admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-26T23:00:24.759792+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-26 23:00:28 +00:00
parent 7fdedde262
commit 6fdde92d7d
17 changed files with 1115 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2023/CVE-2023-405xx/CVE-2023-40547.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-40547",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T16:15:07.717",
"lastModified": "2024-01-25T19:28:53.800",
"lastModified": "2024-01-26T21:15:08.180",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Shim. El soporte de arranque Shim conf\u00eda en los valores controlados por el atacante al analizar una respuesta HTTP. Este fallo permite a un atacante manipular una solicitud HTTP maliciosa espec\u00edfica, lo que lleva a una escritura fuera de los l\u00edmites completamente controlada primitiva y a un compromiso completo del sistema."
}
],
"metrics": {
@ -35,6 +39,10 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/26/1",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-40547",
"source": "secalert@redhat.com"

4
CVE-2023/CVE-2023-457xx/CVE-2023-45779.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-45779",
"sourceIdentifier": "security@android.com",
"published": "2023-12-04T23:15:26.673",
"lastModified": "2024-01-26T18:15:10.360",
"lastModified": "2024-01-26T22:15:11.330",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the following links (which go live Jan 30th, 2024):\n * https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.html \n * https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-wmcc-g67r-9962 https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-wmcc-g67r-9962 \n * https://www.fairphone.com/en/2023/12/22/security-update-apex-modules-vulnerability-fixed https://www.fairphone.com/en/2023/12/22/security-update-apex-modules-vulnerability-fixed \n\n\n"
"value": "In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the following links (which go live Jan 30th, 2024)."
},
{
"lang": "es",

15
CVE-2023/CVE-2023-64xx/CVE-2023-6470.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-6470",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-26T21:15:08.253",
"lastModified": "2024-01-26T21:15:08.253",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER."
}
],
"metrics": {},
"references": []
}

69
CVE-2023/CVE-2023-71xx/CVE-2023-7170.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-7170",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-22T20:15:47.787",
"lastModified": "2024-01-22T20:28:17.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-26T21:05:46.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
},
{
"lang": "es",
"value": "El complemento EventON-RSVP de WordPress anterior a 2.9.5 no sanitiza ni escapa algunos par\u00e1metros antes de devolverlos a la p\u00e1gina, lo que genera Cross-Site Scripting Reflejado que podr\u00eda usarse contra usuarios con altos privilegios, como administradores."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:rsvp_events:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.9.5",
"matchCriteriaId": "DA3DE6EF-F08F-41B5-9A9E-C86EB171EDD3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/218fb3af-3a40-486f-8ea9-80211a986fb3/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

88
CVE-2024/CVE-2024-09xx/CVE-2024-0945.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0945",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-26T21:15:08.380",
"lastModified": "2024-01-26T21:15:08.380",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in 60IndexPage up to 1.8.5. This affects an unknown part of the file /include/file.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252189 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/7F54gy22y7uJ",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252189",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252189",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-09xx/CVE-2024-0946.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0946",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-26T21:15:08.600",
"lastModified": "2024-01-26T21:15:08.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in 60IndexPage up to 1.8.5. This vulnerability affects unknown code of the file /apply/index.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252190 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/iNSyaClT0hGi",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252190",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252190",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-09xx/CVE-2024-0948.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0948",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-26T22:15:11.413",
"lastModified": "2024-01-26T22:15:11.413",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input <<h1 onload=alert(1)>>test</h1> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252191. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1tcgyzu9Fh3AMG0INR0EdOR7ZjWmBK0ZR/view?usp=sharing",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.252191",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.252191",
"source": "cna@vuldb.com"
}
]
}

6
CVE-2024/CVE-2024-209xx/CVE-2024-20955.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-20955",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-01-16T22:15:42.647",
"lastModified": "2024-01-23T19:42:41.163",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-26T22:15:11.647",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
"value": "Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
},
{
"lang": "es",

63
CVE-2024/CVE-2024-224xx/CVE-2024-22403.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-22403",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-18T20:15:08.610",
"lastModified": "2024-01-19T01:51:14.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-26T21:03:36.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. It is recommended that the Nextcloud Server is upgraded to 28.0.0. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "El servidor Nextcloud es un sistema de nube personal autohospedado. En las versiones afectadas, los c\u00f3digos OAuth no caducaban. Cuando un atacante tuviera acceso a un c\u00f3digo de autorizaci\u00f3n, podr\u00eda autenticarse en cualquier momento utilizando el c\u00f3digo. A partir de la versi\u00f3n 28.0.0, los c\u00f3digos OAuth se invalidan despu\u00e9s de 10 minutos y ya no se autenticar\u00e1n. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda interceptar un c\u00f3digo OAuth de una sesi\u00f3n de usuario. Se recomienda actualizar el servidor Nextcloud a 28.0.0. No se conocen workarounds para esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +70,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "28.0.0",
"matchCriteriaId": "40C7FB8D-EB7F-45B8-9F7F-8E5B1AE3ABEA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/nextcloud/server/pull/40766",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1784162",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

