admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-01T15:00:22.187786+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-01 15:03:21 +00:00
parent cc13ee5acd
commit 74d4fedc00
77 changed files with 2800 additions and 579 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
CVE-2016/CVE-2016-62xx/CVE-2016-6298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-6298",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-09-01T23:59:01.160",
"lastModified": "2016-11-28T20:31:14.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:36:23.500",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,13 +16,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jwcrypto_project:jwcrypto:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.3.1",
"matchCriteriaId": "9AE9884F-4F22-4826-9D85-C1A57BE64BB0"
"criteria": "cpe:2.3:a:latchset:jwcrypto:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.3.2",
"matchCriteriaId": "3D621897-7527-4674-BC69-A6C1C2D76D49"
}
]
}
@ -97,7 +97,12 @@
"references": [
{
"url": "http://www.securityfocus.com/bid/92729",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/latchset/jwcrypto/commit/eb5be5bd94c8cae1d7f3ba9801377084d8e5a7ba",

27
CVE-2021/CVE-2021-474xx/CVE-2021-47498.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-47498",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-05-22T09:15:11.673",
"lastModified": "2024-05-22T12:46:53.887",
"lastModified": "2024-11-01T14:35:00.603",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dm rq: no poner en cola la solicitud a blk-mq durante la suspensi\u00f3n de DM. DM utiliza la funci\u00f3n de reposo/inquiesce de blk-mq para detener/iniciar la cola del asignador de dispositivos. Pero la inquietud de blk-mq puede provenir de eventos externos, como el cambio de ascensor, la actualizaci\u00f3n de nr_requests u otros, y la solicitud puede ocurrir durante la suspensi\u00f3n, as\u00ed que simplemente solicite que blk-mq la vuelva a poner en cola. Soluciona un problema de p\u00e1nico del kernel al ejecutar la actualizaci\u00f3n de nr_requests y la prueba de esfuerzo de suspensi\u00f3n/reanudaci\u00f3n de dm-mpath."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8ca9745efe3528feb06ca4e117188038eea2d351",

8
CVE-2022/CVE-2022-238xx/CVE-2022-23861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23861",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-22T16:15:04.897",
"lastModified": "2024-10-30T15:49:36.883",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:19:00.030",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,8 +90,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build_53:*:*:*:*:*:*",
"matchCriteriaId": "4BF6B709-569F-425B-8909-C52FB5ECC9EE"
"criteria": "cpe:2.3:a:ysoft:safeq:6.0:build53:*:*:*:*:*:*",
"matchCriteriaId": "ECE640BB-1291-40D3-A5BF-C60DF8074BC8"
}
]
}

4
CVE-2023/CVE-2023-442xx/CVE-2023-44296.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44296",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-11-16T08:15:31.300",
"lastModified": "2023-11-20T18:58:50.467",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:37:10.727",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

8
CVE-2023/CVE-2023-521xx/CVE-2023-52177.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52177",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-12T09:15:16.067",
"lastModified": "2024-07-18T19:54:16.287",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:44:15.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softlab:integrate_google_drive:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:softlabdb:integrate_google_drive:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.4",
"matchCriteriaId": "8DA1253D-3DCA-40EB-997F-9EF13F49E03E"
"matchCriteriaId": "6B31F8E0-B45A-4CB0-B1D1-AF1E182B618F"
}
]
}

8
CVE-2023/CVE-2023-72xx/CVE-2023-7279.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7279",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-09-02T18:15:21.393",
"lastModified": "2024-09-05T21:59:17.957",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:43:56.227",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -149,9 +149,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sse-secure-systems:connaisseur:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:securesystems:connaisseur:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.1",
"matchCriteriaId": "C93A7EAF-8BB7-44C9-B72F-86DA870964D0"
"matchCriteriaId": "D91EA671-9906-4F76-A5C2-3BFB137C3812"
}
]
}

66
CVE-2024/CVE-2024-04xx/CVE-2024-0444.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0444",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2024-06-07T23:15:47.267",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T13:58:59.317",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -16,6 +16,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "zdi-disclosures@trendmicro.com",
@ -40,6 +62,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary",
@ -51,14 +83,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.23.1",
"matchCriteriaId": "A9C51480-8C90-46F0-A393-6DFC54ED559B"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/f368d63ecd89e01fd2cf0b1c4def5fc782b2c390",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-567/",
"source": "zdi-disclosures@trendmicro.com"
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

