admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-17T03:00:24.813478+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-17 03:00:28 +00:00
parent ff58fd4a19
commit 62a5a52b61
13 changed files with 1210 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2018/CVE-2018-151xx/CVE-2018-15133.json
View File

@ -2,8 +2,12 @@
"id": "CVE-2018-15133",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-08-09T19:29:00.333",
"lastModified": "2019-07-15T17:15:11.593",
"lastModified": "2024-01-17T02:00:01.797",
"vulnStatus": "Modified",
"cisaExploitAdd": "2024-01-16",
"cisaActionDue": "2024-02-06",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Laravel Deserialization of Untrusted Data Vulnerability",
"descriptions": [
{
"lang": "en",

76
CVE-2022/CVE-2022-460xx/CVE-2022-46025.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46025",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-10T08:15:37.570",
"lastModified": "2024-01-10T13:56:12.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:31:45.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,79 @@
"value": "Totolink N200RE_V5 V9.3.5u.6255_B20211224 es vulnerable a un control de acceso incorrecto. El dispositivo permite a atacantes remotos obtener informaci\u00f3n del sistema Wi-Fi, como el SSID y la contrase\u00f1a de Wi-Fi, sin iniciar sesi\u00f3n en la p\u00e1gina de administraci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:n200re_v5_firmware:9.3.5u.6255_b20211224:*:*:*:*:*:*:*",
"matchCriteriaId": "CD83EAD1-6949-4674-8F04-40DCD3FF6833"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:n200re_v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "822AE912-4CD8-4015-98DC-AD36A3F2E163"
}
]
}
]
}
],
"references": [
{
"url": "https://pastebin.com/aan5jT40",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

108
CVE-2023/CVE-2023-314xx/CVE-2023-31446.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31446",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-10T03:15:43.263",
"lastModified": "2024-01-10T13:56:12.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:28:26.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,113 @@
"value": "En el firmware XC1000_2.1.1.2303082218 y XC2000_2.1.1.2303090947 de Cassia Gateway, el par\u00e1metro queueUrl en /bypass/config no est\u00e1 sanitizado. Esto lleva a inyectar c\u00f3digo Bash y ejecutarlo con privilegios de root al iniciar el dispositivo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cassianetworks:xc1000_firmware:2.1.1.2303082218:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C84913-0EE2-42DA-9B20-F119832582E3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cassianetworks:xc1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB90135B-8784-41EB-A47C-8216FBBC0191"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cassianetworks:xc2000_firmware:2.1.1.2303090947:*:*:*:*:*:*:*",
"matchCriteriaId": "067AAEE2-F0CD-487F-8742-604920C92457"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cassianetworks:xc2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504752EC-9B6A-4E55-B3F1-27876130C01B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.cassianetworks.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

73
CVE-2023/CVE-2023-417xx/CVE-2023-41781.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41781",
"sourceIdentifier": "psirt@zte.com.cn",
"published": "2024-01-10T07:15:49.423",
"lastModified": "2024-01-10T13:56:12.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:24:19.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -50,10 +80,47 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:mf258_firmware:zte_std_v1.0.0b08:*:*:*:*:*:*:*",
"matchCriteriaId": "D421170F-6499-46F3-B1E9-9366AD2E15C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:mf258_firmware:zte_std_v1.0.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "947AC795-92ED-461B-9F8F-1CE3CBDCB27B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zte:mf258:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D637B37-F21F-418F-9B21-9E2920AC372B"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034684",
"source": "psirt@zte.com.cn"
"source": "psirt@zte.com.cn",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-488xx/CVE-2023-48864.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48864",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-10T08:15:37.807",
"lastModified": "2024-01-10T13:56:12.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:35:05.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Se descubri\u00f3 que SEMCMS v4.8 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro languageID en /web_inc.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sem-cms:semcms:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BD382DC4-F472-49F5-AA7E-939EC76D4E8F"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/NoBlake/cve-2023-48864",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-495xx/CVE-2023-49515.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-49515",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T02:15:06.957",
"lastModified": "2024-01-17T02:15:06.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissiosn vulnerability in TP Link TC70 and C200 WIFI Camera v.3 firmware v.1.3.4 and fixed in v.1.3.11 allows a physically proximate attacker to obtain sensitive information via a connection to the UART pin components."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/VineethKumarM/TAPO-TC70-Unauthorized-root-access-using-UART/tree/master",
"source": "cve@mitre.org"
}
]
}

