admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-06-11T18:00:18.524852+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-06-11 18:03:11 +00:00
parent 19d00c4517
commit 707a9dcc9d
156 changed files with 8267 additions and 511 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CVE-2020/CVE-2020-159xx/CVE-2020-15912.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-15912",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-07-23T15:15:12.040",
"lastModified": "2024-05-17T01:43:37.570",
"lastModified": "2024-06-11T17:15:49.737",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2020/CVE-2020-161xx/CVE-2020-16139.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-16139",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-08-12T21:15:12.140",
"lastModified": "2024-05-17T01:43:44.770",
"lastModified": "2024-06-11T17:15:49.877",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2020/CVE-2020-259xx/CVE-2020-25966.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-25966",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-10-28T18:15:13.413",
"lastModified": "2024-05-17T01:46:27.317",
"lastModified": "2024-06-11T16:15:15.417",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2020/CVE-2020-352xx/CVE-2020-35235.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-35235",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-12-14T03:15:13.370",
"lastModified": "2024-05-17T01:48:15.023",
"lastModified": "2024-06-11T16:15:15.590",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2021/CVE-2021-372xx/CVE-2021-37253.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37253",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-05T21:15:07.753",
"lastModified": "2024-05-17T01:59:10.427",
"lastModified": "2024-06-11T16:15:15.727",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2021/CVE-2021-425xx/CVE-2021-42574.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-42574",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-11-01T04:15:07.970",
"lastModified": "2024-05-17T02:01:34.483",
"lastModified": "2024-06-11T16:15:15.880",
"vulnStatus": "Modified",
"descriptions": [
{

2
CVE-2021/CVE-2021-459xx/CVE-2021-45955.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-45955",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-01-01T00:15:08.677",
"lastModified": "2024-05-17T02:02:52.777",
"lastModified": "2024-06-11T16:15:16.080",
"vulnStatus": "Modified",
"descriptions": [
{

105
CVE-2022/CVE-2022-286xx/CVE-2022-28652.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28652",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-04T22:15:09.780",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:05:08.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,104 @@
"value": "~/.config/apport/settings el an\u00e1lisis es vulnerable al ataque de \"billion laughs\""
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28652",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-776"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.21.0",
"matchCriteriaId": "AD92D087-0439-48BE-9B32-5156B335A145"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE4D2D0-CEEB-416F-8BC5-A7987DF56190"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
}
]
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28652",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
}
]
}

105
CVE-2022/CVE-2022-286xx/CVE-2022-28654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28654",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-04T22:15:09.870",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:04:47.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,104 @@
"value": "is_closing_session() permite a los usuarios completar apport.log"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28654",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.21.0",
"matchCriteriaId": "AD92D087-0439-48BE-9B32-5156B335A145"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
"matchCriteriaId": "3D94DA3B-FA74-4526-A0A0-A872684598C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
}
]
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28654",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
}
]
}

105
CVE-2022/CVE-2022-286xx/CVE-2022-28655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28655",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-04T22:15:09.940",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:04:20.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,104 @@
"value": "is_closing_session() permite a los usuarios crear conexiones tcp dbus arbitrarias"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28655",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.21.0",
"matchCriteriaId": "AD92D087-0439-48BE-9B32-5156B335A145"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
"matchCriteriaId": "3D94DA3B-FA74-4526-A0A0-A872684598C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
}
]
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28655",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
}
]
}

105
CVE-2022/CVE-2022-286xx/CVE-2022-28656.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28656",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-04T22:15:10.007",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:02:46.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,104 @@
"value": "is_closing_session() permite a los usuarios consumir RAM en el proceso de Apport"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28656",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.21.0",
"matchCriteriaId": "AD92D087-0439-48BE-9B32-5156B335A145"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
"matchCriteriaId": "3D94DA3B-FA74-4526-A0A0-A872684598C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
}
]
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28656",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
}
]
}

