diff --git a/CVE-2024/CVE-2024-419xx/CVE-2024-41999.json b/CVE-2024/CVE-2024-419xx/CVE-2024-41999.json new file mode 100644 index 00000000000..2202941407f --- /dev/null +++ b/CVE-2024/CVE-2024-419xx/CVE-2024-41999.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-41999", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-09-30T08:15:03.210", + "lastModified": "2024-09-30T08:15:03.210", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the debug function to gain access to the OS functions, escalate the privilege, change the device's settings, or spoof devices in other rooms." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-489" + } + ] + } + ], + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN42445661/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://tsc-soft.co.jp/smart-tab/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-424xx/CVE-2024-42496.json b/CVE-2024/CVE-2024-424xx/CVE-2024-42496.json new file mode 100644 index 00000000000..82ba5e90eb2 --- /dev/null +++ b/CVE-2024/CVE-2024-424xx/CVE-2024-42496.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-42496", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2024-09-30T08:15:03.553", + "lastModified": "2024-09-30T08:15:03.553", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device to access the related external service." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.4, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-256" + } + ] + } + ], + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN42445661/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://tsc-soft.co.jp/smart-tab/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-452xx/CVE-2024-45200.json b/CVE-2024/CVE-2024-452xx/CVE-2024-45200.json new file mode 100644 index 00000000000..7c2cb49e63b --- /dev/null +++ b/CVE-2024/CVE-2024-452xx/CVE-2024-45200.json @@ -0,0 +1,25 @@ +{ + "id": "CVE-2024-45200", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-09-30T08:15:03.760", + "lastModified": "2024-09-30T08:15:03.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows a remote attacker to exploit a stack-based buffer overflow upon deserialization of session information via a malformed browse-reply packet, aka KartLANPwn. The victim is not required to join a game session with an attacker. The victim must open the \"Wireless Play\" (or \"LAN Play\") menu from the game's title screen, and an attacker nearby (LDN) or on the same LAN network as the victim can send a crafted reply packet to the victim's console. This enables a remote attacker to obtain complete denial-of-service on the game's process, or potentially, remote code execution on the victim's console. The issue is caused by incorrect use of the Nintendo Pia library," + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/latte-soft/kartlanpwn", + "source": "cve@mitre.org" + }, + { + "url": "https://hackerone.com/reports/2611669", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-457xx/CVE-2024-45772.json b/CVE-2024/CVE-2024-457xx/CVE-2024-45772.json new file mode 100644 index 00000000000..64a3b82bbb6 --- /dev/null +++ b/CVE-2024/CVE-2024-457xx/CVE-2024-45772.