diff --git a/CVE-2024/CVE-2024-14xx/CVE-2024-1491.json b/CVE-2024/CVE-2024-14xx/CVE-2024-1491.json new file mode 100644 index 00000000000..04235345f30 --- /dev/null +++ b/CVE-2024/CVE-2024-14xx/CVE-2024-1491.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-1491", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-04-18T23:15:06.723", + "lastModified": "2024-04-18T23:15:06.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nThe devices allow access to an unprotected endpoint that allows MPFS \nfile system binary image upload without authentication. The MPFS2 file \nsystem module provides a light-weight read-only file system that can be \nstored in external EEPROM, external serial flash, or internal flash \nprogram memory. This file system serves as the basis for the HTTP2 web \nserver module, but is also used by the SNMP module and is available to \nother applications that require basic read-only storage capabilities. \nThis can be exploited to overwrite the flash program memory that holds \nthe web server's main interfaces and execute arbitrary code.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21846.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21846.json new file mode 100644 index 00000000000..bfb0b6c081c --- /dev/null +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21846.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-21846", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-04-18T23:15:06.933", + "lastModified": "2024-04-18T23:15:06.933", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nAn unauthenticated attacker can reset the board and stop transmitter \noperations by sending a specially-crafted GET request to the command.cgi\n gateway, resulting in a denial-of-service scenario.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-218xx/CVE-2024-21872.json b/CVE-2024/CVE-2024-218xx/CVE-2024-21872.json new file mode 100644 index 00000000000..e721a4d8363 --- /dev/null +++ b/CVE-2024/CVE-2024-218xx/CVE-2024-21872.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-21872", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-04-18T23:15:07.123", + "lastModified": "2024-04-18T23:15:07.123", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nThe device allows an unauthenticated attacker to bypass authentication \nand modify the cookie to reveal hidden pages that allows more critical \noperations to the transmitter.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-565" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22179.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22179.json new file mode 100644 index 00000000000..323e2ab276f --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22179.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22179", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-04-18T22:15:09.850", + "lastModified": "2024-04-18T22:15:09.850", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nThe application is vulnerable to an unauthenticated parameter \nmanipulation that allows an attacker to set the credentials to blank \ngiving her access to the admin panel. Also vulnerable to account \ntakeover and arbitrary password change.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-302" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22186.