admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-24T23:00:24.830656+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-24 23:00:28 +00:00
parent 321c4a8c97
commit 6bfeff881e
23 changed files with 999 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2014/CVE-2014-94xx/CVE-2014-9485.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-9485",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-01-16T19:29:00.497",
"lastModified": "2018-02-05T15:06:04.297",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-24T21:15:08.147",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,6 +112,10 @@
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/10",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/71846",
"source": "cve@mitre.org",

20
CVE-2023/CVE-2023-246xx/CVE-2023-24676.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-24676",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T21:15:08.327",
"lastModified": "2024-01-24T21:15:08.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Processwire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the download_zip_url parameter when installing a new module."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/%40cupc4k3/reverse-shell-via-remote-file-inlusion-in-proccesswire-cms-a8fa5ace3255",
"source": "cve@mitre.org"
}
]
}

77
CVE-2023/CVE-2023-323xx/CVE-2023-32337.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32337",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T02:15:07.537",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:24:01.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:maximo_application_suite:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.10",
"versionEndExcluding": "8.10.6",
"matchCriteriaId": "6DB891EC-E752-439B-BCA7-3C4B8A44C52B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:maximo_application_suite:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.11",
"versionEndIncluding": "8.11.2",
"matchCriteriaId": "13818541-5D8C-47BF-83A1-03C3B3DA7699"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0279056-1BD2-4CD6-86BA-DDAA6AB53C6F"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/255288",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7107712",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-327xx/CVE-2023-32721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32721",
"sourceIdentifier": "security@zabbix.com",
"published": "2023-10-12T07:15:09.677",
"lastModified": "2023-10-17T13:55:49.737",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-24T22:15:14.463",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -136,6 +136,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html",
"source": "security@zabbix.com"
},
{
"url": "https://support.zabbix.com/browse/ZBX-23389",
"source": "security@zabbix.com",

8
CVE-2023/CVE-2023-327xx/CVE-2023-32723.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32723",
"sourceIdentifier": "security@zabbix.com",
"published": "2023-10-12T07:15:10.620",
"lastModified": "2023-10-17T15:08:25.737",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-24T22:15:14.583",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,6 +122,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html",
"source": "security@zabbix.com"
},
{
"url": "https://support.zabbix.com/browse/ZBX-23230",
"source": "security@zabbix.com",

6
CVE-2023/CVE-2023-327xx/CVE-2023-32726.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32726",
"sourceIdentifier": "security@zabbix.com",
"published": "2023-12-18T10:15:06.750",
"lastModified": "2024-01-17T04:15:07.880",
"lastModified": "2024-01-24T22:15:14.690",
"vulnStatus": "Modified",
"descriptions": [
{
@ -124,6 +124,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html",
"source": "security@zabbix.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BYSYLA7VTHR25CBLYO5ZLEJFGU7HTHQB/",
"source": "security@zabbix.com"