432
CVE-2024/CVE-2024-102xx/CVE-2024-10280.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10280",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T14:15:04.500",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:03:20.267",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 y AC1206 hasta 20241022. Se ha calificado como problem\u00e1tica. Este problema afecta a la funci\u00f3n websReadEvent del archivo /goform/GetIPTV. La manipulaci\u00f3n del argumento Content-Length provoca la desreferenciaci\u00f3n de puntero nulo. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {
@ -57,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -116,26 +140,420 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac15_firmware:15.03.05.18:*:*:*:*:*:*:*",
"matchCriteriaId": "56881C41-A993-45CC-BAE6-E9DE17FA56E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac15_firmware:15.03.05.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A14A19EE-FB4E-4371-AC85-1401EB78B16D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73E7C1C-F121-486A-8B15-E97EA0C219A5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:*",
"matchCriteriaId": "4D94B37C-491D-4E7C-8273-F46FEDA62C9F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BEE979-5BF3-48ED-AF42-0546D4F896E9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10u_firmware:15.03.06.48:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2AFD04-833D-4085-BAD6-32A2715FA785"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10u_firmware:15.03.06.49:*:*:*:*:*:*:*",
"matchCriteriaId": "0F101E88-BEA9-4017-9048-860DF3D1BBBC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBE5E26-7967-4FDD-A29F-7740B29C4B8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac500_firmware:1.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "61BA4026-93A8-4D83-815E-397A2EC0A279"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac500_firmware:1.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "816A7A37-5952-4B22-80F7-8CD09383E079"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac500_firmware:2.0.1.9\\(1307\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F0EEFAB-B3B0-4C10-A712-7A35F5FD076E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64192A8B-CC65-44EC-942B-CC16AADF0D69"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*",
"matchCriteriaId": "4D5CB727-FC6B-4212-A61E-2888A0DADFB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AC468E5-44D1-4B94-B308-C1025DB1BB7B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9F8AF9-F921-4348-922B-EE5E6037E7AC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3473D6FD-4D42-46D0-9D96-F95D6D856E8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.05.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7503C5-02C6-4016-A4C6-414146719BFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8F25141-8B57-463D-AB97-F52C0143973C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "566DA530-18FC-4A46-95B4-2A7D343A96A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.06.42:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0A5168-9E0C-43F7-BF7B-3943A3316CB8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac9:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F482F89-B0F6-450D-B675-43EC0A9E6A4B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:*",
"matchCriteriaId": "787A50A1-EDBC-44EB-8CF2-11C4FC63719D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D5013D-520A-461A-95FF-43B2BE160F91"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.06.23:*:*:*:*:*:*:*",
"matchCriteriaId": "D82FD30C-AF3C-4E3B-B674-002A5C9ED09D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E382AD7E-1450-40FC-AE9D-698B491805F0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.10.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1C8715-D7B4-4D1A-9E90-079C72049332"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A19C486B-52A3-4C3E-851D-F349E8E0A706"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.48.19:*:*:*:*:*:*:*",
"matchCriteriaId": "DABA74C0-297A-4372-B84D-00BA0D334318"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:16.03.48.23:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3020CA-7422-4B9A-AA7B-C2B1A03A4450"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCFFBD6-3DAD-4FEA-9B5D-D7CBFC36572D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D64DC-1EDC-4F62-8D22-E1890B71843C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8_firmware:16.03.34.09:*:*:*:*:*:*:*",
"matchCriteriaId": "EE69F412-6FC7-470D-BC7E-B3AAC6B4585F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "655619B2-6E8B-4D2E-98E7-028E69597E80"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.281555",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281555",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.426417",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

102
CVE-2024/CVE-2024-102xx/CVE-2024-10281.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10281",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T14:15:04.773",
"lastModified": "2024-10-23T15:12:34.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T13:52:35.563",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Tenda RX9 y RX9 Pro 22.03.02.10/22.03.02.20. La funci\u00f3n sub_42EEE0 del archivo /goform/SetStaticRouteCfg est\u00e1 afectada. La manipulaci\u00f3n de la lista de argumentos provoca un desbordamiento del b\u00fafer basado en la pila. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {
@ -57,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -106,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -116,26 +150,78 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BFBD7EC2-DB8E-4E6F-A7CE-3479109A1902"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.20:*:*:*:*:*:*:*",
"matchCriteriaId": "891D469B-C415-46A8-8D95-70E2E42E5FD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F07D2963-577B-49E1-BFE3-88D7862D566D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetStaticRouteCfg.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?ctiid.281556",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281556",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.427065",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

98
CVE-2024/CVE-2024-102xx/CVE-2024-10282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10282",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T15:15:29.590",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T13:47:10.087",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -110,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -120,26 +150,78 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BFBD7EC2-DB8E-4E6F-A7CE-3479109A1902"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.20:*:*:*:*:*:*:*",
"matchCriteriaId": "891D469B-C415-46A8-8D95-70E2E42E5FD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F07D2963-577B-49E1-BFE3-88D7862D566D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetVirtualServerCfg.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?ctiid.281557",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281557",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.427066",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

93
CVE-2024/CVE-2024-102xx/CVE-2024-10283.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10283",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-23T15:15:29.850",
"lastModified": "2024-10-25T12:56:36.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:08:24.997",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -110,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -120,26 +150,73 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:rx9_pro_firmware:22.03.02.20:*:*:*:*:*:*:*",
"matchCriteriaId": "891D469B-C415-46A8-8D95-70E2E42E5FD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:rx9_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F07D2963-577B-49E1-BFE3-88D7862D566D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetNetControlList.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?ctiid.281558",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.281558",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.427064",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

