bus_para_cada_dispositivo+0xf4/0x178 | controlador_adjuntar+0x3c/0x58 | bus_agregar_controlador+0x234/0x4d4 | registro_controlador+0xf4/0x3c0 | __registro_controlador_plataforma+0x60/0x88 | scmi_driver_init+0xb0/0x104 | hacer_una_llamada_iniciativa+0xb4/0x664 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | ret_de_la_bifurcaci\u00f3n+0x10/0x20 | | Liberado por la tarea 1: | kasan_guardar_pila+0x2c/0x54 | kasan_establecer_pista+0x2c/0x40 | es: kasan_save_free_info+0x38/0x5c | __kasan_slab_free+0xe8/0x164 | __kmem_cache_free+0x11c/0x230 | kfree+0x70/0x130 | kfree_const+0x20/0x40 | __scmi_device_destroy+0x70/0x280 | scmi_device_destroy+0x94/0xd0 | scmi_chan_setup+0x524/0x750 | scmi_probe+0x7fc/0x1508 | plataforma_probe+0xc4/0x19c | realmente_probe+0x32c/0x99c | __driver_probe_device+0x15c/0x3c4 | dispositivo_de_sonda_del_controlador+0x5c/0x170 | __adjuntar_controlador+0x1c8/0x440 | bus_para_cada_dispositivo+0xf4/0x178 | adjuntar_controlador+0x3c/0x58 | agregar_controlador_del_bus+0x234/0x4d4 | registro_del_controlador+0xf4/0x3c0 | __registro_del_controlador_de_plataforma+0x60/0x88 | inicializaci\u00f3n_del_controlador_scmi+0xb0/0x104 | hacer_una_llamada_de_inicio+0xb4/0x664 | inicializaci\u00f3n_del_kernel_freeable+0x3c8/0x894 | inicializaci\u00f3n_del_kernel+0x24/0x1e8 | retirar_de_la_bifurcaci\u00f3n+0x10/0x20"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/15b17bbcea07d49c43d21aa700485cbd9f9d00d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/1e1f523b185a8ccdcba625b31ff0312d052900e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/295416091e44806760ccf753aeafdafc0ae268f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6",
"versionEndExcluding": "6.6.61",
"matchCriteriaId": "D2824FC3-2994-46D2-B59C-DF19262605E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.8",
"matchCriteriaId": "0BD000F7-3DAD-4DD3-8906-98EA1EC67E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/15b17bbcea07d49c43d21aa700485cbd9f9d00d8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/1e1f523b185a8ccdcba625b31ff0312d052900e2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/295416091e44806760ccf753aeafdafc0ae268f3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

117
CVE-2024/CVE-2024-530xx/CVE-2024-53074.json
View File

@ -2,24 +2,117 @@
"id": "CVE-2024-53074",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:27.013",
"lastModified": "2024-11-19T21:56:45.533",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T13:51:28.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't leak a link on AP removal\n\nRelease the link mapping resource in AP removal. This impacted devices\nthat do not support the MLD API (9260 and down).\nOn those devices, we couldn't start the AP again after the AP has been\nalready started and stopped."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/3ed092997a004d68a3a5b0eeb94e71b69839d0f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/70ddf9ce1894c48dbbf10b0de51a95e4fb3dd376",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: iwlwifi: mvm: no filtrar un enlace al eliminar un AP Liberar el recurso de mapeo de enlaces al eliminar un AP. Esto afect\u00f3 a los dispositivos que no admiten la API MLD (9260 y versiones anteriores). En esos dispositivos, no pudimos iniciar el AP nuevamente despu\u00e9s de que ya se hab\u00eda iniciado y detenido."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-772"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionEndExcluding": "6.11.7",
"matchCriteriaId": "93C3A2E5-CBDE-4F88-87FD-E3DA03E7DC9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3ed092997a004d68a3a5b0eeb94e71b69839d0f7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/70ddf9ce1894c48dbbf10b0de51a95e4fb3dd376",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

112
CVE-2024/CVE-2024-530xx/CVE-2024-53075.json
View File

@ -2,24 +2,112 @@
"id": "CVE-2024-53075",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:27.077",
"lastModified": "2024-11-19T21:56:45.533",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T13:58:31.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: Prevent a bad reference count on CPU nodes\n\nWhen populating cache leaves we previously fetched the CPU device node\nat the very beginning. But when ACPI is enabled we go through a\nspecific branch which returns early and does not call 'of_node_put' for\nthe node that was acquired.\n\nSince we are not using a CPU device node for the ACPI code anyways, we\ncan simply move the initialization of it just passed the ACPI block, and\nwe are guaranteed to have an 'of_node_put' call for the acquired node.\nThis prevents a bad reference count of the CPU device node.\n\nMoreover, the previous function did not check for errors when acquiring\nthe device node, so a return -ENOENT has been added for that case."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/303846a3dc275e35fbb556d72f1e356ba669e4f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/37233169a6ea912020c572f870075a63293b786a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: Evitar un recuento de referencia incorrecto en los nodos de CPU Al rellenar las hojas de cach\u00e9, anteriormente obten\u00edamos el nodo del dispositivo de CPU al principio. Pero cuando ACPI est\u00e1 habilitado, pasamos por una rama espec\u00edfica que regresa temprano y no llama a 'of_node_put' para el nodo que se adquiri\u00f3. Dado que de todos modos no estamos usando un nodo de dispositivo de CPU para el c\u00f3digo ACPI, simplemente podemos mover la inicializaci\u00f3n del mismo justo despu\u00e9s del bloque ACPI, y tenemos la garant\u00eda de tener una llamada 'of_node_put' para el nodo adquirido. Esto evita un recuento de referencia incorrecto del nodo del dispositivo de CPU. Adem\u00e1s, la funci\u00f3n anterior no verificaba si hab\u00eda errores al adquirir el nodo del dispositivo, por lo que se agreg\u00f3 un retorno -ENOENT para ese caso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.7",
"matchCriteriaId": "386941FE-51A4-4893-9EC3-054AD3863E8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/303846a3dc275e35fbb556d72f1e356ba669e4f8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/37233169a6ea912020c572f870075a63293b786a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

112
CVE-2024/CVE-2024-530xx/CVE-2024-53078.json
View File

@ -2,24 +2,112 @@
"id": "CVE-2024-53078",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:27.280",
"lastModified": "2024-11-19T21:56:45.533",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T13:31:57.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: Fix NULL vs IS_ERR() check in probe()\n\nThe iommu_paging_domain_alloc() function doesn't return NULL pointers,\nit returns error pointers. Update the check to match."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/6d6c005855b97b8caf6039c1774745ee74c91fa6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/a85df8c7b5ee2d3d4823befada42c5c41aff4cb0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/tegra: Se ha corregido la comprobaci\u00f3n NULL frente a IS_ERR() en probe() La funci\u00f3n iommu_paging_domain_alloc() no devuelve punteros NULL, sino punteros de error. Actualice la comprobaci\u00f3n para que coincida."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.7",
"matchCriteriaId": "386941FE-51A4-4893-9EC3-054AD3863E8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6d6c005855b97b8caf6039c1774745ee74c91fa6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a85df8c7b5ee2d3d4823befada42c5c41aff4cb0",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

143
CVE-2024/CVE-2024-530xx/CVE-2024-53082.json
View File

@ -2,32 +2,145 @@
"id": "CVE-2024-53082",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:27.540",
"lastModified": "2024-11-19T21:56:45.533",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T13:35:34.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Add hash_key_length check\n\nAdd hash_key_length check in virtnet_probe() to avoid possible out of\nbound errors when setting/reading the hash key."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: virtio_net: Agregar comprobaci\u00f3n de hash_key_length Agregue comprobaci\u00f3n de hash_key_length en virtnet_probe() para evitar posibles errores fuera de los l\u00edmites al configurar/leer la clave hash."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/3f7d9c1964fcd16d02a8a9d4fd6f6cb60c4cc530",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/6a18a783b1fa590ad1ed785907263e4b86adcfe2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/af0aa8aecbe8985079232902894cc4cb62795691",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/f3401e3c8d339ddb6ccb2e3d11ad634b7846a806",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "6.1.117",
"matchCriteriaId": "FB7AE9B5-378F-4E62-AEBB-184A62F4C6A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.61",
"matchCriteriaId": "630ED7EB-C97E-4435-B884-1E309E40D6F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.8",
"matchCriteriaId": "0BD000F7-3DAD-4DD3-8906-98EA1EC67E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3f7d9c1964fcd16d02a8a9d4fd6f6cb60c4cc530",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6a18a783b1fa590ad1ed785907263e4b86adcfe2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/af0aa8aecbe8985079232902894cc4cb62795691",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f3401e3c8d339ddb6ccb2e3d11ad634b7846a806",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