105
CVE-2022/CVE-2022-286xx/CVE-2022-28657.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28657",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-04T22:15:10.087",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:02:05.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,104 @@
"value": "Apport no desactiva el controlador de fallos de Python antes de ingresar a chroot"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28657",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.21.0",
"matchCriteriaId": "AD92D087-0439-48BE-9B32-5156B335A145"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
"matchCriteriaId": "3D94DA3B-FA74-4526-A0A0-A872684598C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
}
]
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28657",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
}
]
}

105
CVE-2022/CVE-2022-286xx/CVE-2022-28658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28658",
"sourceIdentifier": "security@ubuntu.com",
"published": "2024-06-04T22:15:10.153",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T16:56:43.970",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,104 @@
"value": "El an\u00e1lisis de argumentos de Apport maneja mal la divisi\u00f3n de nombres de archivos en n\u00facleos m\u00e1s antiguos, lo que resulta en suplantaci\u00f3n de argumentos"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28658",
"source": "security@ubuntu.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apport_project:apport:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.21.0",
"matchCriteriaId": "AD92D087-0439-48BE-9B32-5156B335A145"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
"matchCriteriaId": "3D94DA3B-FA74-4526-A0A0-A872684598C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
}
]
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/notices/USN-5427-1",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28658",
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-482xx/CVE-2023-48273.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-48273",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:15:50.087",
"lastModified": "2024-06-11T17:15:50.087",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Preloader for Website.This issue affects Preloader for Website: from n/a through 1.2.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/preloader-for-website/wordpress-preloader-for-website-plugin-1-2-2-unauthenticated-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-515xx/CVE-2023-51519.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51519",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:16.277",
"lastModified": "2024-06-11T16:15:16.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Soliloquy Team Slider by Soliloquy.This issue affects Slider by Soliloquy: from n/a through 2.7.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/soliloquy-lite/wordpress-slider-by-soliloquy-responsive-image-slider-for-wordpress-plugin-2-7-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-516xx/CVE-2023-51682.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51682",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:16.510",
"lastModified": "2024-06-11T16:15:16.510",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through 4.9.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mailchimp-for-wp/wordpress-mc4wp-plugin-4-9-9-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-522xx/CVE-2023-52224.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52224",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:15:50.363",
"lastModified": "2024-06-11T17:15:50.363",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Revolut Revolut Gateway for WooCommerce.This issue affects Revolut Gateway for WooCommerce: from n/a through 4.9.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/revolut-gateway-for-woocommerce/wordpress-revolut-gateway-for-woocommerce-plugin-4-9-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-522xx/CVE-2023-52227.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52227",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:15:50.583",
"lastModified": "2024-06-11T17:15:50.583",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in MailerLite MailerLite \u2013 WooCommerce integration.This issue affects MailerLite \u2013 WooCommerce integration: from n/a through 2.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-mailerlite/wordpress-mailerlite-woocommerce-integration-plugin-2-0-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-522xx/CVE-2023-52233.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52233",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:16.757",
"lastModified": "2024-06-11T16:15:16.757",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Email Log.This issue affects Post SMTP Mailer/Email Log: from n/a through 2.8.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/post-smtp/wordpress-post-smtp-mailer-plugin-2-8-6-broken-access-control-on-api-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

74
CVE-2024/CVE-2024-11xx/CVE-2024-1164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1164",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-05T07:15:45.310",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:14:02.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -38,14 +58,50 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9746cd9f-afb2-41b2-9e31-7c77222d9cfd?source=cve",
"source": "security@wordfence.com"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.44",
"matchCriteriaId": "0E89EC06-A340-4DE2-B625-4AC05E3C42F6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9746cd9f-afb2-41b2-9e31-7c77222d9cfd?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-12xx/CVE-2024-1272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1272",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-06-05T09:15:09.620",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:34:25.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0601",
"source": "iletisim@usom.gov.tr"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tnbmobil:cockpit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.251.1",
"matchCriteriaId": "DD0B9EF1-1C4D-4A5F-AB09-943514CDDBAB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0601",
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2024/CVE-2024-16xx/CVE-2024-1662.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-1662",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-06-05T12:15:10.213",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:27:19.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "iletisim@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,10 +80,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0602",
"source": "iletisim@usom.gov.tr"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:porty:powerbank:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.02",
"matchCriteriaId": "F1AA3CA3-6C96-4619-8691-F6BD65B7FCD8"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-0602",
"source": "iletisim@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-206xx/CVE-2024-20671.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20671",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:48.963",
"lastModified": "2024-03-12T17:46:17.273",
"lastModified": "2024-06-11T16:15:17.183",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20671",