137
CVE-2024/CVE-2024-106xx/CVE-2024-10655.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-10655",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-01T14:15:05.057",
"lastModified": "2024-11-01T14:15:05.057",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file /pda/reportshop/new.php. The manipulation of the argument repid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/LvZCh/td/issues/11",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282670",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282670",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.433515",
"source": "cna@vuldb.com"
}
]
}

32
CVE-2024/CVE-2024-203xx/CVE-2024-20312.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20312",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-03-27T17:15:52.690",
"lastModified": "2024-03-27T17:48:21.140",
"lastModified": "2024-11-01T14:35:02.867",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [

39
CVE-2024/CVE-2024-268xx/CVE-2024-26846.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-26846",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-04-17T10:15:10.187",
"lastModified": "2024-06-25T22:15:23.830",
"lastModified": "2024-11-01T14:35:03.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,42 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvme-fc: no espere en vano al descargar el m\u00f3dulo. La ruta de salida del m\u00f3dulo tiene una carrera entre eliminar todos los controladores y liberar los 'ID sobrantes'. Para evitar la doble liberaci\u00f3n, la confirmaci\u00f3n inicial agreg\u00f3 una sincronizaci\u00f3n entre nvme_delete_ctrl e ida_destroy. Existe cierta l\u00f3gica al tratar de evitar que se cuelgue para siempre en wait_for_completion, aunque no maneja todos los casos. Por ejemplo, blktests puede reproducir la situaci\u00f3n en la que la descarga del m\u00f3dulo se bloquea para siempre. Si confiamos completamente en el c\u00f3digo de limpieza ejecutado desde la ruta nvme_delete_ctrl, eventualmente se liberar\u00e1n todas las ID. Esto hace que llamar a ida_destroy sea innecesario. Solo tenemos que asegurarnos de que todo el c\u00f3digo nvme_delete_ctrl se haya ejecutado antes de salir de nvme_fc_exit_module. Esto se hace vaciando la cola de trabajo nvme_delete_wq. Mientras lo hace, elimine tambi\u00e9n la cola de trabajo nvme_fc_wq no utilizada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/085195aa90a924c79e35569bcdad860d764a8e17",

47
CVE-2024/CVE-2024-312xx/CVE-2024-31267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31267",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:10.810",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:10:25.377",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdesk:flexible_checkout_fields:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "4.1.3",
"matchCriteriaId": "E7EE43A2-B95B-4AB2-845C-F05C9BB06B76"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/flexible-checkout-fields/wordpress-flexible-checkout-fields-for-woocommerce-plugin-4-1-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-312xx/CVE-2024-31273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31273",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:11.077",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:11:52.430",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wiselyhub:js_help_desk:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.8.4",
"matchCriteriaId": "F0D6ADBF-FF74-488A-9A3B-53486ED3B33C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/js-support-ticket/wordpress-js-help-desk-plugin-2-8-3-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-312xx/CVE-2024-31274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-31274",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:11.323",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:14:28.463",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:embedpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.9.12",
"matchCriteriaId": "3AC73783-EA75-446B-B8C4-256A814D0FCA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/embedpress/wordpress-embedpress-plugin-3-9-11-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-335xx/CVE-2024-33543.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33543",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:11.560",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:16:56.247",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codepeople:wp_time_slots_booking_form:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.07",
"matchCriteriaId": "7D57F480-42B8-43B5-9AD5-F6DAFC917020"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-time-slots-booking-form/wordpress-wp-time-slots-booking-form-plugin-1-2-06-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-335xx/CVE-2024-33545.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33545",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:11.813",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:23:43.807",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aa-team:wzone:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "14.0.10",
"matchCriteriaId": "97290E9A-DA55-4446-9661-3E2B89904D5B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-unauthenticated-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2024/CVE-2024-335xx/CVE-2024-33547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33547",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:12.080",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:45:21.713",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +81,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aa-team:wzone:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "14.0.33",
"matchCriteriaId": "FE07422B-E4AB-4A7A-8AC4-722474F91F56"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-site-wide-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-335xx/CVE-2024-33555.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33555",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:12.330",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:44:11.097",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:8theme:xstore_core:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.3.9",
"matchCriteriaId": "DEE21332-92D7-4583-A3DE-4BF4A2921CB7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/et-core-plugin/wordpress-xstore-core-plugin-5-3-5-multiple-authenticated-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-335xx/CVE-2024-33561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33561",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:12.567",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:42:55.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:8theme:xstore:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "9.3.9",
"matchCriteriaId": "328F54A8-E98B-4021-9D47-52BC1260A61D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/xstore/wordpress-xstore-theme-9-3-5-unauthenticated-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-335xx/CVE-2024-33563.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33563",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:12.800",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:41:07.410",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:8theme:xstore:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "9.3.9",
"matchCriteriaId": "328F54A8-E98B-4021-9D47-52BC1260A61D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/xstore/wordpress-xstore-theme-9-3-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-335xx/CVE-2024-33564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-33564",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-09T12:15:13.030",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:37:56.247",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:8theme:xstore:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "9.3.9",
"matchCriteriaId": "328F54A8-E98B-4021-9D47-52BC1260A61D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/xstore/wordpress-xstore-theme-9-3-5-arbitrary-option-update-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2024/CVE-2024-357xx/CVE-2024-35750.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-35750",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-08T13:15:57.137",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T13:37:12.137",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -51,10 +71,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdevart:gallery:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.3",
"matchCriteriaId": "7F75183E-499F-4680-94D7-659F0596D168"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gallery-album/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