84
CVE-2023/CVE-2023-350xx/CVE-2023-35020.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-35020",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T01:15:08.347",
"lastModified": "2024-01-19T01:51:14.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:38:11.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874."
},
{
"lang": "es",
"value": "IBM Sterling Control Center versi\u00f3n 6.3.0 podr\u00eda permitir que un atacante remoto atraviese directorios del sistema. Un atacante podr\u00eda enviar una solicitud URL especialmente manipulada que contenga secuencias de \"puntos\" (/../) para ver archivos arbitrarios en el sistema. ID de IBM X-Force: 257874."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +70,66 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:sterling_control_center:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E465D7-EA9F-4260-BC10-3908D3F51CC5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B955E472-47E3-4C32-847B-F6BB05594BA3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257874",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7107788",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-387xx/CVE-2023-38738.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-38738",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T01:15:08.717",
"lastModified": "2024-01-19T01:51:14.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:28:40.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nIBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit this weakness and gain unauthorized access to other OpenPages accounts. IBM X-Force ID: 262594.\n\n"
},
{
"lang": "es",
"value": "IBM OpenPages con Watson 8.3 y 9.0 podr\u00eda proporcionar una seguridad m\u00e1s d\u00e9bil de lo esperado en un entorno OpenPages utilizando autenticaci\u00f3n nativa. Si OpenPages utiliza autenticaci\u00f3n nativa, un atacante con acceso a la base de datos de OpenPages podr\u00eda, mediante una serie de pasos especialmente manipulados, explotar esta debilidad y obtener acceso no autorizado a otras cuentas de OpenPages. ID de IBM X-Force: 262594."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +70,63 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:openpages_with_watson:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.3",
"versionEndExcluding": "8.3.0.2.7",
"matchCriteriaId": "88130C9C-31CC-4F58-944A-D3CA00281ED5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D23BA22-4275-4B58-9EB2-DF590B38E31D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262594",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7107775",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-406xx/CVE-2023-40683.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40683",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T01:15:08.910",
"lastModified": "2024-01-19T01:51:14.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:25:27.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005."
},
{
"lang": "es",
"value": "IBM OpenPages con Watson 8.3 y 9.0 podr\u00eda permitir a un atacante remoto eludir las restricciones de seguridad causadas por comprobaciones de autorizaci\u00f3n insuficientes. Al autenticarse como usuario de OpenPages y utilizar API no p\u00fablicas, un atacante podr\u00eda aprovechar esta vulnerabilidad para eludir la seguridad y obtener acceso administrativo no autorizado a la aplicaci\u00f3n. ID de IBM X-Force: 264005."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +70,63 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:openpages_with_watson:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.3",
"versionEndExcluding": "8.3.0.2.7",
"matchCriteriaId": "88130C9C-31CC-4F58-944A-D3CA00281ED5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D23BA22-4275-4B58-9EB2-DF590B38E31D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264005",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7107774",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-437xx/CVE-2023-43786.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43786",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-10T13:15:22.023",
"lastModified": "2023-11-07T04:21:29.763",
"lastModified": "2024-01-24T21:15:08.383",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -70,7 +70,7 @@
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -134,6 +134,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/9",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-43786",
"source": "secalert@redhat.com",

10
CVE-2023/CVE-2023-437xx/CVE-2023-43787.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43787",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-10T13:15:22.083",
"lastModified": "2023-11-07T04:21:29.897",
"lastModified": "2024-01-24T21:15:08.493",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -70,7 +70,7 @@
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -134,6 +134,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/9",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-43787",
"source": "secalert@redhat.com",

6
CVE-2023/CVE-2023-458xx/CVE-2023-45853.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45853",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-14T02:15:09.323",
"lastModified": "2024-01-15T14:15:25.077",
"lastModified": "2024-01-24T21:15:08.623",
"vulnStatus": "Modified",
"descriptions": [
{
@ -73,6 +73,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/9",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/10",
"source": "cve@mitre.org"
},
{
"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356",
"source": "cve@mitre.org",

73
CVE-2023/CVE-2023-477xx/CVE-2023-47718.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47718",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T02:15:07.757",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:23:15.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,18 +70,61 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:maximo_application_suite:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.10",
"versionEndExcluding": "8.10.6",
"matchCriteriaId": "6DB891EC-E752-439B-BCA7-3C4B8A44C52B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:maximo_application_suite:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.11",
"versionEndIncluding": "8.11.2",
"matchCriteriaId": "13818541-5D8C-47BF-83A1-03C3B3DA7699"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0279056-1BD2-4CD6-86BA-DDAA6AB53C6F"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271843",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7107738",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7107740",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-481xx/CVE-2023-48197.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-48197",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-15T23:15:08.903",
"lastModified": "2023-11-21T01:02:53.277",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-24T22:15:14.793",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the QR code function in the manageapikeys component."
"value": "Cross-Site Scripting (XSS) vulnerability in the \u2018manageApiKeys\u2019 component of Grocy 4.0.3 and earlier allows attackers to obtain victim's cookies when the victim clicks on the \"see QR code\" function."
},
{
"lang": "es",