14
CVE-2024/CVE-2024-214xx/CVE-2024-21408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21408",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:50.127",
"lastModified": "2024-03-21T21:06:09.543",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-11T16:15:17.727",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -48,6 +48,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-214xx/CVE-2024-21411.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21411",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:50.290",
"lastModified": "2024-03-12T17:46:17.273",
"lastModified": "2024-06-11T16:15:17.890",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-453"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21411",

14
CVE-2024/CVE-2024-214xx/CVE-2024-21431.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21431",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:51.743",
"lastModified": "2024-03-12T17:46:17.273",
"lastModified": "2024-06-11T16:15:18.230",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21431",

14
CVE-2024/CVE-2024-214xx/CVE-2024-21433.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-21433",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:52.063",
"lastModified": "2024-03-12T17:46:17.273",
"lastModified": "2024-06-11T16:15:18.377",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21433",

55
CVE-2024/CVE-2024-235xx/CVE-2024-23503.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23503",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:18.990",
"lastModified": "2024-06-11T16:15:18.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ninja-tables/wordpress-ninja-tables-plugin-5-0-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-235xx/CVE-2024-23518.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23518",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:15:50.973",
"lastModified": "2024-06-11T17:15:50.973",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Navneil Naicker ACF Photo Gallery Field.This issue affects ACF Photo Gallery Field: from n/a through 2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/navz-photo-gallery/wordpress-acf-photo-gallery-field-plugin-2-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-235xx/CVE-2024-23521.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23521",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:19.223",
"lastModified": "2024-06-11T16:15:19.223",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/happyforms/wordpress-happyforms-plugin-1-25-10-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

86
CVE-2024/CVE-2024-236xx/CVE-2024-23669.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-23669",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-06-05T08:15:09.537",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:09:43.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,10 +80,54 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-222",
"source": "psirt@fortinet.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.3",
"versionEndExcluding": "6.2.5",
"matchCriteriaId": "C00F44FF-9533-4354-9060-A74E8F43E747"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.5",
"matchCriteriaId": "403F07C3-8D48-4403-B9EE-0076F8639CB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB742D6-5B08-4FF7-A366-F4CE1E91C9A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A921BEEB-D912-471E-8176-8804F5CD5118"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7475A8-52EB-413E-A196-6F43137B545F"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-222",
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2024/CVE-2024-23xx/CVE-2024-2368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-2368",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-05T07:15:45.690",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:13:40.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,14 +38,50 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3097426/mollie-forms",
"source": "security@wordfence.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51ff10f2-4a5b-42ab-9ee2-95b036ac1c9a?source=cve",
"source": "security@wordfence.com"
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wobbie:mollie_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.14",
"matchCriteriaId": "78F6242C-5EC6-4BC9-9F62-D2E3E86A2BE2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3097426/mollie-forms",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51ff10f2-4a5b-42ab-9ee2-95b036ac1c9a?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-261xx/CVE-2024-26163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26163",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-14T23:15:45.813",
"lastModified": "2024-03-19T17:03:03.383",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-11T16:15:19.610",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -48,6 +48,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-261xx/CVE-2024-26165.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26165",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:55.817",
"lastModified": "2024-03-12T17:46:17.273",
"lastModified": "2024-06-11T16:15:19.780",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-256"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26165",

14
CVE-2024/CVE-2024-261xx/CVE-2024-26167.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26167",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-07T21:15:08.273",
"lastModified": "2024-03-08T14:02:57.420",
"lastModified": "2024-06-11T16:15:19.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26167",