447
CVE-2023/CVE-2023-54xx/CVE-2023-5455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5455",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-10T13:15:48.643",
"lastModified": "2024-01-15T21:15:08.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:41:11.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -50,70 +80,451 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.10",
"matchCriteriaId": "F01233DD-A506-4E02-B824-994F14CCC178"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.7.0",
"versionEndExcluding": "4.9.14",
"matchCriteriaId": "CE2615F6-DA17-44FD-B7BF-A82F5A005CEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10.0",
"versionEndExcluding": "4.10.3",
"matchCriteriaId": "761C5CBD-6A92-48E7-8C9B-401DD6D1B59F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeipa:freeipa:4.11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0A5B25F1-BFB1-47C8-8BDE-A0E817D175F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeipa:freeipa:4.11.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "4A1F8BF2-0FF7-40FD-A4B4-F040A07BCD64"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD81C46-328B-412D-AF4E-68A2AD2F1A73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:arm64:*",
"matchCriteriaId": "07670103-FC39-4797-AF5F-1604DA1E6BF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAD1E4A-B22F-432C-97C8-D91D286535F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:arm64:*",
"matchCriteriaId": "2244278A-3AC8-437F-9F23-6FA63E7C603D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4DDA3E5A-8754-4C48-9A27-E2415F8A6000"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "83981111-E13A-4A88-80FD-F63D7CCAA47F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AAF4A69-A4CC-409E-BC05-FABAE86321B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78825319-8A45-4880-B7C4-2B223029DDD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "566507B6-AC95-47F7-A3FB-C6F414E45F51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87C21FE1-EA5C-498F-9C6C-D05F91A88217"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D650BFB9-4FDC-4311-8D7E-D981C8F4FA3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF5C4AC-CA69-41E3-AD93-7AC21931374A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "83364F5C-57F4-4D57-B54F-540CAC1D7753"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C30A81-BF75-46CC-A05E-42BAF271D1C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "213A5029-FCF9-4EA9-AEF9-21313F6DCBD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47811209-5CE5-4375-8391-B0A7F6A0E420"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35EEDB95-DCD1-4FED-9BBB-877B2062410C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "729C515E-1DD3-466D-A50B-AFE058FFC94A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A49ABD84-6755-4894-AD4E-49AAD39933C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "868A6ED7-44DD-44FF-8ADD-9971298A1175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71DDE212-1018-4554-9C06-4908442DE134"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:9.0:*:*:*:*:*:arm64:*",
"matchCriteriaId": "BC78EE94-02A0-441D-9723-385E6C43CF90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:9.2:*:*:*:*:*:arm64:*",
"matchCriteriaId": "ADEB6E4F-E680-40CC-AD70-9872BDE1C66F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_ibm_z_systems:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0755055-E98F-4A33-B4B9-1BFCFF03EF8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DA6A5AF-2EBE-4ED9-B312-DCD9D150D031"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22D095ED-9247-4133-A133-73B7668565E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "871A5C26-DB7B-4870-A5B2-5DD24C90B4A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3921C1CF-A16D-4727-99AD-03EFFA7C91CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7614E5D3-4643-4CAE-9578-9BB9D558211F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1A81A1-63EC-431C-9CBC-8D28C15AB3E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7D8E93-D4BE-46E7-BDE7-843BF8A33162"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "083AAC55-E87B-482A-A1F4-8F2DEB90CB23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD9BF0E-7ACF-4A83-B754-6E3979ED903F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:0137",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0138",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0139",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0140",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0141",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0142",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0143",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0144",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0145",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0252",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5455",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242828",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://www.freeipa.org/release-notes/4-10-3.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.freeipa.org/release-notes/4-11-1.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.freeipa.org/release-notes/4-6-10.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.freeipa.org/release-notes/4-9-14.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
]
}
]
}