54
CVE-2023/CVE-2023-509xx/CVE-2023-50963.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50963",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T02:15:07.970",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:22:22.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:storage_defender_data_protect:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndIncluding": "1.4.1",
"matchCriteriaId": "9B9EE40B-2898-4B0A-81EA-5E8588DE95B2"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/276101",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7106918",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-59xx/CVE-2023-5914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5914",
"sourceIdentifier": "secure@citrix.com",
"published": "2024-01-17T21:15:11.413",
"lastModified": "2024-01-18T13:42:11.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:05:40.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -50,10 +80,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloud:citrix_storefront:*:*:*:*:ltsr:*:*:*",
"versionEndExcluding": "1912",
"matchCriteriaId": "4DF41C3C-F733-4BC3-BBF9-6C901932D2A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloud:citrix_storefront:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2308.1",
"matchCriteriaId": "31F0C425-5772-49F6-842F-218DF096253F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloud:citrix_storefront:1912:-:*:*:ltsr:*:*:*",
"matchCriteriaId": "36D1A011-90A3-413A-B31F-DD0441415CD5"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX583759/citrix-storefront-security-bulletin-for-cve20235914",
"source": "secure@citrix.com"
"source": "secure@citrix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2023/CVE-2023-71xx/CVE-2023-7153.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-7153",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-01-18T15:15:09.430",
"lastModified": "2024-01-18T15:50:54.810",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:43:31.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Macroturk Software and Internet Technologies Macro-Bel allows Reflected XSS.This issue affects Macro-Bel: before V.1.0.1.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Macroturk Software and Internet Technologies Macro-Bel permite XSS reflejado. Este problema afecta a Macro-Bel: versiones anteriores a V.1.0.1."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:macroturk:macro-bel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.1",
"matchCriteriaId": "ED0C3E3D-B624-4B99-B2E9-684571C82847"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0041",
"source": "iletisim@usom.gov.tr"
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

92
CVE-2024/CVE-2024-06xx/CVE-2024-0639.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0639",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-17T16:15:46.810",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:08:28.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u2019s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de denegaci\u00f3n de servicio debido a un punto muerto en sctp_auto_asconf_init en net/sctp/socket.c en el subsistema SCTP del kernel de Linux. Esta falla permite a los invitados con privilegios de usuario local desencadenar un punto muerto y potencialmente bloquear el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -46,18 +80,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.4.16",
"matchCriteriaId": "FB346AE2-B232-4311-A763-C8BA2C1E7E51"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0639",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258754",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/torvalds/linux/commit/6feb37b3b06e9049e20dcf7e23998f92c9c5be9a",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

112
CVE-2024/CVE-2024-06xx/CVE-2024-0641.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0641",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-17T16:15:47.003",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:04:44.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel\u2019s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de denegaci\u00f3n de servicio en tipc_crypto_key_revoke en net/tipc/crypto.c en el subsistema TIPC del kernel de Linux. Este fallo permite a los invitados con privilegios de usuario local desencadenar un punto muerto y potencialmente bloquear el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -46,18 +80,86 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6",
"matchCriteriaId": "9D42A7C6-CE38-4D73-B7AC-615F6D53F783"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*",
"matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0641",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258757",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/torvalds/linux/commit/08e50cf071847323414df0835109b6f3560d44f5",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

114
CVE-2024/CVE-2024-06xx/CVE-2024-0646.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0646",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-17T16:15:47.190",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:04:26.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u2019s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo de escritura de memoria fuera de los l\u00edmites en la funcionalidad Transport Layer Security del kernel de Linux en la forma en que un usuario llama a una funci\u00f3n splice con un socket ktls como destino. este fallo permite que un usuario local falle o potencialmente aumente sus privilegios en el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,18 +58,98 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7",
"matchCriteriaId": "668F5607-E136-4E8E-86F2-316E9DC41ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3A0038DE-E183-4958-A6E3-CE3821FEAFBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E31AD4FC-436C-44AB-BCAB-3A0B37F69EE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C56C6E04-4F04-44A3-8DB8-93899903CFCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5C78EDA4-8BE6-42FC-9512-49032D525A55"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0646",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253908",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

66
CVE-2024/CVE-2024-223xx/CVE-2024-22317.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-22317",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-18T14:15:07.970",
"lastModified": "2024-01-18T15:50:54.810",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T21:43:09.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143."
},
{
"lang": "es",
"value": "IBM App Connect Enterprise 11.0.0.1 a 11.0.0.24 y 12.0.1.0 a 12.0.11.0 podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n confidencial o provocar una denegaci\u00f3n de servicio debido a una restricci\u00f3n inadecuada de intentos de autenticaci\u00f3n excesivos. ID de IBM X-Force: 279143."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +70,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0.1",
"versionEndIncluding": "11.0.0.24",
"matchCriteriaId": "A3735704-E7E0-48D0-8385-2FA6F7A70402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.1.0",
"versionEndIncluding": "12.0.11.0",
"matchCriteriaId": "B006FE6C-CFBC-4CB9-96BF-143F1B7F0037"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279143",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7108661",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