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22186.json new file mode 100644 index 00000000000..80cf6563d50 --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22186.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-22186", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-04-18T23:15:07.310", + "lastModified": "2024-04-18T23:15:07.310", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nThe application suffers from a privilege escalation vulnerability. An \nattacker logged in as guest can escalate his privileges by poisoning the\n cookie to become administrator.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-565" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-309xx/CVE-2024-30924.json b/CVE-2024/CVE-2024-309xx/CVE-2024-30924.json new file mode 100644 index 00000000000..40529175bb6 --- /dev/null +++ b/CVE-2024/CVE-2024-309xx/CVE-2024-30924.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-30924", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-18T22:15:10.063", + "lastModified": "2024-04-18T22:15:10.063", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chocapikk.com/posts/2024/derbynet-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-309xx/CVE-2024-30925.json b/CVE-2024/CVE-2024-309xx/CVE-2024-30925.json new file mode 100644 index 00000000000..08daf998dba --- /dev/null +++ b/CVE-2024/CVE-2024-309xx/CVE-2024-30925.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-30925", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-18T22:15:10.120", + "lastModified": "2024-04-18T22:15:10.120", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the photo-thumbs.php component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chocapikk.com/posts/2024/derbynet-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-309xx/CVE-2024-30926.json b/CVE-2024/CVE-2024-309xx/CVE-2024-30926.json new file mode 100644 index 00000000000..9cfeab97abc --- /dev/null +++ b/CVE-2024/CVE-2024-309xx/CVE-2024-30926.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-30926", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-18T22:15:10.173", + "lastModified": "2024-04-18T22:15:10.173", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the ./inc/kiosks.inc component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chocapikk.com/posts/2024/derbynet-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-309xx/CVE-2024-30927.json b/CVE-2024/CVE-2024-309xx/CVE-2024-30927.json new file mode 100644 index 00000000000..6ac39f83813 --- /dev/null +++ b/CVE-2024/CVE-2024-309xx/CVE-2024-30927.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-30927", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-18T22:15:10.223", + "lastModified": "2024-04-18T22:15:10.223", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the racer-results.php component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chocapikk.com/posts/2024/derbynet-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-309xx/CVE-2024-30928.json b/CVE-2024/CVE-2024-309xx/CVE-2024-30928.json new file mode 100644 index 00000000000..22a8b87a931 --- /dev/null +++ b/CVE-2024/CVE-2024-309xx/CVE-2024-30928.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-30928", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-18T22:15:10.293", + "lastModified": "2024-04-18T22:15:10.