95
CVE-2024/CVE-2024-232xx/CVE-2024-23203.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23203",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-23T01:15:10.740",
"lastModified": "2024-01-26T17:15:12.200",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-26T21:14:58.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,104 @@
"value": "El problema se solucion\u00f3 con comprobaciones de permisos adicionales. Este problema se solucion\u00f3 en macOS Sonoma 14.3, iOS 17.3 y iPadOS 17.3. Un acceso directo puede utilizar datos confidenciales con determinadas acciones sin avisar al usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "EF93182E-EFE2-4DAF-BAA2-5053A20ADCFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "79493683-AFEA-42B7-9F15-C3E47069C9CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.3",
"matchCriteriaId": "3A4823C4-3812-46DB-8295-D021C93236CC"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/33",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/36",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214059",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214061",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

112
CVE-2024/CVE-2024-232xx/CVE-2024-23204.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23204",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-23T01:15:10.787",
"lastModified": "2024-01-26T18:15:12.270",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-26T21:15:48.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,125 @@
"value": "El problema se solucion\u00f3 con comprobaciones de permisos adicionales. Este problema se solucion\u00f3 en macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 y iPadOS 17.3. Un acceso directo puede utilizar datos confidenciales con determinadas acciones sin avisar al usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "EF93182E-EFE2-4DAF-BAA2-5053A20ADCFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "79493683-AFEA-42B7-9F15-C3E47069C9CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.3",
"matchCriteriaId": "3A4823C4-3812-46DB-8295-D021C93236CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3",
"matchCriteriaId": "F265723B-24BD-4BD9-A45C-6FFD000A7B03"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/33",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/36",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/39",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214059",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214060",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214061",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

171
CVE-2024/CVE-2024-232xx/CVE-2024-23206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23206",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-23T01:15:10.840",
"lastModified": "2024-01-26T18:15:12.337",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-26T21:17:32.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,55 +14,196 @@
"value": "Se solucion\u00f3 un problema de acceso mejorando las restricciones de acceso. Este problema se solucion\u00f3 en watchOS 10.3, tvOS 17.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. Una p\u00e1gina web creada con fines malintencionados puede tomar huellas digitales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartExcluding": "16.0",
"versionEndExcluding": "16.7.5",
"matchCriteriaId": "8C2307FA-1412-4727-AD29-541A337A9B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "EF93182E-EFE2-4DAF-BAA2-5053A20ADCFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartExcluding": "16.0",
"versionEndExcluding": "16.7.5",
"matchCriteriaId": "78404384-8393-4F57-8076-C84BCFD58B1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "79493683-AFEA-42B7-9F15-C3E47069C9CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.3",
"matchCriteriaId": "3A4823C4-3812-46DB-8295-D021C93236CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.3",
"matchCriteriaId": "AF847E34-E210-4F2D-919C-772FFEC50D8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.3",
"matchCriteriaId": "921307BF-8419-42C7-9B2C-8DD643723E38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3",
"matchCriteriaId": "F265723B-24BD-4BD9-A45C-6FFD000A7B03"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/27",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/33",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/34",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/36",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/39",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/40",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214055",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214056",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214059",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214060",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214061",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214063",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

149
CVE-2024/CVE-2024-232xx/CVE-2024-23207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23207",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-23T01:15:10.887",
"lastModified": "2024-01-26T18:15:12.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-26T21:23:37.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,47 +14,170 @@
"value": "Este problema se solucion\u00f3 mejorando la redacci\u00f3n de informaci\u00f3n confidencial. Este problema se solucion\u00f3 en watchOS 10.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "EF93182E-EFE2-4DAF-BAA2-5053A20ADCFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartExcluding": "17.0",
"versionEndExcluding": "17.3",
"matchCriteriaId": "79493683-AFEA-42B7-9F15-C3E47069C9CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7.3",
"matchCriteriaId": "ECD0F581-7DA4-428A-A1F5-C9A86DDD99D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.4",
"matchCriteriaId": "A3916CD8-E6D5-4786-903E-B86026859CE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.3",
"matchCriteriaId": "79ADFEBE-99EE-4F01-9AE8-489EB41885D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3",
"matchCriteriaId": "F265723B-24BD-4BD9-A45C-6FFD000A7B03"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/33",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/36",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/37",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/38",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/39",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214057",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214058",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214059",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214060",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214061",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-232xx/CVE-2024-23209.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23209",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-23T01:15:10.977",
"lastModified": "2024-01-26T17:15:12.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-26T21:13:02.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Sonoma 14.3. El procesamiento de contenido web puede dar lugar a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.3",
"matchCriteriaId": "3A4823C4-3812-46DB-8295-D021C93236CC"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/36",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214061",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-237xx/CVE-2024-23731.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23731",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-21T17:15:44.443",
"lastModified": "2024-01-22T14:01:14.430",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-26T21:11:25.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "OpenAPI loader in Embedchain anterior a 0.1.57 permite a los atacantes ejecutar c\u00f3digo arbitrario, relacionado con el argumento de la funci\u00f3n openapi.py yaml.load."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-88"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:embedchain:embedchain:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.1.57",
"matchCriteriaId": "7BDC96B9-7B04-4BD7-A8A8-95E3556FA6FA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/embedchain/embedchain/compare/0.1.56...0.1.57",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/embedchain/embedchain/pull/1122",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