24
CVE-2024/CVE-2024-227xx/CVE-2024-22751.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-22751",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T21:15:08.733",
"lastModified": "2024-01-24T21:15:08.733",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-882 DIR882A1_FW130B06 was discovered to contain a stack overflow via the sub_477AA0 function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/5erua/vuls/blob/main/dir882.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
}
]
}

63
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-24T21:00:24.254523+00:00
2024-01-24T23:00:24.830656+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-24T20:58:01.897000+00:00
2024-01-24T22:15:14.793000+00:00
```
### Last Data Feed Release
@ -29,50 +29,41 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236768
236770
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `2`
* [CVE-2021-42145](CVE-2021/CVE-2021-421xx/CVE-2021-42145.json) (`2024-01-24T19:15:08.420`)
* [CVE-2021-42146](CVE-2021/CVE-2021-421xx/CVE-2021-42146.json) (`2024-01-24T19:15:08.483`)
* [CVE-2021-42147](CVE-2021/CVE-2021-421xx/CVE-2021-42147.json) (`2024-01-24T19:15:08.530`)
* [CVE-2021-43584](CVE-2021/CVE-2021-435xx/CVE-2021-43584.json) (`2024-01-24T20:15:53.610`)
* [CVE-2024-23644](CVE-2024/CVE-2024-236xx/CVE-2024-23644.json) (`2024-01-24T20:15:53.680`)
* [CVE-2024-23646](CVE-2024/CVE-2024-236xx/CVE-2024-23646.json) (`2024-01-24T20:15:53.877`)
* [CVE-2023-24676](CVE-2023/CVE-2023-246xx/CVE-2023-24676.json) (`2024-01-24T21:15:08.327`)
* [CVE-2024-22751](CVE-2024/CVE-2024-227xx/CVE-2024-22751.json) (`2024-01-24T21:15:08.733`)
### CVEs modified in the last Commit
Recently modified CVEs: `35`
Recently modified CVEs: `20`
* [CVE-2023-48858](CVE-2023/CVE-2023-488xx/CVE-2023-48858.json) (`2024-01-24T20:16:53.197`)
* [CVE-2023-43898](CVE-2023/CVE-2023-438xx/CVE-2023-43898.json) (`2024-01-24T20:26:27.720`)
* [CVE-2023-48359](CVE-2023/CVE-2023-483xx/CVE-2023-48359.json) (`2024-01-24T20:35:30.263`)
* [CVE-2023-48358](CVE-2023/CVE-2023-483xx/CVE-2023-48358.json) (`2024-01-24T20:39:57.700`)
* [CVE-2023-48354](CVE-2023/CVE-2023-483xx/CVE-2023-48354.json) (`2024-01-24T20:41:27.640`)
* [CVE-2023-48355](CVE-2023/CVE-2023-483xx/CVE-2023-48355.json) (`2024-01-24T20:43:49.710`)
* [CVE-2023-48356](CVE-2023/CVE-2023-483xx/CVE-2023-48356.json) (`2024-01-24T20:44:22.100`)
* [CVE-2023-48357](CVE-2023/CVE-2023-483xx/CVE-2023-48357.json) (`2024-01-24T20:44:35.727`)
* [CVE-2023-6958](CVE-2023/CVE-2023-69xx/CVE-2023-6958.json) (`2024-01-24T20:47:14.900`)
* [CVE-2023-6970](CVE-2023/CVE-2023-69xx/CVE-2023-6970.json) (`2024-01-24T20:48:25.003`)
* [CVE-2023-6549](CVE-2023/CVE-2023-65xx/CVE-2023-6549.json) (`2024-01-24T20:48:33.600`)
* [CVE-2023-51463](CVE-2023/CVE-2023-514xx/CVE-2023-51463.json) (`2024-01-24T20:57:48.340`)
* [CVE-2023-51464](CVE-2023/CVE-2023-514xx/CVE-2023-51464.json) (`2024-01-24T20:58:01.897`)