161
CVE-2024/CVE-2024-530xx/CVE-2024-53088.json
View File

@ -2,36 +2,159 @@
"id": "CVE-2024-53088",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:27.950",
"lastModified": "2024-11-19T21:56:45.533",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"lastModified": "2024-11-25T13:38:07.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix race condition by adding filter's intermediate sync state\n\nFix a race condition in the i40e driver that leads to MAC/VLAN filters\nbecoming corrupted and leaking. Address the issue that occurs under\nheavy load when multiple threads are concurrently modifying MAC/VLAN\nfilters by setting mac and port VLAN.\n\n1. Thread T0 allocates a filter in i40e_add_filter() within\n i40e_ndo_set_vf_port_vlan().\n2. Thread T1 concurrently frees the filter in __i40e_del_filter() within\n i40e_ndo_set_vf_mac().\n3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which\n refers to the already freed filter memory, causing corruption.\n\nReproduction steps:\n1. Spawn multiple VFs.\n2. Apply a concurrent heavy load by running parallel operations to change\n MAC addresses on the VFs and change port VLANs on the host.\n3. Observe errors in dmesg:\n\"Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,\n\tplease set promiscuous on manually for VF XX\".\n\nExact code for stable reproduction Intel can't open-source now.\n\nThe fix involves implementing a new intermediate filter state,\nI40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list.\nThese filters cannot be deleted from the hash list directly but\nmust be removed using the full process."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i40e: corregir la condici\u00f3n de ejecuci\u00f3n a\u00f1adiendo el estado de sincronizaci\u00f3n intermedio del filtro Corrige una condici\u00f3n de ejecuci\u00f3n en el controlador i40e que provoca que los filtros MAC/VLAN se corrompan y tengan fugas. Aborda el problema que se produce bajo una carga pesada cuando varios subprocesos modifican simult\u00e1neamente los filtros MAC/VLAN configurando mac y puerto VLAN. 1. El subproceso T0 asigna un filtro en i40e_add_filter() dentro de i40e_ndo_set_vf_port_vlan(). 2. El subproceso T1 libera simult\u00e1neamente el filtro en __i40e_del_filter() dentro de i40e_ndo_set_vf_mac(). 3. Posteriormente, i40e_service_task() llama a i40e_sync_vsi_filters(), que hace referencia a la memoria del filtro ya liberada, lo que provoca la corrupci\u00f3n. Pasos de reproducci\u00f3n: 1. Generar varios VF. 2. Aplique una carga pesada simult\u00e1nea ejecutando operaciones paralelas para cambiar las direcciones MAC en las VF y cambiar las VLAN de puerto en el host. 3. Observe los errores en dmesg: \"Error I40E_AQ_RC_ENOSPC al agregar filtros RX en VF XX, active manualmente la promiscuidad para VF XX\". C\u00f3digo exacto para reproducci\u00f3n estable Intel no puede abrir el c\u00f3digo fuente ahora. La soluci\u00f3n implica implementar un nuevo estado de filtro intermedio, I40E_FILTER_NEW_SYNC, para el momento en que un filtro est\u00e9 en una lista tmp_add_list. Estos filtros no se pueden eliminar de la lista hash directamente, sino que se deben eliminar mediante el proceso completo."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
{
"url": "https://git.kernel.org/stable/c/6e046f4937474bc1b9fa980c1ad8f3253fc638f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/7ad3fb3bfd43feb4e15c81dffd23ac4e55742791",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/bf5f837d9fd27d32fb76df0a108babcaf4446ff1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f30490e9695ef7da3d0899c6a0293cc7cd373567",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "5.15.172",
"matchCriteriaId": "64B01BC7-D82B-47BD-9A3D-0E2AEA0FE76A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.117",
"matchCriteriaId": "0DD7F755-2F6B-4707-8973-78496AD5AA8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.61",
"matchCriteriaId": "630ED7EB-C97E-4435-B884-1E309E40D6F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.8",
"matchCriteriaId": "0BD000F7-3DAD-4DD3-8906-98EA1EC67E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "24B88717-53F5-42AA-9B72-14C707639E3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6e046f4937474bc1b9fa980c1ad8f3253fc638f6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7ad3fb3bfd43feb4e15c81dffd23ac4e55742791",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bf5f837d9fd27d32fb76df0a108babcaf4446ff1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f30490e9695ef7da3d0899c6a0293cc7cd373567",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

25
CVE-2024/CVE-2024-55xx/CVE-2024-5565.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-5565",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-05-31T15:15:09.673",
"lastModified": "2024-07-03T02:09:05.567",
"lastModified": "2024-11-25T13:15:07.310",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -55,6 +64,10 @@
{
"url": "https://research.jfrog.com/vulnerabilities/vanna-prompt-injection-rce-jfsa-2024-001034449/",
"source": "reefs@jfrog.com"
},
{
"url": "https://research.jfrog.com/vulnerabilities/vanna-prompt-injection-rce-jfsa-2024-001034449/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

27
CVE-2024/CVE-2024-63xx/CVE-2024-6393.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-6393",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-11-25T06:15:06.950",
"lastModified": "2024-11-25T06:15:06.950",
"lastModified": "2024-11-25T14:15:07.280",
"vulnStatus": "Received",
"descriptions": [
{
@ -10,7 +10,30 @@
"value": "The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.5 does not sanitise and escape some of its Images settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/126d1dd7-d332-47c8-ad25-5fbe211313b0/",

29
CVE-2024/CVE-2024-65xx/CVE-2024-6507.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-6507",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-07-04T12:15:03.963",
"lastModified": "2024-07-08T14:19:21.610",
"lastModified": "2024-11-25T13:15:07.517",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -59,6 +68,14 @@
{
"url": "https://research.jfrog.com/vulnerabilities/deeplake-kaggle-command-injection-jfsa-2024-001035320/",
"source": "reefs@jfrog.com"
},
{
"url": "https://github.com/activeloopai/deeplake/pull/2876",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://research.jfrog.com/vulnerabilities/deeplake-kaggle-command-injection-jfsa-2024-001035320/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

29
CVE-2024/CVE-2024-69xx/CVE-2024-6960.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-6960",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-07-21T10:15:04.497",
"lastModified": "2024-08-01T14:00:50.973",
"lastModified": "2024-11-25T13:15:07.713",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -55,6 +64,14 @@
{
"url": "https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/",
"source": "reefs@jfrog.com"
},
{
"url": "https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://mvnrepository.com/artifact/ai.h2o/h2o-core",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

25
CVE-2024/CVE-2024-69xx/CVE-2024-6961.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-6961",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-07-21T11:15:03.187",
"lastModified": "2024-08-01T14:00:51.710",
"lastModified": "2024-11-25T13:15:07.930",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -55,6 +64,10 @@
{
"url": "https://research.jfrog.com/vulnerabilities/guardrails-rail-xxe-jfsa-2024-001035519/",
"source": "reefs@jfrog.com"
},
{
"url": "https://research.jfrog.com/vulnerabilities/guardrails-rail-xxe-jfsa-2024-001035519/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

27
CVE-2024/CVE-2024-70xx/CVE-2024-7056.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7056",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-11-25T06:15:07.103",
"lastModified": "2024-11-25T06:15:07.103",
"lastModified": "2024-11-25T14:15:07.457",
"vulnStatus": "Received",
"descriptions": [
{
@ -10,7 +10,30 @@
"value": "The WPForms WordPress plugin before 1.9.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wpscan.com/vulnerability/467af13e-25bd-425c-929d-5dd06e28d595/",

21
CVE-2024/CVE-2024-73xx/CVE-2024-7340.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-7340",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-07-31T15:15:11.203",
"lastModified": "2024-08-01T14:01:07.677",
"lastModified": "2024-11-25T13:15:08.107",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",

21
CVE-2024/CVE-2024-80xx/CVE-2024-8072.json
View File

@ -2,9 +2,8 @@
"id": "CVE-2024-8072",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2024-08-22T08:15:04.360",
"lastModified": "2024-08-22T14:35:18.797",
"lastModified": "2024-11-25T13:15:08.297",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
@ -23,6 +22,8 @@
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -30,9 +31,7 @@
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
@ -40,9 +39,19 @@
]
},
"weaknesses": [
{
"source": "reefs@jfrog.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",