27
CVE-2024/CVE-2024-36xx/CVE-2024-3634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3634",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-05-15T06:15:13.447",
"lastModified": "2024-10-30T16:35:16.890",
"lastModified": "2024-11-01T14:35:07.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -15,7 +15,30 @@
"value": "El complemento The month name translation benaceur de WordPress anterior a 2.3.8 no sanitiza ni escapa a algunas de sus configuraciones, lo que podr\u00eda permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no est\u00e1 permitida (por ejemplo, en una configuraci\u00f3n multisitio)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",

56
CVE-2024/CVE-2024-370xx/CVE-2024-37094.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37094",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-01T14:15:05.980",
"lastModified": "2024-11-01T14:15:05.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Access Control vulnerability in StylemixThemes MasterStudy LMS allows .\n\nThis issue affects MasterStudy LMS: from n/a through 3.2.12."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/masterstudy-lms-learning-management-system/wordpress-masterstudy-lms-plugin-3-2-12-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

8
CVE-2024/CVE-2024-374xx/CVE-2024-37476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-37476",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-04T18:15:10.210",
"lastModified": "2024-07-19T16:52:39.713",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:35:17.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,9 +80,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:automattic:newspack:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:automattic:newspack_popups:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.31.2",
"matchCriteriaId": "6A15D825-15D8-49DA-91C6-DFF2EE1C2A5D"
"matchCriteriaId": "1D5916DD-23B2-470F-9442-1901BF9A8C0E"
}
]
}

4
CVE-2024/CVE-2024-397xx/CVE-2024-39719.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39719",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-31T20:15:04.770",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T14:15:06.400",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -14,7 +14,7 @@
"metrics": {},
"references": [
{
"url": "https://oligosecurity.webflow.io/blog/more-models-more-probllms",
"url": "https://www.oligo.security/blog/more-models-more-probllms",
"source": "cve@mitre.org"
}
]

4
CVE-2024/CVE-2024-397xx/CVE-2024-39720.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39720",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-31T20:15:04.877",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T14:15:06.673",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -18,7 +18,7 @@
"source": "cve@mitre.org"
},
{
"url": "https://oligosecurity.webflow.io/blog/more-models-more-probllms",
"url": "https://oligo.security/blog/more-models-more-probllms",
"source": "cve@mitre.org"
}
]

4
CVE-2024/CVE-2024-397xx/CVE-2024-39721.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39721",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-31T20:15:04.993",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T14:15:06.770",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -22,7 +22,7 @@
"source": "cve@mitre.org"
},
{
"url": "https://oligosecurity.webflow.io/blog/more-models-more-probllms",
"url": "https://www.oligo.security/blog/more-models-more-probllms",
"source": "cve@mitre.org"
}
]

4
CVE-2024/CVE-2024-397xx/CVE-2024-39722.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-39722",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-31T20:15:05.080",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T14:15:06.850",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -14,7 +14,7 @@
"metrics": {},
"references": [
{
"url": "https://oligosecurity.webflow.io/blog/more-models-more-probllms",
"url": "https://www.oligo.security/blog/more-models-more-probllms",
"source": "cve@mitre.org"
}
]

8
CVE-2024/CVE-2024-397xx/CVE-2024-39772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39772",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-09-16T15:15:16.350",
"lastModified": "2024-09-17T12:08:01.830",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:20:22.217",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:mattermost:mattermost_desktop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.9.0",
"matchCriteriaId": "1F78626A-ED6F-4320-9CFF-26A10C96B3F6"
"matchCriteriaId": "581E647F-BCA1-490E-9CCF-AFC4B65BD446"
}
]
}

8
CVE-2024/CVE-2024-400xx/CVE-2024-40060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-40060",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-07-23T15:15:04.810",
"lastModified": "2024-08-16T21:35:11.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:42:03.693",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wcharczuk:go-chart:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:wcharczuk:go-chart:*:*:*:*:*:go:*:*",
"versionEndIncluding": "2.1.1",
"matchCriteriaId": "6530F293-3005-42DF-9C86-B0323B273B20"
"matchCriteriaId": "134AD174-D7D2-47E5-8CB9-4E19D142CEB4"
}
]
}

8
CVE-2024/CVE-2024-40xx/CVE-2024-4005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4005",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-06-14T06:15:12.753",
"lastModified": "2024-07-29T16:35:52.363",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:42:55.263",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -60,9 +60,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:social_pixel:social_pixel:*:*:*:*:*:*:wordpress:*",
"criteria": "cpe:2.3:a:labschool:social_pixel:*:*:*:*:*:*:wordpress:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "B1B0CEFF-C097-4066-B4E2-FF50F25AC985"
"matchCriteriaId": "0606C357-C72D-4F20-AF2C-B5C553B1C8C5"
}
]
}