62
CVE-2024/CVE-2024-03xx/CVE-2024-0352.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0352",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T23:15:10.403",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:23:10.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250120."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Likeshop hasta 2.5.7.20210311 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n FileServer::userFormImage del archivo server/application/api/controller/File.php del componente HTTP POST Request Handler. La manipulaci\u00f3n del archivo de argumentos conduce a una carga sin restricciones. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-250120."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:likeshop:likeshop:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.7.20210311",
"matchCriteriaId": "7315874B-CCF6-4F8D-A50C-DAFE19A022EC"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/ciwYj7QXC4sZ",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250120",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250120",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-03xx/CVE-2024-0354.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0354",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-10T00:15:45.950",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:14:56.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in unknown-o download-station up to 1.1.8. This issue affects some unknown processing of the file index.php. The manipulation of the argument f leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250121 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Unknown-o download-station hasta 1.1.8 y clasificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo index.php. La manipulaci\u00f3n del argumento f conduce a un path traversal: '../filedir'. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250121."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +105,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:unknown-o:download-station:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.1.8",
"matchCriteriaId": "EFE6D2DB-2FD8-4DA8-8B44-4C45CB45175E"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/nHD5xiHQgHG0",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250121",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250121",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-03xx/CVE-2024-0356.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0356",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-10T01:15:43.233",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:18:43.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Mandelo ssm_shiro_blog 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file updateRoles of the component Backend. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250123."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Mandelo ssm_shiro_blog 1.0 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo updateRoles del componente Backend es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a controles de acceso inadecuados. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-250123."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mandelo:ssm_shiro_blog:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8E81CA-30A3-4315-A12A-CE12B10A71B2"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@heishou/ssm-has-a-vertical-override-vulnerability-8728da71842e",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250123",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250123",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

78
CVE-2024/CVE-2024-206xx/CVE-2024-20655.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20655",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.307",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:06:16.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Online Certificate Status Protocol (OCSP) de Microsoft"
}
],
"metrics": {
@ -34,10 +38,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCACE6-A0EE-4A6F-BD5A-7AA504B02717"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20655",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

177
CVE-2024/CVE-2024-206xx/CVE-2024-20658.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20658",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.913",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-17T01:03:45.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios del disco duro virtual de Microsoft"
}
],
"metrics": {
@ -34,10 +38,177 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20402",
"matchCriteriaId": "46ABD897-272E-49BD-BCD1-79EA0908349D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20402",
"matchCriteriaId": "B85886E7-0E67-4BBD-9E42-4507DF422BCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6614",
"matchCriteriaId": "1301CF7B-D772-4AAA-BFF2-88BF493A324E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6614",
"matchCriteriaId": "DDEB129C-34A6-47E5-A652-51FCE0A3A880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "F0470D92-707F-4073-886A-ECDC4F2E1CAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "9C150F7E-8967-4AB8-8DF8-EBC89A10D554"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "A7997F10-4040-4664-B55E-0039E25B4F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "C541A6B6-7D07-4EA9-89FF-81D815A9476F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "5BFCE595-C6A9-4F10-9EC7-58C1D66BB436"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "A49993E0-2369-48E3-A925-6405722F1A19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "5D738639-84ED-4215-82F1-7D94D68D3396"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "047947E7-B85E-4D6A-9B92-E39E4828206E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "45296209-531C-48D1-84DA-FAD9E28E7999"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2713",
"matchCriteriaId": "6FA472E2-4501-4597-9979-796258111DA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2713",
"matchCriteriaId": "0F377DD9-2DBF-4202-AF3F-6AC6A809F4E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.3007",
"matchCriteriaId": "C48178EC-BDEE-4F78-BCFB-B125F5CA0A9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.3007",
"matchCriteriaId": "04C81079-1855-4F8C-A9E2-3E2CC796C4F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.3007",
"matchCriteriaId": "91F6049F-03C1-494C-8AA1-6DE27D335139"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.3007",
"matchCriteriaId": "A00CE59A-0762-4AA4-99DA-5C9545F85666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20658",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