39
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-11-25T13:01:24.808699+00:00
2024-11-25T15:01:11.658599+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-11-25T11:15:04.457000+00:00
2024-11-25T14:59:00.317000+00:00
```
### Last Data Feed Release
@ -33,20 +33,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
271245
271248
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `3`
- [CVE-2024-11403](CVE-2024/CVE-2024-114xx/CVE-2024-11403.json) (`2024-11-25T14:15:06.310`)
- [CVE-2024-11498](CVE-2024/CVE-2024-114xx/CVE-2024-11498.json) (`2024-11-25T14:15:06.607`)
- [CVE-2024-27134](CVE-2024/CVE-2024-271xx/CVE-2024-27134.json) (`2024-11-25T14:15:06.867`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `34`
- [CVE-2024-50311](CVE-2024/CVE-2024-503xx/CVE-2024-50311.json) (`2024-11-25T11:15:04.457`)
- [CVE-2024-34392](CVE-2024/CVE-2024-343xx/CVE-2024-34392.json) (`2024-11-25T13:15:06.017`)
- [CVE-2024-34393](CVE-2024/CVE-2024-343xx/CVE-2024-34393.json) (`2024-11-25T13:15:06.223`)
- [CVE-2024-34394](CVE-2024/CVE-2024-343xx/CVE-2024-34394.json) (`2024-11-25T13:15:06.407`)
- [CVE-2024-45187](CVE-2024/CVE-2024-451xx/CVE-2024-45187.json) (`2024-11-25T13:15:06.577`)
- [CVE-2024-45188](CVE-2024/CVE-2024-451xx/CVE-2024-45188.json) (`2024-11-25T13:15:06.770`)
- [CVE-2024-45189](CVE-2024/CVE-2024-451xx/CVE-2024-45189.json) (`2024-11-25T13:15:06.940`)
- [CVE-2024-45190](CVE-2024/CVE-2024-451xx/CVE-2024-45190.json) (`2024-11-25T13:15:07.130`)
- [CVE-2024-51669](CVE-2024/CVE-2024-516xx/CVE-2024-51669.json) (`2024-11-25T14:46:27.873`)
- [CVE-2024-52392](CVE-2024/CVE-2024-523xx/CVE-2024-52392.json) (`2024-11-25T14:37:05.867`)
- [CVE-2024-52581](CVE-2024/CVE-2024-525xx/CVE-2024-52581.json) (`2024-11-25T14:15:07.077`)
- [CVE-2024-52595](CVE-2024/CVE-2024-525xx/CVE-2024-52595.json) (`2024-11-25T14:27:38.087`)
- [CVE-2024-53068](CVE-2024/CVE-2024-530xx/CVE-2024-53068.json) (`2024-11-25T13:43:00.467`)
- [CVE-2024-53074](CVE-2024/CVE-2024-530xx/CVE-2024-53074.json) (`2024-11-25T13:51:28.137`)
- [CVE-2024-53075](CVE-2024/CVE-2024-530xx/CVE-2024-53075.json) (`2024-11-25T13:58:31.503`)
- [CVE-2024-53078](CVE-2024/CVE-2024-530xx/CVE-2024-53078.json) (`2024-11-25T13:31:57.063`)
- [CVE-2024-53082](CVE-2024/CVE-2024-530xx/CVE-2024-53082.json) (`2024-11-25T13:35:34.083`)
- [CVE-2024-53088](CVE-2024/CVE-2024-530xx/CVE-2024-53088.json) (`2024-11-25T13:38:07.723`)
- [CVE-2024-5565](CVE-2024/CVE-2024-55xx/CVE-2024-5565.json) (`2024-11-25T13:15:07.310`)
- [CVE-2024-6393](CVE-2024/CVE-2024-63xx/CVE-2024-6393.json) (`2024-11-25T14:15:07.280`)
- [CVE-2024-6507](CVE-2024/CVE-2024-65xx/CVE-2024-6507.json) (`2024-11-25T13:15:07.517`)
- [CVE-2024-6960](CVE-2024/CVE-2024-69xx/CVE-2024-6960.json) (`2024-11-25T13:15:07.713`)
- [CVE-2024-6961](CVE-2024/CVE-2024-69xx/CVE-2024-6961.json) (`2024-11-25T13:15:07.930`)
- [CVE-2024-7056](CVE-2024/CVE-2024-70xx/CVE-2024-7056.json) (`2024-11-25T14:15:07.457`)
- [CVE-2024-7340](CVE-2024/CVE-2024-73xx/CVE-2024-7340.json) (`2024-11-25T13:15:08.107`)
- [CVE-2024-8072](CVE-2024/CVE-2024-80xx/CVE-2024-8072.json) (`2024-11-25T13:15:08.297`)
## Download and Usage

73
_state.csv
View File

@ -221090,7 +221090,7 @@ CVE-2023-27605,0,0,3c9bd67e7bbc5a970176fa36f2ef3e0bf73a6762632ef035cc42d3a510e37
CVE-2023-27606,0,0,df5a64e8dccf8b9593928c54f55b0be768a1ad798eb4d0e828b503915ddf62a6,2023-07-26T01:18:52.087000
CVE-2023-27607,0,0,e059482f5e66445b3b6dfa901c43f1665d8e6eb57a74d73e31d4f554c8f501e3,2024-04-11T12:47:44.137000
CVE-2023-27608,0,0,ca0e0396dbbf904c3f06805870be742345bb608af7591e6ce023124cb9b4b1dc,2024-03-25T13:47:14.087000
CVE-2023-27609,0,0,3f85f03bb7eeedcd5ffd7ec9bfaaa592e83b0f5a41c22309d46da5c98eaf3c35,2024-11-19T22:15:19.443000
CVE-2023-27609,0,1,1a4c070b77a97ab0ffdbe219d01820e23eadde320ae96b2ee9a07e433fa3d1fa,2024-11-25T14:59:00.317000
CVE-2023-2761,0,0,4dee62c0e7c940cf74deb24a4b57d9c2ba0f2e277a6910f32a7fc4908cfde16b,2023-11-07T04:13:16.437000
CVE-2023-27610,0,0,d62fcf0a65a97d1a6ac572d24b407ac5644e52669587257409c91d52f65b7404,2023-04-25T19:50:17.680000
CVE-2023-27611,0,0,216d6e149a446d5a846bdf9ca1e4391b75fac51fa22d36a78ccaf2671d9d6790,2023-11-17T19:50:57.180000
@ -235406,7 +235406,7 @@ CVE-2023-46701,0,0,c993cdb7f2d00fd0716469e8470716bc552f328a6be789e0faed0fa989840
CVE-2023-46705,0,0,c7ea8d379391e309f56d1ff001dff1dfa7b20f92bdb526a859f02a5eb5f033ed,2024-09-09T12:21:53.383000
CVE-2023-46706,0,0,20f7d32673063429867b9c4f04c9667fe14aef468627e1a04d8c5a202f108bf4,2024-08-02T21:16:07.820000
CVE-2023-46708,0,0,183bc5d8c4de1e293fe29932a6f78142b13af9f77d3b97e558fab6fdb5b66356,2024-03-04T13:58:23.447000
CVE-2023-4671,0,0,db204e5d8fdfd52d005bf9f8a4069c711fd0e952648ace9545d695a857f90643,2024-01-04T20:11:33.097000
CVE-2023-4671,0,1,0b86e40d05aea310ca18723025768f56024f0c444df95a9b1ee2629a0cbe6a70,2024-11-25T14:15:05.850000
CVE-2023-46711,0,0,b25bd52de55a3b0eb1d5fb1644425bcc37122b6f1c14841a1f487f9e05ae8639,2024-01-04T02:45:03.603000
CVE-2023-46712,0,0,070b2cc30185e3cef57c2bc99674ca3ce6da3ecfc0459ae21abdc4357c7197c7,2024-01-17T18:25:21.613000
CVE-2023-46713,0,0,4d1982060b9af1f91354c1a5dd3a3e3755258b8cb12afb63716b7a7248b3ee6b,2023-12-19T18:59:02.837000
@ -238804,12 +238804,12 @@ CVE-2023-51624,0,0,ddef01f94211ef1db5013904f89aaadf6ad6dcb414adc24ccd5c0b0cb749d
CVE-2023-51625,0,0,ef24db15c030d06611b2955b0877964c7a17efe7fad5407b26a081d48a704fd5,2024-05-03T12:48:41.067000