8
CVE-2024/CVE-2024-458xx/CVE-2024-45835.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-45835",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2024-09-16T15:15:16.803",
"lastModified": "2024-09-17T12:11:48.833",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:20:56.350",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -90,9 +90,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:mattermost:mattermost_desktop:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.9.0",
"matchCriteriaId": "1F78626A-ED6F-4320-9CFF-26A10C96B3F6"
"matchCriteriaId": "581E647F-BCA1-490E-9CCF-AFC4B65BD446"
}
]
}

21
CVE-2024/CVE-2024-480xx/CVE-2024-48063.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-48063",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-29T21:15:04.080",
"lastModified": "2024-11-01T12:57:35.843",
"lastModified": "2024-11-01T13:15:12.020",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE."
"value": "In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by multiple parties because this is intended behavior in PyTorch distributed computing."
},
{
"lang": "es",
@ -56,6 +63,14 @@
"url": "https://gist.github.com/hexian2001/c046c066895a963ecc0a2cf9e1180065",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/pytorch/pytorch/issues/129228",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/pytorch/pytorch/security/policy#using-distributed-features",
"source": "cve@mitre.org"
},
{
"url": "https://rumbling-slice-eb0.notion.site/Distributed-RPC-Framework-RemoteModule-has-Deserialization-RCE-in-pytorch-pytorch-111e3cda9e8c8021a7d3cbc61ee1a20c",
"source": "cve@mitre.org"

25
CVE-2024/CVE-2024-482xx/CVE-2024-48270.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2024-48270",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T14:15:06.953",
"lastModified": "2024-11-01T14:15:06.953",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the component /logins of oasys v1.1 allows attackers to access sensitive information via a burst attack."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/majic-banana/vulnerability/blob/main/POC/Verification%20Code%20Reuse--misstt123oasys.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/misstt123/oasys",
"source": "cve@mitre.org"
}
]
}

13
CVE-2024/CVE-2024-487xx/CVE-2024-48733.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-48733",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T21:15:14.507",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T13:15:12.390",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in /SASStudio/sasexec/sessions/{sessionID}/sql in SAS Studio 9.4 allows remote attacker to execute arbitrary SQL commands via the POST body request."
"value": "SQL injection vulnerability in /SASStudio/sasexec/sessions/{sessionID}/sql in SAS Studio 9.4 allows remote attacker to execute arbitrary SQL commands via the POST body request. NOTE: this is disputed by the vendor because SQL statement execution is allowed for authorized users."
},
{
"lang": "es",

13
CVE-2024/CVE-2024-487xx/CVE-2024-48734.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-48734",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T21:15:14.563",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T13:15:12.510",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "*Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS Studio 9.4 allows remote attacker to upload malicious files."
"value": "Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS Studio 9.4 allows remote attacker to upload malicious files. NOTE: this is disputed by the vendor because file upload is allowed for authorized users."
},
{
"lang": "es",

13
CVE-2024/CVE-2024-487xx/CVE-2024-48735.json
View File

@ -2,13 +2,20 @@
"id": "CVE-2024-48735",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-10-30T21:15:14.620",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T13:15:12.620",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal in /SASStudio/sasexec/sessions/{sessionID}/workspace/{InternalPath} in SAS Studio 9.4 allows remote attacker to access internal files by manipulating default path during file download."
"value": "Directory Traversal in /SASStudio/sasexec/sessions/{sessionID}/workspace/{InternalPath} in SAS Studio 9.4 allows remote attacker to access internal files by manipulating default path during file download. NOTE: this is disputed by the vendor because these filesystem paths are allowed for authorized users."
},
{
"lang": "es",

81
CVE-2024/CVE-2024-498xx/CVE-2024-49897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49897",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:12.133",
"lastModified": "2024-10-23T15:13:25.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:55:46.557",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,88 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: comprobar phantom_stream antes de usarlo dcn32_enable_phantom_stream puede devolver un valor nulo, por lo que se debe comprobar el valor devuelto antes de usarlo. Esto soluciona 1 problema de NULL_RETURNS informado por Coverity."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.14",
"matchCriteriaId": "652638C5-5F25-4DF3-AD42-DD3252A97152"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1decf695ce08e23d9ded6ce83d121b2282ce9899",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3718a619a8c0a53152e76bb6769b6c414e1e83f4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3ba1219e299ab5462b5cb374c2fa2a67af0ea190",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