70
CVE-2024/CVE-2024-237xx/CVE-2024-23732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23732",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-21T17:15:44.497",
"lastModified": "2024-01-22T14:01:14.430",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-26T21:11:51.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "JSON loader in Embedchain anterior a 0.1.57 permite un ReDoS (denegaci\u00f3n de servicio de expresi\u00f3n regular) a trav\u00e9s de una cadena larga en json.py."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:embedchain:embedchain:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.1.57",
"matchCriteriaId": "7BDC96B9-7B04-4BD7-A8A8-95E3556FA6FA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/embedchain/embedchain/compare/0.1.56...0.1.57",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/embedchain/embedchain/pull/1122",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

57
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-26T21:00:25.271575+00:00
2024-01-26T23:00:24.759792+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-26T20:55:37.543000+00:00
2024-01-26T22:15:11.647000+00:00
```
### Last Data Feed Release
@ -29,50 +29,35 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236945
236949
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `4`
* [CVE-2023-29081](CVE-2023/CVE-2023-290xx/CVE-2023-29081.json) (`2024-01-26T20:15:54.187`)
* [CVE-2024-0939](CVE-2024/CVE-2024-09xx/CVE-2024-0939.json) (`2024-01-26T19:15:08.103`)
* [CVE-2024-0941](CVE-2024/CVE-2024-09xx/CVE-2024-0941.json) (`2024-01-26T19:15:08.350`)
* [CVE-2024-0942](CVE-2024/CVE-2024-09xx/CVE-2024-0942.json) (`2024-01-26T20:15:54.403`)
* [CVE-2024-0943](CVE-2024/CVE-2024-09xx/CVE-2024-0943.json) (`2024-01-26T20:15:54.640`)
* [CVE-2024-0944](CVE-2024/CVE-2024-09xx/CVE-2024-0944.json) (`2024-01-26T20:15:54.863`)
* [CVE-2023-6470](CVE-2023/CVE-2023-64xx/CVE-2023-6470.json) (`2024-01-26T21:15:08.253`)
* [CVE-2024-0945](CVE-2024/CVE-2024-09xx/CVE-2024-0945.json) (`2024-01-26T21:15:08.380`)
* [CVE-2024-0946](CVE-2024/CVE-2024-09xx/CVE-2024-0946.json) (`2024-01-26T21:15:08.600`)
* [CVE-2024-0948](CVE-2024/CVE-2024-09xx/CVE-2024-0948.json) (`2024-01-26T22:15:11.413`)
### CVEs modified in the last Commit
Recently modified CVEs: `41`
Recently modified CVEs: `12`
* [CVE-2023-6290](CVE-2023/CVE-2023-62xx/CVE-2023-6290.json) (`2024-01-26T19:36:13.877`)
* [CVE-2023-6384](CVE-2023/CVE-2023-63xx/CVE-2023-6384.json) (`2024-01-26T19:41:47.807`)
* [CVE-2023-6447](CVE-2023/CVE-2023-64xx/CVE-2023-6447.json) (`2024-01-26T19:43:45.243`)
* [CVE-2023-6625](CVE-2023/CVE-2023-66xx/CVE-2023-6625.json) (`2024-01-26T19:47:43.497`)
* [CVE-2023-7082](CVE-2023/CVE-2023-70xx/CVE-2023-7082.json) (`2024-01-26T19:48:56.570`)
* [CVE-2023-6626](CVE-2023/CVE-2023-66xx/CVE-2023-6626.json) (`2024-01-26T19:58:01.737`)