CVE-2023-51626,0,0,b1c03dbbec4b974d37d71dcc178068b7abec4076c19ca5d25cbd7860c07ed7f4,2024-05-03T12:48:41.067000
CVE-2023-51627,0,0,6348fec9fce4446add0b1af0f6a80a2980b8fb6b2a9c33611f7ca1614926089b,2024-05-03T12:48:41.067000
CVE-2023-51628,0,0,a1a84dfd5b0886dba3101997e68cdb53b122dd47fdf2442ae814af06862fee4a,2024-05-03T12:48:41.067000
CVE-2023-51629,0,0,50519bb9410afd64521a1380eda78e4ecf753145ac3fa72d607156c4842fb14f,2024-05-03T12:48:41.067000
CVE-2023-51628,0,1,0247cbc18bc596bc611dc7e5285e36e06a9420995fff780bc74ad1299db0fe35,2024-11-25T14:56:30.943000
CVE-2023-51629,0,1,8502b59116121aea1595a3360ddf2c62ec993bdef5c84cf8574877b52fcab99f,2024-11-25T14:39:27.587000
CVE-2023-5163,0,0,32f802f2d81cce00d8030983d09b355a4727156443c4195e1059ca6c8c9f301e,2023-11-27T22:10:37.123000
CVE-2023-51630,0,0,568c422ef237c630154cdbc6adbbecb7517e5faf3354491cf3dd8b9408c9fe6e,2024-02-15T17:15:20.487000
CVE-2023-51631,0,0,8000cb3ad7441ca551b8a4d132230d7760bfe920adf723ac6ea97697cfdc3c6a,2024-05-02T13:27:25.103000
CVE-2023-51633,0,0,8b4704f4b0ca28c92e5ea0a7e627d7055c278cd4e4f936a9a75953384fbb8493,2024-05-03T12:48:41.067000
CVE-2023-51633,0,1,c65e9f457e7fa99c41539c48110e16a37541cccf46bf2b08367938e982631573,2024-11-25T14:09:45.733000
CVE-2023-51634,0,0,87571f92e08ba4123c44b16684256e6dec1ef6057cd05d26680ba94de7d19958,2024-11-22T20:15:06.050000
CVE-2023-51635,0,0,660964526af298972b1cf9b066e557b2201f0121c04485dfd5c2925b5aa2c6b3,2024-11-22T20:15:06.167000
CVE-2023-51636,0,0,1d3aff896d9973e6be32d061f0f24bf58f77afe985f6425470a66bc0478e3b63,2024-05-24T01:15:30.977000
@ -240576,7 +240576,7 @@ CVE-2023-5985,0,0,60af0cd2cd77f1dd699f02a5d8cab511a678637669261049ae9a39a602b204
CVE-2023-5986,0,0,3209820a9eb3bd80910bd32d0ed92fe84ae001addd9e1dda6af8bbe04f6a28cc,2023-11-30T15:24:25.580000
CVE-2023-5987,0,0,8a386562cb5f2bf32bb0f3048cbaa68eae57fa94d57aadd86d3a46be07c3ce4b,2023-11-30T15:05:45.607000
CVE-2023-5988,0,0,e8870fe285335fc9ce27fd61b5356b88284d0d9de295811057ae9832cb67e1bd,2024-01-04T14:43:29.267000
CVE-2023-5989,0,0,f8509da0ba0d97be9b7e7d1f7b5f79dd1d2578aa08df6f41d5225f6bb32f42c1,2024-01-04T14:40:49.677000
CVE-2023-5989,0,1,fcd113561e6c70bc7f8d728687a2777561f95467e6d87448cdb6e2a0b4201672,2024-11-25T14:15:06.137000
CVE-2023-5990,0,0,15ce5aec00c7b53e458575c1bf06462b3643079b31aca67ca329b5e17aebb001,2023-12-08T14:32:27.447000
CVE-2023-5991,0,0,53ad6ba66617388676db7532ed8835e282a5dd8dfff15947bac31665750497dd,2024-01-02T20:49:50.667000
CVE-2023-5992,0,0,89014b5a90cddffc4e92782c319b1123b3b73fe015e6577eb84795ec814d5287,2024-10-09T15:07:19.680000
@ -241738,7 +241738,7 @@ CVE-2024-0018,0,0,eb1e6beb7617de808c00f24002cfa4ad37cdeb05dc3559f2748a83507aca8f
CVE-2024-0019,0,0,99addb01bdd59dfa56c3bb78510b54e791e3b9af747d8108035ab5d4ed5b10b6,2024-02-16T21:39:50.223000
CVE-2024-0020,0,0,e73ca517c90039568523c56c44f0cf8b451388b3358b22e01f666a71e39cd157,2024-08-01T13:45:54.660000
CVE-2024-0021,0,0,35bc8c578cc0cec7a2154a7bc3054d93602e915964abd6edd058f93c9e8b6d66,2024-08-28T15:35:10.670000
CVE-2024-0022,0,0,3cd621aee24b508cab60e42df908bea04c2b9934f8ccf5b596c88265f9b01d22,2024-05-08T13:15:00.690000
CVE-2024-0022,0,1,331d6115ffcfe949b7cecde01a1dc1640758dec20b3f35584ab54d0b06061cd4,2024-11-25T13:52:21.147000
CVE-2024-0023,0,0,0ae19107c0f009088c14cc9607c2fcb734bab1e5ea02d37a78e27ee1213b97f1,2024-08-21T20:35:01.700000
CVE-2024-0024,0,0,5fb9489ab6bda1953438739836edf4a6b94bd74733037853a8a3c897eda90f7b,2024-07-03T01:44:32.010000
CVE-2024-0025,0,0,d28de8c9f19ab5ba79d0474f043c936cf414f4247e50396a672a60bd3b9be766,2024-08-01T20:35:09.143000
@ -243512,6 +243512,7 @@ CVE-2024-11394,0,0,a51438d64c72e0e16d73fd06d60be4810cb98d4da7680e7c092afb2b22e57
CVE-2024-11395,0,0,e97b88024677a483ae4a42afe9a8440978faa48e4e721bb1c822953f8252b946,2024-11-19T21:56:45.533000
CVE-2024-1140,0,0,346c2ed0aaabc419b4aefe2cf8513b81b972566618f29982168bc7166c832ab2,2024-02-27T19:17:32.253000
CVE-2024-11400,0,0,68517feb9a17e8334cb49d2e9635846cb9ffcbcacaf62470ee1bd79105ecd1d9,2024-11-19T22:15:19.740000
CVE-2024-11403,1,1,aa2618a7b6d3af70c8c76936e7400798cb8fc2bbb8402d3422568e8b944ad335,2024-11-25T14:15:06.310000
CVE-2024-11404,0,0,525efe85caba48797a4f541c0d9d8e5e1135b7d4afff8a5c0abba9ca32591f5c,2024-11-20T14:15:17.750000
CVE-2024-11406,0,0,d4abbee85b1f77460ba170fa7cbcf81435244eeb65babfc1772879a68307a74f,2024-11-20T12:15:18.890000
CVE-2024-11408,0,0,54146805a36bac284d40e39c15c15c6876d5afc53f160d33d40768ebebc9eab4,2024-11-23T05:15:06.990000
@ -243542,6 +243543,7 @@ CVE-2024-11492,0,0,5e600b547b478d48564c1c47f07d82105e0d39b9512c1f854b307052cab97
CVE-2024-11493,0,0,bf4f0f877d2f5cb02e47eed13d91bb60cbb26843625614fc7fab8174917d484c,2024-11-22T18:07:31.973000
CVE-2024-11494,0,0,5890d4fb88df3d8f55b6792aa5c18e107344b1b8b9d64b1485bac263c175d055,2024-11-20T10:15:05.920000
CVE-2024-11495,0,0,79062961a6b5f76603192d58576bb23157ae662ae3c66c7b46038e4fdb4d0e00,2024-11-20T13:15:04.197000
CVE-2024-11498,1,1,a8ac2c30c03f42b9942a8db1241cf2182e07c4915a2b1066626b489721900469,2024-11-25T14:15:06.607000
CVE-2024-1150,0,0,b47a3c09b3a331a50594ab70df2061c7818f30992462806b6f5b7a310a00b60b,2024-02-15T17:42:08.113000
CVE-2024-11506,0,0,4c7ec94842471c431cd212c6943e02a7dfc411145d8209ad357ca05b0b5e8d8f,2024-11-22T21:15:08.743000
CVE-2024-11507,0,0,9d175120b6e707cc8e6e9224cab720d52e5dabd0dca50b8fa35967b0537f6f4b,2024-11-22T21:15:08.867000