75
CVE-2024/CVE-2024-499xx/CVE-2024-49943.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49943",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:15.920",
"lastModified": "2024-10-23T15:13:25.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:54:07.897",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,15 +15,80 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe/guc_submit: agregar bloqueo faltante en wedged_fini Cualquier cola no en cu\u00f1a puede tener un recuento de referencias cero aqu\u00ed y puede ejecutarse simult\u00e1neamente con una destrucci\u00f3n de cola asincr\u00f3nica, por lo tanto, desreferenciar el ptr de la cola para verificar el estado de cu\u00f1a despu\u00e9s de la b\u00fasqueda puede activar UAF si la cola no est\u00e1 en cu\u00f1a. Solucione esto manteniendo el bloqueo submission_state en torno a la verificaci\u00f3n para posponer la liberaci\u00f3n y hacer que la verificaci\u00f3n sea segura, antes de volver a soltarlo en torno a put() para evitar el punto muerto. (seleccionado de el commit d28af0b6b9580b9f90c265a7da0315b0ad20bbfd)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/790533e44bfc7af929842fccd9674c9f424d4627",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d88f9bab7e62dd0dbe983fa70cf040042a60cc84",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

87
CVE-2024/CVE-2024-499xx/CVE-2024-49945.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-49945",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-10-21T18:15:16.073",
"lastModified": "2024-10-23T15:13:25.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:52:59.240",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,94 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/ncsi: deshabilitar la funci\u00f3n work de ncsi antes de liberar la estructura asociada. La funci\u00f3n work puede ejecutarse despu\u00e9s de que se libera el dispositivo ncsi, lo que genera errores de use after free o p\u00e1nico del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8",
"versionEndExcluding": "6.10.14",
"matchCriteriaId": "24E235CE-5809-4731-8E35-2B16CE4FA40A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.11",
"versionEndExcluding": "6.11.3",
"matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/a0ffa68c70b367358b2672cdab6fa5bc4c40de2c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd41dab62f32d9e9e0669af8459d12a93834b238",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f6ca58696749268181f43150b3553f2bafd71e42",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

22
CVE-2024/CVE-2024-503xx/CVE-2024-50356.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-50356",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-31T18:15:05.750",
"lastModified": "2024-11-01T12:57:03.417",
"lastModified": "2024-11-01T14:35:08.330",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -32,26 +32,6 @@
},
"exploitabilityScore": 3.9,
"impactScore": 0.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},

29
CVE-2024/CVE-2024-514xx/CVE-2024-51406.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-51406",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T14:15:07.073",
"lastModified": "2024-11-01T14:15:07.073",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP packets that allow specific clusters to be missed by Floodlight, which in turn leads to missed hosts inside and outside the cluster."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/floodlight/floodlight",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/floodlight/floodlight/issues/870",
"source": "cve@mitre.org"
},
{
"url": "https://ieeexplore.ieee.org/document/10246976",
"source": "cve@mitre.org"
}
]
}

29
CVE-2024/CVE-2024-514xx/CVE-2024-51407.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2024-51407",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-01T14:15:07.193",
"lastModified": "2024-11-01T14:15:07.193",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Floodlight SDN OpenFlow Controller v.1.2 has an issue that allows local hosts to construct false broadcast ports causing inter-host communication anomalies."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/floodlight/floodlight",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/floodlight/floodlight/issues/869",
"source": "cve@mitre.org"
},
{
"url": "https://ieeexplore.ieee.org/document/10246976",
"source": "cve@mitre.org"
}
]
}

8
CVE-2024/CVE-2024-53xx/CVE-2024-5342.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5342",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-06T02:15:55.087",
"lastModified": "2024-07-23T20:20:19.420",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:27:11.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,9 +80,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:purvabathe:simple_image_popup_shortcode:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:purvabathe:simple_image_popup_shortcode:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "1394100E-F55A-4F4E-91F3-E5C796872887"
"matchCriteriaId": "79BB8389-0DD3-4E92-A0A5-04CE2E6BD0C4"
}
]
}

69
CVE-2024/CVE-2024-56xx/CVE-2024-5654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5654",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-08T09:15:09.420",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T13:31:53.020",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,18 +59,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gsheetconnector:cf7_google_sheets_connector:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "5.0.10",
"matchCriteriaId": "20732A88-1C28-4A1F-81FE-ACAC9292A039"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/cf7-google-sheets-connector/trunk/includes/class-gs-service.php#L52",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3099184/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0da4d55-5025-47cf-9f45-377d8943fc94?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2024/CVE-2024-57xx/CVE-2024-5766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5766",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-08T12:15:10.117",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T13:44:29.343",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -109,6 +129,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -120,18 +150,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:likeshop:likeshop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.5.0",
"versionEndIncluding": "2.5.7",
"matchCriteriaId": "13DD4039-3241-4B3C-93D5-3E9FF76BCC74"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/likeshop_gitee/likeshop/issues/I9TAHP",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.267449",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.267449",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

76
CVE-2024/CVE-2024-57xx/CVE-2024-5770.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5770",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-08T05:15:40.320",
"lastModified": "2024-06-10T02:52:08.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:02:18.447",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -18,8 +18,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
@ -39,22 +59,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webfactoryltd:wp_force_ssl:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding": "1.67",
"matchCriteriaId": "E0C1A84B-B895-4BAC-BA9B-26B1A661CB3E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-force-ssl/tags/1.66/wp-force-ssl.php#L953",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3099110/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://swisskyrepo.github.io/PayloadsAllTheThings/CRLF%20Injection/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2081e4a-c6b7-4730-be59-bc728b90ecaa?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