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQL Injection vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary SQL commands via 'classids' Parameter in ajax/query.slide.next.inc" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chocapikk.com/posts/2024/derbynet-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-309xx/CVE-2024-30929.json b/CVE-2024/CVE-2024-309xx/CVE-2024-30929.json new file mode 100644 index 00000000000..a20405aea53 --- /dev/null +++ b/CVE-2024/CVE-2024-309xx/CVE-2024-30929.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-30929", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-18T22:15:10.343", + "lastModified": "2024-04-18T22:15:10.343", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the 'back' Parameter in playlist.php" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chocapikk.com/posts/2024/derbynet-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-324xx/CVE-2024-32473.json b/CVE-2024/CVE-2024-324xx/CVE-2024-32473.json new file mode 100644 index 00000000000..033abc5c0b1 --- /dev/null +++ b/CVE-2024/CVE-2024-324xx/CVE-2024-32473.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-32473", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-04-18T22:15:10.400", + "lastModified": "2024-04-18T22:15:10.400", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where `--ipv6=false`. An container with an `ipvlan` or `macvlan` interface will normally be configured to share an external network link with the host machine. Because of this direct access, (1) Containers may be able to communicate with other hosts on the local network over link-local IPv6 addresses, (2) if router advertisements are being broadcast over the local network, containers may get SLAAC-assigned addresses, and (3) the interface will be a member of IPv6 multicast groups. This means interfaces in IPv4-only networks present an unexpectedly and unnecessarily increased attack surface. The issue is patched in 26.0.2. To completely disable IPv6 in a container, use `--sysctl=net.ipv6.conf.all.disable_ipv6=1` in the `docker create` or `docker run` command. Or, in the service configuration of a `compose` file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-668" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/moby/moby/commit/7cef0d9cd1cf221d8c0b7b7aeda69552649e0642", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json b/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json index fb775856f26..99e6f06c4d7 100644 --- a/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json +++ b/CVE-2024/CVE-2024-34xx/CVE-2024-3400.json @@ -2,7 +2,7 @@ "id": "CVE-2024-3400", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2024-04-12T08:15:06.230", - "lastModified": "2024-04-18T01:00:01.527", + "lastModified": "2024-04-18T23:15:07.500", "vulnStatus": "Undergoing Analysis", "cisaExploitAdd": "2024-04-12", "cisaActionDue": "2024-04-19", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability." + "value": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability." }, { "lang": "es", @@ -77,6 +77,10 @@ "source": "psirt@paloaltonetworks.com", "type": "Secondary", "description": [ + { + "lang": "en", + "value": "CWE-20" + }, { "lang": "en", "value": "CWE-77" diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3741.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3741.json new file mode 100644 index 00000000000..38d9ab5fb15 --- /dev/null +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3741.