@ -247084,7 +247086,7 @@ CVE-2024-23353,0,0,42262e339e6d366aad6563a1c652fb13cd05cc4bec16ee2f618cb8406bd6e
CVE-2024-23354,0,0,d3fd9daa791ee33342cb497a5681a0dd81bdad9861bd30e5715b0971cd859b7b,2024-05-06T16:00:59.253000
CVE-2024-23355,0,0,806003886385d4b2d2deb76639f7ac6521417b8f1f254f8866cb7d5e1943e0c5,2024-08-06T16:30:24.547000
CVE-2024-23356,0,0,ff70554acf59c1511306d60d5d4f6094d2f59484c1ed44203c726f1a849f127f,2024-08-06T16:30:24.547000
CVE-2024-23357,0,0,dc64682a550688749148312c9f0d41949cf6d69edcaca360406c7b10c97981c6,2024-08-06T16:30:24.547000
CVE-2024-23357,0,1,b1e28e668f4eb8557de39f6ab71fd2f2ec033d7309b2596bde84dc120958522e,2024-11-25T13:28:29.360000
CVE-2024-23358,0,0,ec566399a5133d43cd800d26f189ec15b38485096e7cee1475fd84ffd959fd21,2024-09-03T12:59:02.453000
CVE-2024-23359,0,0,f653a63fc54e0e61e79052d04881e3a671ec7cee02c524d2227c31693a3548df,2024-09-03T12:59:02.453000
CVE-2024-2336,0,0,ee2ed99bdbb77ed98426fec739627a0e0294ad75ca24e044dbbf3ddb7c699139,2024-04-10T13:23:38.787000
@ -249897,6 +249899,7 @@ CVE-2024-2713,0,0,e2342976127d7e6781324eee189df9e87a74bb9c1408b340d411faa4a12560
CVE-2024-27130,0,0,536ba84e44f1b39ccd708bbac556c22b4a414189a9907fbad36fac1cb7a016a5,2024-09-11T13:39:08.997000
CVE-2024-27132,0,0,c5cfdc93a4a30eb4ada1b68dc89dd72224529d7dc99c692ce9a1a016e1ab521d,2024-02-26T13:42:22.567000
CVE-2024-27133,0,0,6574fdde089b4683da8bd06069d4a01e27d182b9361898f9a2a8686337a251e3,2024-02-26T13:42:22.567000
CVE-2024-27134,1,1,1cf911d8427ee9cabc069506830bd685882f18ed1d53d7a2ed36a37663d6c2ba,2024-11-25T14:15:06.867000
CVE-2024-27135,0,0,8f681cbd0423d5edcf1af419653a19c055e013668588c5e21fc1acd9f7af97d0,2024-05-01T17:15:30.087000
CVE-2024-27136,0,0,27208b55e838e26e8744f0daba44f78d1e5c27e433ec8142f38052cb8e098b97,2024-10-17T13:47:39.417000
CVE-2024-27138,0,0,1f057fc4a86e32fdd3cbe80da63722cbc73089ddadbb43b1562d5d847b0f5599,2024-08-21T21:35:04.820000
@ -255212,10 +255215,10 @@ CVE-2024-34388,0,0,a46e041f8ac8e5546be9b9eae595fada7823779c1eb7f0e971ee9aa18b93e
CVE-2024-34389,0,0,ea067096e4443a8a7348aa8a6eb36101658eac805d9c1f3009370b3c7433b145,2024-05-06T19:53:38.797000
CVE-2024-3439,0,0,5b40d6c21ac80c27430bcddd2a6b9ce0cab93a68b2c6525020183da820d58678,2024-05-17T02:39:56.277000
CVE-2024-34390,0,0,d226b418ae0ac66205b75d2061f00f86434d2d8398035e5837e56e870303b11e,2024-05-06T19:53:38.797000
CVE-2024-34391,0,0,fea0526d8b3f094ea1377906b102ca6f0f9ab852468be2342d35da7d8b32256a,2024-08-06T16:35:13.613000
CVE-2024-34392,0,0,95f700dedff586182f66d1ca5e7da764d337c16226845e0ee1ec7b84b40d651f,2024-08-01T13:52:21.033000
CVE-2024-34393,0,0,9d61a4306d036e5052fc5d8b364b63a626c2cc9af434ed24e38ecec71df608d5,2024-05-03T12:50:34.250000
CVE-2024-34394,0,0,9d971c1ec9518d2a1ce0c68b603eddff6cf55abad02bc9ebdbbffcbdf77796e3,2024-05-03T12:50:34.250000
CVE-2024-34391,0,1,705f19075146f7f6b346a1ff41f10c9bf2fc0d08d692b2fc736ec7725283a7cf,2024-11-25T13:15:04.370000
CVE-2024-34392,0,1,c4333ebc33adfa99d46dcfcca1d44cc72ee4fce260ccc458c35327a2af91777c,2024-11-25T13:15:06.017000
CVE-2024-34393,0,1,18625fc639b8d6b3e4496484fd5980a2e2eada59ffa85127325ba43635ea27dd,2024-11-25T13:15:06.223000
CVE-2024-34394,0,1,647ac6329affaece23b1fe2180bdba8eddba78096d087554becdb52ae33a46b1,2024-11-25T13:15:06.407000
CVE-2024-34397,0,0,fbe115fc17ef3ae402335dbe24a2a48fe58cd8036552f43e922fe8ad96767329,2024-11-15T18:35:32.760000
CVE-2024-34399,0,0,b575bfaa23d53510470a68bea01ab071e8876f6597cd9250405e7f9141fb6390,2024-09-20T12:30:17.483000
CVE-2024-3440,0,0,534ad01cc4d99b7aec93fa9eb5959ed4cc5d68a1c33a8c467ae485dbc87a6451,2024-05-17T02:39:56.370000
@ -262854,11 +262857,11 @@ CVE-2024-45182,0,0,e32901d25899173bbdbcd4da8de2dfd78b6a7db5248414eaa56acb1cb3e78
CVE-2024-45184,0,0,4b6497f365552ae587c6f2bb1b9a699bbd0812ac854bb52824296d2cb32eb74f,2024-11-06T17:35:34.223000
CVE-2024-45185,0,0,72bf9a166165415f673b127935e481d1ba969f414b40f9d8d7aa157b9fd36cb3,2024-11-06T19:35:16.420000
CVE-2024-45186,0,0,77c3f8977c3993383fb80894e402f55d5d22584cb41b5e73c31c8d88ae8792cc,2024-10-04T13:50:43.727000
CVE-2024-45187,0,0,b29c34a9281e147a1f2b33bdd2a8c272cd39081d36dd9d0273787cf191e54024,2024-08-26T12:47:20.187000
CVE-2024-45188,0,0,b715e0fd98dc9de103c52fc47a055822268226fc14af5f0a01f3a3eab3db9def,2024-08-26T12:47:20.187000
CVE-2024-45189,0,0,b34fadec0fb3db465bf6b7b191f2d87a7b9589d6e1c6f03c86e02522d36fb854,2024-09-12T20:42:30.850000
CVE-2024-45187,0,1,84c31e9028ffb8b6715341f3c882a6c58514685dd078f9763de3e66fcbeb73e6,2024-11-25T13:15:06.577000
CVE-2024-45188,0,1,2cdc1ddd3c947e0ee8d98d6801559aeca159e1c9707481b8a048746b0b2c5918,2024-11-25T13:15:06.770000
CVE-2024-45189,0,1,37cbfbc1af46dc8182e86472f37a08d678374650208836cb2671644fc22b1a19,2024-11-25T13:15:06.940000
CVE-2024-4519,0,0,5f7c1c0aa362af4fc3ba7e1d12e176f4028e88f0167af6f63c30c7ec7da86837,2024-06-04T19:20:41.127000
CVE-2024-45190,0,0,d66cd4c54a74e68d49ead3a1a738b5a5af6006ce6c10ee38db19e97b19943350,2024-08-26T12:47:20.187000
CVE-2024-45190,0,1,4911f4c587d4e025428690f1b1d4d89ed0c4131ac8533649cf619b1aa4a0794c,2024-11-25T13:15:07.130000
CVE-2024-45191,0,0,8443e43b9d82a04b48d8323217dfce6e3ba39e3927d895a09997e10b54894a70,2024-09-10T19:35:09.727000
CVE-2024-45192,0,0,7ebf90a7dd47be6e13a820a7a55bd25a33fd9e3b9dd577584cb0c6cebe7114d8,2024-09-10T19:35:09.943000
CVE-2024-45193,0,0,aad683d38855495998b9aca0a814babde19e695a0d6614e90cdeda08f7f96a08,2024-09-10T19:35:10.143000