14
CVE-2024/CVE-2024-261xx/CVE-2024-26173.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26173",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:56.543",
"lastModified": "2024-03-12T17:46:17.273",
"lastModified": "2024-06-11T16:15:20.190",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26173",

14
CVE-2024/CVE-2024-261xx/CVE-2024-26181.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26181",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-12T17:15:57.380",
"lastModified": "2024-03-12T17:46:17.273",
"lastModified": "2024-06-11T16:15:20.530",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26181",

14
CVE-2024/CVE-2024-262xx/CVE-2024-26246.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26246",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-14T23:15:46.230",
"lastModified": "2024-03-19T17:05:45.193",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-11T16:15:22.197",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -68,6 +68,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1220"
}
]
}
],
"configurations": [

14
CVE-2024/CVE-2024-262xx/CVE-2024-26247.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-26247",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-22T22:15:50.247",
"lastModified": "2024-03-26T03:18:26.197",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-11T16:15:22.333",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -48,6 +48,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

20
CVE-2024/CVE-2024-263xx/CVE-2024-26330.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-26330",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-11T17:15:51.260",
"lastModified": "2024-06-11T17:15:51.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. After a successful logout, user credentials remain in memory while the process is still open, and can be obtained by dumping the process memory and parsing it."
}
],
"metrics": {},
"references": [
{
"url": "https://www.secuvera.de/advisories/secuvera-SA-2024-04.txt",
"source": "cve@mitre.org"
}
]
}

63
CVE-2024/CVE-2024-289xx/CVE-2024-28995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-28995",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2024-06-06T09:15:14.167",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:47:22.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@solarwinds.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@solarwinds.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
@ -50,10 +70,41 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995",
"source": "psirt@solarwinds.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.4.2",
"matchCriteriaId": "F4075BBF-2BC5-494C-81ED-AC85AD8D30CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:solarwinds:serv-u:15.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "60A6B282-872E-4228-A884-5DC5B44046BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:solarwinds:serv-u:15.4.2:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "EBDF03FF-C508-42BD-9B70-9F972A14087B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995",
"source": "psirt@solarwinds.com",
"tags": [
"Vendor Advisory"
]
}
]
}

14
CVE-2024/CVE-2024-290xx/CVE-2024-29057.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-29057",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-03-22T22:15:50.450",
"lastModified": "2024-03-26T03:18:48.760",
"vulnStatus": "Analyzed",
"lastModified": "2024-06-11T16:15:24.533",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -68,6 +68,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-357"
}
]
}
],
"configurations": [

55
CVE-2024/CVE-2024-290xx/CVE-2024-29060.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-29060",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:51.383",
"lastModified": "2024-06-11T17:15:51.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060",
"source": "secure@microsoft.com"
}
]
}

14
CVE-2024/CVE-2024-299xx/CVE-2024-29987.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-29987",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-04-18T19:15:11.403",
"lastModified": "2024-04-19T13:10:25.637",
"lastModified": "2024-06-11T16:15:25.047",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-359"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29987",

14
CVE-2024/CVE-2024-300xx/CVE-2024-30050.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-30050",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-05-14T17:17:21.443",
"lastModified": "2024-05-14T19:17:55.627",
"lastModified": "2024-06-11T16:15:27.137",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -38,6 +38,18 @@
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30050",