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-3741", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-04-18T22:15:10.603", + "lastModified": "2024-04-18T22:15:10.603", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Electrolink transmitters are vulnerable to an authentication bypass \nvulnerability affecting the login cookie. An attacker can set an \narbitrary value except 'NO' to the login cookie and have full system \naccess.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-302" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-37xx/CVE-2024-3742.json b/CVE-2024/CVE-2024-37xx/CVE-2024-3742.json new file mode 100644 index 00000000000..20ebf67d5ce --- /dev/null +++ b/CVE-2024/CVE-2024-37xx/CVE-2024-3742.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-3742", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2024-04-18T23:15:07.650", + "lastModified": "2024-04-18T23:15:07.650", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nElectrolink transmitters store credentials in clear-text. Use of these credentials could allow an attacker to access the system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-107-02", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 3c30f0c4027..008b33cb9f7 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-18T22:00:38.126997+00:00 +2024-04-18T23:55:30.065402+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-18T21:15:07.630000+00:00 +2024-04-18T23:15:07.650000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -246299 +246313 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `14` -- [CVE-2024-20380](CVE-2024/CVE-2024-203xx/CVE-2024-20380.json) (`2024-04-18T20:15:17.520`) -- [CVE-2024-30107](CVE-2024/CVE-2024-301xx/CVE-2024-30107.json) (`2024-04-18T21:15:07.287`) -- [CVE-2024-30920](CVE-2024/CVE-2024-309xx/CVE-2024-30920.json) (`2024-04-18T21:15:07.447`) -- [CVE-2024-30921](CVE-2024/CVE-2024-309xx/CVE-2024-30921.json) (`2024-04-18T21:15:07.513`) -- [CVE-2024-30922](CVE-2024/CVE-2024-309xx/CVE-2024-30922.json) (`2024-04-18T21:15:07.570`) -- [CVE-2024-30923](CVE-2024/CVE-2024-309xx/CVE-2024-30923.json) (`2024-04-18T21:15:07.630`) -- [CVE-2024-32474](CVE-2024/CVE-2024-324xx/CVE-2024-32474.json) (`2024-04-18T20:15:17.733`) -- [CVE-2024-32477](CVE-2024/CVE-2024-324xx/CVE-2024-32477.json) (`2024-04-18T20:15:17.927`) +- [CVE-2024-1491](CVE-2024/CVE-2024-14xx/CVE-2024-1491.json) (`2024-04-18T23:15:06.723`) +- [CVE-2024-21846](CVE-2024/CVE-2024-218xx/CVE-2024-21846.json) (`2024-04-18T23:15:06.933`) +- [CVE-2024-21872](CVE-2024/CVE-2024-218xx/CVE-2024-21872.json) (`2024-04-18T23:15:07.123`) +- [CVE-2024-22179](CVE-2024/CVE-2024-221xx/CVE-2024-22179.json) (`2024-04-18T22:15:09.850`) +- [CVE-2024-22186](CVE-2024/CVE-2024-221xx/CVE-2024-22186.json) (`2024-04-18T23:15:07.310`) +- [CVE-2024-30924](CVE-2024/CVE-2024-309xx/CVE-2024-30924.json) (`2024-04-18T22:15:10.063`) +- [CVE-2024-30925](CVE-2024/CVE-2024-309xx/CVE-2024-30925.json) (`2024-04-18T22:15:10.120`) +- [CVE-2024-30926](CVE-2024/CVE-2024-309xx/CVE-2024-30926.json) (`2024-04-18T22:15:10.173`) +- [CVE-2024-30927](CVE-2024/CVE-2024-309xx/CVE-2024-30927.json) (`2024-04-18T22:15:10.223`) +- [CVE-2024-30928](CVE-2024/CVE-2024-309xx/CVE-2024-30928.json) (`2024-04-18T22:15:10