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-45772", + "sourceIdentifier": "security@apache.org", + "published": "2024-09-30T09:15:02.670", + "lastModified": "2024-09-30T09:15:02.670", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.\n\nThis issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0.\nThe deprecated org.apache.lucene.replicator.http package is affected.\nThe org.apache.lucene.replicator.nrt package is not affected.\n\nUsers are recommended to upgrade to version 9.12.0, which fixes the issue.\n\nJava serialization filters (such as\u00a0-Djdk.serialFilter='!*' on the commandline) can mitigate the issue on vulnerable versions without impacting functionality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/3f3oph7bqnqspb9q5p0gm5mgc1b6thjo", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-63xx/CVE-2024-6394.json b/CVE-2024/CVE-2024-63xx/CVE-2024-6394.json new file mode 100644 index 00000000000..5ff1344e6b7 --- /dev/null +++ b/CVE-2024/CVE-2024-63xx/CVE-2024-6394.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-6394", + "sourceIdentifier": "security@huntr.dev", + "published": "2024-09-30T08:15:03.850", + "lastModified": "2024-09-30T08:15:03.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The vulnerability is due to unverified path concatenation in the `serve_js` function in `app.py`, which allows attackers to perform path traversal attacks. This can lead to unauthorized access to arbitrary files on the server, potentially exposing sensitive information such as private SSH keys, configuration files, and source code." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-29" + } + ] + } + ], + "references": [ + { + "url": "https://huntr.com/bounties/6df4f990-b632-4791-b3ea-f40c9ea905bf", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8453.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8453.json new file mode 100644 index 00000000000..52277829e96 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8453.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8453", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-09-30T08:15:04.093", + "lastModified": "2024-09-30T08:15:04.093", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-328" + }, + { + "lang": "en", + "value": "CWE-759" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-8056-09688-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-8055-2c361-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8454.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8454.json new file mode 100644 index 00000000000..d522b7aa506 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8454.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2024-8454", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-09-30T08:15:04.340", + "lastModified": "2024-09-30T08:15:04.340", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + }, + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-8058-cc391-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-8057-1b3fa-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8455.