@ -265957,7 +265960,7 @@ CVE-2024-50306,0,0,99b8de1207b2fdc71c13146c7372e7163a77f6f60a3176c55d7bfb57d63fa
CVE-2024-50307,0,0,6d2dcfccb50c0c30fd7d9bda3b36490982da8110db31d087befc4509a1d360cd,2024-10-28T13:58:09.230000
CVE-2024-5031,0,0,5b0fce1eabb88a37a871d927606cb4ca5166c3808ddca60f777848c692bab12e,2024-05-22T12:46:53.887000
CVE-2024-50310,0,0,cdbb51e1b47d1a9497998e60f58fb5fe87ced29e9d042b4c42b3a1b3ac7563d2,2024-11-13T23:15:38.657000
CVE-2024-50311,0,1,bbf9bf6faf9f93d7357dbeef3ee84cf427d6d1d71ed3ba6eac47fd50bc3bb54d,2024-11-25T11:15:04.457000
CVE-2024-50311,0,0,bbf9bf6faf9f93d7357dbeef3ee84cf427d6d1d71ed3ba6eac47fd50bc3bb54d,2024-11-25T11:15:04.457000
CVE-2024-50312,0,0,8b68d956a110cf88efd2db7bdd6fdd3dc5b02186497d9ae2cbca0852915a398f,2024-10-30T18:35:56.753000
CVE-2024-50313,0,0,57c773ed95d19cba8304d961904a015105ffc1450a840dde453d207457fba72c,2024-11-15T17:12:44.410000
CVE-2024-50315,0,0,4cc2faf3d8c489bc195ea9b1b71e3db71fb7f18259f91c4f6bf82e911f7ad06a,2024-11-06T18:15:06.173000
@ -266666,7 +266669,7 @@ CVE-2024-51663,0,0,520a8635ff522fdc65658b7a70adf68b74653e7c0896676e8030c7152d369
CVE-2024-51664,0,0,731666371e8e1d3dea3af653d547a841307a12b3ed3c176b0312ba2fc0f9e478,2024-11-18T16:55:08.183000
CVE-2024-51665,0,0,836ecda2a38ee75dca042d09339ec8247ed79262a6a8d01bd25035a2e84a5ce0,2024-11-06T22:07:10.707000
CVE-2024-51668,0,0,4ac7d5e93cb809510601d69159928326b54ee48272274d0a2c08f9b129fc4bba,2024-11-18T16:51:31.227000
CVE-2024-51669,0,0,a2841069a842587696eb4d8be2b3bd6752eb4dd1c60f3c23e8694f11e31b9d91,2024-11-19T22:15:20.673000
CVE-2024-51669,0,1,146fd2b1440fb06706ab2c39b22b343b1368d86257bd9ab27c58a899cf22817d,2024-11-25T14:46:27.873000
CVE-2024-5167,0,0,a26d674346a63d8730649864e3fcc22e33fb8b5877ed990bcd49874aef8d8c48,2024-08-01T13:59:41.660000
CVE-2024-51670,0,0,6b1c3ded81e899ea83f78c72687b003b0add9ee5b9d5d075c91040d8d36272c7,2024-11-12T13:56:24.513000
CVE-2024-51671,0,0,c2b47e208a89f2d52b8003b112cfee6156d0beda5573c395d93f4b59159329e4,2024-11-19T21:57:32.967000
@ -267079,7 +267082,7 @@ CVE-2024-52388,0,0,ce55e9ed17a8a219c7a6d58feeab474f1ffe6318e7d3b7af4a0fad8a1b577
CVE-2024-52389,0,0,45c3dbe55b03e4244fb557ced10b2ff6045b3c06dace6b2480576e225e242515,2024-11-19T21:57:32.967000
CVE-2024-5239,0,0,22096f8834a8c03dcb48be161c14c319f43af7764381bdfba5862a8d7ec5b0e4,2024-06-04T19:21:03.520000
CVE-2024-52390,0,0,329d0b054464eea04d3562054e61eef5352bd4724e52422640112f3a8757b4ba,2024-11-19T21:57:32.967000
CVE-2024-52392,0,0,74a07d9bff29391d96adf3f2174acafb71ed7086ee29e9f7bdfdbce733d10e72,2024-11-19T22:15:20.910000
CVE-2024-52392,0,1,2937e05a19d20ef3a0322f939c3ee2fda5ccf73589e6f92a257dcce73fe6f038,2024-11-25T14:37:05.867000
CVE-2024-52393,0,0,544c9a3bd507c14f5bd824b3ace32c372ff7d621dec666c2268e7d1fbb090c75,2024-11-15T13:58:08.913000
CVE-2024-52394,0,0,5df60d6781cdc08049f606f6ff49915647c229d8ab43b74ded6e2c363c2448e5,2024-11-19T21:57:32.967000
CVE-2024-52395,0,0,1862360cad439c79aa69bcc60ecb5b8ef5710a2fd2adf64660ae0ecfab59894e,2024-11-19T21:56:45.533000
@ -267206,14 +267209,14 @@ CVE-2024-52572,0,0,c0e0fc96131cfde3245d161e47af7d9dec01580e56aa338c8a414865df238
CVE-2024-52573,0,0,7ffccf8870901c006a7f33dc1d8f91b9d66ed7ff0d296ac84a25af9c21b99120,2024-11-20T14:32:11.853000
CVE-2024-52574,0,0,08a31b1207ac9954890db3514da1b5bfbbffb60d94a65f2e19cf3704e3894c71,2024-11-20T14:31:47.103000
CVE-2024-5258,0,0,51134eb56f05332c584317818ff995de56b2de598a9752cb1990f31f73c535e3,2024-05-24T01:15:30.977000
CVE-2024-52581,0,0,e99e53b57579b0e6ad0baa00eda4de8dd1c343c5653cad5dce576aadb0e1339a,2024-11-22T21:33:08.027000
CVE-2024-52581,0,1,81637fedbcbc81a7273478a0b47010cade6002e188c29a9498f893901c400065,2024-11-25T14:15:07.077000
CVE-2024-52582,0,0,062f12e1e823d51d2f1a33f66443e047c3af587e7890e11c0a77ee9784e71f0b,2024-11-19T21:57:32.967000
CVE-2024-52583,0,0,331a75eedc8c50395b086e90133cf1403c288043391a827605fb5f0e36a935a2,2024-11-19T21:57:32.967000
CVE-2024-52584,0,0,f9af502174e9cbaf3af41cffa948a31db901e8cef9cc90ef382afc2b118a4c62,2024-11-19T21:57:32.967000
CVE-2024-52585,0,0,ae573765d0059b6c237eb866187766f9c4c0b67ec566925f547df71f0cc9aee7,2024-11-19T21:57:32.967000
CVE-2024-52587,0,0,4ff6d32c0cce5d4db211ff88731438a9a256421cd5f2b2cabeafbdadc8a29ef5,2024-11-19T21:57:32.967000
CVE-2024-5259,0,0,b3c664cd11ddb9db1b34b50011b18499fc5ac06e8b6b6a588e8cf7d8bc26fc37,2024-06-11T17:44:42.783000
CVE-2024-52595,0,0,9350e5c85067e132d51c2548051208f53f3e040f154d457bd6c129e1523fcb4c,2024-11-19T22:15:21.120000
CVE-2024-52595,0,1,8a7985528b5682db55ae119b7b5e36765ed6db59aa7644e450a4161b96108d1c,2024-11-25T14:27:38.087000
CVE-2024-52597,0,0,0dc15f04b10696c300efbe4aac63baeff7d573b005de682671a7397a19d8fe4d,2024-11-20T14:15:17.967000
CVE-2024-52598,0,0,477258740433139def022fa49fc642fb7eea1c94a8945d9797525cab03b121cb,2024-11-20T15:15:11.667000
CVE-2024-5260,0,0,1ea9956e2812efb1ad02a50e6e15b3c5419e86ea96923b6afc83449c65511582,2024-07-02T12:09:16.907000
@ -267343,28 +267346,28 @@ CVE-2024-53064,0,0,3bb033dc6aae86fa2e5ece446a8e8c6ad0cd30bf017ce16ad3ca01b8f35e3
CVE-2024-53065,0,0,50051ab04eb529a5f3837615462e27887f9fcc2921e459dafebab73a597de8c7,2024-11-19T21:56:45.533000
CVE-2024-53066,0,0,4f44670a2729bf575ab701426b4458a092dcdd97055977e93f4e9822063e34e0,2024-11-19T21:56:45.533000
CVE-2024-53067,0,0,2743b7cc2805b9791996ac1684922bb1283e7ee50839aa254a267908d281096c,2024-11-19T21:56:45.533000