55
CVE-2024/CVE-2024-300xx/CVE-2024-30052.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30052",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:51.600",
"lastModified": "2024-06-11T17:15:51.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-693"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30062.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30062",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:51.840",
"lastModified": "2024-06-11T17:15:51.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30062",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30063.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30063",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:52.040",
"lastModified": "2024-06-11T17:15:52.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Distributed File System (DFS) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.5,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-641"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30063",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30064.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30064",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:52.267",
"lastModified": "2024-06-11T17:15:52.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30064",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30065.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30065",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:52.507",
"lastModified": "2024-06-11T17:15:52.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Themes Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30065",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30066.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30066",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:52.723",
"lastModified": "2024-06-11T17:15:52.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Winlogon Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30066",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30067.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30067",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:52.943",
"lastModified": "2024-06-11T17:15:52.943",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Winlogon Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30067",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30068.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30068",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:53.157",
"lastModified": "2024-06-11T17:15:53.157",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30068",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30069.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30069",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:53.373",
"lastModified": "2024-06-11T17:15:53.373",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Access Connection Manager Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-126"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30069",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30070.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30070",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:53.593",
"lastModified": "2024-06-11T17:15:53.593",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DHCP Server Service Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30070",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30072.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30072",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:53.910",
"lastModified": "2024-06-11T17:15:53.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30072",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30074.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30074",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:54.110",
"lastModified": "2024-06-11T17:15:54.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30074",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30075.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30075",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:54.307",
"lastModified": "2024-06-11T17:15:54.307",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30075",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30076.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30076",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:54.513",
"lastModified": "2024-06-11T17:15:54.513",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30076",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30077.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30077",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:54.737",
"lastModified": "2024-06-11T17:15:54.737",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows OLE Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30077",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30078.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30078",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:54.977",
"lastModified": "2024-06-11T17:15:54.977",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Wi-Fi Driver Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30080.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30080",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:55.207",
"lastModified": "2024-06-11T17:15:55.207",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30080",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30082.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30082",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:55.443",
"lastModified": "2024-06-11T17:15:55.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30082",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30083.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30083",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:55.677",
"lastModified": "2024-06-11T17:15:55.677",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Standards-Based Storage Management Service Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30083",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30084.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30084",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:55.893",
"lastModified": "2024-06-11T17:15:55.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30084",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30085.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30085",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:56.123",
"lastModified": "2024-06-11T17:15:56.123",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30085",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30086.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30086",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:56.343",
"lastModified": "2024-06-11T17:15:56.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30086",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30087.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30087",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:56.583",
"lastModified": "2024-06-11T17:15:56.583",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30087",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30088.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30088",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:56.810",
"lastModified": "2024-06-11T17:15:56.810",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30088",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30089.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30089",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:57.023",
"lastModified": "2024-06-11T17:15:57.023",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Streaming Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30089",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30090.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30090",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:57.240",
"lastModified": "2024-06-11T17:15:57.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Streaming Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-822"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30090",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30091.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30091",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:57.457",
"lastModified": "2024-06-11T17:15:57.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30091",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30093.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30093",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:57.680",
"lastModified": "2024-06-11T17:15:57.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Storage Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30093",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30094.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30094",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:57.917",
"lastModified": "2024-06-11T17:15:57.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30094",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30095.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30095",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:58.150",
"lastModified": "2024-06-11T17:15:58.150",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30095",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30096.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30096",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:58.497",
"lastModified": "2024-06-11T17:15:58.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Cryptographic Services Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30096",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30097.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30097",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:58.700",
"lastModified": "2024-06-11T17:15:58.700",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30097",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-300xx/CVE-2024-30099.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30099",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:58.927",
"lastModified": "2024-06-11T17:15:58.927",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30099",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-301xx/CVE-2024-30100.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30100",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:59.140",
"lastModified": "2024-06-11T17:15:59.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30100",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-301xx/CVE-2024-30101.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30101",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:59.353",
"lastModified": "2024-06-11T17:15:59.353",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30101",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-301xx/CVE-2024-30102.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30102",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:59.560",
"lastModified": "2024-06-11T17:15:59.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30102",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-301xx/CVE-2024-30103.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30103",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:15:59.800",
"lastModified": "2024-06-11T17:15:59.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Outlook Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-184"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30103",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2024/CVE-2024-301xx/CVE-2024-30104.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-30104",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-06-11T17:16:00.030",
"lastModified": "2024-06-11T17:16:00.030",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30104",
"source": "secure@microsoft.com"
}
]
}