.293`) +- [CVE-2024-30929](CVE-2024/CVE-2024-309xx/CVE-2024-30929.json) (`2024-04-18T22:15:10.343`) +- [CVE-2024-32473](CVE-2024/CVE-2024-324xx/CVE-2024-32473.json) (`2024-04-18T22:15:10.400`) +- [CVE-2024-3741](CVE-2024/CVE-2024-37xx/CVE-2024-3741.json) (`2024-04-18T22:15:10.603`) +- [CVE-2024-3742](CVE-2024/CVE-2024-37xx/CVE-2024-3742.json) (`2024-04-18T23:15:07.650`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2024-1309](CVE-2024/CVE-2024-13xx/CVE-2024-1309.json) (`2024-04-18T21:15:07.060`) +- [CVE-2024-3400](CVE-2024/CVE-2024-34xx/CVE-2024-3400.json) (`2024-04-18T23:15:07.500`) ## Download and Usage diff --git a/_state.csv b/_state.csv index b4d22c63e7d..608756b70f6 100644 --- a/_state.csv +++ b/_state.csv @@ -239318,7 +239318,7 @@ CVE-2024-1304,0,0,279cd487b9476fd1f6c48e9b147ffdce9f2fbae718f78edd3d048c2b185207 CVE-2024-1306,0,0,17c6ace753742aa246baef6948fae4f095c5e86f9a893e497e354e9fdcbe61c1,2024-04-15T13:15:31.997000 CVE-2024-1307,0,0,8dc6ec45be9b236db5f7b189cd3322f38dfc4b76bc9caf0be97ceae4e80df136,2024-04-15T13:15:31.997000 CVE-2024-1308,0,0,779e92eb8f86f1576242d727b2f521b27075ae2e12c38fe16d52227bf6d49040,2024-04-10T13:24:00.070000 -CVE-2024-1309,0,1,00d36d62c9d48c6a62749164e96e771e74064614cd50dceff4c6bb67ad9cd861,2024-04-18T21:15:07.060000 +CVE-2024-1309,0,0,00d36d62c9d48c6a62749164e96e771e74064614cd50dceff4c6bb67ad9cd861,2024-04-18T21:15:07.060000 CVE-2024-1310,0,0,df5cb4ef8b752a70789d72260422d33a833f457856351980673b4b52a3d86b0b,2024-04-15T13:15:31.997000 CVE-2024-1311,0,0,20a61f35b7a8de98663666fd1f61d0df3e6b038130c47bc649450e0122352cca,2024-03-13T18:16:18.563000 CVE-2024-1312,0,0,663659c34940a4e82708fc60c7161257042c7f9bd582badd425cca624f8b6adc,2024-02-15T05:03:16.077000 @@ -239472,6 +239472,7 @@ CVE-2024-1485,0,0,b9f4145834ee9d538c2d6e8caecb301f8f2dde5a282a13e80f59671c5263bb CVE-2024-1487,0,0,4babefa588849ee1245b3617562779aff5a83c140fe8b2bbb7875eaeb547f015,2024-03-12T12:40:13.500000 CVE-2024-1488,0,0,28d9f1862f69d00fd35bd059e952a4c2758e4700e86db9169e6d94527e5fdcb0,2024-04-15T04:15:14.577000 CVE-2024-1489,0,0,601abc5a034fbcf389e475f712bdb62e609e01342eb7a5cc6cdf4f20f6ce0143,2024-03-13T18:15:58.530000 +CVE-2024-1491,1,1,62c5c09c688bdf0a26b50468b41713c6638535e8aac02227abfd77e711e8bb9d,2024-04-18T23:15:06.723000 CVE-2024-1492,0,0,ac491e1ac05085ffca5a01bc169673ef656902c869bec5c48f97ccc7785388e6,2024-02-29T13:49:29.390000 CVE-2024-1496,0,0,cb4e1e2b66486c1532bf5fd9642c761fbe286057f303a98e25c71b95ed8fd1ee,2024-02-29T13:49:29.390000 CVE-2024-1497,0,0,84c0cad6cfa5eb0a51311cf784383979e7b18f97e3410e261be2597241b19a2b,2024-03-13T18:15:58.530000 @@ -239981,7 +239982,7 @@ CVE-2024-20354,0,0,77dad3524fb09cfda3488dd6cb6801d1cbef489cb4a9c5ad1ce0cd080b146 CVE-2024-20362,0,0,0e125a5f57daca09b3a31c24c5285918bb46201f033defe636102ce0379b9ecc,2024-04-03T17:24:18.150000 CVE-2024-20367,0,0,e44fa9dcd83189ac4bb0284b57ce6be9f7d161e3fd46e74e477fe5fd623ca1b7,2024-04-03T17:24:18.150000 CVE-2024-20368,0,0,4814a8127430faf4ae61ecb30b9f4c874f54598057d22bcc8b2ca14f1fefa88a,2024-04-03T17:24:18.150000 -CVE-2024-20380,1,1,f70bd23dad3d0375a69ab9322304ba31162b276511be19d76f17ff2de6a4087b,2024-04-18T20:15:17.520000 +CVE-2024-20380,0,0,f70bd23dad3d0375a69ab9322304ba31162b276511be19d76f17ff2de6a4087b,2024-04-18T20:15:17.520000 CVE-2024-2039,0,0,4f1e5a8a814f51edc0234cc5670da2107cc2a93a2ef1eadc628898e3eec44b24,2024-04-10T13:23:38.787000 