* [CVE-2023-44001](CVE-2023/CVE-2023-440xx/CVE-2023-44001.json) (`2024-01-26T20:00:50.610`)
* [CVE-2023-40528](CVE-2023/CVE-2023-405xx/CVE-2023-40528.json) (`2024-01-26T20:06:08.767`)
* [CVE-2023-43999](CVE-2023/CVE-2023-439xx/CVE-2023-43999.json) (`2024-01-26T20:34:08.233`)
* [CVE-2023-43998](CVE-2023/CVE-2023-439xx/CVE-2023-43998.json) (`2024-01-26T20:34:28.980`)
* [CVE-2023-42881](CVE-2023/CVE-2023-428xx/CVE-2023-42881.json) (`2024-01-26T20:50:42.450`)
* [CVE-2023-42887](CVE-2023/CVE-2023-428xx/CVE-2023-42887.json) (`2024-01-26T20:51:20.893`)
* [CVE-2023-42888](CVE-2023/CVE-2023-428xx/CVE-2023-42888.json) (`2024-01-26T20:53:27.637`)
* [CVE-2024-23680](CVE-2024/CVE-2024-236xx/CVE-2024-23680.json) (`2024-01-26T19:08:47.817`)
* [CVE-2024-23679](CVE-2024/CVE-2024-236xx/CVE-2024-23679.json) (`2024-01-26T19:12:45.117`)
* [CVE-2024-23768](CVE-2024/CVE-2024-237xx/CVE-2024-23768.json) (`2024-01-26T19:15:05.400`)
* [CVE-2024-23770](CVE-2024/CVE-2024-237xx/CVE-2024-23770.json) (`2024-01-26T19:18:29.190`)
* [CVE-2024-23771](CVE-2024/CVE-2024-237xx/CVE-2024-23771.json) (`2024-01-26T19:24:40.873`)
* [CVE-2024-22895](CVE-2024/CVE-2024-228xx/CVE-2024-22895.json) (`2024-01-26T19:34:53.417`)
* [CVE-2024-0714](CVE-2024/CVE-2024-07xx/CVE-2024-0714.json) (`2024-01-26T20:01:19.683`)
* [CVE-2024-22420](CVE-2024/CVE-2024-224xx/CVE-2024-22420.json) (`2024-01-26T20:12:04.627`)
* [CVE-2024-22421](CVE-2024/CVE-2024-224xx/CVE-2024-22421.json) (`2024-01-26T20:15:23.507`)
* [CVE-2024-23329](CVE-2024/CVE-2024-233xx/CVE-2024-23329.json) (`2024-01-26T20:19:59.393`)
* [CVE-2024-22211](CVE-2024/CVE-2024-222xx/CVE-2024-22211.json) (`2024-01-26T20:24:56.133`)
* [CVE-2024-22400](CVE-2024/CVE-2024-224xx/CVE-2024-22400.json) (`2024-01-26T20:55:37.543`)
* [CVE-2023-7170](CVE-2023/CVE-2023-71xx/CVE-2023-7170.json) (`2024-01-26T21:05:46.627`)
* [CVE-2023-40547](CVE-2023/CVE-2023-405xx/CVE-2023-40547.json) (`2024-01-26T21:15:08.180`)
* [CVE-2023-45779](CVE-2023/CVE-2023-457xx/CVE-2023-45779.json) (`2024-01-26T22:15:11.330`)
* [CVE-2024-22403](CVE-2024/CVE-2024-224xx/CVE-2024-22403.json) (`2024-01-26T21:03:36.983`)
* [CVE-2024-23731](CVE-2024/CVE-2024-237xx/CVE-2024-23731.json) (`2024-01-26T21:11:25.430`)
* [CVE-2024-23732](CVE-2024/CVE-2024-237xx/CVE-2024-23732.json) (`2024-01-26T21:11:51.840`)
* [CVE-2024-23209](CVE-2024/CVE-2024-232xx/CVE-2024-23209.json) (`2024-01-26T21:13:02.737`)
* [CVE-2024-23203](CVE-2024/CVE-2024-232xx/CVE-2024-23203.json) (`2024-01-26T21:14:58.347`)
* [CVE-2024-23204](CVE-2024/CVE-2024-232xx/CVE-2024-23204.json) (`2024-01-26T21:15:48.800`)
* [CVE-2024-23206](CVE-2024/CVE-2024-232xx/CVE-2024-23206.json) (`2024-01-26T21:17:32.107`)
* [CVE-2024-23207](CVE-2024/CVE-2024-232xx/CVE-2024-23207.json) (`2024-01-26T21:23:37.840`)
* [CVE-2024-20955](CVE-2024/CVE-2024-209xx/CVE-2024-20955.json) (`2024-01-26T22:15:11.647`)
## Download and Usage