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8455.json new file mode 100644 index 00000000000..b04f61165fd --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8455.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8455", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-09-30T08:15:04.570", + "lastModified": "2024-09-30T08:15:04.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-261" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-8060-f3955-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-8059-bde5f-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8456.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8456.json new file mode 100644 index 00000000000..e153ada103d --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8456.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8456", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-09-30T08:15:04.797", + "lastModified": "2024-09-30T08:15:04.797", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-8062-92f17-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-8061-91872-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8457.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8457.json new file mode 100644 index 00000000000..bf22a2c2b8e --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8457.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8457", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-09-30T08:15:05.020", + "lastModified": "2024-09-30T08:15:05.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject arbitrary JavaScript, leading to Stored XSS attack." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-8064-70255-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-8063-01634-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8458.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8458.json new file mode 100644 index 00000000000..34941512179 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8458.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8458", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-09-30T08:15:05.223", + "lastModified": "2024-09-30T08:15:05.223", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-8066-d6504-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-8065-579c1-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-84xx/CVE-2024-8459.json b/CVE-2024/CVE-2024-84xx/CVE-2024-8459.json new file mode 100644 index 00000000000..f3dc9461257 --- /dev/null +++ b/CVE-2024/CVE-2024-84xx/CVE-2024-8459.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8459", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2024-09-30T08:15:05.460", + "lastModified": "2024-09-30T08:15:05.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-8068-8aaa5-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-8067-2fc50-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-93xx/CVE-2024-9329.json b/CVE-2024/CVE-2024-93xx/CVE-2024-9329.json new file mode 100644 index 00000000000..d1170426b0d --- /dev/null +++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9329.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-9329", + "sourceIdentifier": "emo@eclipse.org", + "published": "2024-09-30T08:15:05.690", + "lastModified": "2024-09-30T08:15:05.