89
CVE-2024/CVE-2024-61xx/CVE-2024-6189.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-6189",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-06-20T14:15:12.370",
"lastModified": "2024-06-25T16:15:25.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:19:17.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -110,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -120,22 +150,67 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tendacn:a301_firmware:15.13.08.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D764F0-DC30-42AA-85BA-891AB544DD4D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tendacn:a301:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF182E3-DCA1-45AC-AB73-E4CDFB7925C1"
}
]
}
]
}
],
"references": [
{
"url": "https://military-hail-377.notion.site/Tenda-A301V2-0-stack-overflow-c95f23f03b2b4eb5b8ffd3912e9982fd",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.269160",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.269160",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.355264",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

89
CVE-2024/CVE-2024-71xx/CVE-2024-7152.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-7152",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-07-27T21:15:09.743",
"lastModified": "2024-07-29T14:12:08.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:27:45.713",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -110,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -120,22 +150,67 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:o3_firmware:1.0.0.10\\(2478\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E05BDCC-AA87-414D-A782-6DE9A79BF613"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:o3:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFCDEA6-622C-4CA1-AC0F-3828C6CA3C16"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/fromSafeSetMacFilter.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.272555",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.272555",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.377041",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

6
CVE-2024/CVE-2024-79xx/CVE-2024-7962.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-7962",
"sourceIdentifier": "security@huntr.dev",
"published": "2024-10-29T13:15:10.557",
"lastModified": "2024-10-31T16:14:52.337",
"lastModified": "2024-11-01T14:19:28.453",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
@ -92,8 +92,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:2023-06-28:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCEDE87-A3AF-4AB9-8117-3452AA7C8367"
"criteria": "cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240628:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC10782-5CE4-4545-A3F3-499CB770338B"
}
]
}

2
CVE-2024/CVE-2024-79xx/CVE-2024-7991.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:05.560",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-79xx/CVE-2024-7992.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:05.760",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8588.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:05.950",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8589.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.133",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8590.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.340",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8591.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.537",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8592.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.713",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8593.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:06.907",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8594.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.103",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8595.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.300",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8596.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.510",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8597.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.703",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8598.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:07.917",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-85xx/CVE-2024-8599.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.130",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-86xx/CVE-2024-8600.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.330",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

12
CVE-2024/CVE-2024-86xx/CVE-2024-8691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8691",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2024-09-11T17:15:14.587",
"lastModified": "2024-10-17T15:25:45.397",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-11-01T14:26:46.197",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -66,7 +66,7 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -74,12 +74,12 @@
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
"impactScore": 4.2
}
]
},

2
CVE-2024/CVE-2024-88xx/CVE-2024-8896.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.513",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-94xx/CVE-2024-9489.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.703",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

100
CVE-2024/CVE-2024-97xx/CVE-2024-9793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-9793",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-10-10T16:15:09.080",
"lastModified": "2024-10-15T12:58:51.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-11-01T14:36:02.277",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,6 +61,26 @@
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -110,8 +130,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -120,30 +150,82 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:*",
"matchCriteriaId": "787A50A1-EDBC-44EB-8CF2-11C4FC63719D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac1206:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D5013D-520A-461A-95FF-43B2BE160F91"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ixout/iotVuls/blob/main/Tenda/ac1206_003/report.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/ixout/iotVuls/blob/main/Tenda/ac1206_004/report.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.279946",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.279946",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.418061",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tenda.com.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

2
CVE-2024/CVE-2024-98xx/CVE-2024-9826.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:08.900",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

2
CVE-2024/CVE-2024-98xx/CVE-2024-9827.json
View File

@ -3,7 +3,7 @@
"sourceIdentifier": "psirt@autodesk.com",
"published": "2024-10-29T22:15:09.100",
"lastModified": "2024-11-01T12:57:35.843",
"vulnStatus": "Awaiting Analysis",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{