CVE-2024-53068,0,0,5e66b379170e2d5e8d008c19db6f252c1335cdc5602a45016c1f63e675c15654,2024-11-19T21:56:45.533000
CVE-2024-53068,0,1,95394cfc5f32c3da29765a2447a20db757db3b341b809b278465ed9fe936dfb5,2024-11-25T13:43:00.467000
CVE-2024-53069,0,0,f5c3dc08dd85594810e2e234abca83c46f325a99c8b12681eaf3a88411c504ff,2024-11-22T22:26:20.310000
CVE-2024-5307,0,0,9f60aac251e2e03d9552a0394a9c798214f03b8e43e7cbb0dd9de3359653dec5,2024-08-23T15:00:25.687000
CVE-2024-53070,0,0,1dbda718e453760e461d319055dcae3099cba98c4000aef775158e342ac0b1d5,2024-11-19T21:56:45.533000
CVE-2024-53071,0,0,33ad5da8002c3a0c9d64e8ddebfeae85f88c55b0cbce70c328e8d7bd3f2534af,2024-11-19T21:56:45.533000
CVE-2024-53072,0,0,7574f682813daa5c3ceccbe90cee77d4dd2e034f0e74c2f9b2968f1a96236995,2024-11-19T21:56:45.533000
CVE-2024-53073,0,0,e3aa308560cd3dd6cc47506b206af45b2d1fbdac14a2b750af9e9fe9cfd6eb02,2024-11-19T21:56:45.533000
CVE-2024-53074,0,0,70c644eafcdb09667039b31236069cc351d9cdbd9d0c5961941260ddbd468605,2024-11-19T21:56:45.533000
CVE-2024-53075,0,0,64f2bf161a2c93799742512575f3f616876f5c06758d10526ee18447a93d4813,2024-11-19T21:56:45.533000
CVE-2024-53074,0,1,a5befe099246b6e79e3ccd6574afa6c7cdf657f4d54fbf716c577f3e4ea9a0be,2024-11-25T13:51:28.137000
CVE-2024-53075,0,1,b8a47df9f6008c83b93e2abefdeadbc449d2b3e2a3dcb44f41e184a3b9508346,2024-11-25T13:58:31.503000
CVE-2024-53076,0,0,0be57ac15a64c608a1e52bd99fe58bd7fdd85d1305039bc11b5396e02cea259c,2024-11-22T22:24:24.607000
CVE-2024-53077,0,0,f28436e3547a098b80bc29c6ba6263f592026da63ae3b3be2bac52a9cd398691,2024-11-19T21:56:45.533000
CVE-2024-53078,0,0,77fd41addf2eb18c70c325a609a916d0824ca800a1b0fa17095fc1a94fb5f3e7,2024-11-19T21:56:45.533000
CVE-2024-53078,0,1,fb4576ab424097abb54c012dfd85f820fb3d67465f92657a79299e53e0dd3ac8,2024-11-25T13:31:57.063000
CVE-2024-53079,0,0,feb4dd4b279da03f1175e573ff936491912f98a2521bb1b4a43e7053521e47ac,2024-11-19T21:56:45.533000
CVE-2024-53080,0,0,4f55f4219302c380e18d9d77a4d8b74dea1e1e7f2dd32de0e9052894f115605c,2024-11-19T21:56:45.533000
CVE-2024-53081,0,0,10191539bd50a09755c5ed23a69306ce5b4a7762ddfda305449650c7165c950d,2024-11-19T21:56:45.533000
CVE-2024-53082,0,0,8d9f5178803bdd769d79b8df1f4f13fa6cca70986e0270c3f94cf72bae1e6cf7,2024-11-19T21:56:45.533000
CVE-2024-53082,0,1,4300d5804f1739d010f3842a1f063115d30827a689b8acceb8e0ef0a875aec0d,2024-11-25T13:35:34.083000
CVE-2024-53083,0,0,14bc093b2d0dbf0b458e87cc263fff838a1c2b0f5030c72f49f5cbb2b92721d1,2024-11-19T21:56:45.533000
CVE-2024-53084,0,0,2cf825e9737c7232363a4d626913473a9390d79ca2cd868f24741a845042e35c,2024-11-19T21:56:45.533000
CVE-2024-53085,0,0,f5ae9e527b8added968192f657d0086aea0cdf66b8a2f3b5bd110693b68524ad,2024-11-19T21:56:45.533000
CVE-2024-53086,0,0,8225327c6a29b2be37353ff40cf0c511301db44cf4b7f474bd5ea225dd664d0a,2024-11-19T21:56:45.533000
CVE-2024-53087,0,0,25d166e1e025b5c54c21d08e3702ec93800f086873c5592df1f0003384d2c224,2024-11-19T21:56:45.533000
CVE-2024-53088,0,0,97dffe3c93e3a24d472442a087e4c30095f979b2672180b3c0c78c14a813bb42,2024-11-19T21:56:45.533000
CVE-2024-53088,0,1,4acb4616433d03d93155294bc2ab962b7dfb65d296dcbedc7f5afde9bb86fb35,2024-11-25T13:38:07.723000
CVE-2024-5309,0,0,c9aea77aef389557d90d6203c5980313f972101a7c87b26eeedeec9679d42fb3,2024-09-11T16:33:17.950000
CVE-2024-5310,0,0,be68f6d898e4e59f65162318c0ea0836be8ef675c080dff90d77e5a0c98b0b1e,2024-06-04T19:21:04.583000
CVE-2024-5311,0,0,4e4e9b4edb642fa4d04760ded51b93254fd12f5bde190a96e2c1818c58cf4797,2024-06-03T14:46:24.250000
@ -267614,7 +267617,7 @@ CVE-2024-5559,0,0,ff51559fb7e7362b104a8f1f28895eef2d8f7eb659f926ae6c1cbfda694d48
CVE-2024-5560,0,0,002123ffc16696131d663e9c06724d8fb4501ef3ca4bc4191b4229c106e3346c,2024-07-25T19:59:58.017000
CVE-2024-5561,0,0,2402f729a9a78ea1b47f81300264ab035c7edbdae352c0f0ab2db6bebdbfe723,2024-10-07T17:45:29.950000
CVE-2024-5564,0,0,f4d47902a90dbb93559c7fd22e2dd25c0de5924fe13b2f49f31df78ea2a71a6f,2024-09-16T21:15:46.417000
CVE-2024-5565,0,0,e1d36fa68b4a73d6b78bd8eb39c3f27f14d8d32dc884b4fdfa0f8545d690e8d1,2024-07-03T02:09:05.567000
CVE-2024-5565,0,1,16883f1a148c5fd957f21fa3dcbaeff04674fee74132d712ba663094e81bce57,2024-11-25T13:15:07.310000
CVE-2024-5566,0,0,c0477f9a669450d35fa5ea491716b2362e467b6bc96edf26617c593b80eafd26,2024-09-17T16:42:01.030000
CVE-2024-5567,0,0,9ddf51d47c18911d8595764dd1c47ae2dfcb1e356c8316a1d8b3323d4510dd43,2024-09-26T18:27:51.817000
CVE-2024-5569,0,0,b9fd3bed59b5f668c54b0264622201b8600e789b08e0f56eae05ce6b6e8c76ce,2024-07-09T18:19:14.047000
@ -268362,7 +268365,7 @@ CVE-2024-6389,0,0,97619f937594e57440ea9f8cb3d55fe9ec171c40b4959fd4a8bcfb76e0e631
CVE-2024-6390,0,0,a350381d3f247972bbe468db9ec2332b3c135e89cdf36bdf1358f9f5965e67ff,2024-08-05T14:35:08.267000
CVE-2024-6391,0,0,f39301e9680e09028795caddd1f0219ac421e8fbe3773aa2e024531728c8f9e1,2024-07-09T18:19:14.047000
CVE-2024-6392,0,0,edc3ee0e5658afb33c71de43cf2ca6ea07650ea12323a6b995125316053d44cb,2024-08-15T14:56:16.490000
CVE-2024-6393,0,0,e0376acabfcc8486b40dad6a1b43ae1050c68520bbcf7141fbd0b9b12d8befb6,2024-11-25T06:15:06.950000
CVE-2024-6393,0,1,72ad7025f7a779bb5c5c5945eb7b07a2c74bcca887cef4740d03a5325e23de6f,2024-11-25T14:15:07.280000
CVE-2024-6394,0,0,ac3b1d2e0af624503920e5a866ea41a1e7a192d616e1128676db976e0c511281,2024-09-30T12:45:57.823000
CVE-2024-6395,0,0,8949d2f54703284d3b545906a65282811d0c7a0bd7bd2d1ca2dc3e2d333d4c69,2024-09-17T16:30:03.617000