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "emo@eclipse.org", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ] + }, + "weaknesses": [ + { + "source": "emo@eclipse.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-233" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/eclipse-ee4j/glassfish/pull/25106", + "source": "emo@eclipse.org" + }, + { + "url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/232", + "source": "emo@eclipse.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 031c05637fe..2a4c1d1b4bb 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-30T08:00:29.872761+00:00 +2024-09-30T10:00:17.747613+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-30T07:15:04.647000+00:00 +2024-09-30T09:15:02.670000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -264119 +264132 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `13` -- [CVE-2024-3635](CVE-2024/CVE-2024-36xx/CVE-2024-3635.json) (`2024-09-30T06:15:13.623`) -- [CVE-2024-8239](CVE-2024/CVE-2024-82xx/CVE-2024-8239.json) (`2024-09-30T06:15:14.520`) -- [CVE-2024-8283](CVE-2024/CVE-2024-82xx/CVE-2024-8283.json) (`2024-09-30T06:15:14.603`) -- [CVE-2024-8379](CVE-2024/CVE-2024-83xx/CVE-2024-8379.json) (`2024-09-30T06:15:14.697`) -- [CVE-2024-8448](CVE-2024/CVE-2024-84xx/CVE-2024-8448.json) (`2024-09-30T07:15:03.507`) -- [CVE-2024-8449](CVE-2024/CVE-2024-84xx/CVE-2024-8449.json) (`2024-09-30T07:15:03.937`) -- [CVE-2024-8450](CVE-2024/CVE-2024-84xx/CVE-2024-8450.json) (`2024-09-30T07:15:04.170`) -- [CVE-2024-8451](CVE-2024/CVE-2024-84xx/CVE-2024-8451.json) (`2024-09-30T07:15:04.417`) -- [CVE-2024-8452](CVE-2024/CVE-2024-84xx/CVE-2024-8452.json) (`2024-09-30T07:15:04.647`) -- [CVE-2024-8536](CVE-2024/CVE-2024-85xx/CVE-2024-8536.json) (`2024-09-30T06:15:14.823`) +- [CVE-2024-41999](CVE-2024/CVE-2024-419xx/CVE-2024-41999.json) (`2024-09-30T08:15:03.210`) +- [CVE-2024-42496](CVE-2024/CVE-2024-424xx/CVE-2024-42496.json) (`2024-09-30T08:15:03.553`) +- [CVE-2024-45200](CVE-2024/CVE-2024-452xx/CVE-2024-45200.json) (`2024-09-30T08:15:03.760`) +- [CVE-2024-45772](CVE-2024/CVE-2024-457xx/CVE-2024-45772.json) (`2024-09-30T09:15:02.670`) +- [CVE-2024-6394](CVE-2024/CVE-2024-63xx/CVE-2024-6394.json) (`2024-09-30T08:15:03.850`) +- [CVE-2024-8453](CVE-2024/CVE-2024-84xx/CVE-2024-8453.json) (`2024-09-30T08:15:04.093`) +- [CVE-2024-8454](CVE-2024/CVE-2024-84xx/CVE-2024-8454.json) (`2024-09-30T08:15:04.340`) +- [CVE-2024-8455](CVE-2024/CVE-2024-84xx/CVE-2024-8455.json) (`2024-09-30T08:15:04.570`) +- [CVE-2024-8456](CVE-2024/CVE-2024-84xx/CVE-2024-8456.json) (`2024-09-30T08:15:04.797`) +- [CVE-2024-8457](CVE-2024/CVE-2024-84xx/CVE-2024-8457.json) (`2024-09-30T08:15:05.020`) +- [CVE-2024-8458](CVE-2024/CVE-2024-84xx/CVE-2024-8458.json) (`2024-09-30T08:15:05.223`) +- [CVE-2024-8459](CVE-2024/CVE-2024-84xx/CVE-2024-8459.json) (`2024-09-30T08:15:05.460`) +- [CVE-2024-9329](CVE-2024/CVE-2024-93xx/CVE-2024-9329.json) (`2024-09-30T08:15:05.690`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index e6634d0ed39..28a0b2805b8 100644 --- a/_state.csv +++ b/_state.csv @@ -254699,7 +254699,7 @@ CVE-2024-3631,0,0,2d02e6433eb5754f41661766194384a96e84152255ba4510c23359c3175c97 CVE-2024-3632,0,0,b5152c6f3734461efaf203a246eaafe8ef0e2600523c2de907e61dd2f01c5bfc,2024-08-01T13:56:37.647000 CVE-2024-3633,0,0,56839b289684cefae86bb3dbba78c89cd0cc4141e4ff321380a2afe97575b1d3,2024-07-03T02:06:26 CVE-2024-3634,0,0,5d02e3f893ea5650c3ad2b96f123134b624618fa357ff3bdcb3a7b4c93242ece,2024-05-15T16:40:19.330000 -CVE-2024-3635,1,1,c19eeb031d6ada07af20951c7a2775fdb42697fae7dca83bc4ac8ca05e01f84f,2024-09-30T06:15:13.623000 +CVE-2024-3635,0,0,c19eeb031d6ada07af20951c7a2775fdb42697fae7dca83bc4ac8ca05e01f84f,2024-09-30T06:15:13.623000 CVE-2024-36358,0,0,af47b72fb8afb1752f05b722e59135646af27eabe6a52a7a346d1b2f983dd9bc,2024-06-11T13:54:12.057000 CVE-2024-36359,0,0,f23101db48854affc5e103b47d6b2305b7e6ac13ffa7941483a75abefead3f7b,2024-06-11T13:54:12.057000 CVE-2024-3636,0,0,4d79aacd53f2ff2167f5a1fa2a92eed22c11ede875a2d9112617f861658a4106,2024-08-07T16:35:14.110000 @@ -258237,6 +258237,7 @@ CVE-2024-41990,0,0,a9d3bfe1152ea007eb5df4a4d15c3972fabe2ab7cf6c4dc84957655472913 CVE-2024-41991,0,0,c38f7b679bd3e48c46db9fd1c6390ab9383b0c22d8669d807f374055f46ee42b,2024-08-07T20:48:22.403000 CVE-2024-41995,0,0,79638f0d10c16b237f07db3242d98d294e87bf4205be8c6d9c3c7b90790704bd,2024-08-06T16:30:24.547000 CVE-2024-41996,0,0,29b8c50df43b1c66bff4b5734acbca34adccc097a107dedf36398e589357d13d,2024-08-26T16:35:11.247000 +CVE-2024-41999,1,1,cca09fe754c5e5dbbbc86626d754e65e6325e3fbfa8cc2856cbf99a3021691d7,2024-09-30T08:15:03.210000 CVE-2024-4200,0,0,4cd240b08c44457e11ab7d0e46f05e7d4edddbc268bf54e61982ff7b6b50f3a4,2024-05-15T18:35:11.453000 CVE-2024-42001,0,0,fcbbb9fe256b159250061e78a0e74ebb6632e1ed1a0fdada8381ebf9439eb017,2024-08-20T16:37:05.447000 CVE-2024-42005,0,0,31c6234f3daaff960ef384b4b5b21fd451482162fcdfabf6e4368a5912d0c3b9,2024-09-03T18:35:10.293000 @@ -258641,6 +258642,7 @@ CVE-2024-42490,0,0,c74b5a356197cfdd591b442b14ff2431ae7b9dd31d3d19cabc69311edc084 CVE-2024-42491,0,0,f29a442764e941cf16c1143e20ac825cd384b5c08683995678d650efdc59327b,2024-09-06T12:08:21.290000 CVE-2024-42493,0,0,62acde285327354a8bf885be4a4449e2ac155d363ca62a755a0d6560a4377c67,2024-08-29T14:24:14.373000 CVE-2024-42495,0,0,1180a26d6b9f5e5788a1528660b9981f2c7723878d1236cb29689626dd32a15c,2024-09-06T12:08:04.550000 +CVE-2024-42496,1,1,9edc039c277f910eda42d50ae489c2146aecec365f2ef52a04b17b1a7cc45b91,2024-09-30T08:15:03.553000 CVE-2024-42497,0,0,262b8d15cef13f44f6c11c9732e86216b599547f262ceb2ec772c87233738fc0,2024-08-23T16:18:28.547000 CVE-2024-4250,0,0,29d8096febeb47af7a705b5c5f44b0e0121b5483d3074c39ff1bff1155e9a3a5,2024-06-04T19:20:34.200000 CVE-2024-42500,0,0,f0bcaea9090b49f77db24a21554ec397886059105966434018e3d2adca5c9151,2024-09-10T12:09:50.377000 @@ -259955,6 +259957,7 @@ CVE-2024-45192,0,0,7ebf90a7dd47be6e13a820a7a55bd25a33fd9e3b9dd577584cb0c6cebe711 CVE-2024-45193,0,0,aad683d38855495998b9aca0a814babde19e695a0d6614e90cdeda08f7f96a08,2024-09-10T19:35:10.143000 CVE-2024-45195,0,0,6ffd475ceaf8128f565ed8b5cb0ab8e8ef23a6c0d5b146527899f5211dfb9259,2024-09-06T15:35:05.483000 CVE-2024-4520,0,0,b2949348c863aeabf77cf8262dadc8a1301ac645ed88723ebde503df8cb28e51,2024-06-11T17:02:16.967000 +CVE-2024-45200,1,1,ca075e6f113f51bdd2d083dbd16f0924124d71b9b5506f45e4190bee070cd24a,2024-09-30T08:15:03.760000 CVE-2024-45201,0,0,83db05d7484ca5c2638e18e64e3b5c06d28a9caaae332ad6d01f844ea902b04a,2024-08-23T16:18:28.547000 CVE-2024-45203,0,0,0a34ec3cf21e7526a71f11433fb5593e3ea52ee9638fd0c30ca94a57eb961782,2024-09-16T13:27:19.190000 CVE-2024-4521,0,0,a1d240438f25322e21494c2ddd2f5ee26b23410f012534bc2c27a0a49b09a860,2024-06-04T19:20:41.223000 @@ -260183,6 +260186,7 @@ CVE-2024-45769,0,0,8008e87928d7d924cb6edc7a002ab7d174233b35bc221ee2578339101437b CVE-2024-4577,0,0,b55cac970df35b2daf21f1bc20cfa9dd0965f08c49eae1007fc9a139f9980913,2024-08-14T19:23:47.253000 CVE-2024-45770,0,0,e98fab17d907c24beb2a28773665764214c6145643120e7f9304697540dec889,2024-09-20T12:30:17.483000 CVE-2024-45771,0,0,754a0f27219aa2eb6179ec627ac31099e8e2882043a643cfa7921ddb03dbb66f,2024-09-09T15:35:11.567000 +CVE-2024-45772,1,1,3d01ac1b4c9062c73d29933d692a7356dc1665ebaa1ad030187ea10f08efe9e2,2024-09-30T09:15:02.670000 CVE-2024-45773,0,0,e9cdc5014d806c3c3d60272185c9e7326070306ad511fa12380b521b6efff99f,2024-09-27T15:35:02.620000 CVE-2024-4578,0,0,de2bf1ab8b65cf8119579f63d8e64a9383c9519828d1fae8ddac21d6dcb5605a,2024-06-27T19:25:12.067000 CVE-2024-45786,0,0,1027a4a71b54e4ed926e7c4d82608ed7bf7290e7e8486a1ac94d8f7e4edfad02,2024-09-18T20:12:47.337000 @@ -262230,6 +262234,7 @@ CVE-2024-6389,0,0,97619f937594e57440ea9f8cb3d55fe9ec171c40b4959fd4a8bcfb76e0e631 CVE-2024-6390,0,0,a350381d3f247972bbe468db9ec2332b3c135e89cdf36bdf1358f9f5965e67ff,2024-08-05T14:35:08.267000 CVE-2024-6391,0,0,f39301e9680e09028795caddd1f0219ac421e8fbe3773aa2e024531728c8f9e1,2024-07-09T18:19:14.047000 CVE-2024-6392,0,0,edc3ee0e5658afb33c71de43cf2ca6ea07650ea12323a6b995125316053d44cb,2024-08-15T14:56:16.490000 +CVE-2024-6394,1,1,e8715a716bae22a04adf96a8d9a6fc3358c87508833ebccacb07bf2edf8ee2ce,2024-09-30T08:15:03.850000 CVE-2024-6395,0,0,8949d2f54703284d3b545906a65282811d0c7a0bd7bd2d1ca2dc3e2d333d4c69,2024-09-17T16:30:03.617000 CVE-2024-6396,0,0,9e4b547b4d90c33704c90a7cfe67a136b4a49a6d0168d4ba570b6960a74fd1cc,2024-07-12T12:49:07.030000 CVE-2024-6397,0,0,69c6adc6e74f8320b438655fc21122936f7ec03e924b3cf51bf011308451b2af,2024-07-12T17:02:56.110000 @@ -263615,7 +263620,7 @@ CVE-2024-8231,0,0,19b769716e3fff898a72bf0ee7d68779b61ab99af63bed31a0498759613ebd CVE-2024-8232,0,0,5572b7d7bb007c2d5d81196fae90ff25fc17db53d2496173f3c02b5439ff5273,2024-09-11T16:26:11.920000 CVE-2024-8234,0,0,870a131a53db84d6497bde7de38de6b7411ad7686be0738cd78fff93fab14909,2024-08-30T13:00:05.390000 CVE-2024-8235,0,0,98b75635820a87efbdd2b77979ec96dd3fdeb5e53f45b0aed13f360f5eadfbaa,2024-09-25T18:56:19.090000 -CVE-2024-8239,1,1,95714125eb5a594a6835a3977b75e9b9e9413e58a9acd2c7801bb04bc2515b5d,2024-09-30T06:15:14.520000 +CVE-2024-8239,0,0,95714125eb5a594a6835a3977b75e9b9e9413e58a9acd2c7801bb04bc2515b5d,2024-09-30T06:15:14.520000 CVE-2024-8241,0,0,a45702ddf12409bcabe5a92099c2b574d3c26b3fd7159f1bd1748fa16b9a5652,2024-09-26T22:03:42.123000 CVE-2024-8242,0,0,0ef1d79e78cd55267ee51ab0995f6e2480e4463ebaece6d40e7de318a22ccc8c,2024-09-18T15:47:56.553000 