CVE-2024-2042,0,0,67e98a9ddaa62c913ab5a6b6d5de4b0b93571e9b9955fcfed7d86ddfd42889ed,2024-03-17T22:38:29.433000 CVE-2024-2044,0,0,3d73c6b2cc04bd01f48c15467e360d6d6689d47e2b89d6d93430f2c98bfeca1a,2024-03-23T03:15:12.063000 @@ -240781,6 +240782,7 @@ CVE-2024-21838,0,0,2e87184ffbd37f09fc02bbbce38359315ed0c01cd7f2541a39d089530736b CVE-2024-2184,0,0,b7ea4f5ba4c2bd608dff608bfe2a87def706e3fb064d33fdd3c3733ae6e79e4b,2024-03-11T01:32:29.610000 CVE-2024-21840,0,0,ba783d6125c59c9321abeb19e4ad3c65376e311d48c8d637117e60a3ad69607f,2024-02-06T18:32:20.340000 CVE-2024-21845,0,0,c3c19550dac060de10c39d04cca7b66f65b34853e3fc2412b58fd540397606b8,2024-02-07T18:23:06.690000 +CVE-2024-21846,1,1,1aae6490c9f9e538c2892342ae276bb1676aab1b9a5616cb6e36b47e3262bf1e,2024-04-18T23:15:06.933000 CVE-2024-21848,0,0,1fde96dab5128745ee3e4ea7f8cda5cbe7e9c944949a63485c9658d999c137ed,2024-04-05T12:40:52.763000 CVE-2024-21849,0,0,777d92a1c4bb7f79ad58de292d7b92c84e7bc7c1bbc5ad80d97c5d175c6259e9,2024-02-14T18:04:45.380000 CVE-2024-2185,0,0,715b4c907b3d19350ef7be845da2bc745dc7e2e4eb5111e392ff343232e67b39,2024-04-10T13:23:38.787000 @@ -240794,6 +240796,7 @@ CVE-2024-21866,0,0,e7c03b05e2d3f94b4b523aca377b349190d980e16c741cbf713751bf3c07d CVE-2024-21869,0,0,48ec62155fd9a810461dcd57893eff3c63fc7d7992b6dd94f9f3d8f38382a25c,2024-02-07T17:29:50.927000 CVE-2024-2187,0,0,ec12e7fb0306f6807d4637027c46ccbfa30febf5b0c3aec15cd51db28e1f84c7,2024-04-10T13:23:38.787000 CVE-2024-21870,0,0,eb93ddaf02bbc4698ce65f000ac66cf4bffe10c9c37f8f4faeecaca1a04000b0,2024-04-03T17:24:18.150000 +CVE-2024-21872,1,1,3b3f95237a07554b6deb470d3b24608f34e08b04c4aa9de702c92b1e43db17ce,2024-04-18T23:15:07.123000 CVE-2024-21875,0,0,d88c7fa028650d8c38c644c89741f5c8883fbb1f9fa5219cf2c447a4b53bf374,2024-04-12T07:15:08.283000 CVE-2024-2188,0,0,50073fcb971d8d943a63e1f3e232811ec9a11d1acf3f48e9da561ed8964c30e8,2024-03-05T13:41:01.900000 CVE-2024-21885,0,0,2ded91db474abcb1cfa7458555f469a31dde320770425e9a420b652d27c566d8,2024-02-28T14:06:45.783000 @@ -240949,8 +240952,10 @@ CVE-2024-22167,0,0,66eeaa7802a03d7220e8e4d342cc2b136735ca1b12a8df28a329ae7f7fc30 CVE-2024-2217,0,0,07b67ca85e13a2c6962db1475a9d0f8a931b674f51497121f9a33c8078bd4b4f,2024-04-10T19:49:51.183000 CVE-2024-22177,0,0,1ff2297e612a95969b8693bc6a53ecafa7223eba267b1cfe298d3bc1fedfbe99,2024-04-02T12:50:42.233000 CVE-2024-22178,0,0,894383da751aaa1046c611146ada59662a01e512644efee9e31c744bf34674c7,2024-04-03T17:24:18.150000 +CVE-2024-22179,1,1,c32eba5669e8962596f869af4e0177575f40d08de29723d2323a70b977560601,2024-04-18T22:15:09.850000 CVE-2024-22180,0,0,19e9318ece70bb0e88968bad696b07798db0b84c54153f426e33acb6b2d89f93,2024-04-02T12:50:42.233000 CVE-2024-22182,0,0,84b5ff3f38237486bd2926e893422165283f45f0db38e7fd1aba727e4f608470,2024-04-11T01:24:43.663000 +CVE-2024-22186,1,1,663e44b1ffb55007944722722e8827f926ad7cb6aaa681056a03d6f9d3545e4d,2024-04-18T23:15:07.310000 CVE-2024-22188,0,0,454846b26f0209c1a43fdf159574f9578934720b1b56e74466fc620d8647279d,2024-03-05T13:41:01.900000 CVE-2024-22189,0,0,30588073a9d4f4a5e35edf173b5d143bf62ba71a2a9a0ecd5ae833118ebc98cf,2024-04-04T16:33:06.610000 CVE-2024-22190,0,0,b6052bec184e44f4bdb37913f09378ade6ba357d503aeeeace40339b578d1a46,2024-01-18T13:48:07.553000 @@ -244907,7 +244912,7 @@ CVE-2024-3007,0,0,83ad0d540449e02aee098a1031a34f2d8297179700c7acb99470f214bdabbc