54
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-17T00:55:25.090016+00:00
2024-01-17T03:00:24.813478+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-17T00:03:29.293000+00:00
2024-01-17T02:15:06.957000+00:00
```
### Last Data Feed Release
@ -23,55 +23,37 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2024-01-16T01:00:28.251080+00:00
2024-01-17T01:00:28.244855+00:00
```
### Total Number of included CVEs
```plain
236172
236173
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `1`
* [CVE-2023-51807](CVE-2023/CVE-2023-518xx/CVE-2023-51807.json) (`2024-01-16T23:15:08.140`)
* [CVE-2024-22406](CVE-2024/CVE-2024-224xx/CVE-2024-22406.json) (`2024-01-16T23:15:08.233`)
* [CVE-2024-22407](CVE-2024/CVE-2024-224xx/CVE-2024-22407.json) (`2024-01-16T23:15:08.453`)
* [CVE-2024-22408](CVE-2024/CVE-2024-224xx/CVE-2024-22408.json) (`2024-01-16T23:15:08.683`)
* [CVE-2024-22409](CVE-2024/CVE-2024-224xx/CVE-2024-22409.json) (`2024-01-16T23:15:08.900`)
* [CVE-2023-49515](CVE-2023/CVE-2023-495xx/CVE-2023-49515.json) (`2024-01-17T02:15:06.957`)
### CVEs modified in the last Commit
Recently modified CVEs: `196`
Recently modified CVEs: `11`
* [CVE-2024-20952](CVE-2024/CVE-2024-209xx/CVE-2024-20952.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20955](CVE-2024/CVE-2024-209xx/CVE-2024-20955.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20957](CVE-2024/CVE-2024-209xx/CVE-2024-20957.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20959](CVE-2024/CVE-2024-209xx/CVE-2024-20959.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20961](CVE-2024/CVE-2024-209xx/CVE-2024-20961.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20963](CVE-2024/CVE-2024-209xx/CVE-2024-20963.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20965](CVE-2024/CVE-2024-209xx/CVE-2024-20965.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20967](CVE-2024/CVE-2024-209xx/CVE-2024-20967.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20969](CVE-2024/CVE-2024-209xx/CVE-2024-20969.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20971](CVE-2024/CVE-2024-209xx/CVE-2024-20971.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20973](CVE-2024/CVE-2024-209xx/CVE-2024-20973.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20975](CVE-2024/CVE-2024-209xx/CVE-2024-20975.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20977](CVE-2024/CVE-2024-209xx/CVE-2024-20977.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20979](CVE-2024/CVE-2024-209xx/CVE-2024-20979.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20981](CVE-2024/CVE-2024-209xx/CVE-2024-20981.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20983](CVE-2024/CVE-2024-209xx/CVE-2024-20983.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20985](CVE-2024/CVE-2024-209xx/CVE-2024-20985.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-20987](CVE-2024/CVE-2024-209xx/CVE-2024-20987.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-21670](CVE-2024/CVE-2024-216xx/CVE-2024-21670.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-22191](CVE-2024/CVE-2024-221xx/CVE-2024-22191.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-22192](CVE-2024/CVE-2024-221xx/CVE-2024-22192.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-22411](CVE-2024/CVE-2024-224xx/CVE-2024-22411.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-22916](CVE-2024/CVE-2024-229xx/CVE-2024-22916.json) (`2024-01-16T23:12:38.473`)
* [CVE-2024-21637](CVE-2024/CVE-2024-216xx/CVE-2024-21637.json) (`2024-01-16T23:57:18.067`)
* [CVE-2024-22195](CVE-2024/CVE-2024-221xx/CVE-2024-22195.json) (`2024-01-16T23:58:58.103`)
* [CVE-2018-15133](CVE-2018/CVE-2018-151xx/CVE-2018-15133.json) (`2024-01-17T02:00:01.797`)
* [CVE-2022-46025](CVE-2022/CVE-2022-460xx/CVE-2022-46025.json) (`2024-01-17T01:31:45.110`)
* [CVE-2023-41781](CVE-2023/CVE-2023-417xx/CVE-2023-41781.json) (`2024-01-17T01:24:19.650`)
* [CVE-2023-31446](CVE-2023/CVE-2023-314xx/CVE-2023-31446.json) (`2024-01-17T01:28:26.467`)
* [CVE-2023-48864](CVE-2023/CVE-2023-488xx/CVE-2023-48864.json) (`2024-01-17T01:35:05.413`)
* [CVE-2023-5455](CVE-2023/CVE-2023-54xx/CVE-2023-5455.json) (`2024-01-17T01:41:11.040`)
* [CVE-2024-20658](CVE-2024/CVE-2024-206xx/CVE-2024-20658.json) (`2024-01-17T01:03:45.680`)
* [CVE-2024-20655](CVE-2024/CVE-2024-206xx/CVE-2024-20655.json) (`2024-01-17T01:06:16.187`)
* [CVE-2024-0354](CVE-2024/CVE-2024-03xx/CVE-2024-0354.json) (`2024-01-17T01:14:56.067`)
* [CVE-2024-0356](CVE-2024/CVE-2024-03xx/CVE-2024-0356.json) (`2024-01-17T01:18:43.477`)
* [CVE-2024-0352](CVE-2024/CVE-2024-03xx/CVE-2024-0352.json) (`2024-01-17T01:23:10.833`)
## Download and Usage