223
CVE-2024/CVE-2024-30xx/CVE-2024-3049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-3049",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-06-06T06:15:09.550",
"lastModified": "2024-06-06T14:17:35.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:54:22.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -50,34 +70,183 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3657",
"source": "secalert@redhat.com"
},
"nodes": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3658",
"source": "secalert@redhat.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3659",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3660",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3661",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3049",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:clusterlabs:booth:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "71757B74-23C1-428F-9A3D-7DC5086303A9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "5A47EF78-A5B6-4B89-8B74-EEB0647C549F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F8A347-0ACE-40E4-BF7B-656D66DDB425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "D85E0DBA-A856-472A-8271-A4F37C35F952"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.4_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF70805-7EBF-4731-83DB-D71F7A646B0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "2E068ABB-31C2-416E-974A-95E07A2BAB0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "069180B4-BA50-4AD0-8BA9-83F8005E58BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "22C65F53-D624-48A9-A9B7-4C78A31E19F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEC5D6F-097A-4DD3-BD12-76B6343E8C83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28CF82-799F-4A6E-B1DB-0AB423E6C05D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "F91F9255-4EE1-43C7-8831-D2B6C228BFD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "99952557-C766-4B9E-8BF5-DBBA194349FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6DD887-9744-43EA-8B3C-44C6B6339590"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:3657",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3658",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3659",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3660",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:3661",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3049",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}
]
}

55
CVE-2024/CVE-2024-321xx/CVE-2024-32143.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-32143",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:00.257",
"lastModified": "2024-06-11T17:16:00.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/podlove-podcasting-plugin-for-wordpress/wordpress-podlove-podcast-publisher-plugin-4-1-0-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-321xx/CVE-2024-32144.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-32144",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:27.467",
"lastModified": "2024-06-11T16:15:27.467",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Welcart Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.14."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-9-14-broken-access-control-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-321xx/CVE-2024-32146.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-32146",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:00.490",
"lastModified": "2024-06-11T17:16:00.490",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose.Words Exporter.This issue affects Aspose.Words Exporter: from n/a through 6.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/aspose-doc-exporter/wordpress-aspose-words-import-and-export-word-documents-plugin-6-3-1-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

100
CVE-2024/CVE-2024-340xx/CVE-2024-34055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34055",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-06-05T05:15:49.950",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:16:29.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,97 @@
"value": "Cyrus IMAP anterior a 3.8.3 y 3.10.x anterior a 3.10.0-rc1 permite a atacantes autenticados provocar una asignaci\u00f3n de memoria ilimitada enviando muchos LITERAL en un solo comando."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/cyrusimap/cyrus-imapd/commit/ef9e4e8314d6a06f2269af0ccf606894cc3fe489",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://www.cyrusimap.org/dev/imap/download/release-notes/3.10/x/3.10.0-rc1.html",
"source": "cve@mitre.org"
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.cyrusimap.org/imap/download/release-notes/3.8/x/3.8.3.html",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyrusimap:cyrus_imap:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.8.3",
"matchCriteriaId": "B51D8B39-A78E-4D0D-A72D-96E2BFBBDF62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyrusimap:cyrus_imap:3.10.0:alpha0:*:*:*:*:*:*",
"matchCriteriaId": "5068296F-B063-4170-AB93-DA3109615F2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyrusimap:cyrus_imap:3.10.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6921C16E-C510-4DCD-9EB1-A3BA28F5CD37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyrusimap:cyrus_imap:3.10.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "ECBB18EC-0A31-483F-953C-E1F0F4701867"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cyrusimap/cyrus-imapd/commit/ef9e4e8314d6a06f2269af0ccf606894cc3fe489",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes"
]
},
{
"url": "https://www.cyrusimap.org/dev/imap/download/release-notes/3.10/x/3.10.0-rc1.html",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.cyrusimap.org/imap/download/release-notes/3.8/x/3.8.3.html",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