* [CVE-2024-23675](CVE-2024/CVE-2024-236xx/CVE-2024-23675.json) (`2024-01-24T19:15:09.007`)
* [CVE-2024-23676](CVE-2024/CVE-2024-236xx/CVE-2024-23676.json) (`2024-01-24T19:15:09.097`)
* [CVE-2024-23678](CVE-2024/CVE-2024-236xx/CVE-2024-23678.json) (`2024-01-24T19:15:09.180`)
* [CVE-2024-0645](CVE-2024/CVE-2024-06xx/CVE-2024-0645.json) (`2024-01-24T19:24:06.717`)
* [CVE-2024-0643](CVE-2024/CVE-2024-06xx/CVE-2024-0643.json) (`2024-01-24T19:27:40.553`)
* [CVE-2024-0642](CVE-2024/CVE-2024-06xx/CVE-2024-0642.json) (`2024-01-24T19:29:41.893`)
* [CVE-2024-22715](CVE-2024/CVE-2024-227xx/CVE-2024-22715.json) (`2024-01-24T20:13:00.880`)
* [CVE-2024-0557](CVE-2024/CVE-2024-05xx/CVE-2024-0557.json) (`2024-01-24T20:15:27.893`)
* [CVE-2024-22714](CVE-2024/CVE-2024-227xx/CVE-2024-22714.json) (`2024-01-24T20:28:11.080`)
* [CVE-2024-20272](CVE-2024/CVE-2024-202xx/CVE-2024-20272.json) (`2024-01-24T20:33:26.197`)
* [CVE-2024-0381](CVE-2024/CVE-2024-03xx/CVE-2024-0381.json) (`2024-01-24T20:48:35.827`)
* [CVE-2024-0648](CVE-2024/CVE-2024-06xx/CVE-2024-0648.json) (`2024-01-24T20:50:45.720`)
* [CVE-2014-9485](CVE-2014/CVE-2014-94xx/CVE-2014-9485.json) (`2024-01-24T21:15:08.147`)
* [CVE-2023-5914](CVE-2023/CVE-2023-59xx/CVE-2023-5914.json) (`2024-01-24T21:05:40.173`)
* [CVE-2023-43786](CVE-2023/CVE-2023-437xx/CVE-2023-43786.json) (`2024-01-24T21:15:08.383`)
* [CVE-2023-43787](CVE-2023/CVE-2023-437xx/CVE-2023-43787.json) (`2024-01-24T21:15:08.493`)
* [CVE-2023-45853](CVE-2023/CVE-2023-458xx/CVE-2023-45853.json) (`2024-01-24T21:15:08.623`)
* [CVE-2023-50963](CVE-2023/CVE-2023-509xx/CVE-2023-50963.json) (`2024-01-24T21:22:22.293`)
* [CVE-2023-47718](CVE-2023/CVE-2023-477xx/CVE-2023-47718.json) (`2024-01-24T21:23:15.540`)
* [CVE-2023-32337](CVE-2023/CVE-2023-323xx/CVE-2023-32337.json) (`2024-01-24T21:24:01.383`)
* [CVE-2023-40683](CVE-2023/CVE-2023-406xx/CVE-2023-40683.json) (`2024-01-24T21:25:27.833`)
* [CVE-2023-38738](CVE-2023/CVE-2023-387xx/CVE-2023-38738.json) (`2024-01-24T21:28:40.643`)
* [CVE-2023-35020](CVE-2023/CVE-2023-350xx/CVE-2023-35020.json) (`2024-01-24T21:38:11.280`)
* [CVE-2023-7153](CVE-2023/CVE-2023-71xx/CVE-2023-7153.json) (`2024-01-24T21:43:31.700`)
* [CVE-2023-32721](CVE-2023/CVE-2023-327xx/CVE-2023-32721.json) (`2024-01-24T22:15:14.463`)
* [CVE-2023-32723](CVE-2023/CVE-2023-327xx/CVE-2023-32723.json) (`2024-01-24T22:15:14.583`)
* [CVE-2023-32726](CVE-2023/CVE-2023-327xx/CVE-2023-32726.json) (`2024-01-24T22:15:14.690`)
* [CVE-2023-48197](CVE-2023/CVE-2023-481xx/CVE-2023-48197.json) (`2024-01-24T22:15:14.793`)
* [CVE-2024-0646](CVE-2024/CVE-2024-06xx/CVE-2024-0646.json) (`2024-01-24T21:04:26.567`)
* [CVE-2024-0641](CVE-2024/CVE-2024-06xx/CVE-2024-0641.json) (`2024-01-24T21:04:44.020`)
* [CVE-2024-0639](CVE-2024/CVE-2024-06xx/CVE-2024-0639.json) (`2024-01-24T21:08:28.330`)
* [CVE-2024-22317](CVE-2024/CVE-2024-223xx/CVE-2024-22317.json) (`2024-01-24T21:43:09.457`)
## Download and Usage