CVE-2024-8246,0,0,bdaeed559e2a925d1cf782bec3165b97ce80a327963423b92b0db3cfac285297,2024-09-26T14:00:09.783000 @@ -263639,7 +263644,7 @@ CVE-2024-8278,0,0,fc32e2167ccf88370e539f3d055e0ff107942d544d0900ce5dc32eec47fdcd CVE-2024-8279,0,0,a7de1f6bcd7acd612433087dd62d700c55c2713edbe09e73822c3aefec563e44,2024-09-14T11:47:14.677000 CVE-2024-8280,0,0,ee8246d9e12854e999c4fc7d4ea10afbd0920ea1f9472e1c543327a9ae0730e7,2024-09-14T11:47:14.677000 CVE-2024-8281,0,0,6e64aec5696815efe009b246052ca974dfd6e9415a9b5d9826067281cc5ba11d,2024-09-14T11:47:14.677000 -CVE-2024-8283,1,1,becd8cec389abdecafd3ca9c77045e12bd17a0eb98eff5a842e768c81ede60c6,2024-09-30T06:15:14.603000 +CVE-2024-8283,0,0,becd8cec389abdecafd3ca9c77045e12bd17a0eb98eff5a842e768c81ede60c6,2024-09-30T06:15:14.603000 CVE-2024-8285,0,0,b03f6a28365b23ccdd28cfaabc1a4440173ac6451ac16c91954a645332d3ac9d,2024-09-25T18:48:21.620000 CVE-2024-8287,0,0,a69e7cb2d3c0316abfeaff67da311f8b23d877ec163f8b4d2f35a96004b37bbb,2024-09-24T15:52:38.047000 CVE-2024-8289,0,0,900bfbd861154484ed59254bdbec992d28a9742381ab830cf631e50b7fa985ab,2024-09-05T17:41:58.350000 @@ -263706,7 +263711,7 @@ CVE-2024-8372,0,0,ed7416684bf8c992c4344af2dee1225532302d263529a8756259e179ed722a CVE-2024-8373,0,0,d1a5cc99924a2151520a8ea490fb3d660801248a7f2168e9fe7f0fc9057db80c,2024-09-17T17:32:33.380000 CVE-2024-8374,0,0,d48dc520ae709311b13e321521d105dda894c6710801eb063d42db744b0094d0,2024-09-16T16:44:42.403000 CVE-2024-8375,0,0,58cea17ca7f7a98f8126bafea3caa90f64ce326ce0b828e067a1c86c7d982ac6,2024-09-20T12:30:17.483000 -CVE-2024-8379,1,1,d9ab9f01a7c155bb3c5e1f872af06b807a3852cfdce5208e3697f5771a20deaa,2024-09-30T06:15:14.697000 +CVE-2024-8379,0,0,d9ab9f01a7c155bb3c5e1f872af06b807a3852cfdce5208e3697f5771a20deaa,2024-09-30T06:15:14.697000 CVE-2024-8380,0,0,036c8c11a05ec98776794766e58c3583b3eabb4c67c37c1216e0519e7baf5609,2024-09-04T14:58:49.450000 CVE-2024-8381,0,0,71cd6342a2b6c00c154431956e1e93b11926fd4f87284990ba91ff899e315a4c,2024-09-06T17:15:17.573000 CVE-2024-8382,0,0,6313fe051491464f5060a11c4fbfc0623b9d0d82cc5fbeccd812557ff3cd8b8d,2024-09-06T17:15:17.677000 @@ -263746,11 +263751,18 @@ CVE-2024-8440,0,0,8dcfa58740a8b45172e18897b2d796d55a68f35b9034374864c3da0c6b77c0 CVE-2024-8441,0,0,0efac0f95475c5b753f85a6e07784bad0c26116c06bdd47c81e7d9e5f2143687,2024-09-12T21:53:43.387000 CVE-2024-8443,0,0,3c60ad7b83386f919c8526ae161201f0c09636191f73ee0cc137a0cb5f793af8,2024-09-26T14:34:03.157000 CVE-2024-8445,0,0,27d6183cbf221ef18e3639e3533cc8ca212a51b0f7239a93c253eea652cb910f,2024-09-05T17:44:56.007000 -CVE-2024-8448,1,1,e569d02b6b9d2143b7b3a9c54dbe4b0b786a49195c18e4bb51b3c7a937dbf20e,2024-09-30T07:15:03.507000 -CVE-2024-8449,1,1,839f7a1e43ea31dba5d7b2d46464bd9d4a413873c05cfd799b3f59a2e39ee208,2024-09-30T07:15:03.937000 -CVE-2024-8450,1,1,576ff502c197477720dc256248c8efe54492c06b81ccea5e7f00ed9d2f98f285,2024-09-30T07:15:04.170000 -CVE-2024-8451,1,1,76caa55b3ad35b38c289608ddb96935839c1fa9f0bc32a92e0e4a30e6b268a1e,2024-09-30T07:15:04.417000 -CVE-2024-8452,1,1,48538fa963900fe4d6ff37e1c84e8e468a5db4822ecaa7847c7d9c39eaf8e7ed,2024-09-30T07:15:04.647000 +CVE-2024-8448,0,0,e569d02b6b9d2143b7b3a9c54dbe4b0b786a49195c18e4bb51b3c7a937dbf20e,2024-09-30T07:15:03.507000 +CVE-2024-8449,0,0,839f7a1e43ea31dba5d7b2d46464bd9d4a413873c05cfd799b3f59a2e39ee208,2024-09-30T07:15:03.937000 +CVE-2024-8450,0,0,576ff502c197477720dc256248c8efe54492c06b81ccea5e7f00ed9d2f98f285,2024-09-30T07:15:04.170000 +CVE-2024-8451,0,0,76caa55b3ad35b38c289608ddb96935839c1fa9f0bc32a92e0e4a30e6b268a1e,2024-09-30T07:15:04.417000 +CVE-2024-8452,0,0,48538fa963900fe4d6ff37e1c84e8e468a5db4822ecaa7847c7d9c39eaf8e7ed,2024-09-30T07:15:04.647000 +CVE-2024-8453,1,1,dd45133d796e3f8d94dab490e053ea3ec63a6ed383cd28df54baf939a89ba27e,2024-09-30T08:15:04.093000 +CVE-2024-8454,1,1,0b1db7a12abef20a8fe2c00d5760b512baff0383307abe5de81fdc6d66f3f862,2024-09-30T08:15:04.340000 +CVE-2024-8455,1,1,1d982345b41f5266a608c04c6367742d0447f0cfaff1aef16dd4e62cbdc8e7ce,2024-09-30T08:15:04.570000 +CVE-2024-8456,1,1,a5deef205f5b140a12d4d6286d81a51dc186b0406413c34008253ae4b9174a91,2024-09-30T08:15:04.797000 +CVE-2024-8457,1,1,ae5446589fbe32e1b3291507a03b66d980a5aa76b2d0d8007a2046521a3a5578,2024-09-30T08:15:05.020000 +CVE-2024-8458,1,1,13edae9b071cf2daf310de2efa82dbc05262091f3af3c1110fc55a607fe00e50,2024-09-30T08:15:05.223000 +CVE-2024-8459,1,1,772220caf0f5153aeb1b136013eee4b3f5d9cfb89e510d3da1622f2a39d4f440,2024-09-30T08:15:05.460000 CVE-2024-8460,0,0,21c8cc38664ba19f902747cfc2492ea27c718e3ca35401645ae4d1c6ff7413b5,2024-09-06T16:30:54.027000 CVE-2024-8461,0,0,b8d6008c0677dd1308b9960cd16592ca94dc9bda7b3637748d1d22aa5c67576f,2024-09-12T17:17:57.733000 CVE-2024-8462,0,0,f8474602b1827b45bf4e783834309517ba415e30cec135f1beb9e6ec5ff83e07,2024-09-05T17:45:07.877000 @@ -263787,7 +263799,7 @@ CVE-2024-8522,0,0,2ab431c4f2cf5ab967664e41dd1dc524f59071081def8323632354294bee4f CVE-2024-8523,0,0,97cab60ebb5ec07bfc3fbe69bde3146d8e6846c5d869fc10534b5a2c3c29806e,2024-09-09T13:03:38.303000 CVE-2024-8529,0,0,12671b61ed295efe6d3d38d0b158765da76f16b719201c5bbfb86ca5ed8c38b9,2024-09-13T16:11:25.400000 CVE-2024-8533,0,0,ceba1d609043d018dd2a5c62af783c64aebd2125e63ee811ba18e8a1d6a8510b,2024-09-19T01:57:23.830000 -CVE-2024-8536,1,1,94ec0e9a3cc5633a752aeaea8ba2105ec561977e2b54053a3e128c1446fa0a92,2024-09-30T06:15:14.823000 +CVE-2024-8536,0,0,94ec0e9a3cc5633a752aeaea8ba2105ec561977e2b54053a3e128c1446fa0a92,2024-09-30T06:15:14.823000 CVE-2024-8538,0,0,037a1de419d434bcf3dba0ee797a8b9a465b537393317b1c47cc2bb770ec2f49,2024-09-26T16:28:02.990000 CVE-2024-8543,0,0,1827ebc325d7546f1e75a8e16ffad13bc42c9eac828d9fdcb95bbdde0c532bed,2024-09-27T16:46:26.243000 CVE-2024-8544,0,0,029a23631e96ee15c1045dd3fa22aca85d39405998de7d891aefcd30e632fd70,2024-09-27T12:57:21.617000 @@ -264118,3 +264130,4 @@ CVE-2024-9325,0,0,d4b02edb144e84234fbcaaa656a9201a16347a532cc3335ced6913e992031c CVE-2024-9326,0,0,4f2956e49e05fd6cddacc774174e023a39dda4ef7c221926f06bc604bacf3d55,2024-09-29T08:15:02.547000 CVE-2024-9327,0,0,ac3ac07735217a3cc0b474fff6a94f4cdd2cee34691ae427c5274690b54c662b,2024-09-29T11:15:11.083000 CVE-2024-9328,0,0,b1aed10ed4eb0995b3f68eaee8d7b11ac99b61efd94387b3d283d3e0fa80e544,2024-09-29T23:15:13.067000 +CVE-2024-9329,1,1,103e8bc021364f65084f81291f6f1a44ad2cae4d25419a9b673c16a69da63610,2024-09-30T08:15:05.690000