77
CVE-2024/CVE-2024-343xx/CVE-2024-34363.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34363",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-04T21:15:34.743",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:44:14.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,10 +80,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-g979-ph9j-5gg4",
"source": "security-advisories@github.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.28.0",
"versionEndExcluding": "1.28.4",
"matchCriteriaId": "E5107DA5-4BC7-4AB8-8087-0DA20021D0B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.29.0",
"versionEndExcluding": "1.29.5",
"matchCriteriaId": "34583FBC-8B38-4BBB-9E3B-7731272C0A6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.30.0",
"versionEndExcluding": "1.30.2",
"matchCriteriaId": "65C0355B-7FAC-4417-B707-A3CA494C20A0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-g979-ph9j-5gg4",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

83
CVE-2024/CVE-2024-343xx/CVE-2024-34364.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-34364",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-06-04T21:15:34.977",
"lastModified": "2024-06-05T12:53:50.240",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-06-11T17:20:27.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,10 +80,53 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcj3-h7vf-fw26",
"source": "security-advisories@github.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.27.6",
"matchCriteriaId": "1020E2E2-EDFA-4188-B17F-406904256EB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.28.0",
"versionEndExcluding": "1.28.4",
"matchCriteriaId": "E5107DA5-4BC7-4AB8-8087-0DA20021D0B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.29.0",
"versionEndExcluding": "1.29.5",
"matchCriteriaId": "34583FBC-8B38-4BBB-9E3B-7731272C0A6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.30.0",
"versionEndExcluding": "1.30.2",
"matchCriteriaId": "65C0355B-7FAC-4417-B707-A3CA494C20A0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcj3-h7vf-fw26",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2024/CVE-2024-347xx/CVE-2024-34753.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34753",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:27.760",
"lastModified": "2024-06-11T16:15:27.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/radio-player/wordpress-radio-player-plugin-2-0-73-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-347xx/CVE-2024-34758.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34758",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:00.717",
"lastModified": "2024-06-11T17:16:00.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-fundraising-donation/wordpress-fundengine-donation-and-crowdfunding-platform-plugin-1-6-4-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-347xx/CVE-2024-34763.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34763",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:00.950",
"lastModified": "2024-06-11T17:16:00.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Tobias Conrad Builder for WooCommerce reviews shortcodes \u2013 ReviewShort.This issue affects Builder for WooCommerce reviews shortcodes \u2013 ReviewShort: from n/a through 1.01.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-product-reviews-shortcode/wordpress-builder-for-woocommerce-reviews-shortcodes-reviewshort-plugin-1-01-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-347xx/CVE-2024-34768.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34768",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:01.187",
"lastModified": "2024-06-11T17:16:01.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a through 1.2.25."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/fastly/wordpress-fastly-plugin-1-2-25-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-347xx/CVE-2024-34799.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34799",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:01.430",
"lastModified": "2024-06-11T17:16:01.430",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.82."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bookingpress-appointment-booking/wordpress-bookingpress-plugin-1-0-82-appointment-duration-manipulation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-348xx/CVE-2024-34804.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34804",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:01.683",
"lastModified": "2024-06-11T17:16:01.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tagembed-widget/wordpress-tagembed-plugin-5-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-348xx/CVE-2024-34815.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34815",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T17:16:01.903",
"lastModified": "2024-06-11T17:16:01.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.26.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/import-users-from-csv-with-meta/wordpress-import-and-export-users-and-customers-plugin-1-26-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-348xx/CVE-2024-34819.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34819",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:28.010",
"lastModified": "2024-06-11T16:15:28.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a through 1.7.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/smart-wishlist-for-more-convert/wordpress-mc-woocommerce-wishlist-plugin-1-7-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-348xx/CVE-2024-34821.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34821",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:28.280",
"lastModified": "2024-06-11T16:15:28.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Contact List PRO Contact List \u2013 Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List \u2013 Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through 2.9.87."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contact-list/wordpress-contact-list-plugin-2-9-87-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-348xx/CVE-2024-34822.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-34822",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-11T16:15:28.563",
"lastModified": "2024-06-11T16:15:28.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in weDevs weMail.This issue affects weMail: from n/a through 1.14.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wemail/wordpress-wemail-plugin-1-14-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More