CVE-2024-6396,0,0,9e4b547b4d90c33704c90a7cfe67a136b4a49a6d0168d4ba570b6960a74fd1cc,2024-07-12T12:49:07.030000
@ -268459,7 +268462,7 @@ CVE-2024-6502,0,0,7304740865a2d9646b306af4eab2981d10cf59323822892a921ddddc4962ea
CVE-2024-6504,0,0,6666bb3ba2314d1147da34b1413146555668de024ce515e1e34c91b1fe32472b,2024-09-10T13:53:28.387000
CVE-2024-6505,0,0,2472b280b959c45a84076dc8298b1f0ea15132bfdd2f045bf3ab100aab446db1,2024-09-19T06:15:03.463000
CVE-2024-6506,0,0,58310ca3e68e3dacb16dafd9b32db187bdf111a88d3da008267c8c84bbec48d6,2024-07-05T12:55:51.367000
CVE-2024-6507,0,0,4e3b24fd61e25de66a6840473e4d19109a713188592b0f05efa1cbb9de33936e,2024-07-08T14:19:21.610000
CVE-2024-6507,0,1,b239455b8f5f1d3ac31fcc373caedee9bd82f1115157873594152d5689339b7d,2024-11-25T13:15:07.517000
CVE-2024-6508,0,0,83afbbb0c300c926d75e43d120f11132485b3123bc7f3e14a9e5aa056ca1afd1,2024-10-30T11:15:15.220000
CVE-2024-6509,0,0,92d3e93ab6705f0d35db0981a843bd7a9f1569ff46afd64f08cc36099e50a2a5,2024-11-08T09:15:07.887000
CVE-2024-6510,0,0,5e8ec1aef4696d364d1cf0507192e6236a7f19c30decdfeea7966d96cda0feda,2024-10-02T17:17:46.450000
@ -268847,8 +268850,8 @@ CVE-2024-6956,0,0,402b3b90bc0ef6eea6fea2da2c73e896560064f50f2a4d52cad793cf96bb32
CVE-2024-6957,0,0,b4f44e4de7831c46c7995591b032592b6aa63f3442f007561464731699c5213c,2024-08-21T17:33:42.753000
CVE-2024-6958,0,0,815ebcc0d5fc84aab6c67001f06fe76ce9152d116a343e60ea5524ee95f4434e,2024-08-21T17:42:29.697000
CVE-2024-6959,0,0,2d67cec9f4ab2f0a781639ad16c22336786de40cbbd62ec439be656e7c13fb4c,2024-11-03T17:15:15.193000
CVE-2024-6960,0,0,932ef4036cbd886ee22297597ffd985e884d3c0cad50613ff0bd32ecdcd39a17,2024-08-01T14:00:50.973000
CVE-2024-6961,0,0,c26f41db6b5c6e22104567980ea901ebcdc3d0c6ac8c59905ee37ac020ae3afe,2024-08-01T14:00:51.710000
CVE-2024-6960,0,1,8576a1f7d525eaf9b1bff8510981a8778bd372756af9c51f341acbbe80ebe03b,2024-11-25T13:15:07.713000
CVE-2024-6961,0,1,e5f192c18b5d99367b661053e1f4c2f9500ccab5805b273912f2fcd2e6a72e95,2024-11-25T13:15:07.930000
CVE-2024-6962,0,0,b8054e2d59ceccdcd4628c1dbc900d3f0c22ab58e2eaf33700d9d63f648dd237,2024-07-25T15:47:18.363000
CVE-2024-6963,0,0,9f0caaa27192dd5828a73618f480b0d55e017cc1128d5360802182c76c93fb85,2024-07-25T15:47:02.633000
CVE-2024-6964,0,0,815859cc57fe1a509677a232142e7af830e9bd80af5bd8fd21b38ac7c8d853ca,2024-07-25T15:46:37.340000
@ -268919,7 +268922,7 @@ CVE-2024-7050,0,0,f402c0a89ba2917236fe6639793bd54ee4751807250eba7a4dde84d4a362ff
CVE-2024-7051,0,0,d0158d1d3b2cdd12dcaf8ff0c61b0f7cdef559e08a0a05011bfe1940648c764c,2024-08-30T16:15:10.960000
CVE-2024-7054,0,0,c2f192d88d8b2a817d17540b8fda16fcd38e463cdb3b6d5e52e3cf243830add6,2024-08-20T15:44:20.567000
CVE-2024-7055,0,0,b0e8b0793ccc61abbc70699af6d91421241877ab1f640f57d490cff121ecbcd0,2024-08-06T16:30:24.547000
CVE-2024-7056,0,0,45259245a5b5660bbb61312f04fc71f22afa3fe63185396a9af2f165400fead7,2024-11-25T06:15:07.103000
CVE-2024-7056,0,1,37111c4650db136e01a7df187ccb4cc176759687434e3e54b1087b89a2bc4436,2024-11-25T14:15:07.457000
CVE-2024-7057,0,0,a6551db1efaa6d27001f0a9bd261718973ddbbed12b7a664704cb76182efd9f6,2024-09-05T17:33:21.630000
CVE-2024-7059,0,0,3a27a148befadf16acee7ebedbac795471021949159ba2ee559288c712f4b824,2024-11-09T23:15:13.563000
CVE-2024-7060,0,0,99f05c9e70d96dfd810da0f220a22b8ca1f2d257118941ef3fe99789faa8dacc,2024-09-05T17:30:34.897000
@ -269167,7 +269170,7 @@ CVE-2024-7336,0,0,7039a792519f9f6bfd944e76e753e4868d6e66e426315a5e2732b19e5d26ad
CVE-2024-7337,0,0,bb4e29754f24508ee03646d09f02a9e9792b2bdc0b40ad3f742f7daf359e305a,2024-08-09T14:15:19.283000
CVE-2024-7338,0,0,40f9236687cb1fba08bae47e5bce5fdf8596baa7faf10b9e6c7a335576e73829,2024-08-09T14:51:45.677000
CVE-2024-7339,0,0,57ec1e872e2326d7636a6cda3d278abfe9440d76240320c6c9e4335e8a941603,2024-08-23T16:53:31.643000
CVE-2024-7340,0,0,a3f98c82759b3c1463da2160a8c456e9c18de4cdd89227049824622069589bfd,2024-08-01T14:01:07.677000
CVE-2024-7340,0,1,f9e8415acfd277522f4538cfc21652e836935a0882b8f07a1dcf8ca17aa54e9d,2024-11-25T13:15:08.107000
CVE-2024-7341,0,0,25486e0c62a073cedc2875fa674c65d8d7b971980408cb946009bfaf8f227166,2024-10-04T12:48:43.523000
CVE-2024-7342,0,0,92ad1e6857e9b0cace198602fda8e3b1ec6edbf7f40f7b078718810def4495b5,2024-08-15T18:40:22.537000
CVE-2024-7343,0,0,b6b73fa45089899a04dcf5d8ab6e4cd843be4b35e1b528d7d577722e09cd2c25,2024-08-15T18:40:52.707000
@ -269778,7 +269781,7 @@ CVE-2024-8068,0,0,ff67245b19b7d21d2afc67837ac2c93ac177fb5d356e87334bd3a1d9d5ea42
CVE-2024-8069,0,0,9cc484ce45e2ef692951fa94c7892a728fd1a2b63d61cf30849697510352a1fb,2024-11-13T17:01:16.850000
CVE-2024-8070,0,0,fe9b454067f74b13c9d22e1bfea14cc77320169fffe5e56dce182517c870c1a6,2024-10-15T12:57:46.880000
CVE-2024-8071,0,0,ac7c2c7e7df896f6bfe7f17a6e74f8de236e5ec843865384cdf53fde1e533098,2024-08-23T15:34:53.913000
CVE-2024-8072,0,0,08fafb0bed7b0568fefcb8938e0e01cf4acf3cb153d4b847bc3e1d9427344a62,2024-08-22T14:35:18.797000
CVE-2024-8072,0,1,24a41f18d01d5bb992074abb9a4807253d2869d95a9d077033e28738bc1bb9b1,2024-11-25T13:15:08.297000
CVE-2024-8073,0,0,10b7625a2313189ee3b842662d1479fc9c76da034a2ab4b4a904df4cf34a67e5,2024-09-12T20:58:56.413000
CVE-2024-8074,0,0,24923037ac86eff3d0bb1829b0589ebe42d2dbb980e059a8ce242860a1a13fd9,2024-11-12T19:35:17.893000
CVE-2024-8075,0,0,ade4c273165c7aec4765c6326040b76c5f63a113e2ed288ff931d9df9094655a,2024-08-29T21:57:51.377000

Can't render this file because it is too large.