CVE-2024-3008,0,0,9c438d43ee970ebac15533a5b88357c1f258f5ed280b95afc9cf1b5285727535,2024-04-11T01:25:51.757000 CVE-2024-3009,0,0,d2e6496d3e9ee19eccc3828be744cbe6b04873017f4c98e9bb45df02531b7d98,2024-04-11T01:25:51.833000 CVE-2024-3010,0,0,80498bb3ccb981c35bff8c50672fcf1921c69d89be96f804b33ca337ee8fa565,2024-04-11T01:25:51.920000 -CVE-2024-30107,1,1,e615bc12ca1806bcb8331c8be68700f6b2834b18ef2e33e92306a7dcf2b63d46,2024-04-18T21:15:07.287000 +CVE-2024-30107,0,0,e615bc12ca1806bcb8331c8be68700f6b2834b18ef2e33e92306a7dcf2b63d46,2024-04-18T21:15:07.287000 CVE-2024-3011,0,0,c2b332d96c566f9140aa9afe53a3cbf569092b9f46308b0535097b2f055edc35,2024-04-11T01:25:51.997000 CVE-2024-3012,0,0,d7193fd2e5c0110398bbd57eb3a2ed58e2ee54566e397acabf9fea2ceb7c4d39,2024-04-11T01:25:52.077000 CVE-2024-3013,0,0,2e0f69d0030281be21cd909dc6815caa78b98b6052ebbaceefe3ef8888327353,2024-04-11T01:25:52.157000 @@ -245358,10 +245363,16 @@ CVE-2024-30915,0,0,9a13183a0128e0ebba105aac6b4f16ab0a4a277d1597444f325eb278b416c CVE-2024-30916,0,0,a75ac013b4975103273f280feb4d1408231c0d93576fac2bd9f593ea396bd4d3,2024-04-11T12:47:44.137000 CVE-2024-30917,0,0,c44e8b8a426b1382e7b03152893a57378750ba3fe2425d8fdd5fd2662c53461b,2024-04-11T12:47:44.137000 CVE-2024-3092,0,0,cb7f2178928a426a0265657834f9aeb630ccb1ca35a9c66bd22fe30bfcb426f5,2024-04-12T12:43:57.400000 -CVE-2024-30920,1,1,7f796c37e1529fff9f70a6c84423dd30ebc99ddce1dc7bb65dff629b465b6032,2024-04-18T21:15:07.447000 -CVE-2024-30921,1,1,9d5599713decc77bcfc88354da8ed1edeb2ad520d8490e9e1890fda2c0218059,2024-04-18T21:15:07.513000 -CVE-2024-30922,1,1,97ea74d98d03061ed722b20763f2e1ac8182db153c43ea13d739c6b5b2992c8e,2024-04-18T21:15:07.570000 -CVE-2024-30923,1,1,9b5ae8a7d5e7e4982c256b440fc3c6dc7499e0432916beacac2cb5b323e68930,2024-04-18T21:15:07.630000 +CVE-2024-30920,0,0,7f796c37e1529fff9f70a6c84423dd30ebc99ddce1dc7bb65dff629b465b6032,2024-04-18T21:15:07.447000 +CVE-2024-30921,0,0,9d5599713decc77bcfc88354da8ed1edeb2ad520d8490e9e1890fda2c0218059,2024-04-18T21:15:07.513000 +CVE-2024-30922,0,0,97ea74d98d03061ed722b20763f2e1ac8182db153c43ea13d739c6b5b2992c8e,2024-04-18T21:15:07.570000 +CVE-2024-30923,0,0,9b5ae8a7d5e7e4982c256b440fc3c6dc7499e0432916beacac2cb5b323e68930,2024-04-18T21:15:07.630000 +CVE-2024-30924,1,1,3e60e5575b0ce79fd60157cd326623783e777dc7668812f51b6f05bdd936c08b,2024-04-18T22:15:10.063000 +CVE-2024-30925,1,1,bdb184fca6418e1c34a5b2b27ae2cf8504eeaeef146c82800ae01ce4e26b47b7,2024-04-18T22:15:10.120000 +CVE-2024-30926,1,1,51988fc99504f130a9b9b7264c9256530269f669b9bf3a44ea70d1f5c80fdf4e,2024-04-18T22:15:10.173000 +CVE-2024-30927,1,1,f0ca620bd380fc4f1ccf67f78c004dabef9fdc1d9d0778dca361e1c58ed74a3b,2024-04-18T22:15:10.223000 +CVE-2024-30928,1,1,22bcfa61a6efb801c03fe4d44924874ed08d99203f0359224dc9ee60383a39e9,2024-04-18T22:15:10.293000 +CVE-2024-30929,1,1,46ebe1aa75ad0dbebaa2c0af2fddb1f94a50a36f7e771317d5d4073a02074018,2024-04-18T22:15:10.343000 CVE-2024-3093,0,0,32bf1c70eab5da7d509a40d74982ac8945909f57d49846c0cf619694e2add382,2024-04-10T13:23:38.787000 CVE-2024-3094,0,0,cba466c06d21b74e1043491724188f63d6d0b9ba1993a884907c833ea9999b43,2024-04-12T07:15:08.740000 CVE-2024-30946,0,0,0dff329aaece035fc82f00595012379643bd5a0edb89ee3a7369d6609e13a4d1,2024-04-02T18:12:16.283000 @@ -245918,9 +245929,10 @@ CVE-2024-32466,0,0,0986c266c64cc5e4b364446dfb796a6c4980d483c5a2beb3f21f15de4cb49 