62
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-11-01T13:00:21.251545+00:00
2024-11-01T15:00:22.187786+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-11-01T12:57:35.843000+00:00
2024-11-01T14:55:46.557000+00:00
```
### Last Data Feed Release
@ -33,47 +33,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
267800
267805
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `5`
- [CVE-2024-10367](CVE-2024/CVE-2024-103xx/CVE-2024-10367.json) (`2024-11-01T11:15:12.130`)
- [CVE-2024-10654](CVE-2024/CVE-2024-106xx/CVE-2024-10654.json) (`2024-11-01T12:15:03.077`)
- [CVE-2024-7456](CVE-2024/CVE-2024-74xx/CVE-2024-7456.json) (`2024-11-01T12:15:03.557`)
- [CVE-2024-10655](CVE-2024/CVE-2024-106xx/CVE-2024-10655.json) (`2024-11-01T14:15:05.057`)
- [CVE-2024-37094](CVE-2024/CVE-2024-370xx/CVE-2024-37094.json) (`2024-11-01T14:15:05.980`)
- [CVE-2024-48270](CVE-2024/CVE-2024-482xx/CVE-2024-48270.json) (`2024-11-01T14:15:06.953`)
- [CVE-2024-51406](CVE-2024/CVE-2024-514xx/CVE-2024-51406.json) (`2024-11-01T14:15:07.073`)
- [CVE-2024-51407](CVE-2024/CVE-2024-514xx/CVE-2024-51407.json) (`2024-11-01T14:15:07.193`)
### CVEs modified in the last Commit
Recently modified CVEs: `256`
Recently modified CVEs: `70`
- [CVE-2024-8924](CVE-2024/CVE-2024-89xx/CVE-2024-8924.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8934](CVE-2024/CVE-2024-89xx/CVE-2024-8934.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9110](CVE-2024/CVE-2024-91xx/CVE-2024-9110.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9165](CVE-2024/CVE-2024-91xx/CVE-2024-9165.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9388](CVE-2024/CVE-2024-93xx/CVE-2024-9388.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9419](CVE-2024/CVE-2024-94xx/CVE-2024-9419.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9430](CVE-2024/CVE-2024-94xx/CVE-2024-9430.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9434](CVE-2024/CVE-2024-94xx/CVE-2024-9434.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9446](CVE-2024/CVE-2024-94xx/CVE-2024-9446.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-5770](CVE-2024/CVE-2024-57xx/CVE-2024-5770.json) (`2024-11-01T14:02:18.447`)
- [CVE-2024-6189](CVE-2024/CVE-2024-61xx/CVE-2024-6189.json) (`2024-11-01T14:19:17.187`)
- [CVE-2024-7152](CVE-2024/CVE-2024-71xx/CVE-2024-7152.json) (`2024-11-01T14:27:45.713`)
- [CVE-2024-7962](CVE-2024/CVE-2024-79xx/CVE-2024-7962.json) (`2024-11-01T14:19:28.453`)
- [CVE-2024-7991](CVE-2024/CVE-2024-79xx/CVE-2024-7991.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-7992](CVE-2024/CVE-2024-79xx/CVE-2024-7992.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8588](CVE-2024/CVE-2024-85xx/CVE-2024-8588.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8589](CVE-2024/CVE-2024-85xx/CVE-2024-8589.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8590](CVE-2024/CVE-2024-85xx/CVE-2024-8590.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8591](CVE-2024/CVE-2024-85xx/CVE-2024-8591.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8592](CVE-2024/CVE-2024-85xx/CVE-2024-8592.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8593](CVE-2024/CVE-2024-85xx/CVE-2024-8593.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8594](CVE-2024/CVE-2024-85xx/CVE-2024-8594.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8595](CVE-2024/CVE-2024-85xx/CVE-2024-8595.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8596](CVE-2024/CVE-2024-85xx/CVE-2024-8596.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8597](CVE-2024/CVE-2024-85xx/CVE-2024-8597.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8598](CVE-2024/CVE-2024-85xx/CVE-2024-8598.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8599](CVE-2024/CVE-2024-85xx/CVE-2024-8599.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8600](CVE-2024/CVE-2024-86xx/CVE-2024-8600.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-8691](CVE-2024/CVE-2024-86xx/CVE-2024-8691.json) (`2024-11-01T14:26:46.197`)
- [CVE-2024-8896](CVE-2024/CVE-2024-88xx/CVE-2024-8896.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-9489](CVE-2024/CVE-2024-94xx/CVE-2024-9489.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-9632](CVE-2024/CVE-2024-96xx/CVE-2024-9632.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9655](CVE-2024/CVE-2024-96xx/CVE-2024-9655.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9700](CVE-2024/CVE-2024-97xx/CVE-2024-9700.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9708](CVE-2024/CVE-2024-97xx/CVE-2024-9708.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9793](CVE-2024/CVE-2024-97xx/CVE-2024-9793.json) (`2024-11-01T14:36:02.277`)
- [CVE-2024-9826](CVE-2024/CVE-2024-98xx/CVE-2024-9826.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-9827](CVE-2024/CVE-2024-98xx/CVE-2024-9827.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-9846](CVE-2024/CVE-2024-98xx/CVE-2024-9846.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9884](CVE-2024/CVE-2024-98xx/CVE-2024-9884.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9885](CVE-2024/CVE-2024-98xx/CVE-2024-9885.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9886](CVE-2024/CVE-2024-98xx/CVE-2024-9886.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9988](CVE-2024/CVE-2024-99xx/CVE-2024-9988.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-9989](CVE-2024/CVE-2024-99xx/CVE-2024-9989.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-9990](CVE-2024/CVE-2024-99xx/CVE-2024-9990.json) (`2024-11-01T12:57:35.843`)
- [CVE-2024-9996](CVE-2024/CVE-2024-99xx/CVE-2024-9996.json) (`2024-11-01T12:57:03.417`)
- [CVE-2024-9997](CVE-2024/CVE-2024-99xx/CVE-2024-9997.json) (`2024-11-01T12:57:03.417`)
## Download and Usage

607
_state.csv
View File

File diff suppressed because it is too large Load Diff