CVE-2024-3247,0,0,095afc187e8f976bc1a2eaa79a4c0328aa3c3e2487a10203585d8616775f8a4d,2024-04-03T12:38:04.840000 CVE-2024-32470,0,0,5737f71a66c54e24b389ee7460c3a1ce854d4a4b91c25c717aaecf79d0441de3,2024-04-18T18:25:55.267000 CVE-2024-32472,0,0,975c522c6d17c4f52e07ac47d9093d86335976bcc8a63a5556dc578cb868f760,2024-04-18T13:04:28.900000 -CVE-2024-32474,1,1,29e4c5a2b238d4ff4ed3f779a961e94a7f400e584b3223629fc2e6b1589c18aa,2024-04-18T20:15:17.733000 +CVE-2024-32473,1,1,8252454d684940eabc9f041fbbe1ed3900980f5f73eedf8d505328408ab6d9c1,2024-04-18T22:15:10.400000 +CVE-2024-32474,0,0,29e4c5a2b238d4ff4ed3f779a961e94a7f400e584b3223629fc2e6b1589c18aa,2024-04-18T20:15:17.733000 CVE-2024-32475,0,0,6cc0cfcc5835d1f0435503c507ba85f7d55e9904465d5f2818c1e77f894e02a5,2024-04-18T18:25:55.267000 -CVE-2024-32477,1,1,a160e3d7cc1c14fc9459488776f808ca6c6b3dc5c3a1b857380fc99a8ec3a41d,2024-04-18T20:15:17.927000 +CVE-2024-32477,0,0,a160e3d7cc1c14fc9459488776f808ca6c6b3dc5c3a1b857380fc99a8ec3a41d,2024-04-18T20:15:17.927000 CVE-2024-3248,0,0,65f6d4ddfc43ae235edf2e59fc9daa1f1d020439a4fa197a41a6ddd58e106004,2024-04-03T12:38:04.840000 CVE-2024-32487,0,0,746d95a6c3889a9e0164763739aef81432a5222f159aa33a064a3132dbd4a7ad,2024-04-15T13:15:31.997000 CVE-2024-32488,0,0,6ce6bcee8af0a677e98d2bf7a3efd66cf8a3e580423515387116f39d710ba974,2024-04-15T13:15:31.997000 @@ -246097,7 +246109,7 @@ CVE-2024-3385,0,0,dafd55987e5738b5d6ec37d523526a7e0269d60d96cd780933abafbc800645 CVE-2024-3386,0,0,d08d523d066834a85bfe06023f05a033d8631a6197479f66bfb86438af143c6d,2024-04-10T19:49:51.183000 CVE-2024-3387,0,0,59a783d7f5a632f1312dc02ccd745e7c758f93e478c4554a0dbc9aba27d256c0,2024-04-10T19:49:51.183000 CVE-2024-3388,0,0,9a13547aa29d2171bfe252870fb3dde44261a463a11a31d9062dc130e0f3c4f3,2024-04-10T19:49:51.183000 -CVE-2024-3400,0,0,aadf7c9d2a56f5cd808a6005acc9ff24e9bae3c905daa10ce077db9df942ce15,2024-04-18T01:00:01.527000 +CVE-2024-3400,0,1,8e32781dfb043a9436bb5d66848011e457c5e87c023906c19a9b9eb8e81f52be,2024-04-18T23:15:07.500000 CVE-2024-3413,0,0,7c0263f5aa26015f580f259b17ac76e3fb232807ce6eb6b3e0fa4a42d34def58,2024-04-11T01:26:00.727000 CVE-2024-3414,0,0,fcf8b2012e3dcab7048965e9d40e8c26f25a86217cc70e6c24a2ae712b119943,2024-04-11T01:26:00.803000 CVE-2024-3415,0,0,80d83d8ba89e3620cb20eb7a8b2b10e1c5fbd8b76c068e7c00b4af6deadd81dd,2024-04-11T01:26:00.900000 @@ -246216,6 +246228,8 @@ CVE-2024-3737,0,0,1990edd10a050a438850658c5a42b3f737afd31a7356a3decab691dfe1bc7c CVE-2024-3738,0,0,b66719d292faf4f8366d2a1bd7ba2e499a51406f18e82223e62d0725b105341a,2024-04-15T13:15:31.997000 CVE-2024-3739,0,0,fed74685470b4939d541579687026089ccef86b1a1737b57a3d1a81d9975c604,2024-04-15T13:15:31.997000 CVE-2024-3740,0,0,75f61be8bbb353101b1f56f62642608067055ad70ceb68581fdd482be28a2282,2024-04-15T13:15:31.997000 +CVE-2024-3741,1,1,39669021346aa7aa4edfe91b0520fd6d4af42327e0a88455d9d6555d03f18138,2024-04-18T22:15:10.603000 +CVE-2024-3742,1,1,15c1f4e8b8d1991632c4133caeddb72cbf72ff7cc2d93d8b8cd49afd4c729f62,2024-04-18T23:15:07.650000 CVE-2024-3762,0,0,8786cfd326f85cef30984c56459dfc9fe93a76e6338c27d090dd8d173488b8b0,2024-04-15T13:15:31.997000 CVE-2024-3763,0,0,1eebac5877c8c886e0c3f8814e0dc9f66bf992c6afa583c2dc485461fb17eebd,2024-04-15T13:15:31.997000 CVE-2024-3764,0,0,bc0166392f0fa682ac423224b68b272d1fbe64e8573563127fc316656ba68a89,2024-04-16T07:15:13.437000